223 lines
7.1 KiB
Docker
223 lines
7.1 KiB
Docker
ARG BASE_IMAGE
|
|
FROM ${BASE_IMAGE} AS base
|
|
|
|
## ---
|
|
|
|
FROM base AS catatonit
|
|
SHELL [ "/bin/sh", "-ec" ]
|
|
|
|
COPY /scripts/* /usr/local/sbin/
|
|
COPY /extra-scripts/* /usr/local/sbin/
|
|
|
|
## current HEAD: "main: don't use secure_getenv", December 14, 2024
|
|
ENV CATATONIT_COMMIT=56579adbb42c0c7ad94fc12d844b38fc5b37b3ce
|
|
|
|
# ARG CATATONIT_BASE_URI='https://codeload.github.com/openSUSE/catatonit/tar.gz'
|
|
# ARG CATATONIT_URI="${CATATONIT_BASE_URI}/${CATATONIT_COMMIT}"
|
|
|
|
ARG CATATONIT_BASE_URI='https://github.com/openSUSE/catatonit/archive'
|
|
ARG CATATONIT_URI="${CATATONIT_BASE_URI}/${CATATONIT_COMMIT}.tar.gz"
|
|
|
|
# hadolint ignore=DL3020
|
|
ADD "${CATATONIT_URI}" /tmp/catatonit.tar.gz
|
|
|
|
RUN pkg='build-essential debhelper musl-dev autoconf autoconf-archive' ; \
|
|
apt-install.sh ${pkg} ; \
|
|
## build catatonit
|
|
d=/tmp/catatonit ; \
|
|
rm -rf "$d" ; \
|
|
mkdir -p "$d" ; \
|
|
( \
|
|
cd "$d" ; \
|
|
tar --strip-components=1 -xf /tmp/catatonit.tar.gz ; \
|
|
commit_abbrev=$(printf '%s' "${CATATONIT_COMMIT}" | cut -c1-8) ; \
|
|
sed -i "s/+dev/+git.${commit_abbrev}/" configure.ac ; \
|
|
# DEB_HOST_GNU_TYPE=$(dpkg-architecture -q DEB_HOST_GNU_TYPE) ; \
|
|
# export HOSTCC="${DEB_HOST_GNU_TYPE}-gcc" ; \
|
|
DEB_TARGET_GNU_TYPE=$(dpkg-architecture -q DEB_TARGET_GNU_TYPE) ; \
|
|
DEB_TARGET_MUSL_TYPE=$(printf '%s' "${DEB_TARGET_GNU_TYPE}" | sed -E 's/-gnu$/-musl/') ; \
|
|
export CC="${DEB_TARGET_MUSL_TYPE}-gcc" ; \
|
|
export CFLAGS='-Os -g -pipe -fpie -fstack-protector-strong -fstack-clash-protection -fcf-protection -D_FORTIFY_SOURCE=2' ; \
|
|
export LDFLAGS='-static-pie -Wl,-z -Wl,relro' ; \
|
|
autoreconf -fiv ; \
|
|
./configure ; \
|
|
make -j1 ; \
|
|
ls -l catatonit ; \
|
|
# "${DEB_TARGET_GNU_TYPE}-strip" --strip-debug --strip-unneeded catatonit ; \
|
|
strip --strip-debug --strip-unneeded catatonit ; \
|
|
ls -l catatonit ; \
|
|
cp catatonit /usr/local/bin/ ; \
|
|
) ; \
|
|
## cleanup
|
|
rm -rf "$d" ; \
|
|
apt-remove.sh ${pkg} ; \
|
|
apt-clean.sh
|
|
|
|
## ---
|
|
|
|
FROM base AS patroni
|
|
SHELL [ "/bin/sh", "-ec" ]
|
|
|
|
COPY /scripts/* /usr/local/sbin/
|
|
|
|
COPY /apt/sources.pgdg /etc/apt/sources.list.d/pgdg.sources
|
|
