2020-05-29 16:52:38 +00:00
|
|
|
# This Dockerfile has buildkit syntax, to allow build steps to be cached
|
|
|
|
# and speed up when rebuilding
|
2019-08-06 01:47:13 +00:00
|
|
|
|
2021-02-23 21:23:17 +00:00
|
|
|
FROM python:3.8.8-slim-buster AS base
|
2019-08-06 01:47:13 +00:00
|
|
|
|
2020-05-29 16:52:38 +00:00
|
|
|
# Build ARGs
|
|
|
|
ARG BOT_PROJECT="captcha-bot"
|
|
|
|
ARG BOT_USER="nobody"
|
|
|
|
ARG BOT_GROUP="nogroup"
|
|
|
|
ARG BOT_HOME_DIR="/srv"
|
2020-05-29 21:56:46 +00:00
|
|
|
ARG APP_DIR="${BOT_HOME_DIR}/app"
|
2021-02-23 21:31:03 +00:00
|
|
|
ARG GITHUB_URL="https://github.com/J-Rios/TLG_JoinCaptchaBot"
|
2019-08-06 01:47:13 +00:00
|
|
|
|
2020-05-29 16:52:38 +00:00
|
|
|
# Export ARGs as ENV vars so they can be shared among steps
|
|
|
|
ENV BOT_PROJECT="${BOT_PROJECT}" \
|
|
|
|
BOT_USER="${BOT_USER}" \
|
|
|
|
BOT_GROUP="${BOT_GROUP}" \
|
|
|
|
BOT_HOME_DIR="${BOT_HOME_DIR}" \
|
2020-05-29 21:56:46 +00:00
|
|
|
APP_DIR="${APP_DIR}" \
|
2020-05-29 16:52:38 +00:00
|
|
|
GITHUB_URL="${GITHUB_URL}" \
|
|
|
|
DEBIAN_FRONTEND=noninteractive \
|
2021-02-23 22:14:56 +00:00
|
|
|
APT_OPTS="-q=2 --no-install-recommends --yes"
|
2020-05-29 16:52:38 +00:00
|
|
|
|
|
|
|
# Prepare a directory to run with an unprivileged user
|
|
|
|
RUN chown -cR "${BOT_USER}:${BOT_GROUP}" ${BOT_HOME_DIR} && \
|
|
|
|
usermod -d ${BOT_HOME_DIR} ${BOT_USER}
|
|
|
|
|
|
|
|
################################################################################
|
|
|
|
|
|
|
|
FROM base AS builder-deps
|
|
|
|
|
|
|
|
# Install build dependencies
|
2021-02-23 22:14:56 +00:00
|
|
|
RUN apt-get ${APT_OPTS} update && \
|
|
|
|
apt-get ${APT_OPTS} install \
|
2021-05-30 21:38:01 +00:00
|
|
|
build-essential \
|
|
|
|
git \
|
|
|
|
procps \
|
|
|
|
libtiff5-dev \
|
|
|
|
libjpeg62-turbo-dev \
|
|
|
|
zlib1g-dev \
|
|
|
|
libfreetype6-dev \
|
|
|
|
liblcms2-dev \
|
|
|
|
libwebp-dev \
|
|
|
|
tcl8.6-dev \
|
|
|
|
tk8.6-dev \
|
|
|
|
python3-tk
|
2020-05-29 16:52:38 +00:00
|
|
|
|
|
|
|
################################################################################
|
|
|
|
|
|
|
|
FROM builder-deps AS builder
|
|
|
|
|
|
|
|
# Build the code as unprivileged user
|
|
|
|
USER ${BOT_USER}
|
|
|
|
WORKDIR ${BOT_HOME_DIR}
|
2021-02-23 21:31:03 +00:00
|
|
|
RUN git clone ${GITHUB_URL} ${APP_DIR} && \
|
2021-02-23 22:14:56 +00:00
|
|
|
python3 -m pip install --user --requirement ${APP_DIR}/requirements.txt && \
|
2020-05-29 21:56:46 +00:00
|
|
|
cd ${APP_DIR}/sources && \
|
2020-05-29 16:52:38 +00:00
|
|
|
chown -cR ${BOT_USER}:${BOT_GROUP} ${BOT_HOME_DIR} && \
|
2020-05-29 21:56:46 +00:00
|
|
|
rm -rf ${BOT_HOME_DIR}/.cache && \
|
|
|
|
find ${APP_DIR} -iname '.git*' -print0 | xargs -0 -r -t rm -rf
|
2020-05-29 16:52:38 +00:00
|
|
|
|
|
|
|
################################################################################
|
|
|
|
|
|
|
|
FROM base AS app
|
|
|
|
|
|
|
|
# Address the pip warning regarding PATH
|
|
|
|
ENV PATH="${PATH}:${BOT_HOME_DIR}/.local/bin"
|
|
|
|
|
|
|
|
# Import built code from previous step
|
|
|
|
COPY --from=builder ${BOT_HOME_DIR} ${BOT_HOME_DIR}
|
|
|
|
|
|
|
|
# Adjust privileges
|
|
|
|
RUN chown -R "${BOT_USER}:${BOT_GROUP}" ${BOT_HOME_DIR} && \
|
|
|
|
usermod -d ${BOT_HOME_DIR} ${BOT_USER}
|
2019-08-06 01:47:13 +00:00
|
|
|
|
2020-05-29 16:52:38 +00:00
|
|
|
# Set up to run as an unprivileged user
|
|
|
|
USER ${BOT_USER}
|
2020-05-29 21:56:46 +00:00
|
|
|
WORKDIR ${APP_DIR}/sources
|
2020-05-29 16:52:38 +00:00
|
|
|
CMD ["./entrypoint.sh"]
|