File tree Expand file tree Collapse file tree 2 files changed +17
-6
lines changed
Expand file tree Collapse file tree 2 files changed +17
-6
lines changed Original file line number Diff line number Diff line change 1- FROM docker.io/library/python:3.11 -slim-bookworm
1+ FROM docker.io/library/debian:bookworm -slim
22
33# Do an initial clean up and general upgrade of the distribution
44ENV DEBIAN_FRONTEND=noninteractive
88 apt-get -y install \
99 build-essential \
1010 bzip2 \
11+ ca-certificates \
1112 curl \
1213 default-libmysqlclient-dev \
1314 git \
1415 libxmlsec1-dev \
1516 pkgconf \
17+ python3 \
1618 python3-dev \
19+ python3-venv \
1720 util-linux \
1821 xz-utils \
1922 && \
@@ -24,12 +27,20 @@ RUN \
2427ARG RUNAS_UID
2528ARG RUNAS_GID
2629
30+ # install default venv
31+ RUN \
32+ python3 -m venv /venv && \
33+ /venv/bin/pip install --upgrade pip wheel setuptools
34+
35+ ENV VIRTUAL_ENV="/venv"
36+ ENV PATH="/venv/bin:${PATH}"
37+
38+ # Set the default workdir
39+ WORKDIR /venv
40+
2741# Copy the startup script
2842RUN mkdir /container-init /container-init-post
2943COPY --chmod=0755 ./bin/entrypoint.sh /entrypoint.sh
3044
31- # Set the default workdir
32- WORKDIR /opt
33-
3445ENTRYPOINT ["/entrypoint.sh" ]
3546CMD ["python3" ]
Original file line number Diff line number Diff line change 2727 echo " Switching to user $RUNAS_UID and group $RUNAS_GID "
2828 groupadd -g $RUNAS_GID openconext
2929 useradd -M -u $RUNAS_UID -g $RUNAS_GID openconext
30- PRIVDROP=" setpriv --reuid =openconext --regid =openconext --reset-env --clear-groups "
30+ PRIVDROP=" runuser --user =openconext --group =openconext -- "
3131 else
3232 echo " Switching to user $RUNAS_UID "
3333 useradd -M -u $RUNAS_UID openconext
34- PRIVDROP=" setpriv --reuid =openconext --reset-env --clear-groups "
34+ PRIVDROP=" runuser --user =openconext -- "
3535fi
3636 echo " Dropping privileges to $( $PRIVDROP id -u) $( $PRIVDROP id -g) "
3737
You can’t perform that action at this time.
0 commit comments