COPY /apt/preferences.pgdg /etc/apt/preferences.d/pgdg
|
|
|
|
COPY /requirements.txt /tmp/
|
|
|
|
ENV DEV_PACKAGES='libffi-dev libpq-dev libyaml-dev'
|
|
# psutil
|
|
ENV CIBUILDWHEEL=1
|
|
# pyyaml
|
|
ENV PYYAML_FORCE_CYTHON=1
|
|
|
|
RUN w=$(mktemp -d) ; : "${w:?}" ; \
|
|
{ apt-mark showauto ; apt-mark showmanual ; } | sort -uV > "$w/t0" ; \
|
|
printf '%s\n' ${DEV_PACKAGES} | sort -uV > "$w/t1" ; \
|
|
apt-install.sh ${DEV_PACKAGES} ; \
|
|
{ apt-mark showauto ; apt-mark showmanual ; } | sort -uV > "$w/t2" ; \
|
|
set +e ; \
|
|
grep -Fxv -f "$w/t0" "$w/t2" > "$w/t3" ; \
|
|
grep -Fxv -f "$w/t1" "$w/t3" > "$w/t4" ; \
|
|
grep -Ev -e '-(dev|doc)$' "$w/t4" > "${PYTHON_SITE_PACKAGES}/apt-deps.txt" ; \
|
|
set -e ; \
|
|
rm -rf "$w/" ; unset w ; \
|
|
apt-install.sh build-essential ; \
|
|
pip-env.sh pip install 'cython~=3.0.12' ; \
|
|
pip-env.sh pip install \
|
|
--no-binary 'cffi,psutil,pyyaml' \
|
|
-r /tmp/requirements.txt \
|
|
; \
|
|
pip-env.sh pip uninstall -y 'cython' ; \
|
|
python-rm-cache.sh /usr/local ; \
|
|
rm -rf \
|
|
/usr/local/bin/patroni_aws \
|
|
/usr/local/bin/patroni_raft_controller \
|
|
"${PYTHON_SITE_PACKAGES}/etcd/tests" \
|
|
"${PYTHON_SITE_PACKAGES}/netaddr/tests" \
|
|
"${PYTHON_SITE_PACKAGES}/psutil/tests" \
|
|
; \
|
|
truncate -s 0 \
|
|
"${PYTHON_SITE_PACKAGES}/netaddr/eui/iab.idx" \
|
|
"${PYTHON_SITE_PACKAGES}/netaddr/eui/iab.txt" \
|
|
"${PYTHON_SITE_PACKAGES}/netaddr/eui/oui.txt" \
|
|
"${PYTHON_SITE_PACKAGES}/netaddr/eui/oui.idx" \
|
|
; \
|
|
find "${PYTHON_SITE_PACKAGES}/" -type f -name '*.so*' -exec ls -l {} + ; \
|
|
echo ; \
|
|
find "${PYTHON_SITE_PACKAGES}/" -type f -name '*.so*' -printf '%p\0' \
|
|
| sed -zE '/rust/d' \
|
|
| xargs -0r strip --strip-debug --strip-unneeded ; \
|
|
echo ; \
|
|
find "${PYTHON_SITE_PACKAGES}/" -type f -name '*.so*' -exec ls -l {} + ; \
|
|
apt-remove.sh build-essential ; \
|
|
apt-clean.sh
|
|
|
|
## avoid changing already present packages
|
|
RUN rm -rfv \
|
|
/usr/local/bin/pip \
|
|
/usr/local/bin/pip3* \
|
|
; \
|
|
find "${PYTHON_SITE_PACKAGES}/" -mindepth 1 -maxdepth 1 -printf '%P\0' \
|
|
| sed -zEn \
|
|
-e '/^pip(|-.+\.dist-info)$/p' \
|
|
| env -C "${PYTHON_SITE_PACKAGES}" xargs -0r rm -rf
|
|
|
|
## ---
|
|
|
|
FROM base AS deps-intermediate
|
|
SHELL [ "/bin/sh", "-ec" ]
