From 8ae553f3b5906613a57e74c55f6230e8586fd64b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9mence=20Lesn=C3=A9?= Date: Fri, 10 Jan 2025 14:07:11 +0100 Subject: [PATCH] perf: Lower container size --- cicd/Dockerfile | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/cicd/Dockerfile b/cicd/Dockerfile index a8067c39..4bf19348 100644 --- a/cicd/Dockerfile +++ b/cicd/Dockerfile @@ -1,27 +1,33 @@ -# Base container -FROM ghcr.io/astral-sh/uv:python3.12-bookworm AS base +# Builder container (with UV as package manager) +FROM ghcr.io/astral-sh/uv:python3.12-bookworm-slim@sha256:aacf61c53ed988e4a32b8b4da19043fdce7a8efcc67fb21ebc4cc0ba85f335b3 AS builder + +ENV UV_COMPILE_BYTECODE=1 +ENV UV_LINK_MODE=copy RUN rm -f /etc/apt/apt.conf.d/docker-clean \ && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache RUN --mount=target=/var/lib/apt/lists,type=cache,id=apt-lists-${TARGETPLATFORM},sharing=locked \ apt-get update -q \ && apt-get install -y -q --no-install-recommends \ - ffmpeg + build-essential -ARG VERSION -ENV VERSION=${VERSION} +WORKDIR /app + +COPY . . -RUN useradd -m appuser +RUN --mount=target=/root/.cache/uv,type=cache,id=uv-${TARGETPLATFORM},sharing=locked \ + uv sync --frozen --no-dev -COPY --chown=appuser:appuser . /app +# Output container (with only venv and app source) +FROM python:3.12-slim-bookworm@sha256:10f3aaab98db50cba827d3b33a91f39dc9ec2d02ca9b85cbc5008220d07b17f3 WORKDIR /app -RUN --mount=target=/root/.cache/uv,type=cache,id=uv-${TARGETPLATFORM},sharing=locked \ - uv sync --frozen +ENV PATH=/app/.venv/bin:$PATH -USER appuser +COPY --from=builder --chown=app:app /app . -ENV PATH=/app/.venv/bin:$PATH +ARG VERSION +ENV VERSION=${VERSION} CMD ["bash", "-c", "gunicorn app.main:api --bind 0.0.0.0:8080 --graceful-timeout 60 --proxy-protocol --timeout 60 --worker-class uvicorn.workers.UvicornWorker --workers 4"]