-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
adding container/minimal docs to describe updating requirements
Signed-off-by: Jordan Keister <jordan@nimblewidget.com>
- Loading branch information
Showing
2 changed files
with
40 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
We build the base image using the Dockerfile, which validates the python requirements scaffolding that it copies from this directory. | ||
|
||
To update the requirements (`Pipfile` and `Pipfile.lock`) build and execute the image generated by `pipfile.Dockerfile` like so: | ||
|
||
1. docker build -f ./pipfile.Dockerfile -t pipfile-generator . | ||
2. docker run --rm -it -v .:/tmp/pip-airlock:Z pipfile-generator | ||
3. Commit the newly-generated `Pipfile.lock` file (NB: this directory is in root .gitignore file, so you must `git add -f`) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
FROM registry.access.redhat.com/ubi8/ubi:8.9-1107 AS basebuilder | ||
|
||
# Install Rust so that we can ensure backwards compatibility with installing/building the cryptography wheel across all platforms | ||
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y | ||
ENV PATH="/root/.cargo/bin:${PATH}" | ||
RUN rustc --version | ||
|
||
# Copy python dependencies (including ansible) to be installed using Pipenv | ||
COPY ./Pipfile ./ | ||
# Instruct pip(env) not to keep a cache of installed packages, | ||
# to install into the global site-packages and | ||
# to clear the pipenv cache as well | ||
ENV PIP_NO_CACHE_DIR=1 \ | ||
PIPENV_SYSTEM=1 \ | ||
PIPENV_CLEAR=1 | ||
# Ensure fresh metadata rather than cached metadata, install system and pip python deps, | ||
# and remove those not needed at runtime. | ||
RUN set -e && yum clean all && rm -rf /var/cache/yum/* \ | ||
&& yum update -y \ | ||
&& yum install -y libffi-devel openssl-devel python39-devel gcc python39-pip python39-setuptools \ | ||
&& pip3 install --upgrade pip~=23.3.2 \ | ||
&& pip3 install pipenv==2023.11.15 \ | ||
&& pipenv lock \ | ||
&& pipenv check \ | ||
&& yum remove -y gcc libffi-devel openssl-devel python39-devel \ | ||
&& yum clean all \ | ||
&& rm -rf /var/cache/yum | ||
|
||
VOLUME /tmp/pip-airlock | ||
ENTRYPOINT ["cp", "./Pipfile.lock", "/tmp/pip-airlock/"] | ||
# to pull the generated lockfile, run this like | ||
# docker run --rm -it -v .:/tmp/pip-airlock:Z <image> |