-
-
Notifications
You must be signed in to change notification settings - Fork 106
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- use base images built separately that contain all system dependencies - use multistage build to avoid devel deps in the final image - this also reduces pressure on GitHub cache, see #2589
- Loading branch information
Showing
2 changed files
with
33 additions
and
127 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,113 +1,18 @@ | ||
FROM python:3.12.7-slim-bookworm | ||
ENV PYVERSION=3.12 | ||
ENV WEBLATE_VERSION=5.8.2 | ||
ENV WEBLATE_EXTRAS=all,MySQL,zxcvbn | ||
ARG TARGETARCH | ||
FROM weblate/dev:2024.45.4 AS build | ||
|
||
LABEL name="Weblate" | ||
LABEL version=$WEBLATE_VERSION | ||
LABEL maintainer="Michal Čihař <[email protected]>" | ||
LABEL org.opencontainers.image.url="https://weblate.org/" | ||
LABEL org.opencontainers.image.documentation="https://docs.weblate.org/en/latest/admin/install/docker.html" | ||
LABEL org.opencontainers.image.source="https://github.com/WeblateOrg/docker" | ||
LABEL org.opencontainers.image.version=$WEBLATE_VERSION | ||
LABEL org.opencontainers.image.author="Michal Čihař <[email protected]>" | ||
LABEL org.opencontainers.image.vendor="Weblate" | ||
LABEL org.opencontainers.image.title="Weblate" | ||
LABEL org.opencontainers.image.description="A web-based continuous localization system with tight version control integration" | ||
LABEL org.opencontainers.image.licenses="GPL-3.0-or-later" | ||
ARG TARGETARCH | ||
|
||
# Increased start period for migrations run | ||
HEALTHCHECK --interval=30s --timeout=3s --start-period=5m CMD /app/bin/health_check | ||
ENV WEBLATE_VERSION=5.8.2 | ||
ENV WEBLATE_EXTRAS=all,MySQL,zxcvbn | ||
|
||
SHELL ["/bin/bash", "-o", "pipefail", "-x", "-c"] | ||
|
||
# Add user early to get a consistent userid | ||
# - the root group so it can run with any uid | ||
# - the tty group for /dev/std* access | ||
# - see https://github.com/WeblateOrg/docker/issues/326 and https://github.com/moby/moby/issues/31243#issuecomment-406879017 | ||
RUN \ | ||
useradd --shell /bin/sh --user-group weblate --groups root,tty \ | ||
&& mkdir -p /home/weblate/.ssh \ | ||
&& touch /home/weblate/.ssh/authorized_keys \ | ||
&& chown -R weblate:weblate /home/weblate \ | ||
&& chmod 700 /home/weblate/.ssh \ | ||
&& install -d -o weblate -g weblate -m 755 /app/data \ | ||
&& install -d -o weblate -g weblate -m 755 /app/cache | ||
|
||
# Configure utf-8 locales to make sure Python | ||
# correctly handles unicode filenames, configure settings | ||
ENV LANG=en_US.UTF-8 | ||
ENV LC_ALL=en_US.UTF-8 | ||
# Home directory | ||
ENV HOME=/home/weblate | ||
# Use Docker specific settings | ||
ENV DJANGO_SETTINGS_MODULE=weblate.settings_docker | ||
# Avoid Python buffering stdout and delaying logs | ||
ENV PYTHONUNBUFFERED=1 | ||
# Add virtualenv to path | ||
ENV PATH=/app/venv/bin/:/usr/local/bin:/usr/bin:/bin | ||
|
||
COPY --link requirements.txt patches /app/src/ | ||
|
||
# Install dependencies | ||
# hadolint ignore=DL3008,DL3013,SC2046,DL3003 | ||
RUN \ | ||
export DEBIAN_FRONTEND=noninteractive \ | ||
&& apt-get update \ | ||
&& apt-get install --no-install-recommends -y \ | ||
nginx-light \ | ||
ruby-licensee \ | ||
openssh-client \ | ||
ca-certificates \ | ||
curl \ | ||
gir1.2-pango-1.0 \ | ||
gir1.2-rsvg-2.0 \ | ||
libxmlsec1-openssl \ | ||
libjpeg62-turbo \ | ||
gettext \ | ||
git \ | ||
git-svn \ | ||
gnupg \ | ||
subversion \ | ||
pkg-config \ | ||
file \ | ||
