diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 59c98adb9..4adbcb81c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -9,6 +9,7 @@ on: pull_request: env: + DOCKERHUB_REPO: simplelogin/app-ci CMAKE_POLICY_VERSION_MINIMUM: 3.5 UV_VERSION: 0.10.12 @@ -39,7 +40,6 @@ jobs: run: | uv run pre-commit run --all-files - test: runs-on: ubuntu-latest @@ -117,7 +117,7 @@ jobs: path: htmlcov build: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 needs: ['test', 'lint'] if: github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v')) @@ -126,7 +126,7 @@ jobs: id: meta uses: docker/metadata-action@v4 with: - images: simplelogin/app-ci + images: ${{ env.DOCKERHUB_REPO }} - name: Login to Docker Hub uses: docker/login-action@v3 diff --git a/Dockerfile b/Dockerfile index 7f3d50ae8..35f3178d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,40 +4,63 @@ WORKDIR /code COPY ./static/package*.json /code/static/ RUN cd /code/static && npm ci -FROM --platform=linux/amd64 ubuntu:22.04 +FROM ubuntu:24.04 -ARG UV_VERSION="0.10.12" -ARG UV_HASH="adccf40b5d1939a5e0093081ec2307ea24235adf7c2d96b122c561fa37711c46" +ARG TARGETARCH # Keeps Python from generating .pyc files in the container ENV PYTHONDONTWRITEBYTECODE=1 # Turns off buffering for easier container logging ENV PYTHONUNBUFFERED=1 - WORKDIR /code # Copy dependency files COPY pyproject.toml uv.lock .python-version ./ # Install deps -RUN apt-get update \ - && apt-get install -y curl netcat-traditional gcc python3-dev gnupg git libre2-dev build-essential pkg-config cmake ninja-build bash clang \ - && curl -sSL "https://github.com/astral-sh/uv/releases/download/${UV_VERSION}/uv-x86_64-unknown-linux-gnu.tar.gz" > uv.tar.gz \ - && echo "${UV_HASH} uv.tar.gz" | sha256sum -c - \ - && tar xf uv.tar.gz -C /tmp/ \ - && mv /tmp/uv-x86_64-unknown-linux-gnu/uv /usr/bin/uv \ - && mv /tmp/uv-x86_64-unknown-linux-gnu/uvx /usr/bin/uvx \ - && rm -rf /tmp/uv* \ - && rm -f uv.tar.gz \ - && uv python install `cat .python-version` \ - && export CMAKE_POLICY_VERSION_MINIMUM=3.5 \ - && uv sync --locked \ - && apt-get autoremove -y \ - && apt-get purge -y curl netcat-traditional build-essential pkg-config cmake ninja-build python3-dev clang\ - && apt-get autoremove -y \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* +RUN \ + echo "**** install build packages ****" && \ + apt-get update && \ + apt-get install -y --no-install-recommends \ + curl \ + netcat-traditional \ + gcc \ + python3-dev \ + gnupg \ + git \ + libre2-dev \ + build-essential \ + pkg-config \ + cmake \ + ninja-build \ + bash \ + clang \ + ca-certificates && \ + curl -o /tmp/uv-installer.sh -L https://astral.sh/uv/install.sh && \ + sh /tmp/uv-installer.sh && \ + export PATH="$HOME/.local/bin:$PATH" && \ + uv python install `cat .python-version` && \ + export CMAKE_POLICY_VERSION_MINIMUM=3.5 && \ + uv sync --no-dev --no-cache && \ + echo "**** install runtime packages ****" && \ + apt-get install -y \ + gnupg \ + libre2-10 && \ + echo "**** cleanup ****" && \ + apt-get purge -y \ + curl \ + netcat-traditional \ + build-essential \ + pkg-config \ + cmake \ + ninja-build \ + python3-dev \ + clang && \ + apt-get autoremove -y && \ + apt-get autoclean -y && \ + rm -rf \ + /var/lib/apt/lists/* # Copy code COPY . . @@ -49,4 +72,4 @@ ENV PATH="/code/.venv/bin:$PATH" EXPOSE 7777 #gunicorn wsgi:app -b 0.0.0.0:7777 -w 2 --timeout 15 --log-level DEBUG -CMD ["gunicorn","wsgi:app","-b","0.0.0.0:7777","-w","2","--timeout","15"] +CMD ["gunicorn","wsgi:app","-b","0.0.0.0:7777","-w","2","--timeout","15"] \ No newline at end of file