From 078e60f9daa57c1c12376553420e9433b5862313 Mon Sep 17 00:00:00 2001 From: jguerreiro Date: Mon, 5 Jul 2021 14:40:32 +0200 Subject: [PATCH] chore(docker): update dockerfile to 3.9 --- .dockerignore | 3 ++- Dockerfile | 36 ++++++++---------------------------- 2 files changed, 10 insertions(+), 29 deletions(-) diff --git a/.dockerignore b/.dockerignore index c35caa102c..56bae2a27d 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,5 +1,6 @@ -* +** .* + !Pipfile* !ggshield !README.md diff --git a/Dockerfile b/Dockerfile index 54ba2cd826..c11dbb7c0f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,56 +1,36 @@ -FROM python:3.8-buster as build +FROM python:3.9-slim as build LABEL maintainer="GitGuardian SRE Team " ENV LC_ALL C.UTF-8 ENV LANG C.UTF-8 ENV PIPENV_VENV_IN_PROJECT true +ENV PYTHONDONTWRITEBYTECODE 1 +ENV PYTHONFAULTHANDLER 1 +ENV PATH /app/.venv/bin:$PATH WORKDIR /app # Install your required build dependencies here -RUN set -e ; \ - apt-get update ; \ - apt-get dist-upgrade -y --no-install-recommends ; \ - apt-get autoremove -y ; \ - apt-get clean ; \ - pip3 install pipenv --upgrade ; \ - rm -rf /var/lib/apt/lists/* - - -# COPY Pipfile Pipfile.lock ./ -# OR (choose depending on whether you need the ./setup.py to get executed or not) -COPY . ./ -RUN sed -i '/editable/d' Pipfile.lock -RUN pipenv install --ignore-pipfile - - -FROM python:3.8-slim-buster - -LABEL maintainer="GitGuardian SRE Team " - RUN set -e ; \ apt-get update ; \ apt-get dist-upgrade -y --no-install-recommends ; \ apt-get install -y --no-install-recommends git ssh ; \ apt-get autoremove -y ; \ apt-get clean ; \ + pip3 install pipenv --upgrade ; \ rm -rf /var/lib/apt/lists/* +COPY . . -ENV LC_ALL C.UTF-8 -ENV LANG C.UTF-8 -ENV PATH /app/.venv/bin:$PATH - -WORKDIR /app +RUN pipenv install --ignore-pipfile --deploy RUN set -ex; \ groupadd -g 1337 app; \ useradd -u 1337 -g 1337 -b /home -c "GitGuardian App User" -m -s /bin/sh app; \ mkdir /data; chmod 777 /data -COPY --from=build /app/.venv /app/.venv -COPY ./ ./ +USER app WORKDIR /data VOLUME [ "/data" ]