diff options
| author |  Mark <[email protected]> | 2023-09-15 17:41:36 -0700 |
|---|---|---|
| committer | Mark <[email protected]> | 2023-09-15 19:18:00 -0700 |
| commit | 2fb4d6767ad48ae80fe91beb75d7505142a014cf (patch) | |
| tree | f2fbd45162de5d4226472c2227acdabe86d367af | |
| parent | Merge pull request #192 from python-discord/bump-Python-versions (diff) | |
Update to Debian Bookworm
Mount /dev/shm in the container by setting ipc to "private". This is
the same as "none" (the previous value) with the only difference being
that shm is mounted. This is needed for integration tests to pass.
The integration tests always relied on shared memory due to their use of
multiprocessing. They managed to work because glibc used to fall back to
/tmp if /dev/shm wasn't available. However, newer versions of glibc,
which Debian Bookworm now uses, removed that fallback behaviour.
| -rw-r--r-- | Dockerfile | 8 | ||||
| -rw-r--r-- | docker-compose.yml | 2 |
2 files changed, 5 insertions, 5 deletions
@@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1.4 -FROM buildpack-deps:buster as builder-nsjail +FROM buildpack-deps:bookworm as builder-nsjail WORKDIR /nsjail @@ -17,7 +17,7 @@ RUN git clone -b master --single-branch https://github.com/google/nsjail.git . \ RUN make # ------------------------------------------------------------------------------ -FROM buildpack-deps:buster as builder-py-base +FROM buildpack-deps:bookworm as builder-py-base ENV PYENV_ROOT=/pyenv \ PYTHON_CONFIGURE_OPTS='--disable-test-modules --enable-optimizations \ @@ -42,7 +42,7 @@ RUN git clone -b v2.3.26 --depth 1 https://github.com/pyenv/pyenv.git $PYENV_ROO && /build_python.sh 3.12.0rc2 # ------------------------------------------------------------------------------ -FROM python:3.11-slim-buster as base +FROM python:3.11-slim-bookworm as base ENV PIP_DISABLE_PIP_VERSION_CHECK=1 \ PIP_NO_CACHE_DIR=false @@ -52,7 +52,7 @@ RUN apt-get -y update \ gcc \ git \ libnl-route-3-200 \ - libprotobuf17 \ + libprotobuf32 \ && rm -rf /var/lib/apt/lists/* COPY --link --from=builder-nsjail /nsjail/nsjail /usr/sbin/ diff --git a/docker-compose.yml b/docker-compose.yml index 0613abc..b28d61b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,7 +10,7 @@ services: ports: - "8060:8060" init: true - ipc: none + ipc: private tty: true environment: SNEKBOX_DEBUG: 1 |