|
|
|
|
COPY /Dockerfile.deps /usr/local/share/
|
|
|
|
COPY /scripts/* /usr/local/sbin/
|
|
|
|
COPY /apt/sources.pgdg /etc/apt/sources.list.d/pgdg.sources
|
|
COPY /apt/preferences.pgdg /etc/apt/preferences.d/pgdg
|
|
|
|
COPY --from=catatonit /usr/local/bin/catatonit /usr/local/bin/
|
|
|
|
COPY --from=patroni /usr/local/bin/ /usr/local/bin/
|
|
COPY --from=patroni /${PYTHON_SITE_PACKAGES}/ /${PYTHON_SITE_PACKAGES}/
|
|
|
|
## install missing dependencies for Python site-packages
|
|
RUN f="${PYTHON_SITE_PACKAGES}/apt-deps.txt" ; \
|
|
[ -s "$f" ] || exit 0 ; \
|
|
xargs -a "$f" apt-install.sh ; \
|
|
apt-clean.sh
|
|
|
|
## set up locales!
|
|
RUN _lang=en_US.UTF8 ; \
|
|
{ \
|
|
echo "locales locales/default_environment_locale select ${LANG}" ; \
|
|
echo "locales locales/locales_to_be_generated multiselect ${LANG} UTF-8" ; \
|
|
} | debconf-set-selections ; \
|
|
f=/etc/dpkg/dpkg.cfg.d/docker ; \
|
|
if [ -f "$f" ] ; then \
|
|
sed -Ei '/\/usr\/share\/locale/d' "$f" ; \
|
|
fi ; \
|
|
echo "LANG=${_lang}" > /etc/default/locale ; \
|
|
apt-install.sh locales ; apt-clean.sh ; \
|
|
grep -Fixq "${_lang} UTF-8" /etc/locale.gen || { \
|
|
echo "${_lang} UTF-8" >> /etc/locale.gen ; \
|
|
locale-gen ; \
|
|
} ; \
|
|
locale -a | grep -Fixq "${_lang}"
|
|
ENV LANG=en_US.UTF8
|
|
|
|
RUN find /usr/local/sbin/ ! -type d -ls -delete
|
|
|
|
## ---
|
|
|
|
FROM deps-intermediate AS pycache
|
|
SHELL [ "/bin/sh", "-ec" ]
|
|
|
|
COPY /scripts/* /usr/local/sbin/
|
|
|
|
ENV PYTHONDONTWRITEBYTECODE=''
|
|
|
|
## Python cache preseed
|
|
|
|
RUN libpython="${PYTHON_SITE_PACKAGES%/*}" ; \
|
|
find "${libpython}/" -mindepth 1 -maxdepth 1 -printf '%P\0' \
|
|
| sed -zEn \
|
|
-e '/^(asyncio|collections|concurrent|ctypes|email|encodings|html|http|importlib|json|logging|multiprocessing|re|urllib|zipfile|zoneinfo)$/p' \
|
|
| sort -zV \
|
|
| env -C "${libpython}" xargs -0r \
|
|
python3 -m compileall -q -j 2 ; \
|
|
find "${PYTHON_SITE_PACKAGES}/" -mindepth 1 -maxdepth 1 -printf '%P\0' \
|
|
| sed -zE \
|
|
-e '/\.(dist-info|pth|so|txt)$/d' \
|
|
-e '/^pip$/d' \
|
|
| sort -zV \
|
|
| env -C "${PYTHON_SITE_PACKAGES}" xargs -0r \
|
|
python3 -m compileall -q -j 2
|
|
|
|
## Python cache warmup
|
|
RUN export PYTHONPROFILEIMPORTTIME=1 ; \
|
|
patroni --help ; \
|
|
patronictl --help ; \
|
|
patroni_barman --help ; \
|
|
patroni_wale_restore --help ; \
|
|
cdiff --help ; \
|
|
netaddr --help ; \
|
|
ydiff --help
|
|
|
|
## Python cache adjustments
|
|
RUN d="@$(date '+%s')" ; \
|
|
find /usr/local/lib/ -name '*.pyc' -exec touch -m -d "$d" {} + ; \
|
|
find /usr/local/lib/ -name __pycache__ -exec touch -m -d "$d" {} +
|
|
|
|
WORKDIR /pycache
|
|
RUN find /usr/local/ -type f -name '*.py[co]' -printf '%P\0' \
|
|
| sort -zV \
|
|
| tar -C /usr/local --null -T - -cf - \
|
|
| tar -xf -
|
|
|
|
## ---
|
|
|
|
FROM deps-intermediate AS deps
|
|
|
|
## RFC: Python cache
|
|
COPY --from=pycache /pycache/ /usr/local/
|