Slightly decrease the size of the docker artefact.

The size went from 2.57 GB to 1.80 GB.

Slightly decrease the size of the docker artefact.
16d2a87e · Sašo Stanovnik · Anze Luzar · d51d7029 · 16d2a87e · 16d2a87e
Commit 16d2a87e authored 3 years ago by Sašo Stanovnik Committed by Anze Luzar 3 years ago
--- a/.dockerignore
+++ b/.dockerignore
+.git/
+
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]

--- a/Dockerfile
+++ b/Dockerfile
-FROM python:3.10.2-slim-bullseye
+FROM debian:bullseye-20220228-slim
+
+# add python virtualenv and tools dir to path to be able to invoke commands
+ENV PATH="/iac-scan-runner/.venv/bin:/iac-scan-runner/tools:$PATH"
+CMD ["uvicorn", "iac_scan_runner.api:app", "--host", "0.0.0.0", "--port", "80"]
+
+# set working directory
+WORKDIR /iac-scan-runner/src

-# copy all files
 COPY . /iac-scan-runner
-WORKDIR /iac-scan-runner

-# install system and API requirements
-RUN apt-get update \
-    && apt-get -y install build-essential bash gcc git openssh-client ruby-full curl wget default-jdk nodejs npm \
+RUN cd /iac-scan-runner \
+    && apt-get update \
+    && apt-get -y install --no-install-recommends \
+        build-essential \
+	bash \
+	gcc \
+	git \
+	openssh-client \
+	curl \
+	wget \
+	openjdk-17-jre \
+	ruby2.7 \
+	nodejs \
+	npm \
+	unzip \
+	python3 \
+	python3-pip \
+	python3-venv \
    && apt-get update \
    && mkdir -p /usr/share/man/man1 \
    && npm i npm@latest -g \
@@ -14,14 +34,18 @@ RUN apt-get update \
    && . .venv/bin/activate \
    && pip3 install --upgrade pip \
    && pip install -r requirements.txt \
-    && ./install-checks.sh
+    && ./install-checks.sh \
+    && npm uninstall npm \
+    && apt-get -y remove \
+        build-essential \
+	gcc \
+	npm \
+	curl \
+	wget \
+    && apt-get autoremove -y \
+    && apt-get autoclean -y \
+    && apt-get clean -y \
+    && rm -rf /var/lib/apt/lists/* \
+    && rm -rf /var/cache/* \
+    && rm -rf /root/.cache/

-#add python virtualenv and tools dir to path to be able to invoke commands
-ENV PATH="/iac-scan-runner/.venv/bin:$PATH"
-ENV PATH="/iac-scan-runner/tools:$PATH"
-
-# set working directory
-WORKDIR /iac-scan-runner/src
-
-# start the API
-CMD ["uvicorn", "iac_scan_runner.api:app", "--host", "0.0.0.0", "--port", "80"]
--- a/install-checks.sh
+++ b/install-checks.sh
@@ -6,7 +6,7 @@ export ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 export VIRTUALENV_DIR="${ROOT_DIR}/.venv"
 export TOOLS_DIR="${ROOT_DIR}/tools"
 export TMP_DIR="${TOOLS_DIR}/tmp"
-export NODE_MODULES_DIR="${TOOLS_DIR}/node_modules"
+export NODE_MODULES_DIR="${ROOT_DIR}/node_modules"
 export CONFIG_DIR="${ROOT_DIR}/config"
 # env vars for check executables
 export OPERA_CHECK_PATH="${VIRTUALENV_DIR}/bin/opera/"
@@ -90,10 +90,7 @@ installMarkdownLintIfNot() {

 installRequiredNpmModulesIfNot() {
  if [ ! -f "$NODE_MODULES_DIR" ]; then
-    cp package.json "${TOOLS_DIR}/package.json"
-    cp package-lock.json "${TOOLS_DIR}/package-lock.json"
-    npm i --prefix "${TOOLS_DIR}" --force
-    rm "${TOOLS_DIR}/package.json" "${TOOLS_DIR}/package-lock.json"
+    npm install --force
  fi
 }