From 5ab55c6158372c7a7c20cc0dd3fd2846472633a2 Mon Sep 17 00:00:00 2001 From: Omar Siam Date: Thu, 18 Jan 2024 21:54:19 +0100 Subject: [PATCH 1/4] Feature: Minimize container image Rearrange Dockerfile so it creates as little layers as possible and removes everything temporary in the same RUN step as it is downloaded. Like this these downloads are never in any layer and just hidden by deleting them later. --- Dockerfile | 56 +++++++++++++++++++++++++++--------------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2608f1e..26383fa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,42 +24,42 @@ ENV NODE_ENV=production USER root +ADD https://downloads.apache.org/ant/binaries/apache-ant-${ANT_VERSION}-bin.tar.gz \ + https://github.com/Saxonica/Saxon-HE/releases/download/${SAXON_VERSION}/${SAXON_VERSION}J.zip \ + https://www.oxygenxml.com/maven/com/oxygenxml/oxygen-patched-xerces/${XERCES_VERSION}/oxygen-patched-xerces-${XERCES_VERSION}.jar \ + /tmp/ + +COPY ["index.js", "package.json", "package-lock.json*", "/opt/docker-mei/"] + # Configure the Eclipse Adoptium apt repository -RUN apt-get update && \ - apt-get install -y wget apt-transport-https && \ +RUN --mount=type=cache,target=/var/cache/apt \ + apt-get update && apt-get full-upgrade -y && \ + apt-get install -y --no-install-recommends wget apt-transport-https curl ca-certificates && \ mkdir -p /etc/apt/keyrings && \ wget -O - https://packages.adoptium.net/artifactory/api/gpg/key/public | tee /etc/apt/keyrings/adoptium.asc && \ - echo "deb [signed-by=/etc/apt/keyrings/adoptium.asc] https://packages.adoptium.net/artifactory/deb $(awk -F= '/^VERSION_CODENAME/{print$2}' /etc/os-release) main" | tee /etc/apt/sources.list.d/adoptium.list -# install packages -RUN apt-get update && apt-get install -y --no-install-recommends apt-utils temurin-${JAVA_VERSION}-jdk curl unzip git libc6 aptitude libaom-dev gdebi fonts-stix && \ - # install prince - curl --proto '=https' --tlsv1.2 -O https://www.princexml.com/download/${DEB_FILE} && \ - gdebi --non-interactive ./${DEB_FILE} && \ + echo "deb [signed-by=/etc/apt/keyrings/adoptium.asc] https://packages.adoptium.net/artifactory/deb $(awk -F= '/^VERSION_CODENAME/{print$2}' /etc/os-release) main" | tee /etc/apt/sources.list.d/adoptium.list && \ # install nodejs curl -fsSL https://deb.nodesource.com/setup_18.x -o nodesource_setup.sh && \ bash nodesource_setup.sh && \ - apt install nodejs && \ + # install prince + curl --proto '=https' --tlsv1.2 -LO https://www.princexml.com/download/${DEB_FILE} && \ + apt-get install -y --no-install-recommends apt-utils python3-pip temurin-${JAVA_VERSION}-jdk nodejs unzip git libc6 aptitude libaom-dev fonts-stix ./${DEB_FILE} && \ # link ca-certificates - ln -sf /etc/ssl/certs/ca-certificates.crt /usr/lib/prince/etc/curl-ca-bundle.crt - -# setup ant -ADD https://downloads.apache.org/ant/binaries/apache-ant-${ANT_VERSION}-bin.tar.gz /tmp/ant.tar.gz -RUN tar -xvf /tmp/ant.tar.gz -C /opt - -# setup saxon -ADD https://github.com/Saxonica/Saxon-HE/releases/download/${SAXON_VERSION}/${SAXON_VERSION}J.zip /tmp/saxon.zip -RUN unzip /tmp/saxon.zip -d ${ANT_HOME}/lib - -# setup xerces -ADD https://www.oxygenxml.com/maven/com/oxygenxml/oxygen-patched-xerces/${XERCES_VERSION}/oxygen-patched-xerces-${XERCES_VERSION}.jar ${ANT_HOME}/lib - -# cleanup -RUN apt-get purge -y aptitude apt-utils gdebi curl unzip wget apt-transport-https && \ + ln -sf /etc/ssl/certs/ca-certificates.crt /usr/lib/prince/etc/curl-ca-bundle.crt && \ + # setup ant + tar -xvf /tmp/apache-ant-${ANT_VERSION}-bin.tar.gz -C /opt && \ + # setup saxon + unzip /tmp/${SAXON_VERSION}J.zip -d ${ANT_HOME}/lib && \ + # setup xerces + cp /tmp/oxygen-patched-xerces-${XERCES_VERSION}.jar ${ANT_HOME}/lib && \ + # cleanup + apt-get purge -y aptitude apt-utils && \ apt-get autoremove -y && apt-get clean && \ + apt-get clean && \ rm ${DEB_FILE} nodesource_setup.sh && \ - rm -r /tmp + cd /opt/docker-mei && \ + # setup node