FROM python:3.11-slim-bullseye ARG TARGETARCH COPY --from=ghcr.io/astral-sh/uv:0.6.14 /uv /uvx /usr/local/bin/ # Install APT dependencies ARG DEPENDENCIES=" \ ca-certificates \ wget \ g++ \ make \ pkg-config \ default-libmysqlclient-dev \ freetds-dev \ gettext \ libkrb5-dev \ libldap2-dev \ libsasl2-dev" ARG APT_MIRROR=http://deb.debian.org RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=core \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=core \ set -ex \ && rm -f /etc/apt/apt.conf.d/docker-clean \ && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache \ && sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \ && apt-get update > /dev/null \ && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ && echo "no" | dpkg-reconfigure dash # Install bin tools ARG CHECK_VERSION=v1.0.4 RUN set -ex \ && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \ && mv check /usr/local/bin/ \ && chown root:root /usr/local/bin/check \ && chmod 755 /usr/local/bin/check \ && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz # Install Python dependencies WORKDIR /opt/jumpserver ARG PIP_MIRROR=https://pypi.org/simple ENV POETRY_PYPI_MIRROR_URL=${PIP_MIRROR} ENV ANSIBLE_COLLECTIONS_PATHS=/opt/py3/lib/python3.11/site-packages/ansible_collections ENV LANG=en_US.UTF-8 \ PATH=/opt/py3/bin:$PATH ENV UV_LINK_MODE=copy RUN --mount=type=cache,target=/root/.cache \ --mount=type=bind,source=pyproject.toml,target=pyproject.toml \ --mount=type=bind,source=utils/clean_site_packages.sh,target=clean_site_packages.sh \ --mount=type=bind,source=requirements/collections.yml,target=collections.yml \ set -ex \ && uv venv \ && uv pip install -i${PIP_MIRROR} -r pyproject.toml \ && ln -sf $(pwd)/.venv /opt/py3