Skip to content

Commit

Permalink
Add lambda image for docworker
Browse files Browse the repository at this point in the history
  • Loading branch information
MarekSuchanek committed Apr 15, 2024
1 parent 7a38cb4 commit 535488c
Show file tree
Hide file tree
Showing 4 changed files with 62 additions and 12 deletions.
1 change: 1 addition & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ jobs:
tag:
- 3.11-basic
- 3.11-docworker
- 3.11-docworker-lambda

env:
PUBLIC_IMAGE_PREFIX: 'datastewardshipwizard'
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/security.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ jobs:
tag:
- 3.11-basic
- 3.11-docworker
- 3.11-docworker-lambda

env:
IMAGE_BASE_NAME: 'localhost:5000/test/python-base'
Expand Down
46 changes: 46 additions & 0 deletions 3.11-docworker-lambda/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
FROM public.ecr.aws/lambda/python:3.11 as python-lambda

FROM public.ecr.aws/lambda/provided:al2023

ARG TARGETARCH

COPY --from=python-lambda /var/runtime /var/runtime

# Enviroment variables (Pandoc, PIP, OpenSSL)
ENV XDG_DATA_HOME=/ \
LUA_PATH="/pandoc/filters/?.lua;/usr/share/lua/common/?.lua;;" \
PIP_NO_COMPILE=1 \
PIP_DISABLE_PIP_VERSION_CHECK=1 \
PIP_CACHE_DIR=/pip-cache \
PIPENV_VENV_IN_PROJECT=1 \
TEMP=/tmp \
SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt

# RPM Packages + Update fonts + Setup user + Cleanup
# https://docs.aws.amazon.com/linux/al2023/release-notes/all-packages-AL2023.3.html
RUN mkdir "$PIP_CACHE_DIR" && chmod a+rwx "$PIP_CACHE_DIR" \
&& dnf install -y \
python3.11 python3.11-devel python3.11-wheel python3.11-setuptools python3.11-pip \
libpq-devel libffi-devel openssl openssl-devel gettext ca-certificates \
pango cairo cairo-gobject gettext gdk-pixbuf2 shadow-utils zopfli \
xz xz-lzma-compat tar gzip zip unzip lua lua-devel \
fontconfig freetype google-droid-fonts-all google-noto-sans-fonts google-noto-serif-fonts \
google-noto-emoji-color-fonts google-noto-emoji-fonts cabextract xorg-x11-font-utils \
&& rpm -i https://downloads.sourceforge.net/project/mscorefonts2/rpms/msttcore-fonts-installer-2.6-1.noarch.rpm \
&& fc-cache -f \
&& ln -s /usr/bin/python3.11 /usr/bin/python \
&& ln -s /usr/bin/pip3.11 /usr/bin/pip \
&& pip install awslambdaric boto3 s3transfer \
&& /usr/sbin/groupadd -g 10001 user \
&& /usr/sbin/adduser -u 10000 -s /bin/sh -g user user \
&& echo "user:password" | /usr/sbin/chpasswd 2>/dev/null \
&& dnf clean all

# Pandoc
RUN curl -L -o /tmp/pandoc.tar.gz -O "https://github.com/jgm/pandoc/releases/download/3.1.13/pandoc-3.1.13-linux-${TARGETARCH}.tar.gz" \
&& tar xvzf /tmp/pandoc.tar.gz -C /tmp \
&& mv /tmp/pandoc*/bin/pandoc /usr/local/bin/pandoc \
&& rm -rf /tmp/* \
&& mkdir -p /pandoc/templates \
&& mkdir -p /pandoc/filters/pandocker \
&& chown -R user:user /pandoc
26 changes: 14 additions & 12 deletions 3.11-docworker/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ ARG TARGETARCH

COPY ./scripts/alpine/clean /bin/clean

# Enviroment variables (Pandoc, PIP, OpenSSL)
ENV PIP_NO_COMPILE=1 \
PIP_DISABLE_PIP_VERSION_CHECK=1 \
PIP_CACHE_DIR=/pip-cache \
Expand All @@ -12,31 +13,32 @@ ENV PIP_NO_COMPILE=1 \
ENV=/etc/profile \
CLEAN="/var/cache/apk/:/tmp/" \
RAWEXEC="monit crond supervise sshd" \
SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \
XDG_DATA_HOME=/ \
LUA_PATH="/pandoc/filters/?.lua;/usr/share/lua/common/?.lua;;"

# Alpine Packages + Update fonts + Setup user + Cleanup
RUN chmod +x /bin/clean \
&& mkdir "$PIP_CACHE_DIR" && chmod a+rwx "$PIP_CACHE_DIR" \
&& apk add -u python3 python3-dev py3-wheel py3-setuptools py3-pip libpq-dev libffi-dev openssl-dev gettext \
&& apk add -u cairo cairo-gobject pango gdk-pixbuf py3-lxml py3-pillow msttcorefonts-installer fontconfig zopfli \
&& apk add -u lua lua-dev lua-penlight zip \
&& apk add -u openssl ca-certificates \
&& apk add -u dbus fontconfig freetype ttf-dejavu ttf-droid ttf-freefont ttf-liberation font-noto-emoji \
&& apk add -u \
python3 python3-dev py3-wheel py3-setuptools py3-pip \
libpq-dev libffi-dev openssl openssl-dev gettext ca-certificates \
pango cairo cairo-gobject gdk-pixbuf dbus zopfli \
xz tar gzip zip unzip lua lua-dev \
fontconfig freetype msttcorefonts-installer font-droid font-noto font-noto-emoji \
&& dbus-uuidgen > /var/lib/dbus/machine-id && apk del dbus \
&& rm -rf /var/cache/apk/* /tmp/* \
&& wget -O /bin/wait-for https://raw.githubusercontent.com/eficode/wait-for/v2.2.3/wait-for && chmod a+x /bin/wait-for \
&& update-ms-fonts \
&& fc-cache -f \
&& addgroup -g 10001 user \
&& adduser -u 10000 -S -s /bin/sh -G user user \
&& echo "user:password" | chpasswd 2>/dev/null \
&& rm -rf /var/cache/apk/* /tmp/* \
&& clean

# Pandoc
ENV XDG_DATA_HOME=/ \
LUA_PATH="/pandoc/filters/?.lua;/usr/share/lua/common/?.lua;;"

RUN wget -O /tmp/pandoc.tar.gz "https://github.com/jgm/pandoc/releases/download/3.1.9/pandoc-3.1.9-linux-${TARGETARCH}.tar.gz" \
RUN wget -O /tmp/pandoc.tar.gz "https://github.com/jgm/pandoc/releases/download/3.1.13/pandoc-3.1.13-linux-${TARGETARCH}.tar.gz" \
&& tar -xvzf /tmp/pandoc.tar.gz -C /tmp && mv /tmp/pandoc*/bin/pandoc /usr/local/bin/pandoc \
&& rm -rf /tmp/* \
&& mkdir -p /pandoc/templates \
&& mkdir -p /pandoc/filters/pandocker \
&& chown -R user:user /pandoc \
Expand Down

0 comments on commit 535488c

Please sign in to comment.