diff --git a/.github/workflows/ci_release.yaml b/.github/workflows/ci_release.yaml index 4a28624..ee2f060 100644 --- a/.github/workflows/ci_release.yaml +++ b/.github/workflows/ci_release.yaml @@ -8,6 +8,10 @@ jobs: push_to_docker_hub: name: Push to Docker Hub + strategy: + matrix: + flavor: ["", "debian"] + runs-on: ubuntu-latest steps: @@ -16,3 +20,4 @@ jobs: tag: ${{ github.event.release.tag_name }} dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }} + flavor: ${{ matrix.flavor }} diff --git a/Dockerfile b/Dockerfile index 33dbe10..fc6ae33 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,36 +13,38 @@ # See the License for the specific language governing permissions and # limitations under the License. -## creating building container -FROM python:3.12-slim-bookworm AS builder -# update and install dependencies -RUN apt update -RUN apt upgrade -y +# BASE: a base image with updated packages +FROM python:3.12-alpine AS base +RUN apk upgrade --no-cache --available + +# BUILDER: a container to build the service wheel +FROM base AS builder RUN pip install build -# copy code COPY . /service WORKDIR /service -# build wheel RUN python -m build -# creating running container -FROM python:3.12-slim-bookworm -# update and install dependencies -RUN apt update -RUN apt upgrade -y -# copy and install requirements and wheel +# DEP-BUILDER: a container to (build and) install dependencies +FROM base AS dep-builder +RUN apk update +RUN apk add build-base gcc g++ libffi-dev zlib-dev +RUN apk upgrade --available WORKDIR /service COPY --from=builder /service/lock/requirements.txt /service RUN pip install --no-deps -r requirements.txt -RUN rm requirements.txt + +# RUNNER: a container to run the service +FROM base AS runner +WORKDIR /service +RUN rm -rf /usr/local/lib/python3.12 +COPY --from=dep-builder /usr/local/lib/python3.12 /usr/local/lib/python3.12 COPY --from=builder /service/dist/ /service RUN pip install --no-deps *.whl RUN rm *.whl -# create new user and execute as that user -RUN useradd --create-home appuser +RUN adduser -D appuser WORKDIR /home/appuser USER appuser -# set environment ENV PYTHONUNBUFFERED=1 + # Please adapt to package name: ENTRYPOINT ["my-microservice"] diff --git a/Dockerfile.debian b/Dockerfile.debian new file mode 100644 index 0000000..33dbe10 --- /dev/null +++ b/Dockerfile.debian @@ -0,0 +1,48 @@ +# Copyright 2021 - 2024 Universität Tübingen, DKFZ, EMBL, and Universität zu Köln +# for the German Human Genome-Phenome Archive (GHGA) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## creating building container +FROM python:3.12-slim-bookworm AS builder +# update and install dependencies +RUN apt update +RUN apt upgrade -y +RUN pip install build +# copy code +COPY . /service +WORKDIR /service +# build wheel +RUN python -m build + +# creating running container +FROM python:3.12-slim-bookworm +# update and install dependencies +RUN apt update +RUN apt upgrade -y +# copy and install requirements and wheel +WORKDIR /service +COPY --from=builder /service/lock/requirements.txt /service +RUN pip install --no-deps -r requirements.txt +RUN rm requirements.txt +COPY --from=builder /service/dist/ /service +RUN pip install --no-deps *.whl +RUN rm *.whl +# create new user and execute as that user +RUN useradd --create-home appuser +WORKDIR /home/appuser +USER appuser +# set environment +ENV PYTHONUNBUFFERED=1 +# Please adapt to package name: +ENTRYPOINT ["my-microservice"]