refactor

2024-12-04 21:17:59 +03:00
parent dea7d7cd0e
commit c7ff1d2b5c
14 changed files with 273 additions and 272 deletions
--- a/Dockerfile.deps
+++ b/Dockerfile.deps
@@ -1,52 +1,5 @@
-FROM docker.io/rockdrilla/postgresql:base-v1 AS base
-
-## ---
-
-FROM base AS certs
-SHELL [ "/bin/sh", "-ec" ]
-
-COPY /scripts/*        /usr/local/sbin/
-COPY /extra-scripts/*  /usr/local/sbin/
-
-## consult https://github.com/certifi/python-certifi/
-ENV CERTIFI_COMMIT=bd8153872e9c6fc98f4023df9c2deaffea2fa463
-
-RUN apt-install.sh ca-certificates curl ; \
-    apt-clean.sh ; \
-    ## process certifi
-    ca_file='/etc/ssl/certs/ca-certificates.crt' ; \
-    ls -l "${ca_file}" ; \
-    certifi-extras.sh ; \
-    openssl-cert-fingerprint.sh "${ca_file}" | sort -uV > "${ca_file}.fp" ; \
-    chmod 0444 "${ca_file}" "${ca_file}.fp" ; \
-    ls -l "${ca_file}" "${ca_file}.fp"
-
-## ---
-
-FROM base AS apt-gpg
-SHELL [ "/bin/sh", "-ec" ]
-
-COPY /scripts/*        /usr/local/sbin/
-COPY /extra-scripts/*  /usr/local/sbin/
-
-COPY --from=certs /etc/ssl/certs/ca-certificates.*  /etc/ssl/certs/
-
-ADD https://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc  /tmp/pgdg.gpg.bin
-ADD https://packagecloud.io/citusdata/community/gpgkey     /tmp/citus.gpg.bin
-
-## process GPG keyrings
-RUN pkg='gnupg' ; \
-    apt-install.sh ${pkg} ; \
-    gpg-export.sh /tmp/pgdg.gpg.bin /etc/apt/keyrings/pgdg.gpg.asc ; \
-    gpg-export.sh /tmp/citus.gpg.bin /etc/apt/keyrings/citus.gpg.asc ; \
-    apt-remove.sh ${pkg}
-
-COPY /apt/sources.pgdg   /etc/apt/sources.list.d/pgdg.sources
-COPY /apt/sources.citus  /etc/apt/sources.list.d/citus.sources
-
-## verify sources!
-RUN apt-env.sh apt-get update ; \
-    apt-clean.sh
+ARG BASE_IMAGE
+FROM ${BASE_IMAGE} AS base

 ## ---

@@ -55,21 +8,17 @@ SHELL [ "/bin/sh", "-ec" ]

 COPY /scripts/*  /usr/local/sbin/

-COPY --from=certs /etc/ssl/certs/ca-certificates.*  /etc/ssl/certs/
-
-COPY --from=apt-gpg /etc/apt/keyrings/  /etc/apt/keyrings/
-
 COPY /apt/sources.pgdg      /etc/apt/sources.list.d/pgdg.sources
 COPY /apt/preferences.pgdg  /etc/apt/preferences.d/pgdg

+COPY /requirements.txt  /tmp/
+
 ENV DEV_PACKAGES='libffi-dev libpq-dev libyaml-dev'
 # psutil
 ENV CIBUILDWHEEL=1
 # pyyaml
 ENV PYYAML_FORCE_CYTHON=1

