From 27da637e8649edc0379a67a72dc2c1425a7db5c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C4=93teris=20Caune?= Date: Fri, 1 Oct 2021 09:53:48 +0300 Subject: [PATCH] Fix Dockerfile to correctly build cryptography==35.0.0 on 32-bit arm Fixes: #565 Also, split Dockerfile into two stages, so rust and other build dependencies don't end up in the final image. Note cryptography has binary wheels for various architectures, but unfortunately not for 32-bit arm. And, starting from v35.0.0, cryptography requires rust to build from source. --- CHANGELOG.md | 1 + docker/Dockerfile | 22 +++++++++++++++++----- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1562f596..dd1bc6cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ All notable changes to this project will be documented in this file. - Add /api/v1/badges/ endpoint (#552) - Add ability to edit existing email, Signal, SMS, WhatsApp integrations - Add new ping URL format: /{ping_key}/{slug} (#491) +- Reduce Docker image size by using slim base image and multi-stage Dockerfile ### Bug Fixes - Add handling for non-latin-1 characters in webhook headers diff --git a/docker/Dockerfile b/docker/Dockerfile index cdab9e04..b706151e 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,16 +1,28 @@ +FROM python:3.9-slim-buster as builder + +COPY requirements.txt /tmp +RUN \ + apt update && \ + apt install -y build-essential cargo libffi-dev libpq-dev libssl-dev python3-dev + +RUN pip wheel --wheel-dir /wheels -r /tmp/requirements.txt +RUN pip wheel --wheel-dir /wheels uwsgi + FROM python:3.9-slim-buster RUN useradd --system hc ENV PYTHONUNBUFFERED=1 -ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1 WORKDIR /opt/healthchecks -RUN apt update && apt install -y libpq-dev build-essential && rm -rf /var/apt/cache - COPY requirements.txt /tmp +COPY --from=builder /wheels /wheels + RUN \ - pip install --no-cache-dir -r /tmp/requirements.txt && \ - pip install uwsgi + apt update && \ + apt install -y libpq5 && \ + rm -rf /var/apt/cache + +RUN pip install --no-cache /wheels/* COPY . /opt/healthchecks/