mirror of
https://github.com/nicolabs/nicobot.git
synced 2025-09-05 06:33:25 +02:00
105 lines
4.6 KiB
Docker
105 lines
4.6 KiB
Docker
######################################
|
|
# STAGE 1 : Builder image
|
|
#
|
|
|
|
# This builder must have a Python version compatible with the final image
|
|
# So built artifacts will work
|
|
FROM python:3 as builder
|
|
|
|
RUN apt-get update && \
|
|
# The following fails on arm : https://github.com/docker/buildx/issues/495
|
|
apt-get install -y \
|
|
# "make" tools required to compile the Python modules
|
|
# not all may be required on all platforms...
|
|
# XEdDSA needs at least make & cmake (future versions will not : see https://github.com/Syndace/python-xeddsa)
|
|
cmake g++ make \
|
|
# rustc \
|
|
# More dependencies for the 'cryptography' module
|
|
# See https://cryptography.io/en/latest/installation.html#debian-ubuntu
|
|
build-essential libssl-dev libffi-dev python3-dev \
|
|
# git required by setuptools-scm during 'pip install'
|
|
git
|
|
|
|
# # Rust is a requirement to build the 'cryptography' Python module
|
|
# # but it's sooo complicated to install it on many platforms...
|
|
# # The recommended procedure is to use 'rustup but Alpine ships with more CPU
|
|
# # architectures so we use the OS' packages. (At the time of writing rustup only
|
|
# # provides installers for x86_64 and aarch64 (arm64).)
|
|
# # https://forge.rust-lang.org/infra/other-installation-methods.html
|
|
# # Alpine packages : https://pkgs.alpinelinux.org/packages?name=rust
|
|
# # Debian packages : https://packages.debian.org/buster/rustc
|
|
# # FIXME The rustup script does not work for linux/386 : it seems it installs x86_64 instead
|
|
# #RUN (curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y && . $HOME/.cargo/env) || apt-get install -y rustc
|
|
# # As of writing, copying from the rust image is supported for the following archs : 386,amd64,armv7,arm64
|
|
# COPY --from=rust:slim /usr/local/cargo /usr/local/cargo
|
|
# COPY --from=rust:slim /usr/local/rustup /usr/local/rustup
|
|
# ENV RUSTUP_HOME=/usr/local/rustup \
|
|
# CARGO_HOME=/usr/local/cargo \
|
|
# PATH=/usr/local/cargo/bin:$PATH
|
|
# RUN rustc --version
|
|
|
|
WORKDIR /usr/src/app
|
|
|
|
# Builds & installs requirements (shoduld not change often)
|
|
COPY constraints.txt \
|
|
requirements-*.txt \
|
|
setup.py \
|
|
.
|
|
# FIXME Either with rustup or rustc package, rust version for linux/386 on debian is only 1.41 as of buster
|
|
# => Since 3.4.3 cryptography requires rust 1.45+, which is not available on all platforms
|
|
# https://cryptography.io/en/latest/changelog.html#v3-4-3
|
|
# => For now we use the patch below to disable rust but the next version of cryptography
|
|
# will probably force us to use packages from debian testing or to use an older cryptography version
|
|
# FIXME Also, after using all patches that I could find, I finally end up having this issue : https://github.com/nicolabs/nicobot/issues/59
|
|
# So Rust extensions are now officially disabled until cryptography builds again on ARM
|
|
ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1
|
|
# This step WILL trigger a compilation on platforms without matching Python wheels
|
|
RUN python3 -m pip install --no-cache-dir --user --upgrade pip && \
|
|
python3 -m pip install --no-cache-dir --user -c constraints.txt -r requirements-build.txt -r requirements-runtime.txt
|
|
|
|
# Builds & installs nicobot (should change often, especially the .git directory)
|
|
COPY LICENSE \
|
|
README.md \
|
|
.
|
|
COPY nicobot nicobot
|
|
COPY .git .git
|
|
RUN python3 -m pip install --no-cache-dir --user .
|
|
|
|
|
|
|
|
######################################
|
|
# STAGE 2 : Final image
|
|
#
|
|
|
|
# The base image must provide :
|
|
# - Python matching setup.py's python_requires
|
|
# - bash
|
|
# - glibc
|
|
FROM python:3-slim
|
|
|
|
WORKDIR /var/nicobot
|
|
|
|
# Required by slixmpp-omemo plugin
|
|
RUN mkdir -p /var/nicobot/.omemo
|
|
# Signal-cli also creates .signal-cli/
|
|
|
|
# Not used currently (we just copy the /root/.local directory which has everyting thanks to the --user option)
|
|
#COPY --from=builder /usr/src/app/wheels ./wheels
|
|
#RUN pip install --no-cache-dir --force-reinstall --ignore-installed --upgrade --no-index wheels/*
|
|
|
|
# https://www.docker.com/blog/containerized-python-development-part-1/
|
|
ENV PATH=/root/.local/bin:$PATH
|
|
# All Python files, including nicobot's ones
|
|
COPY --from=builder /root/.local /root/.local/
|
|
|
|
# The 'docker-entrypoint.sh' script allows :
|
|
# - packaging several bots in the same image (to be cleaner they could be in
|
|
# separate images but they're so close that it's a lot easier to package and
|
|
# does not waste space by duplicating layers)
|
|
# - also adds extra command line options for Signal device linking
|
|
# Otherwise the ENTRYPOINT would simply be [ "python"]
|
|
# Also copying some default configuration files
|
|
COPY docker/docker-entrypoint.sh /root/.local/bin/
|
|
COPY docker/default-conf/* /etc/nicobot/
|
|
ENTRYPOINT [ "docker-entrypoint.sh" ]
|