speedup build process for python deps and fix default env value for autoconf/k8s

2026-05-24 09:28:37 +00:00 · 2023-05-07 12:53:49 +02:00 · 2023-05-07 12:53:49 +02:00 · 59324526cf
commit 59324526cf
parent a58e5c60c0
9 changed files with 74 additions and 66 deletions
--- a/src/autoconf/Dockerfile
+++ b/src/autoconf/Dockerfile
@ -13,6 +13,7 @@ RUN apk add --no-cache --virtual .build-deps g++ gcc musl-dev jpeg-dev zlib-dev
    pip install --no-cache-dir --upgrade pip && \
    pip install wheel && \
    mkdir -p /usr/share/bunkerweb/deps/python && \
+    export MAKEFLAGS="-j$(nproc)" && \
    pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt && \
    apk del .build-deps

--- a/src/autoconf/IngressController.py
+++ b/src/autoconf/IngressController.py
@ -51,7 +51,7 @@ class IngressController(Controller, ConfigCaller):
            self.__logger.warning(f"Missing container bunkerweb in pod {controller_instance.metadata.name}")
        else:
            for env in pod.env:
-                instance["env"][env.name] = env.value
+                instance["env"][env.name] = env.value or ""
        for controller_service in self._get_controller_services():
            if controller_service.metadata.annotations:
                for (
--- a/src/linux/Dockerfile-centos
+++ b/src/linux/Dockerfile-centos
@ -33,6 +33,7 @@ RUN dnf install -y python39-pip brotli brotli-devel wget gperftools-devel perl l
    chmod +x /tmp/bunkerweb/deps/install.sh && \
    bash /tmp/bunkerweb/deps/install.sh && \
    mkdir /usr/share/bunkerweb/deps/python && \
+    export MAKEFLAGS="-j$(nproc)" && \
    pip3.9 install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt

 #RUN pip3.9 install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt
--- a/src/linux/Dockerfile-debian
+++ b/src/linux/Dockerfile-debian
@ -37,6 +37,7 @@ RUN apt update && \
    chmod +x /tmp/bunkerweb/deps/install.sh && \
    bash /tmp/bunkerweb/deps/install.sh && \
    mkdir /usr/share/bunkerweb/deps/python && \
+    export MAKEFLAGS="-j$(nproc)" && \
    pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt

    # Dirty fix to avoid errors with --target and packages same namespace
--- a/src/linux/Dockerfile-fedora
+++ b/src/linux/Dockerfile-fedora
@ -31,6 +31,7 @@ RUN dnf install -y python3-pip brotli brotli-devel gperftools-devel perl libxslt
    chmod +x /tmp/bunkerweb/deps/install.sh && \
    bash /tmp/bunkerweb/deps/install.sh && \
    mkdir /usr/share/bunkerweb/deps/python && \
+    export MAKEFLAGS="-j$(nproc)" && \
    pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt
    # Dirty fix to avoid errors with --target and packages same namespace
    #cp -r /usr/lib64/python3.10/* /usr/lib/python3.10/ && \
--- a/src/linux/Dockerfile-rhel
+++ b/src/linux/Dockerfile-rhel
@ -46,6 +46,7 @@ RUN dnf install -y readline-devel python39-pip brotli brotli-devel gperftools-de
    chmod +x /tmp/bunkerweb/deps/install.sh && \
    bash /tmp/bunkerweb/deps/install.sh && \
    mkdir /usr/share/bunkerweb/deps/python && \
+    export MAKEFLAGS="-j$(nproc)" && \
    pip3.9 install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt

 #RUN pip3.10 install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt
--- a/src/linux/Dockerfile-ubuntu
+++ b/src/linux/Dockerfile-ubuntu
@ -37,6 +37,7 @@ RUN apt update && \
    chmod +x /tmp/bunkerweb/deps/install.sh && \
    bash /tmp/bunkerweb/deps/install.sh && \
    mkdir /usr/share/bunkerweb/deps/python && \
+    export MAKEFLAGS="-j$(nproc)" && \
    pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt

