mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-05-17 18:51:50 +02:00
Do not use poetry.lock when building the container image
Remove all the scaffolding in our `build-image.py` script for using the `poetry.lock` file, now that we install PyMuPDF from the Debian repos.
This commit is contained in:
Alex Pyrgiotis
parent
42646877d7
commit
460b7a178b
7 changed files with 44 additions and 91 deletions
2
.github/workflows/build.yml
vendored
2
.github/workflows/build.yml
vendored
|
|
@ -85,7 +85,7 @@ jobs:
|
||||||
id: cache-container-image
|
id: cache-container-image
|
||||||
uses: actions/cache@v4
|
uses: actions/cache@v4
|
||||||
with:
|
with:
|
||||||
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py', 'poetry.lock') }}
|
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py') }}
|
||||||
path: |
|
path: |
|
||||||
share/container.tar.gz
|
share/container.tar.gz
|
||||||
share/image-id.txt
|
share/image-id.txt
|
||||||
|
|
|
||||||
9
.github/workflows/ci.yml
vendored
9
.github/workflows/ci.yml
vendored
|
|
@ -59,7 +59,7 @@ jobs:
|
||||||
id: cache-container-image
|
id: cache-container-image
|
||||||
uses: actions/cache@v4
|
uses: actions/cache@v4
|
||||||
with:
|
with:
|
||||||
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py', 'poetry.lock') }}
|
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py') }}
|
||||||
path: |-
|
path: |-
|
||||||
share/container.tar.gz
|
share/container.tar.gz
|
||||||
share/image-id.txt
|
share/image-id.txt
|
||||||
|
|
@ -67,7 +67,6 @@ jobs:
|
||||||
- name: Build Dangerzone container image
|
- name: Build Dangerzone container image
|
||||||
if: ${{ steps.cache-container-image.outputs.cache-hit != 'true' }}
|
if: ${{ steps.cache-container-image.outputs.cache-hit != 'true' }}
|
||||||
run: |
|
run: |
|
||||||
sudo apt-get install -y python3-poetry
|
|
||||||
python3 ./install/common/build-image.py
|
python3 ./install/common/build-image.py
|
||||||
|
|
||||||
- name: Upload container image
|
- name: Upload container image
|
||||||
|
|
@ -227,7 +226,7 @@ jobs:
|
||||||
- name: Restore container cache
|
- name: Restore container cache
|
||||||
uses: actions/cache/restore@v4
|
uses: actions/cache/restore@v4
|
||||||
with:
|
with:
|
||||||
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py', 'poetry.lock') }}
|
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py') }}
|
||||||
path: |-
|
path: |-
|
||||||
share/container.tar.gz
|
share/container.tar.gz
|
||||||
share/image-id.txt
|
share/image-id.txt
|
||||||
|
|
@ -334,7 +333,7 @@ jobs:
|
||||||
- name: Restore container image
|
- name: Restore container image
|
||||||
uses: actions/cache/restore@v4
|
uses: actions/cache/restore@v4
|
||||||
with:
|
with:
|
||||||
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py', 'poetry.lock') }}
|
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py') }}
|
||||||
path: |-
|
path: |-
|
||||||
share/container.tar.gz
|
share/container.tar.gz
|
||||||
share/image-id.txt
|
share/image-id.txt
|
||||||
|
|
@ -429,7 +428,7 @@ jobs:
|
||||||
- name: Restore container image
|
- name: Restore container image
|
||||||
uses: actions/cache/restore@v4
|
uses: actions/cache/restore@v4
|
||||||
with:
|
with:
|
||||||
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py', 'poetry.lock') }}
|
key: v3-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/*.py', 'dangerzone/container/*', 'install/common/build-image.py') }}
|
||||||
path: |-
|
path: |-
|
||||||
share/container.tar.gz
|
share/container.tar.gz
|
||||||
share/image-id.txt
|
share/image-id.txt
|
||||||
|
|
|
||||||
1
dodo.py
1
dodo.py
|
|
@ -63,7 +63,6 @@ TESSDATA_TARGETS = list_language_data()
|
||||||
|
|
||||||
IMAGE_DEPS = [
|
IMAGE_DEPS = [
|
||||||
"Dockerfile",
|
"Dockerfile",
|
||||||
"poetry.lock",
|
|
||||||
*list_files("dangerzone/conversion"),
|
*list_files("dangerzone/conversion"),
|
||||||
*list_files("dangerzone/container"),
|
*list_files("dangerzone/container"),
|
||||||
"install/common/build-image.py",
|
"install/common/build-image.py",
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,5 @@
|
||||||
import argparse
|
import argparse
|
||||||
import gzip
|
import gzip
|
||||||
import os
|
|
||||||
import platform
|
import platform
|
||||||
import secrets
|
import secrets
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
@ -9,7 +8,6 @@ from pathlib import Path
|
||||||
|
|
||||||
BUILD_CONTEXT = "dangerzone/"
|
BUILD_CONTEXT = "dangerzone/"
|
||||||
IMAGE_NAME = "dangerzone.rocks/dangerzone"
|
IMAGE_NAME = "dangerzone.rocks/dangerzone"
|
||||||
