-
Notifications
You must be signed in to change notification settings - Fork 5
/
Dockerfile-linux.template
131 lines (125 loc) · 2.95 KB
/
Dockerfile-linux.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
{{
def is_alpine:
env.variant | contains("alpine")
-}}
FROM python:{{ env.python_version }}-{{ if is_alpine then env.variant else "slim-" + env.variant end }}
# runtime dependencies
RUN set -eux; \
{{ if is_alpine then ( -}}
addgroup --gid 1000 satosa; \
adduser -D -G satosa --uid 1000 satosa; \
apk add --no-cache \
bash \
jq \
libxml2-utils \
openssl \
xmlsec \
; \
{{ ) else ( -}}
groupadd -g 1000 satosa; \
useradd -m -g 1000 -u 1000 satosa; \
apt-get update; \
apt-get install -y --no-install-recommends \
jq \
libxml2-utils \
xmlsec1 \
; \
rm -rf /var/lib/apt/lists/*; \
{{ ) end -}}
pip install --no-cache-dir \
yq \
;
ENV SATOSA_VERSION {{ .version }}
RUN set -eux; \
{{ if is_alpine then ( -}}
apk add --no-cache --virtual .build-deps \
bluez-dev \
bzip2-dev \
cargo \
coreutils \
dpkg-dev dpkg \
expat-dev \
findutils \
gcc \
gdbm-dev \
libc-dev \
libffi-dev \
libnsl-dev \
libtirpc-dev \
linux-headers \
make \
musl-dev \
ncurses-dev \
openssl-dev \
pax-utils \
python3-dev \
readline-dev \
sqlite-dev \
tcl-dev \
tk \
tk-dev \
util-linux-dev \
xz-dev \
zlib-dev \
; \
{{ ) else ( -}}
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends \
cargo \
dpkg-dev \
gcc \
gnupg dirmngr \
libbluetooth-dev \
libbz2-dev \
libc6-dev \
libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
libncursesw5-dev \
libreadline-dev \
libsqlite3-dev \
libssl-dev \
make \
python3-dev \
tk-dev \
uuid-dev \
wget \
xz-utils \
zlib1g-dev \
; \
{{ ) end -}}
pip install --no-cache-dir \
satosa==${SATOSA_VERSION} \
; \
{{ if is_alpine then ( -}}
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
| fgrep -v libgcc_s- \
| fgrep -v libc.so \
| xargs -rt apk add --no-network --virtual .satosa-rundeps \
; \
apk del --no-network .build-deps; \
{{ ) else ( -}}
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
{{ ) end -}}
mkdir /etc/satosa; \
chown -R satosa:satosa /etc/satosa
# example configuration
RUN set -eux; \
python -c 'import urllib.request; urllib.request.urlretrieve("https://github.com/IdentityPython/SATOSA/archive/refs/tags/v'${SATOSA_VERSION%%[a-z]*}'.tar.gz","/tmp/satosa.tgz")'; \
mkdir /usr/share/satosa; \
tar --extract --directory /usr/share/satosa --strip-components=1 --file /tmp/satosa.tgz SATOSA-${SATOSA_VERSION%%[a-z]*}/example/; \
rm /tmp/satosa.tgz
WORKDIR /etc/satosa
COPY docker-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["docker-entrypoint.sh"]
EXPOSE 8080
USER satosa:satosa
CMD ["gunicorn","-b0.0.0.0:8080","satosa.wsgi:app"]