learn_otel/Dockerfile

# syntax = docker/dockerfile:1.4

# Best practice: Choose a stable base image and tag.
FROM python:3.11-slim-bookworm

# Install security updates, and some useful packages.
#
# Best practices:
# * Make sure apt-get doesn't run in interactive mode.
# * Update system packages.
# * Pre-install some useful tools.
# * Minimize system package installation.
RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get update && \
    apt-get -y upgrade && \
    apt-get install -y --no-install-recommends tini procps net-tools && \
    apt-get -y clean && \
    rm -rf /var/lib/apt/lists/*

# Install dependencies.
#
# Best practices:
# * `COPY` in files only when needed.
# * Reduce disk usage from `pip` installs.
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# Create a new user to run as.
#
# Best practices: Don't run as root.
RUN useradd --create-home appuser
USER appuser
WORKDIR /home/appuser

# Copy in the code.
#
# Best practices: Avoid extra chowns.
COPY --chown=appuser . .

# Best practices: Prepare for C crashes.
ENV PYTHONFAULTHANDLER=1
ENV PYTHONUNBUFFERED=0

ARG COMMIT_SHA

LABEL io.runcible.repo-sha="${COMMIT_SHA}"

# Run the code when the image is run:
#
# Best practices:
# * Add an `init` process.
# * Make sure images shut down correctly (via ENTRYPOINT [] syntax).
# * '-g' option means killing the container kills all processes, not just the
#   entrypoint shell.
ENTRYPOINT ["tini", "-g", "--", "./entrypoint.sh"]
Initial Commit 11 months ago			`# syntax = docker/dockerfile:1.4`

			`# Best practice: Choose a stable base image and tag.`
			`FROM python:3.11-slim-bookworm`

			`# Install security updates, and some useful packages.`
			`#`
			`# Best practices:`
			`# * Make sure apt-get doesn't run in interactive mode.`
			`# * Update system packages.`
			`# * Pre-install some useful tools.`
			`# * Minimize system package installation.`
			`RUN export DEBIAN_FRONTEND=noninteractive && \`
			`apt-get update && \`
			`apt-get -y upgrade && \`
			`apt-get install -y --no-install-recommends tini procps net-tools && \`
			`apt-get -y clean && \`
			`rm -rf /var/lib/apt/lists/*`

			`# Install dependencies.`
			`#`
			`# Best practices:`
			# * `COPY` in files only when needed.
			# * Reduce disk usage from `pip` installs.
			`COPY requirements.txt .`
			`RUN pip install --no-cache-dir -r requirements.txt`

			`# Create a new user to run as.`
			`#`
			`# Best practices: Don't run as root.`
			`RUN useradd --create-home appuser`
			`USER appuser`
			`WORKDIR /home/appuser`

			`# Copy in the code.`
			`#`
			`# Best practices: Avoid extra chowns.`
			`COPY --chown=appuser . .`

			`# Best practices: Prepare for C crashes.`
			`ENV PYTHONFAULTHANDLER=1`
			`ENV PYTHONUNBUFFERED=0`

			`ARG COMMIT_SHA`

			`LABEL io.runcible.repo-sha="${COMMIT_SHA}"`

			`# Run the code when the image is run:`
			`#`
			`# Best practices:`
			# * Add an `init` process.
			`# * Make sure images shut down correctly (via ENTRYPOINT [] syntax).`
			`# * '-g' option means killing the container kills all processes, not just the`
			`# entrypoint shell.`
			`ENTRYPOINT ["tini", "-g", "--", "./entrypoint.sh"]`