40 lines
1.5 KiB
Docker
40 lines
1.5 KiB
Docker
# syntax=docker/dockerfile:1
|
|
|
|
# It's important that this is Debian 12 to match the distroless image.
|
|
FROM debian:12-slim AS build
|
|
|
|
RUN --mount=type=cache,target=/var/lib/apt/lists \
|
|
--mount=type=cache,target=/var/cache/apt \
|
|
rm -f /etc/apt/apt.conf.d/docker-clean \
|
|
&& apt-get update \
|
|
&& apt-get install --no-install-recommends --yes python3-venv git
|
|
|
|
# Don't write .pyc bytecode files. These speed up imports when the program is
|
|
# loaded. There's no point doing that in a container where they'll never be
|
|
# persisted across restarts.
|
|
ENV PYTHONDONTWRITEBYTECODE=true
|
|
|
|
# Use Hatch to build a wheel. The build stage must do this in a venv because
|
|
# Debian doesn't have a hatch package, and it won't let you install one globally
|
|
# using pip.
|
|
WORKDIR /build
|
|
RUN --mount=target=. \
|
|
--mount=type=cache,target=/root/.cache/pip \
|
|
python3 -m venv /venv/build \
|
|
&& /venv/build/bin/pip install hatch \
|
|
&& /venv/build/bin/hatch build -t wheel /whl
|
|
|
|
# Create a fresh venv and install only the function wheel into it.
|
|
RUN --mount=type=cache,target=/root/.cache/pip \
|
|
python3 -m venv /venv/fn \
|
|
&& /venv/fn/bin/pip install /whl/*.whl
|
|
|
|
# Copy the function venv to our runtime stage. It's important that the path be
|
|
# the same as in the build stage, to avoid shebang paths and symlinks breaking.
|
|
FROM gcr.io/distroless/python3-debian12 AS image
|
|
WORKDIR /
|
|
COPY --from=build /venv/fn /venv/fn
|
|
EXPOSE 9443
|
|
USER nonroot:nonroot
|
|
ENTRYPOINT ["/venv/fn/bin/function"]
|