build: bump amd64 image to python 3.12 #3083
Conversation
| @@ -1,4 +1,4 @@ | |||
| FROM cgr.dev/chainguard/wolfi-base:latest | |||
| FROM cgr.dev/chainguard/python:latest-dev | |||
There was a problem hiding this comment.
Building off of wolfi-base gave me issues related to pycocotools. We could probably do this off of wolfi-base by adding some of the apk packages listed here, but for this image I think python:latest works fine. We could likely also slim down the image size doing something like the following from the docs. Did confirm the -dev version didn't have any CVEs.
FROM cgr.dev/chainguard/python:latest-dev as builder
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt --user
FROM cgr.dev/chainguard/python:latest
| @@ -471,18 +471,20 @@ docker-start-bash: | |||
| docker-start-dev: | |||
| docker run --rm \ | |||
| -v ${CURRENT_DIR}:/mnt/local_unstructued \ | |||
| -ti ${DOCKER_IMAGE} | |||
| -ti --entrypoint /bin/bash ${DOCKER_IMAGE} | |||
There was a problem hiding this comment.
@tabossert - This worked when I specified the entrypoint in docker run, but didn't work with /bin/bash as CMD in the Dockerfile. Any idea what would cause that?
Makefile
Outdated
| pytest -m 'not chipper' $(if $(TEST_FILE),$(TEST_FILE),test_unstructured)" | ||
| $(if $(wildcard uns_test_env_file),--env-file uns_test_env_file,) \ | ||
| $(DOCKER_IMAGE) \ | ||
| /home/nonroot/.local/bin/pytest -m 'not chipper' test_unstructured |
There was a problem hiding this comment.
@tabossert - And another mystery here: I added /home/nonroot/.local/bin to PATH in the Dockerfile but it didn't find it here without the explicit path. Feels like its related to the other comment above but can't figure out why.
…ructured into 3051/image-to-py312
| @@ -7,10 +7,9 @@ USER root | |||
| COPY ./docker-packages/*.apk packages/ | |||
| COPY ./requirements requirements/ | |||
| COPY unstructured unstructured | |||
| COPY test_unstructured test_unstructured | |||
There was a problem hiding this comment.
Moved to mounting this directory for the tests
|
Going to close this for, but can pick back up later if |
Summary
Closes #3051. Updates the AMD64 docker image to use Python 3.12 instead of Python 3.11. This is important for making sure the AMD64 images based on Chainguard continue to build in future, because the Chainguard latest images are updated frequently and could drop Python 3.11 support in the future.
This PR swaps from
wolfi-basetopython:latest-devbecause building onwolfi-basecould not installpycocotoolswith Python 3.12, though it worked for Python 3.11. We could likely explore slimming down the image by building onwolfi-basewith a similar set of system dependencies frompython:latest-dev.As part of this PR, we mount the test directories instead of copying them into the Dockerfile.
Testing
test_dockerfileshould pass on the feature branchmake docker-start-devshould work with a new container, and you should be able to process a file