 # Copy files
--- a/src/scheduler/Dockerfile
+++ b/src/scheduler/Dockerfile
@ -14,6 +14,7 @@ RUN apk add --no-cache --virtual .build-deps g++ gcc musl-dev jpeg-dev zlib-dev
  pip install --no-cache-dir --upgrade pip && \
  pip install wheel && \
  mkdir -p /usr/share/bunkerweb/deps/python && \
+  export MAKEFLAGS="-j$(nproc)" && \
  pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt && \
  pip install --no-cache-dir gunicorn && \
  apk del .build-deps
--- a/src/ui/Dockerfile
+++ b/src/ui/Dockerfile
@ -1,66 +1,67 @@
-FROM python:3.11.3-alpine
-
-# Copy python requirements
-COPY src/ui/requirements.txt /tmp/req/requirements.txt
-COPY src/common/gen/requirements.txt /tmp/req/requirements.txt.1
-COPY src/common/db/requirements.txt /tmp/req/requirements.txt.2
-
-RUN mkdir -p /usr/share/bunkerweb/deps && \
-    cat /tmp/req/requirements.txt /tmp/req/requirements.txt.1 /tmp/req/requirements.txt.2 > /usr/share/bunkerweb/deps/requirements.txt && \
-    rm -rf /tmp/req
-
-# Install python requirements
-RUN apk add --no-cache --virtual .build-deps g++ gcc musl-dev jpeg-dev zlib-dev libffi-dev cairo-dev pango-dev gdk-pixbuf-dev openssl-dev cargo file make postgresql-dev && \
-    pip install --no-cache-dir --upgrade pip && \
-    pip install wheel && \
-    mkdir -p /usr/share/bunkerweb/deps/python && \
-    pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt && \
-    apk del .build-deps
-
-# Copy files
-# can't exclude specific files/dir from . so we are copying everything by hand
-COPY src/common/api /usr/share/bunkerweb/api
-COPY src/common/db /usr/share/bunkerweb/db
-COPY src/common/core /usr/share/bunkerweb/core
-COPY src/common/gen /usr/share/bunkerweb/gen
-COPY src/common/settings.json /usr/share/bunkerweb/settings.json
-COPY src/common/utils /usr/share/bunkerweb/utils
-COPY src/ui /usr/share/bunkerweb/ui
-COPY src/VERSION /usr/share/bunkerweb/VERSION
-
-# Add ui user
-RUN apk add --no-cache bash && \
-    addgroup -g 101 ui && \
-    adduser -h /var/cache/nginx -g ui -s /bin/sh -G ui -D -H -u 101 ui && \
-    echo "Docker" > /usr/share/bunkerweb/INTEGRATION && \
-    mkdir -p /var/tmp/bunkerweb && \
-    mkdir -p /etc/bunkerweb && \
-    mkdir -p /data/cache && ln -s /data/cache /var/cache/bunkerweb && \
-    mkdir -p /data/lib && ln -s /data/lib /var/lib/bunkerweb && \
-    mkdir -p /var/log/nginx/ && touch /var/log/nginx/ui.log && \
-    for dir in $(echo "configs plugins") ; do mkdir -p "/data/${dir}" && ln -s "/data/${dir}" "/etc/bunkerweb/${dir}" ; done && \
-    for dir in $(echo "configs/http configs/stream configs/server-http configs/server-stream configs/default-server-http configs/default-server-stream configs/modsec configs/modsec-crs") ; do mkdir "/data/${dir}" ; done && \
-    chown -R root:ui /data && \
-    chmod -R 770 /data && \
-    chown -R root:ui /usr/share/bunkerweb /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /var/log/nginx && \
-    for dir in $(echo "/usr/share/bunkerweb /etc/bunkerweb") ; do find ${dir} -type f -exec chmod 0740 {} \; ; done && \
-    for dir in $(echo "/usr/share/bunkerweb /etc/bunkerweb") ; do find ${dir} -type d -exec chmod 0750 {} \; ; done && \
-    chmod 770 /var/cache/bunkerweb /var/lib/bunkerweb /var/tmp/bunkerweb /var/log/nginx/ui.log && \
-    chmod 750 /usr/share/bunkerweb/gen/*.py /usr/share/bunkerweb/ui/*.py /usr/share/bunkerweb/ui/src/*.py /usr/share/bunkerweb/deps/python/bin/* && \
-    chmod 660 /usr/share/bunkerweb/INTEGRATION
-
-# Fix CVEs
-RUN apk add "libcrypto3>=3.0.8-r4" "libssl3>=3.0.8-r4"
-
-VOLUME /data /etc/nginx
-
-EXPOSE 7000
-
-WORKDIR /usr/share/bunkerweb/ui
-
-USER ui:ui
-