make \ | ||
locales \ | ||
libcairo2-dev \ | ||
libxml2-dev \ | ||
libacl1-dev \ | ||
liblz4-dev \ | ||
libzstd-dev \ | ||
libxxhash-dev \ | ||
libmariadb3 \ | ||
libmariadb-dev \ | ||
libxmlsec1-dev \ | ||
libsasl2-dev \ | ||
libldap2-dev \ | ||
libldap-common \ | ||
libssl-dev \ | ||
libffi-dev \ | ||
libpq-dev \ | ||
zlib1g-dev \ | ||
libjpeg62-turbo-dev \ | ||
libenchant-2-2 \ | ||
libgirepository1.0-dev \ | ||
libcairo-gobject2 \ | ||
gcc \ | ||
g++ \ | ||
patch \ | ||
unzip \ | ||
xz-utils \ | ||
&& c_rehash \ | ||
&& echo "en_US.UTF-8 UTF-8" > /etc/locale.gen \ | ||
&& /usr/sbin/locale-gen \ | ||
&& echo "deb http://apt.postgresql.org/pub/repos/apt bookworm-pgdg main" > /etc/apt/sources.list.d/pgdg.list \ | ||
&& curl -L https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \ | ||
&& apt-get update \ | ||
&& apt-get install --no-install-recommends -y postgresql-client-17 \ | ||
&& pip install --no-cache-dir --upgrade $(grep -E '^(uv)==' /app/src/requirements.txt) \ | ||
&& uv venv /app/venv \ | ||
uv venv /app/venv \ | ||
&& . /app/venv/bin/activate \ | ||
&& case "$WEBLATE_VERSION" in \ | ||
*+* ) \ | ||
|
@@ -128,37 +33,39 @@ RUN \ | |
;; \ | ||
esac \ | ||
&& python -c 'from phply.phpparse import make_parser; make_parser()' \ | ||
&& ln -s /app/venv/share/weblate/examples/ /app/ \ | ||
&& apt-get -y purge \ | ||
pkg-config \ | ||
libmariadb-dev \ | ||
libgirepository1.0-dev \ | ||
libxml2-dev \ | ||
libffi-dev \ | ||
libxmlsec1-dev \ | ||
libcairo2-dev \ | ||
libpq-dev \ | ||
gcc \ | ||
g++ \ | ||
file \ | ||
make \ | ||
libsasl2-dev \ | ||
libacl1-dev \ | ||
liblz4-dev \ | ||
libzstd-dev \ | ||
libxxhash-dev \ | ||
libldap2-dev \ | ||
libssl-dev \ | ||
libz-dev \ | ||
libjpeg62-turbo-dev \ | ||
&& apt-get -y purge --auto-remove -o APT::AutoRemove::RecommendsImportant=false \ | ||
&& apt-get clean \ | ||
&& rm -rf /root/.cache /tmp/* /var/lib/apt/lists/* | ||
&& ln -s /app/venv/share/weblate/examples/ /app/ | ||
|
||
# Apply hotfixes on Weblate | ||
RUN find /app/src -name '*.patch' -print0 | sort -z | \ | ||
xargs -n1 -0 -r patch -p0 -d "/app/venv/lib/python${PYVERSION}/site-packages/" -i | ||
|
||
|
||
FROM weblate/base:2024.45.4 | ||
|
||
ENV WEBLATE_VERSION=5.8.2 | ||
|
||
LABEL name="Weblate" | ||
LABEL version=$WEBLATE_VERSION | ||
LABEL maintainer="Michal Čihař <[email protected]>" | ||
LABEL org.opencontainers.image.url="https://weblate.org/" | ||
LABEL org.opencontainers.image.documentation="https://docs.weblate.org/en/latest/admin/install/docker.html" | ||
LABEL org.opencontainers.image.source="https://github.com/WeblateOrg/docker" | ||
LABEL org.opencontainers.image.version=$WEBLATE_VERSION | ||
LABEL org.opencontainers.image.author="Michal Čihař <[email protected]>" | ||
LABEL org.opencontainers.image.vendor="Weblate" | ||
LABEL org.opencontainers.image.title="Weblate" | ||
LABEL org.opencontainers.image.description="A web-based continuous localization system with tight version control integration" | ||
LABEL org.opencontainers.image.licenses="GPL-3.0-or-later" | ||
|
||
# Increased start period for migrations run | ||
HEALTHCHECK --interval=30s --timeout=3s --start-period=5m CMD /app/bin/health_check | ||
|
||
# Use Docker specific settings | ||
ENV DJANGO_SETTINGS_MODULE=weblate.settings_docker | ||
|
||
# Copy built environment | ||
COPY --from=build /app /app | ||
|
||
# Configuration for Weblate, nginx and supervisor | ||
COPY --link etc /etc/ | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters