-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
65 lines (50 loc) · 1.8 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# syntax=docker/dockerfile:1
FROM node:14.16.1 AS static-fe
WORKDIR /frontend
COPY ui/package.json ui/package-lock.json ./
RUN npm install
COPY ui ./
RUN npm run build
FROM python:3.8.12-slim-bullseye as python-base
LABEL maintainer="[email protected]"
ENV PYTHONUNBUFFERED=1 \
PYTHONDONTWRITEBYTECODE=1 \
POETRY_PATH=/opt/poetry \
VENV_PATH=/opt/venv \
POETRY_VERSION=1.1.6
ENV PATH="$POETRY_PATH/bin:$VENV_PATH/bin:$PATH"
RUN apt-get update && apt-get install -y -q --no-install-recommends \
libgssapi-krb5-2>=1.18.3-6+deb11u1 \
libk5crypto3>=1.18.3-6+deb11u1 \
libkrb5-3>=1.18.3-6+deb11u1 \
libkrb5support0>=1.18.3-6+deb11u1 \
libssl1.1>=1.1.1 \
openssl>=1.1.1 && \
rm -rf /var/lib/apt/lists/*
FROM python-base AS build
# non-interactive env vars https://bugs.launchpad.net/ubuntu/+source/ansible/+bug/1833013
ENV DEBIAN_FRONTEND=noninteractive \
DEBCONF_NONINTERACTIVE_SEEN=true \
UCF_FORCE_CONFOLD=1
RUN apt-get update && \
apt-get install -y -q --no-install-recommends \
build-essential \
curl \
git && \
curl -sSL https://raw.githubusercontent.com/sdispater/poetry/master/get-poetry.py | python && \
mv /root/.poetry $POETRY_PATH && \
python -m venv $VENV_PATH && \
poetry config virtualenvs.create false && \
rm -rf /var/lib/apt/lists/*
COPY ./poetry.lock ./pyproject.toml ./
RUN poetry install --no-interaction --no-ansi -vvv
FROM python-base as runtime
RUN useradd -u 42069 --create-home --shell /bin/bash app
USER app
WORKDIR /app
COPY --from=build $VENV_PATH $VENV_PATH
COPY --chown=app:app ./start.sh start.sh
COPY --chown=app:app ./alembic.ini alembic.ini
COPY --chown=app:app drift_report ./drift_report
COPY --from=static-fe --chown=app:app frontend/dist/ ./drift_report/resources/static/
ENTRYPOINT ["bash", "start.sh"]