From 1afddaeaffa0ed632b99c82247daeeb718607df5 Mon Sep 17 00:00:00 2001 From: Dmitriy Safronov Date: Thu, 21 Sep 2023 17:54:46 +0400 Subject: [PATCH 1/2] no more alpine --- Dockerfile | 40 ++++++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/Dockerfile b/Dockerfile index d5b3a79..872668c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,50 +1,54 @@ ARG DOCKER_REGISTRY=registry.cyberbrain.pw +ARG DOCKER_IMAGE_GIT=$DOCKER_REGISTRY/tools/docker/git +ARG DOCKER_IMAGE_UBUNTU=$DOCKER_REGISTRY/tools/docker/ubuntu ############################################################ -FROM $DOCKER_REGISTRY/tools/docker/git:latest AS git +FROM $DOCKER_IMAGE_GIT:latest AS git RUN set -ex && \ ( git clone --depth=1 https://gitlab.cyberbrain.pw/tools/mirror/sopds.git /tmp || echo error: failed to clone master repository. ) && \ ls -la /tmp ############################################################ -FROM alpine:3.17 AS base +FROM $DOCKER_IMAGE_UBUNTU:latest AS base ENV PYTHONDONTWRITEBYTECODE 1 ENV PYTHONUNBUFFERED 1 -ENV BASE_DEPENDENCIES="sudo unzip" +ENV BASE_DEPENDENCIES="python3 python3-venv libpq5 libmariadb3 libxml2 libxslt1.1 libffi8 libjpeg8 zlib1g xz-utils bzip2" ENV PATH="/opt/sopds/bin:$PATH" WORKDIR /home/sopds -RUN set -ex && \ - apk --no-cache add python3 ${BASE_DEPENDENCIES} && \ - rm -rf /var/cache/apk/* +RUN apt-get update && \ + apt-get install --no-install-recommends -y ${BASE_DEPENDENCIES} && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* ############################################################ FROM base AS builder -ENV BUILD_DEPENDENCIES="gcc build-base python3-dev musl-dev mariadb-connector-c-dev libpq-dev libxml2-dev libxslt-dev libffi-dev jpeg-dev zlib-dev xz-dev bzip2-dev" +ENV BUILD_DEPENDENCIES="pkg-config build-essential python3-dev libmariadb-dev libpq-dev libxml2-dev libxslt-dev libffi-dev libjpeg-dev zlib1g-dev liblzma-dev libbz2-dev" COPY --from=git /tmp/requirements.txt /home/sopds/ COPY requirements-override.txt /home/sopds/ -RUN set -ex && \ - apk --no-cache add --virtual build-dependencies ${BUILD_DEPENDENCIES} && \ +RUN apt-get update && \ + apt-get install --no-install-recommends -y ${BUILD_DEPENDENCIES} && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* && \ python3 -m venv /opt/sopds && \ pip3 install --ignore-installed --no-cache-dir --upgrade --disable-pip-version-check pip setuptools wheel && \ pip3 install --ignore-installed --no-cache-dir -r requirements.txt -r requirements-override.txt && \ - find /opt/sopds \( -type d -a -name test -o -name tests \) -o \( -type f -a -name '*.pyc' -o -name '*.pyo' \) -exec rm -rvf '{}' \+ && \ - #apk del build-dependencies && \ - rm -rf /var/cache/apk/* + find /opt/sopds \( -type d -a -name test -o -name tests \) -o \( -type f -a -name '*.pyc' -o -name '*.pyo' \) -exec rm -rvf '{}' \+ ############################################################ FROM base AS runtime -ENV RUNTIME_DEPENDENCIES="libpq mariadb-connector-c libxml2 libxslt libffi libjpeg zlib xz-libs libbz2" \ +ENV RUNTIME_DEPENDENCIES="sudo unzip" \ OWNER_UID=1000 \ OWNER_GID=1000 -RUN set -ex && \ - apk --no-cache add ${RUNTIME_DEPENDENCIES} && \ - rm -rf /var/cache/apk/* && \ - ( addgroup -g $OWNER_GID sopds || echo sopds:x:$OWNER_GID:sopds | tee -a /etc/group ) && \ - ( adduser -D -h /home/sopds -G sopds -u $OWNER_UID sopds || echo sopds:x:$OWNER_UID:$OWNER_GID:Linux User,,,:/home/sopds:/bin/ash | tee -a /etc/passwd ) && \ +RUN apt-get update && \ + apt-get install --no-install-recommends -y ${RUNTIME_DEPENDENCIES} && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* && \ + ( addgroup --system --gid $OWNER_GID sopds || echo sopds:x:$OWNER_GID:sopds | tee -a /etc/group ) && \ + ( adduser --system --home /home/sopds --ingroup sopds --uid $OWNER_UID sopds --shell /bin/sh || echo sopds:x:$OWNER_UID:$OWNER_GID:Linux User,,,:/home/sopds:/bin/sh | tee -a /etc/passwd ) && \ chown -R sopds:sopds /home/sopds COPY --from=builder /opt/sopds/ /opt/sopds/ COPY --from=git --chown=sopds:sopds /tmp/ /home/sopds/ -- GitLab From 08a7e8ae0fb8612c5204a497bf4bf532d1fc8508 Mon Sep 17 00:00:00 2001 From: Dmitriy Safronov Date: Thu, 21 Sep 2023 17:56:12 +0400 Subject: [PATCH 2/2] hadolint --- .hadolint.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.hadolint.yaml b/.hadolint.yaml index 30284ed..519871d 100644 --- a/.hadolint.yaml +++ b/.hadolint.yaml @@ -1,5 +1,6 @@ ignored: - DL3007 + - DL3008 - DL3013 - DL3018 - DL4006 -- GitLab