-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile-base
61 lines (47 loc) · 1.55 KB
/
Dockerfile-base
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# syntax=docker/dockerfile:experimental
######################################
# Builder step #######################
######################################
FROM python:3.10.1-buster AS builder
# Extra Python environment variables
ENV PYTHONUNBUFFERED 1
ENV PYTHONDONTWRITEBYTECODE 1
# Use Python binaries from venv
ENV PATH="/app/venv/bin:$PATH"
# Pinned versions
ENV PIP_PIP_VERSION 21.3.1
ENV PIP_PIP_TOOLS_VERSION 6.4.0
# Setup virtualenv
RUN python -m venv /app/venv
WORKDIR /app
# Install Python dependencies
COPY reqs/requirements.txt ./reqs/
RUN --mount=type=cache,target=/root/.cache/pip \
set -x && \
pip install pip==$PIP_PIP_VERSION pip-tools==$PIP_PIP_TOOLS_VERSION && \
pip install --require-hashes --pre -r reqs/requirements.txt && \
pip check
######################################
# Runtime step #######################
######################################
FROM python:3.10.1-slim-buster AS runtime
# Extra Python environment variables
ENV XDG_CACHE_HOME /tmp/pip/.cache
ENV PYTHONUNBUFFERED 1
ENV PYTHONDONTWRITEBYTECODE 1
# Use Python binaries from venv
ENV PATH="/app/venv/bin:$PATH"
# Setup app user and directory
RUN set -x && groupadd -g 7331 app && useradd -r -u 7331 -g app app && \
mkdir /app && chown -R app:app /app
# Install source code
WORKDIR /app
USER app
COPY --chown=app setup.cfg pyproject.toml ./
COPY --from=builder /app/venv venv
COPY --chown=app access_guard access_guard
# TODO: Setup healthcheck
ENV PYTHONPATH="/app/access_guard:${PYTHONPATH}"
# Set port
EXPOSE 8585
ENTRYPOINT ["python", "-m", "access_guard"]