From add0e2eb99fdb97435584ec58d32bc992b1a1382 Mon Sep 17 00:00:00 2001 From: Wil Reichert Date: Thu, 3 Aug 2017 23:29:56 +0900 Subject: [PATCH] Dockerfile cleanup Layer cnosolidate & remove unnecessary build packages Shrinks image from 865MB to 370MB Exec gunicorn in entrypoint so c works properly Run as unpriviledged user instead of root --- Dockerfile | 83 +++++++++++++++++++++++++++++++-------------------- entrypoint.sh | 2 +- 2 files changed, 51 insertions(+), 34 deletions(-) diff --git a/Dockerfile b/Dockerfile index 40b60e0c..19aba144 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,40 +1,57 @@ FROM ubuntu:16.04 + MAINTAINER Armada Team +ENV DEBIAN_FRONTEND noninteractive +ENV LIBGIT_VERSION 0.25.0 + +COPY . /armada + +RUN apt-get update && \ + apt-get upgrade -y && \ + apt-get install -y --no-install-recommends \ + netbase \ + python-all \ + python-pip \ + python-setuptools && \ + apt-get install -y \ + build-essential \ + cmake \ + curl \ + git \ + libffi-dev \ + python-all-dev && \ + useradd -u 1000 -g users -d /armada armada && \ + \ + curl -sSL https://github.com/libgit2/libgit2/archive/v$LIBGIT_VERSION.tar.gz \ + | tar zx -C /tmp && \ + cd /tmp/libgit2-$LIBGIT_VERSION && \ + cmake . && \ + cmake --build . --target install && \ + ldconfig && \ + \ + cd /armada && \ + pip install --upgrade pip && \ + pip install -r requirements.txt pygit2==$LIBGIT_VERSION && \ + pip install . && \ + \ + apt-get purge --auto-remove -y \ + build-essential \ + cmake \ + curl \ + git \ + libffi-dev \ + python-all-dev && \ + apt-get clean -y && \ + rm -rf \ + /root/.cache \ + /tmp/libgit2-$LIBGIT_VERSION \ + /var/lib/apt/lists/* + EXPOSE 8000 +USER armada +WORKDIR /armada + ENTRYPOINT ["./entrypoint.sh"] - CMD ["server"] - -ENV \ - LIBGIT_VERSION=0.25.0 \ - USER=armada - -RUN apt-get update -y && \ - apt-get install -y --no-install-recommends \ - build-essential \ - gcc \ - git \ - git-review \ - libffi-dev \ - libgit2-dev \ - libssl-dev \ - netbase \ - python-dev \ - python-pip \ - python-virtualenv \ - && mkdir -p /root/armada/tools - -WORKDIR /root/armada - -COPY ./tools/libgit2.sh /root/armada/tools -RUN /root/armada/tools/libgit2.sh - -COPY requirements.txt /root/armada -RUN pip install --upgrade setuptools urllib3 \ - && pip install -r requirements.txt pygit2==$LIBGIT_VERSION - -COPY . /root/armada - -RUN pip install -e . diff --git a/entrypoint.sh b/entrypoint.sh index e1d54e32..c772c0a9 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -6,7 +6,7 @@ PORT="8000" set -e if [ "$1" = 'server' ]; then - gunicorn server:api -b :$PORT --chdir armada/api + exec gunicorn server:api -b :$PORT --chdir armada/api fi if [ "$1" = 'tiller' ] || [ "$1" = 'apply' ]; then