-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
94 lines (66 loc) · 2.02 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# ---------------------------------------------------------------------------
# Builder Image
# ---------------------------------------------------------------------------
FROM alpine:3.12.0@sha256:185518070891758909c9f839cf4ca393ee977ac378609f700f60a771a2dfe321 as builder
# Required tools for building Python packages
RUN set -eux \
&& apk add --no-cache \
bc \
ca-certificates \
gcc \
libffi-dev \
make \
musl-dev \
openssl-dev \
python3 \
python3-dev \
py3-pip
RUN mkdir -p ~/.local/bin
ENV PATH=$HOME/.local/bin:$PATH
COPY requirements.in /requirements.in
# see https://stackoverflow.com/questions/66118337/how-to-get-rid-of-cryptography-build-error
ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1
RUN \
pip3 install --upgrade pip wheel pip-tools setuptools && \
pip-compile /requirements.in --output-file /requirements.txt && \
pip3 install --user -r /requirements.txt
COPY requirements.in /requirements.in
RUN \
pip3 wheel -w /opt/wheel/ -r requirements.in
# ----------------------------------------------------------------------------
# Final Image
# ----------------------------------------------------------------------------
FROM alpine:3.12.0@sha256:185518070891758909c9f839cf4ca393ee977ac378609f700f60a771a2dfe321 as production
# Metadata labels
RUN set -eux \
&& apk add --no-cache \
bash \
ca-certificates \
git \
openssh-client \
py3-pip \
python3 \
sudo
RUN mkdir -p ~/.local/bin
ENV HOME=/root
ENV PATH=$HOME/.local/bin:$PATH
COPY --from=builder /opt/wheel /opt/wheel
RUN \
set -x && pip3 install --upgrade pip && \
pip3 install --ignore-installed /opt/wheel/* && \
rm -rf /opt/wheel
# create a user
ARG user_uid=1001
ARG user_gid=1001
ENV user_uid=$user_uid
ENV user_gid=$user_gid
RUN : "adding user" && \
addgroup -g $user_gid user && \
adduser -D -G user -u $user_uid -g '' user && \
echo '%user ALL=(ALL) NOPASSWD:ALL' | tee -a /etc/sudoers
USER user
ENV HOME=/home/user
WORKDIR $HOME
RUN \
mkdir -p $HOME/.local/bin
ENV PATH=/home/user/.local/bin:$PATH