-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDockerfile
More file actions
41 lines (29 loc) · 1.01 KB
/
Dockerfile
File metadata and controls
41 lines (29 loc) · 1.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
FROM python:3.12-slim as builder
ENV LANG=C.UTF-8
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1
ENV PATH="/app/venv/bin:$PATH"
WORKDIR /app/
RUN python -m venv /app/venv
RUN apt-get update \
# required for psutil python package to install
&& apt-get install -y gcc \
&& dpkg --add-architecture arm64 \
&& apt-get purge -y --auto-remove \
&& rm -rf /var/lib/apt/lists/*
COPY requirements.txt /app/requirements.txt
RUN pip install --no-cache-dir -r /app/requirements.txt
FROM python:3.12-slim
WORKDIR /app/
ENV PYTHONUNBUFFERED=1
ENV PATH="/venv/bin:$PATH"
ENV PYTHONPATH=$PYTHONPATH:.
COPY src /app/src
COPY --from=builder /app/venv /venv
# --- Fix CVE-2025-8869: Upgrade pip in system Python and clean up ---
RUN python -m pip uninstall -y pip && \
rm -rf /usr/local/lib/python3.12/site-packages/pip* && \
python -m ensurepip --upgrade && \
python -m pip install --no-cache-dir pip==25.3 && \
rm -rf /usr/local/lib/python3.12/ensurepip/_bundled/*
ENTRYPOINT ["python", "/app/src/disk_info.py"]