-COPY /requirements.txt  /tmp/
-
 RUN w=$(mktemp -d) ; : "${w:?}" ; \
    { apt-mark showauto ; apt-mark showmanual ; } | sort -uV > "$w/t0" ; \
    printf '%s\n' ${DEV_PACKAGES} | sort -uV > "$w/t1" ; \
@@ -88,7 +37,7 @@ RUN w=$(mktemp -d) ; : "${w:?}" ; \
      -r /tmp/requirements.txt \
    ; \
    pip-env.sh pip uninstall -y 'cython' ; \
-    python-rm-cache.sh "${PYTHON_SITE_PACKAGES}" ; \
+    python-rm-cache.sh /usr/local ; \
    rm -rf \
      "${PYTHON_SITE_PACKAGES}/etcd/tests" \
      "${PYTHON_SITE_PACKAGES}/psutil/tests" \
@@ -97,30 +46,33 @@ RUN w=$(mktemp -d) ; : "${w:?}" ; \
    echo ; \
    find "${PYTHON_SITE_PACKAGES}/" -type f -name '*.so*' -printf '%p\0' \
    | sed -zE '/rust/d' \
-    | xargs -0r strip --verbose --strip-debug ; \
+    | xargs -0r strip --verbose --strip-debug --strip-unneeded ; \
    echo ; \
    find "${PYTHON_SITE_PACKAGES}/" -type f -name '*.so*' -exec ls -l {} + ; \
    apt-remove.sh build-essential ; \
    apt-clean.sh

+## avoid changing already present packages
+RUN find "${PYTHON_SITE_PACKAGES}/" -mindepth 1 -maxdepth 1 -printf '%P\0' \
+    | sed -zEn \
+      -e '/^((pip|setuptools|wheel)-.+\.dist-info|distutils-precedence\.pth|_distutils_hack|pip|pkg_resources|setuptools|wheel)$/p' \
+    | env -C "${PYTHON_SITE_PACKAGES}" xargs -0r \
+      rm -rf
+
 ## ---

-FROM base
+FROM base AS deps
 SHELL [ "/bin/sh", "-ec" ]

 COPY /Dockerfile.deps  /usr/local/share/

 COPY /scripts/*  /usr/local/sbin/

-COPY --from=certs /etc/ssl/certs/ca-certificates.*  /etc/ssl/certs/
-
-COPY --from=apt-gpg /etc/apt/keyrings/  /etc/apt/keyrings/
-
 COPY /apt/sources.pgdg      /etc/apt/sources.list.d/pgdg.sources
 COPY /apt/preferences.pgdg  /etc/apt/preferences.d/pgdg

-COPY --from=patroni /usr/local/bin/            /usr/local/bin/
-COPY --from=patroni /${PYTHON_SITE_PACKAGES}/  /${PYTHON_SITE_PACKAGES}/
+COPY --from=patroni  /usr/local/bin/            /usr/local/bin/
+COPY --from=patroni  /${PYTHON_SITE_PACKAGES}/  /${PYTHON_SITE_PACKAGES}/

 ## install missing dependencies for Python site-packages
 RUN f="${PYTHON_SITE_PACKAGES}/apt-deps.txt" ; \
@@ -128,33 +80,6 @@ RUN f="${PYTHON_SITE_PACKAGES}/apt-deps.txt" ; \
    xargs -a "$f" apt-install.sh ; \
    apt-clean.sh

-RUN apt-install.sh \
-      brotli \
-      curl \
-      dumb-init \
-      file \
-      gettext-base \
-      gnupg \
-      iproute2 \
-      iputils-ping \
-      jq \
-      less \
-      libnss-wrapper \
-      lsof \
-      ncurses-base \
-      netbase \
-      netcat-openbsd \
-      openssl \
-      procps \
-      psmisc \
-      tzdata \
-      vim \
-      xxd \
-      xz-utils \
-      zstd \
-    ; \
-    apt-clean.sh
-
 ## set up locales!
 RUN _lang=en_US.UTF8 ; \
    { \
@@ -174,4 +99,5 @@ RUN _lang=en_US.UTF8 ; \
    locale -a | grep -Fixq "${_lang}"
 ENV LANG=en_US.UTF8

-RUN find /usr/local/sbin/ ! -type d -ls -delete
+RUN find /usr/local/sbin/ ! -type d -ls -delete ; \
+    jdupes -1LSpr /usr/