final image now uses dhi base image

This commit is contained in:
Jörn-Michael Miehe 2026-02-20 00:28:48 +01:00
parent 89403a8e30
commit e5e4bda66a

View file

@ -1,5 +1,5 @@
ARG NODE_VERSION=24 ARG NODE_VERSION=24
ARG PYTHON_VERSION=3.14-slim ARG PYTHON_VERSION=3.14
############ ############
# build ui # # build ui #
@ -28,30 +28,33 @@ RUN set -ex; \
# exclude webpack-bundle-analyzer output # exclude webpack-bundle-analyzer output
rm -f /tmp/advent22_ui/report.html; rm -f /tmp/advent22_ui/report.html;
############
# main app # ###############
############ # install app #
###############
ARG PYTHON_VERSION ARG PYTHON_VERSION
FROM python:${PYTHON_VERSION} AS production FROM dhi.io/python:${PYTHON_VERSION}-dev AS install-app
# env setup for uv # env setup
ENV \ WORKDIR /opt/advent22
PATH="/opt/advent22/api/.venv/bin:$PATH" \ ENV UV_WORKING_DIR="api/" \
UV_COMPILE_BYTECODE=1 \ UV_COMPILE_BYTECODE=1 \
UV_NO_DEV=1 \ UV_NO_DEV=1 \
UV_LINK_MODE="copy" UV_LINK_MODE="copy"
EXPOSE 8000
# install advent22_api deps
WORKDIR /opt/advent22/api
RUN --mount=from=ghcr.io/astral-sh/uv,source=/uv,target=/bin/uv \ RUN --mount=from=ghcr.io/astral-sh/uv,source=/uv,target=/bin/uv \
--mount=type=cache,target=/root/.cache/uv \ --mount=type=cache,target=/root/.cache/uv \
--mount=type=bind,source=api/uv.lock,target=uv.lock \ --mount=type=bind,source=api/uv.lock,target=api/uv.lock \
--mount=type=bind,source=api/pyproject.toml,target=pyproject.toml \ --mount=type=bind,source=api/pyproject.toml,target=api/pyproject.toml \
set -ex; \
\ \
# prepare data directory
mkdir data; \
chown nobody:nobody data; \
chmod u=rwx,g=rx,o=rx data; \
\
# install advent22_api deps
uv sync \ uv sync \
--locked \ --locked \
--no-install-project \ --no-install-project \
@ -59,7 +62,7 @@ RUN --mount=from=ghcr.io/astral-sh/uv,source=/uv,target=/bin/uv \
; ;
# install advent22_api # install advent22_api
COPY api ./ COPY api api/
RUN --mount=from=ghcr.io/astral-sh/uv,source=/uv,target=/bin/uv \ RUN --mount=from=ghcr.io/astral-sh/uv,source=/uv,target=/bin/uv \
--mount=type=cache,target=/root/.cache/uv \ --mount=type=cache,target=/root/.cache/uv \
\ \
@ -68,15 +71,27 @@ RUN --mount=from=ghcr.io/astral-sh/uv,source=/uv,target=/bin/uv \
--no-editable \ --no-editable \
; ;
# add prepared advent22_ui
COPY --from=build-ui /tmp/advent22_ui ui/
####################
# production image #
####################
ARG PYTHON_VERSION
FROM dhi.io/python:${PYTHON_VERSION} AS production
ENV PATH="/opt/advent22/api/.venv/bin:$PATH"
EXPOSE 8000
CMD [ "advent22" ] CMD [ "advent22" ]
# add prepared advent22_ui ARG PYTHON_VERSION
COPY --from=build-ui /tmp/advent22_ui /opt/advent22/ui COPY --from=install-app /opt/python/lib/python${PYTHON_VERSION} /opt/python/lib/python${PYTHON_VERSION}/
COPY --from=install-app /opt/advent22 /opt/advent22/
# prepare data directory
WORKDIR /opt/advent22/data WORKDIR /opt/advent22/data
VOLUME [ "/opt/advent22/data" ] VOLUME [ "/opt/advent22/data" ]
RUN chown -R nobody:nogroup ./
# run as unprivileged user # run as unprivileged user
USER nobody USER nobody