Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: reduce app image size #205

Merged
merged 9 commits into from
Nov 23, 2023
Merged
1 change: 1 addition & 0 deletions {{ cookiecutter.__package_name_kebab_case }}/.dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
.git
lsorber marked this conversation as resolved.
Show resolved Hide resolved
49 changes: 33 additions & 16 deletions {{ cookiecutter.__package_name_kebab_case }}/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,6 +1,10 @@
# syntax=docker/dockerfile:1
ARG PYTHON_VERSION={{ cookiecutter.python_version }}
FROM {{ cookiecutter.docker_image }} AS base

# Remove docker-clean so we can keep the apt cache in Docker build cache.
RUN rm /etc/apt/apt.conf.d/docker-clean
sinopeus marked this conversation as resolved.
Show resolved Hide resolved

sinopeus marked this conversation as resolved.
Show resolved Hide resolved
{%- if cookiecutter.development_environment == "strict" %}

# Configure Python to print tracebacks on crash [1], and to not buffer stdout and stderr [2].
Expand All @@ -10,18 +14,6 @@ ENV PYTHONFAULTHANDLER 1
ENV PYTHONUNBUFFERED 1
{%- endif %}

# Install Poetry.
ENV POETRY_VERSION 1.6.1
RUN --mount=type=cache,target=/root/.cache/pip/ \
pip install poetry~=$POETRY_VERSION

# Install compilers that may be required for certain packages or platforms.
RUN rm /etc/apt/apt.conf.d/docker-clean
RUN --mount=type=cache,target=/var/cache/apt/ \
--mount=type=cache,target=/var/lib/apt/ \
apt-get update && \
apt-get install --no-install-recommends --yes build-essential

# Create a non-root user and switch to it [1].
# [1] https://code.visualstudio.com/remote/advancedcontainers/add-nonroot-user
ARG UID=1000
Expand All @@ -32,13 +24,35 @@ RUN groupadd --gid $GID user && \
USER user

# Create and activate a virtual environment.
RUN python -m venv /opt/{{ cookiecutter.__package_name_kebab_case }}-env
ENV PATH /opt/{{ cookiecutter.__package_name_kebab_case }}-env/bin:$PATH
ENV VIRTUAL_ENV /opt/{{ cookiecutter.__package_name_kebab_case }}-env
ENV PATH $VIRTUAL_ENV/bin:$PATH
RUN python -m venv $VIRTUAL_ENV

# Set the working directory.
WORKDIR /workspaces/{{ cookiecutter.__package_name_kebab_case }}/



FROM base as poetry
sinopeus marked this conversation as resolved.
Show resolved Hide resolved

USER root

# Install Poetry in separate venv so it doesn't pollute the main venv.
ENV POETRY_VERSION 1.6.1
ENV POETRY_VIRTUAL_ENV /opt/poetry-env
RUN --mount=type=cache,target=/root/.cache/pip/ \
python -m venv $POETRY_VIRTUAL_ENV && \
$POETRY_VIRTUAL_ENV/bin/pip install poetry~=$POETRY_VERSION && \
lsorber marked this conversation as resolved.
Show resolved Hide resolved
ln -s $POETRY_VIRTUAL_ENV/bin/poetry /usr/local/bin/poetry

# Install compilers that may be required for certain packages or platforms.
RUN --mount=type=cache,target=/var/cache/apt/ \
--mount=type=cache,target=/var/lib/apt/ \
apt-get update && \
apt-get install --no-install-recommends --yes build-essential

USER user

# Install the run time Python dependencies in the virtual environment.
COPY --chown=user:user poetry.lock* pyproject.toml /workspaces/{{ cookiecutter.__package_name_kebab_case }}/
RUN mkdir -p /home/user/.cache/pypoetry/ && mkdir -p /home/user/.config/pypoetry/ && \
Expand All @@ -51,7 +65,7 @@ RUN --mount=type=cache,uid=$UID,gid=$GID,target=/home/user/.cache/pypoetry/ \



FROM base as ci
lsorber marked this conversation as resolved.
Show resolved Hide resolved
FROM poetry as ci

# Allow CI to run as root.
USER root
lsorber marked this conversation as resolved.
Show resolved Hide resolved
Expand All @@ -71,7 +85,7 @@ RUN --mount=type=cache,target=/root/.cache/pypoetry/ \



FROM base as dev
FROM poetry as dev

# Install development tools: curl, git, gpg, ssh, starship, sudo, vim, and zsh.
USER root
Expand Down Expand Up @@ -124,6 +138,9 @@ RUN ln -s /run/secrets/poetry-auth /home/user/.config/pypoetry/auth.toml

FROM base AS app
lsorber marked this conversation as resolved.
Show resolved Hide resolved

# Copy the virtual environment from the poetry stage.
COPY --from=poetry $VIRTUAL_ENV $VIRTUAL_ENV

# Copy the package source code to the working directory.
COPY --chown=user:user . .

Expand Down