REQUIREMENTS_TXT = "container-pip-requirements.txt"
|
|
||||||
if platform.system() in ["Darwin", "Windows"]:
|
if platform.system() in ["Darwin", "Windows"]:
|
||||||
CONTAINER_RUNTIME = "docker"
|
CONTAINER_RUNTIME = "docker"
|
||||||
elif platform.system() == "Linux":
|
elif platform.system() == "Linux":
|
||||||
|
|
@ -84,19 +82,6 @@ def main():
|
||||||
with open(image_id_path, "w") as f:
|
with open(image_id_path, "w") as f:
|
||||||
f.write(tag)
|
f.write(tag)
|
||||||
|
|
||||||
print("Exporting container pip dependencies")
|
|
||||||
with ContainerPipDependencies():
|
|
||||||
if not args.use_cache:
|
|
||||||
print("Pulling base image")
|
|
||||||
subprocess.run(
|
|
||||||
[
|
|
||||||
args.runtime,
|
|
||||||
"pull",
|
|
||||||
"alpine:latest",
|
|
||||||
],
|
|
||||||
check=True,
|
|
||||||
)
|
|
||||||
|
|
||||||
# Build the container image, and tag it with the calculated tag
|
# Build the container image, and tag it with the calculated tag
|
||||||
print("Building container image")
|
print("Building container image")
|
||||||
cache_args = [] if args.use_cache else ["--no-cache"]
|
cache_args = [] if args.use_cache else ["--no-cache"]
|
||||||
|
|
@ -106,10 +91,6 @@ def main():
|
||||||
"build",
|
"build",
|
||||||
BUILD_CONTEXT,
|
BUILD_CONTEXT,
|
||||||
*cache_args,
|
*cache_args,
|
||||||
"--build-arg",
|
|
||||||
f"REQUIREMENTS_TXT={REQUIREMENTS_TXT}",
|
|
||||||
"--build-arg",
|
|
||||||
f"ARCH={ARCH}",
|
|
||||||
"-f",
|
"-f",
|
||||||
"Dockerfile",
|
"Dockerfile",
|
||||||
"--tag",
|
"--tag",
|
||||||
|
|
@ -145,31 +126,5 @@ def main():
|
||||||
cmd.wait(5)
|
cmd.wait(5)
|
||||||
|
|
||||||
|
|
||||||
class ContainerPipDependencies:
|
|
||||||
"""Generates PIP dependencies within container"""
|
|
||||||
|
|
||||||
def __enter__(self):
|
|
||||||
try:
|
|
||||||
container_requirements_txt = subprocess.check_output(
|
|
||||||
["poetry", "export", "--only", "container"], universal_newlines=True
|
|
||||||
)
|
|
||||||
except subprocess.CalledProcessError as e:
|
|
||||||
print("FAILURE", e.returncode, e.output)
|
|
||||||
print(f"REQUIREMENTS: {container_requirements_txt}")
|
|
||||||
# XXX Export container dependencies and exclude pymupdfb since it is not needed in container
|
|
||||||
req_txt_pymupdfb_stripped = container_requirements_txt.split("pymupdfb")[0]
|
|
||||||
with open(Path(BUILD_CONTEXT) / REQUIREMENTS_TXT, "w") as f:
|
|
||||||
if ARCH == "arm64":
|
|
||||||
# PyMuPDF needs to be built on ARM64 machines
|
|
||||||
# But is already provided as a prebuilt-wheel on other architectures
|
|
||||||
f.write(req_txt_pymupdfb_stripped)
|
|
||||||
else:
|
|
||||||
f.write(container_requirements_txt)
|
|
||||||
|
|
||||||
def __exit__(self, exc_type, exc_value, exc_tb):
|
|
||||||
print("Leaving the context...")
|
|
||||||
os.remove(Path(BUILD_CONTEXT) / REQUIREMENTS_TXT)
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
sys.exit(main())
|
sys.exit(main())
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ def main():
|
||||||
)
|
)
|
||||||
|
|
||||||
logger.info("Getting PyMuPDF deps as requirements.txt")
|
logger.info("Getting PyMuPDF deps as requirements.txt")
|
||||||
cmd = ["poetry", "export", "--only", "container"]
|
cmd = ["poetry", "export", "--only", "debian"]
|
||||||
container_requirements_txt = subprocess.check_output(cmd)
|
container_requirements_txt = subprocess.check_output(cmd)
|
||||||
|
|
||||||
# XXX: Hack for Ubuntu Focal.
|
# XXX: Hack for Ubuntu Focal.
|
||||||
|
|
|
||||||
2
poetry.lock
generated
2
poetry.lock
generated
|
|
@ -1244,4 +1244,4 @@ type = ["pytest-mypy"]
|
||||||
[metadata]
|
[metadata]
|
||||||
lock-version = "2.0"
|
lock-version = "2.0"
|
||||||
python-versions = ">=3.9,<3.13"
|
python-versions = ">=3.9,<3.13"
|
||||||
content-hash = "68663ce40ba8a7c7f7cc7868e5f771472555773ff2ef04dad7e0150218ca3eb0"
|
content-hash = "2d7753fa7ee1056d871fe67d718cfa2ea9acdfada1c6c3b1e41f98d5220d3879"
|
||||||
|
|
|
||||||
|
|
@ -57,7 +57,7 @@ strip-ansi = "*"
|
||||||
pytest-subprocess = "^1.5.2"
|
pytest-subprocess = "^1.5.2"
|
||||||
pytest-rerunfailures = "^14.0"
|
pytest-rerunfailures = "^14.0"
|
||||||
|
|
||||||
[tool.poetry.group.container.dependencies]
|
[tool.poetry.group.debian.dependencies]
|
||||||
pymupdf = "1.24.11" # Last version to support python 3.8 (needed for Ubuntu Focal support)
|
pymupdf = "1.24.11" # Last version to support python 3.8 (needed for Ubuntu Focal support)
|
||||||
|
|
||||||
[tool.poetry.group.dev.dependencies]
|
[tool.poetry.group.dev.dependencies]
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue