Closed ftoppi closed 7 months ago
CYB3RMX
commented
7 months ago Hello @ftoppi !
Thank you for your work. However I can't accept this request for the following reasons:
COPY . . to copy all files into image already but you clone the project again into the image.pip is more convenient than using apt-get.
ftoppi
commented
7 months ago Hello,
Oops, I forgot to remove the COPY instruction 😅
At the moment, the app runs as root user in the container (that's why you ln -s /root /home/root). It's best practice to run as non-root.
I agree with you, pip is more convenient and packages are up to date compared to system packages.
However PEP 668 and Python recommendations to distributions regarding externally-managed packages "break" global pip install (including --user).
Debian 12 and Ubuntu 23.10 already refuse to run pip install because of this. Ubuntu 24.04 (the next ubuntu:latest) will do the same.
An alternative to system packages would be to use a python docker image such as python:slim-bookworm which does not rely on Debian python package.
I rewrote the Dockerfile to reduce the number of intermediate images. It also uses more system packages (python3-setuptools python3-wheel python3-pycryptodome python3-magic) and installs packages that setup.sh would install. It installs the app from git in user directory and run it as the user.