Closed ftoppi closed 7 months ago
Hello @ftoppi !
Thank you for your work. However I can't accept this request for the following reasons:
COPY . .
to copy all files into image already but you clone the project again into the image.pip
is more convenient than using apt-get
.Hello,
Oops, I forgot to remove the COPY instruction 😅
At the moment, the app runs as root user in the container (that's why you ln -s /root /home/root
). It's best practice to run as non-root.
I agree with you, pip is more convenient and packages are up to date compared to system packages.
However PEP 668 and Python recommendations to distributions regarding externally-managed packages "break" global pip install
(including --user
).
Debian 12 and Ubuntu 23.10 already refuse to run pip install
because of this. Ubuntu 24.04 (the next ubuntu:latest
) will do the same.
An alternative to system packages would be to use a python docker image such as python:slim-bookworm
which does not rely on Debian python package.
I rewrote the Dockerfile to reduce the number of intermediate images. It also uses more system packages (python3-setuptools python3-wheel python3-pycryptodome python3-magic) and installs packages that setup.sh would install. It installs the app from git in user directory and run it as the user.