diff options
| author |  MarkKoz <[email protected]> | 2019-03-29 00:50:00 -0700 |
|---|---|---|
| committer | MarkKoz <[email protected]> | 2019-03-29 00:56:56 -0700 |
| commit | d1fe03b0a58f74ce897ba840e9d6313b2e6b14a6 (patch) | |
| tree | 8a52761b7f28f523918e123890e6f4cca646eb81 /docker | |
| parent | Remove GitLab CI config (diff) | |
Restructure Docker images
* Create a separate image for the virtual environment
* Build NsJail in the base image
* Remove the NsJail binaries
* Replace tini with Docker's init feature
* Update Python to 3.7.3
Diffstat (limited to 'docker')
| -rw-r--r-- | docker/Dockerfile | 12 | ||||
| -rw-r--r-- | docker/base.Dockerfile | 41 | ||||
| -rw-r--r-- | docker/venv.Dockerfile | 10 |
3 files changed, 34 insertions, 29 deletions
diff --git a/docker/Dockerfile b/docker/Dockerfile index b8d5637..5ef8a88 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,13 +1,7 @@ -FROM pythondiscord/snekbox-base:latest +FROM pythondiscord/snekbox-venv:latest -RUN apk add --update tini +ENTRYPOINT ["pipenv", "run"] +CMD ["snekbox"] -RUN mkdir -p /snekbox COPY . /snekbox WORKDIR /snekbox - -RUN pipenv --rm -RUN pipenv sync - -ENTRYPOINT ["/sbin/tini", "--"] -CMD ["pipenv", "run", "snekbox"] diff --git a/docker/base.Dockerfile b/docker/base.Dockerfile index cdbd98e..2883398 100644 --- a/docker/base.Dockerfile +++ b/docker/base.Dockerfile @@ -1,23 +1,24 @@ -FROM python:3.6.6-alpine3.7 - -RUN apk add --no-cache libstdc++ protobuf -RUN apk add --update build-base - -ENV PIPENV_VENV_IN_PROJECT=1 -ENV PIPENV_IGNORE_VIRTUALENVS=1 -ENV PIPENV_NOSPIN=1 -ENV PIPENV_HIDE_EMOJIS=1 -ENV PYTHONPATH=/snekbox +FROM alpine:3.9.2 as builder +RUN apk add --no-cache --update \ + bison \ + bsd-compat-headers \ + flex \ + g++ \ + gcc \ + git \ + libnl3-dev \ + linux-headers \ + make \ + protobuf-dev +RUN git clone --depth=1 https://github.com/google/nsjail.git /nsjail +WORKDIR /nsjail +RUN make +FROM python:3.7.3-alpine3.9 +RUN apk add --no-cache --update \ + libnl3 \ + libstdc++ \ + protobuf RUN pip install pipenv - -RUN mkdir -p /snekbox -COPY Pipfile /snekbox -COPY Pipfile.lock /snekbox -COPY . /snekbox -WORKDIR /snekbox - -RUN pipenv sync --dev - -RUN cp binaries/nsjail2.5-alpine-x86_64 /usr/sbin/nsjail +COPY --from=builder /nsjail/nsjail /usr/sbin/ RUN chmod +x /usr/sbin/nsjail diff --git a/docker/venv.Dockerfile b/docker/venv.Dockerfile new file mode 100644 index 0000000..9608d28 --- /dev/null +++ b/docker/venv.Dockerfile @@ -0,0 +1,10 @@ +FROM pythondiscord/snekbox-base:latest + +ENV PIPENV_VENV_IN_PROJECT=1 \ + PIPENV_NOSPIN=1 \ + PIPENV_HIDE_EMOJIS=1 + +COPY Pipfile Pipfile.lock /snekbox/ +WORKDIR /snekbox + +RUN pipenv sync --dev |