🦉 Knowledge Base

dockerfile

2 min read

what is it?

text file that contains the commands required to build an image

example

Dockerfile
FROM python:3.11-slim-buster
 
ENV PYTHONUNBUFFERED 1
ENV PYTHONDONTWRITEBYTECODE 1
 
RUN apt-get update \
  # dependencies for building Python packages
  && apt-get install -y build-essential \
  # psycopg2 dependencies
  && apt-get install -y libpq-dev \
  # Translations dependencies
  && apt-get install -y gettext \
  # Additional dependencies
  && apt-get install -y git \
  # cleaning up unused files
  && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
  && rm -rf /var/lib/apt/lists/*
 
# Requirements are installed here to ensure they will be cached.
COPY ./requirements.txt /requirements.txt
RUN pip install -r /requirements.txt
 
COPY ./compose/local/django/entrypoint /entrypoint
RUN sed -i 's/\r$//g' /entrypoint
RUN chmod +x /entrypoint
 
COPY ./compose/local/django/start /start
RUN sed -i 's/\r$//g' /start
RUN chmod +x /start
 
COPY ./compose/local/django/celery/worker/start /start-celeryworker
RUN sed -i 's/\r$//g' /start-celeryworker
RUN chmod +x /start-celeryworker
 
COPY ./compose/local/django/celery/beat/start /start-celerybeat
RUN sed -i 's/\r$//g' /start-celerybeat
RUN chmod +x /start-celerybeat
 
COPY ./compose/local/django/celery/flower/start /start-flower
RUN sed -i 's/\r$//g' /start-flower
RUN chmod +x /start-flower
 
WORKDIR /app
 
ENTRYPOINT ["/entrypoint"]

optimisation

locking versions

to lock the versions installed by apt-get inside a docker container, create an interactive shell using either docker or compose. then use apt-cache policy to list the current version. it’s debatable how much benefit this will have, maybe if there are problem packages, they can be versioned locked by themselves

docker compose exec web bash
apt-cache policy python3-dev

using image hashes

i haven’t found a way to get a hash without building the the image first. in the dockerfile

Dockerfile
FROM python:3.10.15-slim-bullseye

then, in the build logs the hash can be copied and added

❯ docker compose -f docker-compose-dev.yml up -d --build
 => [web internal] load build definition from Dockerfile.slim                                                                    0.0s
 => => transferring dockerfile: 3.18kB                                                                                           0.0s
 => [web internal] load metadata for docker.io/library/python:3.10.15-slim-bullseye@sha256:2674abed3e7ffff21501d1a5ca773920c2ed  3.3s
Dockerfile
FROM python:3.10.15-slim-bullseye@sha256:2674abed3e7ffff21501d1a5ca773920c2ed6d2087a871fd07799ff029c909c2

Graph View

Backlinks