-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
29 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,39 +1,47 @@ | ||
| FROM vault:1.13.3 AS vault-cli | ||
|
|
||
| FROM python:3.12-slim-bullseye | ||
| FROM python:3.12-slim-bullseye AS builder | ||
|
|
||
| ARG POETRY_VERSION=1.8.3 | ||
|
|
||
| RUN useradd -d /app -m -s /bin/bash app_user | ||
|
|
||
| # Set the working directory in the container | ||
| WORKDIR /app | ||
|
|
||
| # Install system dependencies | ||
| RUN apt-get update && \ | ||
| apt-get install -y --no-install-recommends curl && \ | ||
| apt-get clean && \ | ||
| rm -rf /var/lib/apt/lists/* | ||
|
|
||
| COPY --from=vault-cli /bin/vault /bin/vault | ||
|
|
||
| USER app_user | ||
|
|
||
| # Install Poetry | ||
| RUN curl -sSL https://install.python-poetry.org | POETRY_VERSION=${POETRY_VERSION} python3 - | ||
| ENV POETRY_VIRTUALENVS_CREATE=true \ | ||
| POETRY_VIRTUALENVS_IN_PROJECT=true \ | ||
| PATH="/app/.venv/bin:/app/.local/bin:$PATH" | ||
|
|
||
| RUN curl -sSL https://install.python-poetry.org | python3 - --version ${POETRY_VERSION} | ||
|
|
||
| COPY --chown=app_user:app_user pyproject.toml poetry.lock* ./ | ||
|
|
||
| RUN poetry install --no-interaction --no-root | ||
|
|
||
| COPY --chown=app_user:app_user ./vault_actions /app/vault_actions | ||
|
|
||
| # Add Poetry to PATH | ||
| ENV POETRY_VIRTUALENVS_CREATE="true" | ||
| ENV POETRY_VIRTUALENVS_IN_PROJECT="true" | ||
| ENV PATH="/app/.venv/bin:/app/.local/bin:${PATH}" | ||
| # build slim image | ||
|
|
||
| # # Copy the pyproject.toml (and optionally poetry.lock) file into the container | ||
| COPY ./docker/docker-entrypoint.sh pyproject.toml poetry.lock* ./ | ||
| FROM python:3.12-slim-bullseye | ||
|
|
||
| RUN useradd -d /app -m -s /bin/bash app_user | ||
| WORKDIR /app | ||
|
|
||
| COPY --from=vault-cli /bin/vault /bin/vault | ||
|
|
||
| USER app_user | ||
| ENV PATH="/app/.venv/bin:/app/.local/bin:$PATH" | ||
|
|
||
| # Install dependencies using Poetry | ||
| RUN poetry install --only main --no-root --no-interaction --no-directory | ||
| COPY --from=builder --chown=app_user:app_user /app/vault_actions /app/vault_actions | ||
| COPY --from=builder --chown=app_user:app_user /app/.venv /app/.venv | ||
| COPY --chown=app_user:app_user ./docker/docker-entrypoint.sh /app/docker-entrypoint.sh | ||
|
|
||
| # # Copy the package files into the container | ||
| COPY ./vault_actions /app/vault_actions | ||
| RUN chmod +x /app/docker-entrypoint.sh | ||
|
|
||
| ENTRYPOINT ["/app/docker-entrypoint.sh"] | ||
| ENTRYPOINT ["/app/docker-entrypoint.sh"] |