Initial docker image
Some checks failed
ci/woodpecker/push/docker-buildx Pipeline failed
ci/woodpecker/push/lint Pipeline was successful
ci/woodpecker/push/vulnerability-scan Pipeline failed

This commit is contained in:
Liam Steckler 2025-07-05 21:03:14 -07:00
parent 9c75d739ff
commit 3e8d543f52
3 changed files with 57 additions and 33 deletions

View file

@ -0,0 +1,21 @@
when:
branch: main
event:
- push
variables:
- &repo scm.gruezi.net/buckbanzai/crossposter
steps:
publish:
image: docker.io/woodpeckerci/plugin-docker-buildx:latest
settings:
repo: *repo
registry: scm.gruezi.net
tags: latest
username: woodpecker_bot
password:
from_secret: FORGEJO_PACKAGES_API_TOKEN
platforms: linux/amd64,linux/arm64
when:
event: push

View file

@ -1,33 +0,0 @@
when:
branch: main
event: [push, pull_request]
variables:
- &file Dockerfile
- &repo scm.gruezi.net/${CI_REPO}
steps:
dryrun:
image: woodpeckerci/plugin-docker-buildx
settings:
dockerfile: *file
platforms: linux/arm/v7,linux/arm64/v8,linux/amd64,linux/ppc64le
dry_run: true
repo: *repo
tags: latest
when:
event: pull_request
publish:
image: woodpeckerci/plugin-docker-buildx
settings:
dockerfile: *file
platforms: linux/arm/v7,linux/arm64/v8,linux/amd64,linux/ppc64le
repo: *repo
registry: scm.gruezi.net
tags: latest
username: ${CI_REPO_OWNER}
password:
from_secret: FORGEJO_API_TOKEN
when:
event: push

36
Dockerfile Normal file
View file

@ -0,0 +1,36 @@
# An example using multi-stage image builds to create a final image without uv.
# First, build the application in the `/app` directory.
# See `Dockerfile` for details.
FROM ghcr.io/astral-sh/uv:python3.12-bookworm-slim AS builder
ENV UV_COMPILE_BYTECODE=1 UV_LINK_MODE=copy
# Disable Python downloads, because we want to use the system interpreter
# across both images. If using a managed Python version, it needs to be
# copied from the build image into the final image; see `standalone.Dockerfile`
# for an example.
ENV UV_PYTHON_DOWNLOADS=0
WORKDIR /app
RUN --mount=type=cache,target=/root/.cache/uv \
--mount=type=bind,source=uv.lock,target=uv.lock \
--mount=type=bind,source=pyproject.toml,target=pyproject.toml \
uv sync --locked --no-install-project --no-dev
COPY . /app
RUN --mount=type=cache,target=/root/.cache/uv \
uv sync --locked --no-dev
# Then, use a final image without uv
FROM python:3.12-slim-bookworm
# It is important to use the image that matches the builder, as the path to the
# Python executable must be the same, e.g., using `python:3.11-slim-bookworm`
# will fail.
# Copy the application from the builder
COPY --from=builder --chown=app:app /app /app
# Place executables in the environment at the front of the path
ENV PATH="/app/.venv/bin:$PATH"
CMD ["python", "scl.py"]