contrastellar/contrastellar-bot-runtime
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update image to now completely install all base-level dependencies for running the bots

Browse Source
This commit is contained in:
Gabriella Agathon
2026-02-19 20:37:34 -07:00
parent cca9e0d76a
commit 607d7ddf6f
1 changed files with 29 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
dockerfile
View File

@@ -24,37 +24,43 @@ WORKDIR /app
# Create a non-privileged user that the app will run under. # Create a non-privileged user that the app will run under.
# See https://docs.docker.com/go/dockerfile-user-best-practices/ # See https://docs.docker.com/go/dockerfile-user-best-practices/
ARG UID=10001 ARG UID=10001
RUN adduser \ RUN useradd appuser
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" \
appuser
# TODO install python, pipx # update package list
RUN apt-get update
# TODO install conda # install wget
# TODO install poetry via pipx # install python, pipx
RUN apt-get install -y wget python3 pipx
# install latest conda
ENV PATH="/root/miniconda3/bin:${PATH}"
ARG PATH="/root/miniconda3/bin:${PATH}"
RUN arch=$(uname -m) && \
if [ "$arch" = "x86_64" ]; then \
MINICONDA_URL="https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh"; \
elif [ "$arch" = "aarch64" ]; then \
MINICONDA_URL="https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-aarch64.sh"; \
else \
echo "Unsupported architecture: $arch"; \
exit 1; \
fi && \
wget $MINICONDA_URL -O miniconda.sh && \
mkdir -p /root/.conda && \
bash miniconda.sh -b -p /root/miniconda3 && \
rm -f miniconda.sh
# install poetry via pipx
RUN pipx install poetry
# Download dependencies as a separate step to take advantage of Docker's caching. # Download dependencies as a separate step to take advantage of Docker's caching.
# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds. # Leverage a cache mount to /root/.cache/pip to speed up subsequent builds.
# Leverage a bind mount to requirements.txt to avoid having to copy them into # Leverage a bind mount to requirements.txt to avoid having to copy them into
# into this layer. # into this layer.
RUN --mount=type=cache,target=/root/.cache/pip \ # RUN --mount=type=cache,target=/root/.cache/pip \
--mount=type=bind,source=requirements.txt,target=requirements.txt \ # --mount=type=bind,source=requirements.txt,target=requirements.txt \
python -m pip install -r requirements.txt # python -m pip install -r requirements.txt
# Switch to the non-privileged user to run the application. # Switch to the non-privileged user to run the application.
USER appuser USER appuser
# Copy the source code into the container.
COPY . .
# Expose the port that the application listens on.
EXPOSE 8000
# TODO update this command statement
CMD ["python3", "src/bot_core.py", "database.ini", "discord.token", "1128111628471255050", "1441504341797371996"]