app for rendering MEI files to SVG using Verovio Toolkit + npm install --omit=dev && \ + rm -rfv /tmp/* /root/.npm* -# setup node app for rendering MEI files to SVG using Verovio Toolkit WORKDIR /opt/docker-mei -COPY ["index.js", "package.json", "package-lock.json*", "./"] -RUN npm install --production From 0f935474f8c26a7c97b61d6336d3c366a3d0959a Mon Sep 17 00:00:00 2001 From: Omar Siam Date: Thu, 18 Jan 2024 22:15:21 +0100 Subject: [PATCH 2/4] Fix: remove package cache dir mount * does not play nice with multi platform * should not contain anything after the build (apt-get clean) --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 26383fa..ccfccd8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -32,8 +32,7 @@ ADD https://downloads.apache.org/ant/binaries/apache-ant-${ANT_VERSION}-bin.tar. COPY ["index.js", "package.json", "package-lock.json*", "/opt/docker-mei/"] # Configure the Eclipse Adoptium apt repository -RUN --mount=type=cache,target=/var/cache/apt \ - apt-get update && apt-get full-upgrade -y && \ +RUN apt-get update && apt-get full-upgrade -y && \ apt-get install -y --no-install-recommends wget apt-transport-https curl ca-certificates && \ mkdir -p /etc/apt/keyrings && \ wget -O - https://packages.adoptium.net/artifactory/api/gpg/key/public | tee /etc/apt/keyrings/adoptium.asc && \ From a3e555b93bcc3f3e37577d14c198ead6c3c49810 Mon Sep 17 00:00:00 2001 From: bwbohl Date: Fri, 26 Jan 2024 09:26:19 +0100 Subject: [PATCH 3/4] fix indentation --- Dockerfile | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 44bfa04..9cf6a06 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,25 +40,25 @@ RUN apt-get update && apt-get full-upgrade -y && \ # install nodejs curl -fsSL https://deb.nodesource.com/setup_18.x -o nodesource_setup.sh && \ bash nodesource_setup.sh && \ - # install prince + # install prince curl --proto '=https' --tlsv1.2 -LO https://www.princexml.com/download/${DEB_FILE} && \ apt-get install -y --no-install-recommends apt-utils python3-pip temurin-${JAVA_VERSION}-jdk nodejs unzip git libc6 aptitude libaom-dev fonts-stix ./${DEB_FILE} && \ # link ca-certificates ln -sf /etc/ssl/certs/ca-certificates.crt /usr/lib/prince/etc/curl-ca-bundle.crt && \ - # setup ant - tar -xvf /tmp/apache-ant-${ANT_VERSION}-bin.tar.gz -C /opt && \ - # setup saxon - unzip /tmp/${SAXON_VERSION}J.zip -d ${ANT_HOME}/lib && \ - # setup xerces - cp /tmp/oxygen-patched-xerces-${XERCES_VERSION}.jar ${ANT_HOME}/lib && \ + # setup ant + tar -xvf /tmp/apache-ant-${ANT_VERSION}-bin.tar.gz -C /opt && \ + # setup saxon + unzip /tmp/${SAXON_VERSION}J.zip -d ${ANT_HOME}/lib && \ + # setup xerces + cp /tmp/oxygen-patched-xerces-${XERCES_VERSION}.jar ${ANT_HOME}/lib && \ # cleanup apt-get purge -y aptitude apt-utils && \ apt-get autoremove -y && apt-get clean && \ - apt-get clean && \ + apt-get clean && \ rm ${DEB_FILE} nodesource_setup.sh && \ cd /opt/docker-mei && \ # setup node app for rendering MEI files to SVG using Verovio Toolkit - npm install --omit=dev && \ + npm install --omit=dev && \ # clean temporary folders rm -rfv /tmp/* /root/.npm* From ffde306871b01e42444a04495b433ac9a3d46977 Mon Sep 17 00:00:00 2001 From: "Benjamin W. Bohl" Date: Fri, 26 Jan 2024 10:51:57 +0100 Subject: [PATCH 4/4] Update Dockerfile --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9cf6a06..6f9af23 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,8 +26,8 @@ USER root ADD https://downloads.apache.org/ant/binaries/apache-ant-${ANT_VERSION}-bin.tar.gz \ https://github.com/Saxonica/Saxon-HE/releases/download/${SAXON_VERSION}/${SAXON_VERSION}J.zip \ - https://www.oxygenxml.com/maven/com/oxygenxml/oxygen-patched-xerces/${XERCES_VERSION}/oxygen-patched-xerces-${XERCES_VERSION}.jar \ - /tmp/ + https://www.oxygenxml.com/maven/com/oxygenxml/oxygen-patched-xerces/${XERCES_VERSION}/oxygen-patched-xerces-${XERCES_VERSION}.jar \ + /tmp/ COPY ["index.js", "package.json", "package-lock.json*", "/opt/docker-mei/"]