jumpserver/Dockerfile-base

FROM python:3.11-slim-bullseye
ARG TARGETARCH

# Install APT dependencies
ARG DEPENDENCIES="                    \
        ca-certificates               \
        wget                          \
        g++                           \
        make                          \
        pkg-config                    \
        default-libmysqlclient-dev    \
        freetds-dev                   \
        gettext                       \
        libkrb5-dev                   \
        libldap2-dev                  \
        libsasl2-dev"


ARG APT_MIRROR=http://deb.debian.org
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=core \
    --mount=type=cache,target=/var/lib/apt,sharing=locked,id=core \
    set -ex \
    && rm -f /etc/apt/apt.conf.d/docker-clean \
    && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache \
    && sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
    && apt-get update > /dev/null \
    && apt-get -y install --no-install-recommends ${DEPENDENCIES} \
    && echo "no" | dpkg-reconfigure dash


# Install bin tools
ARG CHECK_VERSION=v1.0.3
RUN set -ex \
    && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
    && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
    && mv check /usr/local/bin/ \
    && chown root:root /usr/local/bin/check \
    && chmod 755 /usr/local/bin/check \
    && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz


# Install Python dependencies
WORKDIR /opt/jumpserver

ARG PIP_MIRROR=https://pypi.org/simple
ENV ANSIBLE_COLLECTIONS_PATHS=/opt/py3/lib/python3.11/site-packages/ansible_collections

RUN --mount=type=cache,target=/root/.cache,sharing=locked,id=core \
    --mount=type=bind,source=poetry.lock,target=poetry.lock \
    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
    --mount=type=bind,source=utils/clean_site_packages.sh,target=clean_site_packages.sh \
    --mount=type=bind,source=requirements/collections.yml,target=collections.yml \
    set -ex \
    && python3 -m venv /opt/py3 \
    && pip install poetry -i ${PIP_MIRROR} \
    && poetry config virtualenvs.create false \
    && . /opt/py3/bin/activate \
    && poetry install --only main \
    && ansible-galaxy collection install -r collections.yml --force --ignore-certs \
    && bash clean_site_packages.sh
perf: change docker file build (#13761) * perf: change docker file build * perf: Update Dockerfile with new base image tag --------- Co-authored-by: ibuler <ibuler@qq.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 4 months ago			`FROM python:3.11-slim-bullseye`
			`ARG TARGETARCH`

			`# Install APT dependencies`
			`ARG DEPENDENCIES=" \`
			`ca-certificates \`
			`wget \`
			`g++ \`
			`make \`
			`pkg-config \`
			`default-libmysqlclient-dev \`
			`freetds-dev \`
			`gettext \`
			`libkrb5-dev \`
			`libldap2-dev \`
			`libsasl2-dev"`


			`ARG APT_MIRROR=http://deb.debian.org`
			`RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=core \`
			`--mount=type=cache,target=/var/lib/apt,sharing=locked,id=core \`
			`set -ex \`
			`&& rm -f /etc/apt/apt.conf.d/docker-clean \`
			`&& echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache \`
			`&& sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \`
			`&& apt-get update > /dev/null \`
			`&& apt-get -y install --no-install-recommends ${DEPENDENCIES} \`
			`&& echo "no" \| dpkg-reconfigure dash`


			`# Install bin tools`
perf: update check version to v1.0.3 4 months ago			`ARG CHECK_VERSION=v1.0.3`
perf: change docker file build (#13761) * perf: change docker file build * perf: Update Dockerfile with new base image tag --------- Co-authored-by: ibuler <ibuler@qq.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 4 months ago			`RUN set -ex \`
			`&& wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \`
			`&& tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \`
			`&& mv check /usr/local/bin/ \`
			`&& chown root:root /usr/local/bin/check \`
			`&& chmod 755 /usr/local/bin/check \`
			`&& rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz`


			`# Install Python dependencies`
			`WORKDIR /opt/jumpserver`

			`ARG PIP_MIRROR=https://pypi.org/simple`
perf: Upgrade ansible postgresql 2 months ago			`ENV ANSIBLE_COLLECTIONS_PATHS=/opt/py3/lib/python3.11/site-packages/ansible_collections`

perf: change docker file build (#13761) * perf: change docker file build * perf: Update Dockerfile with new base image tag --------- Co-authored-by: ibuler <ibuler@qq.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 4 months ago			`RUN --mount=type=cache,target=/root/.cache,sharing=locked,id=core \`
			`--mount=type=bind,source=poetry.lock,target=poetry.lock \`
			`--mount=type=bind,source=pyproject.toml,target=pyproject.toml \`
perf: clean site packages 3 months ago			`--mount=type=bind,source=utils/clean_site_packages.sh,target=clean_site_packages.sh \`
perf: Upgrade ansible postgresql 2 months ago			`--mount=type=bind,source=requirements/collections.yml,target=collections.yml \`
perf: change docker file build (#13761) * perf: change docker file build * perf: Update Dockerfile with new base image tag --------- Co-authored-by: ibuler <ibuler@qq.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 4 months ago			`set -ex \`
			`&& python3 -m venv /opt/py3 \`
			`&& pip install poetry -i ${PIP_MIRROR} \`
			`&& poetry config virtualenvs.create false \`
			`&& . /opt/py3/bin/activate \`
perf: clean site packages 3 months ago			`&& poetry install --only main \`
perf: Upgrade ansible postgresql 2 months ago			`&& ansible-galaxy collection install -r collections.yml --force --ignore-certs \`
perf: clean site packages 3 months ago			`&& bash clean_site_packages.sh`