Skip to content

Commit

Permalink
perf: Use Alpine as default OS for the container
Browse files Browse the repository at this point in the history
  • Loading branch information
clemlesne committed Oct 30, 2024
1 parent 090df45 commit 9400d22
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 18 deletions.
50 changes: 32 additions & 18 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,36 +1,50 @@
# Base container
FROM docker.io/library/python:3.12-slim-bookworm@sha256:541d45d3d675fb8197f534525a671e2f8d66c882b89491f9dda271f4f94dcd06 AS base
FROM docker.io/library/python:3.12-alpine3.20@sha256:38e179a0f0436c97ecc76bcd378d7293ab3ee79e4b8c440fdc7113670cb6e204 AS base

RUN --mount=target=/var/cache/apk,type=cache,sharing=locked --mount=target=/root/.cache/pip,type=cache,sharing=locked \
apk update \
&& apk add \
gcc

# Build container
FROM base AS build

RUN rm -f /etc/apt/apt.conf.d/docker-clean \
&& echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
RUN --mount=target=/var/lib/apt/lists,type=cache,sharing=locked --mount=target=/root/.cache/pip,type=cache,sharing=locked \
apt-get update -q \
&& apt-get install -y -q --no-install-recommends \
gcc \
python3-dev \
&& python3 -m pip install --upgrade \
pip \
setuptools \
wheel

RUN python -m venv /venv
RUN --mount=target=/var/cache/apk,type=cache,sharing=locked --mount=target=/root/.cache/pip,type=cache,sharing=locked \
apk update \
&& apk add \
cargo \
libffi-dev \
linux-headers \
musl-dev \
python3-dev \
rust \
&& python3 -m ensurepip \
&& python3 -m pip install \
--root-user-action ignore \
--upgrade \
pip \
setuptools \
wheel

RUN python3 -m venv /venv
ENV PATH=/venv/bin:$PATH

COPY requirements.txt .
RUN --mount=target=/root/.cache/pip,type=cache,sharing=locked \
python3 -m pip install --requirement requirements.txt
python3 -m pip install \
--requirement requirements.txt \
--root-user-action ignore

# Output container
FROM base

ARG VERSION
ENV VERSION=${VERSION}

RUN useradd -m appuser \
&& mkdir /app \
RUN adduser \
--disabled-password \
--home /app \
appuser \
&& chown -R appuser:appuser /app

USER appuser
Expand All @@ -40,4 +54,4 @@ ENV PATH=/venv/bin:$PATH

COPY --chown=appuser:appuser /app /app

CMD ["bash", "-c", "gunicorn app.main:api --bind 0.0.0.0:8080 --proxy-protocol --workers 4 --worker-class uvicorn.workers.UvicornWorker"]
CMD ["sh", "-c", "gunicorn app.main:api --bind 0.0.0.0:8080 --proxy-protocol --workers 4 --worker-class uvicorn.workers.UvicornWorker"]
9 changes: 9 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,15 @@ build:
--tag $(container_name):latest \
.

run:
$(docker) run \
--env PUBLIC_DOMAIN=$(tunnel_url) \
--env VERSION=$(version_full) \
--env-file .env \
--mount type=bind,source=$(shell pwd)/config.yaml,target=/app/config.yaml \
--publish 8080:8080 \
$(container_name):latest

deploy:
$(MAKE) deploy-bicep

Expand Down

0 comments on commit 9400d22

Please sign in to comment.