From 50575896ceb53eec2d1bfb0ab1ab9724d9ad7116 Mon Sep 17 00:00:00 2001 From: Tanguy Jouannic Date: Tue, 30 Sep 2025 06:46:20 -1000 Subject: [PATCH 1/2] Bring 3.13.3-slim version --- .github/workflows/docker-image.yml | 2 +- .github/workflows/pr.yml | 2 +- 3.13.3-slim/Dockerfile | 140 +++++++++++++++++++++++++++++ 3 files changed, 142 insertions(+), 2 deletions(-) create mode 100644 3.13.3-slim/Dockerfile diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index eedf07d..6c44099 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - versions: [3.9,3.12] + versions: [3.9,3.12,3.13.3-slim] env: repo: "govpf/python" steps: diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index cbc77f1..a712bf7 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - versions: [3.6,3.9] + versions: [3.6,3.9,3.13.3-slim] env: repo: "govpf/python" steps: diff --git a/3.13.3-slim/Dockerfile b/3.13.3-slim/Dockerfile new file mode 100644 index 0000000..1d89d0b --- /dev/null +++ b/3.13.3-slim/Dockerfile @@ -0,0 +1,140 @@ +# Using bookworm-slim for a smaller base image. +FROM govpf/debian:bookworm-slim + +# Ensure local python is preferred over distribution python. +ENV PATH="/usr/local/bin:$PATH" + +# Set a default locale to avoid Python warnings. +ENV LANG="C.UTF-8" + +# Runtime dependencies. +RUN set -eux; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + netbase \ + tzdata \ + ; \ + rm -rf /var/lib/apt/lists/* + +# Build-time variables. +ENV GPG_KEY="7169605F62C751356D054A26A821E680E5FA6305" +ENV PYTHON_VERSION="3.13.3" +ENV PYTHON_SHA256="40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041" + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + gnupg \ + libbluetooth-dev \ + libbz2-dev \ + libc6-dev \ + libdb-dev \ + libffi-dev \ + libgdbm-dev \ + liblzma-dev \ + libncursesw5-dev \ + libreadline-dev \ + libsqlite3-dev \ + libssl-dev \ + make \ + tk-dev \ + uuid-dev \ + wget \ + xz-utils \ + zlib1g-dev \ + ; \ + \ + wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \ + echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \ + wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \ + gpg --batch --verify python.tar.xz.asc python.tar.xz; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME" python.tar.xz.asc; \ + \ + mkdir -p /usr/src/python; \ + tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \ + rm python.tar.xz; \ + \ + cd /usr/src/python; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + ./configure \ + --build="$gnuArch" \ + --enable-loadable-sqlite-extensions \ + --enable-optimizations \ + --enable-option-checking=fatal \ + --enable-shared \ + --with-lto \ + --with-ensurepip \ + ; \ + nproc="$(nproc)"; \ + EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \ + LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \ + arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \ + case "$arch" in \ + amd64|arm64) \ + EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \ + ;; \ + i386) \ + ;; \ + *) \ + EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \ + ;; \ + esac; \ + make -j "$nproc" \ + "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \ + "LDFLAGS=${LDFLAGS:-}" \ + ; \ + rm python; \ + make -j "$nproc" \ + "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \ + "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \ + python \ + ; \ + make install; \ + \ + cd /; \ + rm -rf /usr/src/python; \ + \ + find /usr/local -depth \ + \( \ + \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \ + -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \ + \) -exec rm -rf '{}' + \ + ; \ + \ + ldconfig; \ + \ + apt-mark auto '.*' > /dev/null; \ + apt-mark manual $savedAptMark; \ + find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \ + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); printf "*%s\n", so }' \ + | sort -u \ + | xargs -r dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | xargs -r apt-mark manual \ + ; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ + export PYTHONDONTWRITEBYTECODE=1; \ + python3 --version; \ + pip3 --version + +# Make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends). +RUN set -eux; \ + for src in idle3 pip3 pydoc3 python3 python3-config; do \ + dst="$(echo "$src" | tr -d 3)"; \ + [ -s "/usr/local/bin/$src" ]; \ + [ ! -e "/usr/local/bin/$dst" ]; \ + ln -svT "$src" "/usr/local/bin/$dst"; \ + done + +CMD ["python3"] \ No newline at end of file From d0d74193c6ca4a7a48c51dc03fbcb7dd41013c7c Mon Sep 17 00:00:00 2001 From: Tanguy Jouannic Date: Tue, 30 Sep 2025 06:51:58 -1000 Subject: [PATCH 2/2] Fix pr CI --- .github/workflows/pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index a712bf7..4249599 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - versions: [3.6,3.9,3.13.3-slim] + versions: [3.9,3.12,3.13.3-slim] env: repo: "govpf/python" steps: