# This image is based on Alpine linux to get a minimum memory footprint # Some say that alpine should not be used for Python (https://pythonspeed.com/articles/alpine-docker-python/), # however given some additional work, overall it may be better in the end (https://nickjanetakis.com/blog/the-3-biggest-wins-when-using-alpine-as-a-base-docker-image) ################# # STAGE 1 ################# FROM python:3-alpine AS builder # python:3-alpine misses gcc, ffi.h, ... # # GCC part : # https://number1.co.za/alpine-python-docker-base-image-problem-with-gcc/ # https://wiki.alpinelinux.org/wiki/How_to_get_regular_stuff_working # # Python cryptography part : # https://stackoverflow.com/questions/35736598/cannot-pip-install-cryptography-in-docker-alpine-linux-3-3-with-openssl-1-0-2g # https://github.com/pyca/cryptography/blob/1340c00/docs/installation.rst#building-cryptography-on-linux # Required to build RUN apk add --no-cache build-base gcc abuild binutils cmake \ libressl-dev musl-dev libffi-dev COPY requirements-runtime.txt . RUN pip install --no-cache-dir --user -r requirements-runtime.txt # The 'qr' command is used in the process to link the machine with a Signal account RUN pip install --no-cache-dir --user qrcode # It could be packaged (RUN python setup.py sdist bdist_wheel) to possibly # improve size and speed ; probably as a multistage build # And update the version from git using setuptools-scm # But it requires a bit of work #RUN python setup.py sdist bdist_wheel # Signal installation ENV SIGNAL_VERSION=0.6.7 RUN wget "https://github.com/AsamK/signal-cli/releases/download/v${SIGNAL_VERSION}/signal-cli-${SIGNAL_VERSION}.tar.gz" RUN tar xf "signal-cli-${SIGNAL_VERSION}.tar.gz" -C /opt RUN mv "/opt/signal-cli-${SIGNAL_VERSION}" /opt/signal-cli ################# # STAGE 2 ################# FROM python:3-alpine WORKDIR /usr/src/app # Required at runtime # libressl-dev : seems required for python to locate modules, or for omemo ? # openjdk : requirement for signal-cli # A Java 8+ runtime seems to be required for 0.6, 0.7 requires JRE 11 (which is 50MB bigger...) # For an even smaller JRE image, see maybe https://github.com/rhuss/docker-java-jolokia/blob/master/base/alpine/jre/8/Dockerfile # or https://hub.docker.com/r/azul/zulu-openjdk-alpine/dockerfile # bash is to use extended syntax in entrypoint.sh (in particular tee >(...)) RUN apk add --no-cache libressl-dev RUN apk add --no-cache bash openjdk8-jre # All Python files, including nicobot's COPY --from=builder /root/.local /root/.local/ # https://www.docker.com/blog/containerized-python-development-part-1/ ENV PATH=/root/.local/bin:$PATH #COPY --from=builder /root/.cache /root/.cache/ #COPY --from=builder /usr/local/lib /usr/local/lib/ # signal-cli files COPY --from=builder /opt/signal-cli /opt/signal-cli ENV PATH=/opt/signal-cli/bin:$PATH # TODO How to do it with one COPY ? # Or it could be COPY . . with a proper .dockerignore # Or build the context as a preliminary step COPY nicobot nicobot/ # This script allows packaging several bots in the same image # (to be clean they could be in separate images but they're so close that it's a lot easier to package and does not waste space by duplicating images) # Otherwise the ENTRYPOINT should simply be [ "python"] # Made a a separate COPY because it's a docker-specific layer # (other layers don't need to be re-built if this one changes) COPY docker-entrypoint.sh . ENTRYPOINT [ "./docker-entrypoint.sh" ]