-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
63 lines (49 loc) · 2.16 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
FROM quay.io/redhat-services-prod/app-sre-tenant/er-base-terraform-main/er-base-terraform-main:tf-1.6.6-v0.1.0-1 AS base
# keep in sync with pyproject.toml
LABEL konflux.additional-tags="0.1.0"
FROM base AS builder
COPY --from=ghcr.io/astral-sh/uv:0.5.25@sha256:a73176b27709bff700a1e3af498981f31a83f27552116f21ae8371445f0be710 /uv /bin/uv
ENV TF_PROVIDER_AWS_VERSION="5.82.2"
ENV TF_PLUGIN_CACHE="${HOME}/.terraform.d/plugin-cache"
ENV TF_PROVIDER_AWS_PATH="${TF_PLUGIN_CACHE}/registry.terraform.io/hashicorp/aws/${TF_PROVIDER_AWS_VERSION}/linux_amd64"
RUN mkdir -p ${TF_PROVIDER_AWS_PATH} && \
curl -sfL https://releases.hashicorp.com/terraform-provider-aws/${TF_PROVIDER_AWS_VERSION}/terraform-provider-aws_${TF_PROVIDER_AWS_VERSION}_linux_amd64.zip \
-o /tmp/package-aws-${TF_PROVIDER_AWS_VERSION}.zip && \
unzip /tmp/package-aws-${TF_PROVIDER_AWS_VERSION}.zip -d ${TF_PROVIDER_AWS_PATH}/ && \
rm /tmp/package-aws-${TF_PROVIDER_AWS_VERSION}.zip
# Python and UV related variables
ENV \
# compile bytecode for faster startup
UV_COMPILE_BYTECODE="true" \
# disable uv cache. it doesn't make sense in a container
UV_NO_CACHE=true \
UV_NO_PROGRESS=true
COPY pyproject.toml uv.lock ./
# Test lock file is up to date
RUN uv lock --locked
# Install dependencies
RUN uv sync --frozen --no-group dev --no-install-project --python /usr/bin/python3
# the source code
COPY README.md ./
COPY er_aws_kms ./er_aws_kms
COPY module ./module
# Sync the project
RUN uv sync --frozen --no-group dev
FROM base AS prod
# get cdktf providers
COPY --from=builder ${TF_PLUGIN_CACHE_DIR} ${TF_PLUGIN_CACHE_DIR}
# get our app with the dependencies
COPY --from=builder ${APP} ${APP}
ENV \
# Use the virtual environment
PATH="${APP}/.venv/bin:${PATH}"
FROM prod AS test
COPY --from=ghcr.io/astral-sh/uv:0.5.25@sha256:a73176b27709bff700a1e3af498981f31a83f27552116f21ae8371445f0be710 /uv /bin/uv
# install test dependencies
RUN uv sync --frozen
COPY Makefile ./
COPY tests ./tests
RUN make test
# Empty /tmp again because the test stage might have created files there, e.g. JSII_RUNTIME_PACKAGE_CACHE_ROOT
# and we want to run this test image in the dev environment
RUN rm -rf /tmp/*