Skip to content

Commit 64e842b

Browse files
crivetimihaicrivetimihai
committed
Add FROM scratch step to keep container image lite
1 parent 5e584c9 commit 64e842b

File tree

1 file changed

+18
-17
lines changed

1 file changed

+18
-17
lines changed

Containerfile.lite

Lines changed: 18 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -78,8 +78,20 @@ RUN set -euo pipefail \
7878
python${PYTHON_VERSION} \
7979
&& dnf clean all --installroot="${ROOTFS_PATH}"
8080

81+
# ----------------------------------------------------------------------------
82+
# Create `python3` symlink in the rootfs for compatibility
83+
# ----------------------------------------------------------------------------
84+
RUN ln -s /usr/bin/python${PYTHON_VERSION} ${ROOTFS_PATH}/usr/bin/python3
85+
86+
# ----------------------------------------------------------------------------
87+
# Copy application directory into the rootfs and fix permissions for non-root
88+
# ----------------------------------------------------------------------------
89+
RUN cp -r /app ${ROOTFS_PATH}/app \
90+
&& chown -R 1001:0 ${ROOTFS_PATH}/app \
91+
&& chmod -R g=u ${ROOTFS_PATH}/app
92+
8193
###########################
82-
# Runtime stage
94+
# Final runtime (squashed)
8395
###########################
8496
FROM scratch AS runtime
8597

@@ -95,24 +107,18 @@ LABEL maintainer="Mihai Criveti" \
95107
org.opencontainers.image.licenses="Apache-2.0"
96108

97109
# ----------------------------------------------------------------------------
98-
# Populate the scratch filesystem
99-
# - Copy in the minimal Python runtime
100-
# - Copy in the application directory
110+
# Copy the entire prepared root filesystem from the builder stage
101111
# ----------------------------------------------------------------------------
102112
COPY --from=builder ${ROOTFS_PATH}/ /
103-
COPY --from=builder /app /app
104113

105114
# ----------------------------------------------------------------------------
106-
# Create `python3` symlink for compatibility
115+
# Ensure our virtual environment binaries have priority in PATH
107116
# ----------------------------------------------------------------------------
108-
RUN ln -s /usr/bin/python${PYTHON_VERSION} /usr/bin/python3
117+
ENV PATH="/app/.venv/bin:${PATH}"
109118

110119
# ----------------------------------------------------------------------------
111-
# Fix permissions for non-root user (1001) and OpenShift compatibility
112-
# ----------------------------------------------------------------------------
113-
RUN chown -R 1001:0 /app && chmod -R g=u /app
114-
115120
# Application working directory
121+
# ----------------------------------------------------------------------------
116122
WORKDIR /app
117123

118124
# ----------------------------------------------------------------------------
@@ -121,15 +127,10 @@ WORKDIR /app
121127
EXPOSE 4444
122128

123129
# ----------------------------------------------------------------------------
124-
# Run as non-root user
130+
# Run as non-root user (1001)
125131
# ----------------------------------------------------------------------------
126132
USER 1001
127133

128-
# ----------------------------------------------------------------------------
129-
# Ensure our virtual environment binaries have priority in PATH
130-
# ----------------------------------------------------------------------------
131-
ENV PATH="/app/.venv/bin:${PATH}"
132-
133134
# ----------------------------------------------------------------------------
134135
# Entrypoint
135136
# ----------------------------------------------------------------------------

0 commit comments

Comments
 (0)