Dustin C. Hatch
e4742f1c6e
With the addition of ancillary scripts like `entrypoint.sh`, the `COPY .` instruction in the build stage results in a full rebuild of the final image for every change. To avoid this, we now only copy the files that are actually required to build the wheel. The other scripts are copied later, using an intermediate layer. This avoids needing a `COPY` instruction, and therefore a new layer in the final image, for each script. Hypothetically, we could use `RUN --mount=bind` and copy the files with the `install` command, but bind-mounting the build context doesn't actually work; SELinux prevents the container builder from accessing the source directory directly.
90 lines
1.6 KiB
Docker
90 lines
1.6 KiB
Docker
FROM git.pyrocufflink.net/containerimages/dch-base AS build
|
|
|
|
RUN --mount=type=cache,target=/var/cache \
|
|
microdnf install -y \
|
|
--setopt install_weak_deps=0 \
|
|
rust \
|
|
cargo \
|
|
&& :
|
|
|
|
RUN cargo install rbw
|
|
|
|
RUN --mount=type=cache,target=/var/cache \
|
|
microdnf install -y \
|
|
--setopt install_weak_deps=0 \
|
|
git-core \
|
|
python3-devel \
|
|
python3-pip \
|
|
python3-wheel \
|
|
&& :
|
|
|
|
COPY .git /src/.git
|
|
COPY xactfetch.py pyproject.toml /src
|
|
|
|
RUN python3 -m pip wheel -w /wheels /src
|
|
|
|
|
|
FROM scratch AS mixin
|
|
|
|
COPY pinentry-stub.sh /usr/local/bin/pinentry-stub
|
|
|
|
COPY entrypoint.sh /entrypoint.sh
|
|
|
|
|
|
FROM git.pyrocufflink.net/containerimages/dch-base
|
|
|
|
RUN --mount=type=cache,target=/var/cache \
|
|
microdnf install -y \
|
|
--setopt install_weak_deps=0 \
|
|
alsa-lib \
|
|
atk \
|
|
cairo \
|
|
cairo-gobject \
|
|
dbus-glib \
|
|
fontconfig \
|
|
freetype \
|
|
gdk-pixbuf2 \
|
|
gtk3 \
|
|
libX11 \
|
|
libX11-xcb \
|
|
libXcomposite \
|
|
libXcursor \
|
|
libXdamage \
|
|
libXext \
|
|
libXfixes \
|
|
libXi \
|
|
libXrandr \
|
|
libXrender \
|
|
libXtst \
|
|
libdrm \
|
|
libxcb \
|
|
mesa-libgbm \
|
|
nspr \
|
|
nss \
|
|
pango \
|
|
python3 \
|
|
python3-pip \
|
|
tini \
|
|
xorg-x11-server-Xvfb \
|
|
&& echo xactfetch:x:2468: >> /etc/group \
|
|
&& echo xactfetch:*:2468:2468:xactfetch:/var/lib/xactfetch:/sbin/nologin >> /etc/passwd \
|
|
&& :
|
|
|
|
ENV PLAYWRIGHT_BROWSERS_PATH=/usr/local/playwright/browsers
|
|
|
|
RUN --mount=type=bind,from=build,source=/,target=/build \
|
|
python3 -m pip install --no-index -f /build/wheels xactfetch \
|
|
&& cp /build/root/.cargo/bin/rbw* /usr/local/bin/ \
|
|
&& playwright install chromium \
|
|
&& :
|
|
|
|
COPY --from=mixin / /
|
|
|
|
VOLUME /var/lib/xactfetch
|
|
|
|
WORKDIR /var/lib/xactfetch
|
|
|
|
USER 2468:2468
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|