#Copyright (c) 2014 Docker, Inc. #Copyright (c) 2022 Samsung Electronics, Co Ltd. # #Permission is hereby granted, free of charge, to any person obtaining #a copy of this software and associated documentation files (the #"Software"), to deal in the Software without restriction, including #without limitation the rights to use, copy, modify, merge, publish, #distribute, sublicense, and/or sell copies of the Software, and to #permit persons to whom the Software is furnished to do so, subject to #the following conditions: # #The above copyright notice and this permission notice shall be included #in all copies or substantial portions of the Software. # #THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, #EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF #MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. #IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY #CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, #TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE #SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. # Below is edited Dockerfile from: # https://github.com/docker-library/python # Those Dockerfiles are generated for each new release. # Below is copy-paste from a generated Dockerfile, # with GPLv3 dependencies removed. FROM alpine:3.17 # ensure local python is preferred over distribution python ENV PATH /usr/local/bin:$PATH # http://bugs.python.org/issue19846 # > At the moment, setting "LANG=C" on a Linux system *fundamentally breaks Python 3*, and that's not OK. ENV LANG C.UTF-8 # runtime dependencies RUN set -eux; \ apk add --no-cache \ ca-certificates \ tzdata \ ; ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D ENV PYTHON_VERSION 3.11.3 RUN set -eux; \ \ apk add --no-cache --virtual .build-deps \ gnupg \ tar \ xz \ \ bluez-dev \ bzip2-dev \ dpkg-dev dpkg \ expat-dev \ findutils \ gcc \ gdbm-dev \ libc-dev \ libffi-dev \ libnsl-dev \ libtirpc-dev \ linux-headers \ make \ ncurses-dev \ openssl-dev \ pax-utils \ sqlite-dev \ tcl-dev \ tk \ tk-dev \ util-linux-dev \ xz-dev \ zlib-dev \ ; \ \ wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \ wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \ gpg --batch --verify python.tar.xz.asc python.tar.xz; \ command -v gpgconf > /dev/null && gpgconf --kill all || :; \ rm -rf "$GNUPGHOME" python.tar.xz.asc; \ mkdir -p /usr/src/python; \ tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \ rm python.tar.xz; \ \ cd /usr/src/python; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ --build="$gnuArch" \ --enable-loadable-sqlite-extensions \ --enable-optimizations \ --enable-option-checking=fatal \ --enable-shared \ --with-lto \ --with-system-expat \ --without-ensurepip \ ; \ nproc="$(nproc)"; \ # set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit() # https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0 EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \ LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \ make -j "$nproc" \ "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \ "LDFLAGS=${LDFLAGS:-}" \ "PROFILE_TASK=${PROFILE_TASK:-}" \ ; \ # https://github.com/docker-library/python/issues/784 # prevent accidental usage of a system installed libpython of the same version rm python; \ make -j "$nproc" \ "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \ "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \ "PROFILE_TASK=${PROFILE_TASK:-}" \ python \ ; \ make install; \ \ cd /; \ rm -rf /usr/src/python; \ \ find /usr/local -depth \ \( \ \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \ -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \ \) -exec rm -rf '{}' + \ ; \ \ find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \ | tr ',' '\n' \ | sort -u \ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ | xargs -rt apk add --no-network --virtual .python-rundeps \ ; \ apk del --no-network .build-deps; \ \ python3 --version # make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends) RUN set -eux; \ for src in idle3 pydoc3 python3 python3-config; do \ dst="$(echo "$src" | tr -d 3)"; \ [ -s "/usr/local/bin/$src" ]; \ [ ! -e "/usr/local/bin/$dst" ]; \ ln -svT "$src" "/usr/local/bin/$dst"; \ done # if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value ''" ENV PYTHON_PIP_VERSION 22.3.1 # https://github.com/docker-library/python/issues/365 ENV PYTHON_SETUPTOOLS_VERSION 65.5.1 # https://github.com/pypa/get-pip ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/d5cb0afaf23b8520f1bbcfed521017b4a95f5c01/public/get-pip.py ENV PYTHON_GET_PIP_SHA256 394be00f13fa1b9aaa47e911bdb59a09c3b2986472130f30aa0bfaf7f3980637 RUN set -eux; \ \ wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \ echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \ \ export PYTHONDONTWRITEBYTECODE=1; \ \ python get-pip.py \ --disable-pip-version-check \ --no-cache-dir \ --no-compile \ "pip==$PYTHON_PIP_VERSION" \ "setuptools==$PYTHON_SETUPTOOLS_VERSION" \ ; \ rm -f get-pip.py; \ \ pip --version CMD ["python3"] # End of copy-paste from: # https://github.com/docker-library/python ################################################# # Integration-specific part LABEL maintainer="ONAP Integration team" LABEL Description="Reference ONAP Python 3 image" ARG user=onap ARG group=onap # Create a group and user RUN addgroup -S $group && adduser -S -D -h /home/$user $user $group && \ chown -R $user:$group /home/$user && \ mkdir /var/log/$user && \ chown -R $user:$group /var/log/$user && \ mkdir /app && \ chown -R $user:$group /app # Tell docker that all future commands should be run as the onap user USER $user WORKDIR /app