Skip to content

Instantly share code, notes, and snippets.

@pablospizzamiglio

pablospizzamiglio/debian_based.Dockerfile

Last active January 19, 2024 18:42
Show Gist options
  • Save pablospizzamiglio/ef4b254038f028abaa27263bdc9deba5 to your computer and use it in GitHub Desktop.
Save pablospizzamiglio/ef4b254038f028abaa27263bdc9deba5 to your computer and use it in GitHub Desktop.
Download ZIP
Python 3.12 Dockerfile (Debian 12 and Ubuntu 23.10)
Raw
debian_based.Dockerfile
# syntax=docker/dockerfile:1
FROM python:3.12.1-slim-bookworm AS base
ENV LANG=C.UTF-8
ENV LC_ALL=C.UTF-8
ENV PYTHONUNBUFFERED=1
ENV PYTHONDONTWRITEBYTECODE=1
ENV APP_ROOT=/app
WORKDIR ${APP_ROOT}
RUN : \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
ca-certificates \
wget \
&& apt-get autoremove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* \
&& useradd -u 1001 -g 0 -d ${BLS_APP_ROOT} -s /usr/sbin/nologin nonroot \
&& :
FROM base as builder
ARG PYPI_PIPENV_VERSION="2023.11.15"
ENV PIP_NO_CACHE_DIR=1
ENV PIPENV_VENV_IN_PROJECT=1
ENV PIPX_HOME="/opt/pipx/venvs"
ENV PIPX_BIN_DIR="/opt/pipx/bin"
ENV PATH="${PIPX_BIN_DIR}:${PATH}"
RUN : \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
build-essential \
git \
openssh-client \
pipx \
&& apt-get autoremove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /root/.ssh \
&& ssh-keyscan github.com >> /root/.ssh/known_hosts \
&& pipx install pipenv==${PIPY_PIPENV_VERSION} \
&& :
COPY Pipfile Pipfile.lock ./
RUN --mount=type=ssh pipenv sync && pipenv --clear
FROM base AS final
# Manually enable virtual environment
ENV VIRTUAL_ENV="${BLS_APP_ROOT}/.venv"
ENV PATH="${VIRTUAL_ENV}/bin:$PATH"
COPY --chown=nonroot:0 --from=build ${VIRTUAL_ENV} ${VIRTUAL_ENV}
COPY --chown=nonroot:0 service service
USER nonroot
CMD ["uvicorn", "service.main:app", "--host", "0.0.0.0", "--port", "80"]
Raw
ubuntu_based.Dockerfile
# syntax=docker/dockerfile:1
FROM ubuntu:23.10 AS base
ENV LANG=C.UTF-8
ENV LC_ALL=C.UTF-8
ENV PYTHONUNBUFFERED=1
ENV PYTHONDONTWRITEBYTECODE=1
ENV APP_ROOT=/app
WORKDIR ${APP_ROOT}
RUN : \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
ca-certificates \
python3-pip \
python3.12-full \
wget \
&& apt-get autoremove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* \
&& useradd -u 1001 -g 0 -d ${BLS_APP_ROOT} -s /usr/sbin/nologin nonroot \
&& :
FROM base as builder
ARG PYPI_PIPENV_VERSION="2023.11.15"
ENV PIP_NO_CACHE_DIR=1
ENV PIPENV_VENV_IN_PROJECT=1
ENV PIPX_HOME="/opt/pipx/venvs"
ENV PIPX_BIN_DIR="/opt/pipx/bin"
ENV PATH="${PIPX_BIN_DIR}:${PATH}"
RUN : \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
build-essential \
git \
openssh-client \
pipx \
&& apt-get autoremove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /root/.ssh \
&& ssh-keyscan github.com >> /root/.ssh/known_hosts \
&& pipx install pipenv==${PIPY_PIPENV_VERSION} \
&& :
COPY Pipfile Pipfile.lock ./
RUN --mount=type=ssh pipenv sync && pipenv --clear
FROM base AS final
# Manually enable virtual environment
ENV VIRTUAL_ENV="${BLS_APP_ROOT}/.venv"
ENV PATH="${VIRTUAL_ENV}/bin:$PATH"
WORKDIR ${APP_ROOT}
COPY --from=builder ${VIRTUAL_ENV} ${VIRTUAL_ENV}
COPY service service
COPY --chown=nonroot:0 --from=build ${VIRTUAL_ENV} ${VIRTUAL_ENV}
COPY --chown=nonroot:0 service service
USER nonroot
CMD ["uvicorn", "service.main:app", "--host", "0.0.0.0", "--port", "80"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment