diff --git a/Dockerfile b/Dockerfile index ff483b648..58594b787 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,11 +16,33 @@ # * Install python3-venv for the built-in Python3 venv module (not installed by default). # * Install gcloud CLI from Google Cloud's apt repository. +# Stage 1: Build +FROM debian:12 AS build + +RUN apt-get update && apt-get install --no-install-recommends -y \ + python3 \ + python3-venv \ + python3-pip && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + +RUN python3 -m venv /venv + +COPY requirements.txt /tmp/ +RUN /venv/bin/pip install --disable-pip-version-check -r /tmp/requirements.txt && \ + rm -rf /root/.cache/pip + + +#Stage 2: Runtime FROM debian:12 +# Set timezone to Australia/Sydney. + +ENV TZ='Australia/Sydney' +SHELL ["/bin/bash", "-c"] + # Install packages used by the Experiment. Python and Git are required for the experiment. # Curl, certs, and gnupg are required to install gcloud. -RUN apt-get update && \ - apt-get install --no-install-suggests --no-install-recommends --yes \ +RUN apt-get update && apt-get install --no-install-recommends -y \ + python3 \ python3-venv \ gcc \ libpython3-dev \ @@ -30,39 +52,40 @@ RUN apt-get update && \ gnupg \ curl \ wget2 \ - clang-format && \ - python3 -m venv /venv + clang-format \ + lsb-release && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + # Install gcloud cli. -RUN echo "deb https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && \ - curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - && \ +RUN install -m 0755 -d /etc/apt/keyrings && \ + curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /etc/apt/keyrings/cloud.google.gpg && \ + chmod a+r /etc/apt/keyrings/cloud.google.gpg && \ + echo "deb [signed-by=/etc/apt/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | \ + tee /etc/apt/sources.list.d/google-cloud-sdk.list && \ apt-get update -y && \ - apt-get install google-cloud-cli -y -# Set timezone to Australia/Sydney. -ENV TZ='Australia/Sydney' - + apt-get install --no-install-recommends -y google-cloud-cli && \ + apt-get clean && rm -rf /var/lib/apt/lists/* # Install Docker for OSS-Fuzz. # Add Docker's official GPG key: -RUN apt-get install ca-certificates curl gnupg && \ - install -m 0755 -d /etc/apt/keyrings && \ - curl -fsSL https://download.docker.com/linux/debian/gpg \ - | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \ - chmod a+r /etc/apt/keyrings/docker.gpg # Add the repository to Apt sources: -RUN echo \ - "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ - $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ - tee /etc/apt/sources.list.d/docker.list > /dev/null -RUN apt-get update && \ - apt-get install -y \ +RUN install -m 0755 -d /etc/apt/keyrings && \ + curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \ + chmod a+r /etc/apt/keyrings/docker.gpg && \ + echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | \ + tee /etc/apt/sources.list.d/docker.list > /dev/null && \ + apt-get update && \ + apt-get install --no-install-recommends -y \ docker-ce \ docker-ce-cli \ containerd.io \ docker-buildx-plugin \ - docker-compose-plugin - + docker-compose-plugin && \ + apt-get clean && rm -rf /var/lib/apt/lists/* COPY . /experiment WORKDIR /experiment -RUN /venv/bin/pip install --disable-pip-version-check -r requirements.txt + +COPY --from=build /venv /venv + ENTRYPOINT ["/venv/bin/python3", "./report/docker_run.py"]