-HEALTHCHECK --interval=10s --timeout=10s --start-period=30s --retries=6 CMD /usr/share/bunkerweb/helpers/healthcheck-ui.sh
-
-ENV PYTHONPATH /usr/share/bunkerweb/deps/python
+FROM python:3.11.3-alpine
+
+# Copy python requirements
+COPY src/ui/requirements.txt /tmp/req/requirements.txt
+COPY src/common/gen/requirements.txt /tmp/req/requirements.txt.1
+COPY src/common/db/requirements.txt /tmp/req/requirements.txt.2
+
+RUN mkdir -p /usr/share/bunkerweb/deps && \
+    cat /tmp/req/requirements.txt /tmp/req/requirements.txt.1 /tmp/req/requirements.txt.2 > /usr/share/bunkerweb/deps/requirements.txt && \
+    rm -rf /tmp/req
+
+# Install python requirements
+RUN apk add --no-cache --virtual .build-deps g++ gcc musl-dev jpeg-dev zlib-dev libffi-dev cairo-dev pango-dev gdk-pixbuf-dev openssl-dev cargo file make postgresql-dev && \
+    pip install --no-cache-dir --upgrade pip && \
+    pip install wheel && \
+    mkdir -p /usr/share/bunkerweb/deps/python && \
+    export MAKEFLAGS="-j$(nproc)" && \
+    pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt && \
+    apk del .build-deps
+
+# Copy files
+# can't exclude specific files/dir from . so we are copying everything by hand
+COPY src/common/api /usr/share/bunkerweb/api
+COPY src/common/db /usr/share/bunkerweb/db
+COPY src/common/core /usr/share/bunkerweb/core
+COPY src/common/gen /usr/share/bunkerweb/gen
+COPY src/common/settings.json /usr/share/bunkerweb/settings.json
+COPY src/common/utils /usr/share/bunkerweb/utils
+COPY src/ui /usr/share/bunkerweb/ui
+COPY src/VERSION /usr/share/bunkerweb/VERSION
+
+# Add ui user
+RUN apk add --no-cache bash && \
+    addgroup -g 101 ui && \
+    adduser -h /var/cache/nginx -g ui -s /bin/sh -G ui -D -H -u 101 ui && \
+    echo "Docker" > /usr/share/bunkerweb/INTEGRATION && \
+    mkdir -p /var/tmp/bunkerweb && \
+    mkdir -p /etc/bunkerweb && \
+    mkdir -p /data/cache && ln -s /data/cache /var/cache/bunkerweb && \
+    mkdir -p /data/lib && ln -s /data/lib /var/lib/bunkerweb && \
+    mkdir -p /var/log/nginx/ && touch /var/log/nginx/ui.log && \
+    for dir in $(echo "configs plugins") ; do mkdir -p "/data/${dir}" && ln -s "/data/${dir}" "/etc/bunkerweb/${dir}" ; done && \
+    for dir in $(echo "configs/http configs/stream configs/server-http configs/server-stream configs/default-server-http configs/default-server-stream configs/modsec configs/modsec-crs") ; do mkdir "/data/${dir}" ; done && \
+    chown -R root:ui /data && \
+    chmod -R 770 /data && \
+    chown -R root:ui /usr/share/bunkerweb /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /var/log/nginx && \
+    for dir in $(echo "/usr/share/bunkerweb /etc/bunkerweb") ; do find ${dir} -type f -exec chmod 0740 {} \; ; done && \
+    for dir in $(echo "/usr/share/bunkerweb /etc/bunkerweb") ; do find ${dir} -type d -exec chmod 0750 {} \; ; done && \
+    chmod 770 /var/cache/bunkerweb /var/lib/bunkerweb /var/tmp/bunkerweb /var/log/nginx/ui.log && \
+    chmod 750 /usr/share/bunkerweb/gen/*.py /usr/share/bunkerweb/ui/*.py /usr/share/bunkerweb/ui/src/*.py /usr/share/bunkerweb/deps/python/bin/* && \
+    chmod 660 /usr/share/bunkerweb/INTEGRATION
+
+# Fix CVEs
+RUN apk add "libcrypto3>=3.0.8-r4" "libssl3>=3.0.8-r4"
+
+VOLUME /data /etc/nginx
+
+EXPOSE 7000
+
+WORKDIR /usr/share/bunkerweb/ui
+
+USER ui:ui
+
+HEALTHCHECK --interval=10s --timeout=10s --start-period=30s --retries=6 CMD /usr/share/bunkerweb/helpers/healthcheck-ui.sh
+
+ENV PYTHONPATH /usr/share/bunkerweb/deps/python
 CMD ["python3", "-m", "gunicorn", "--user", "ui", "--group", "ui", "main:app", "--worker-class", "gevent", "--bind", "0.0.0.0:7000", "--graceful-timeout", "0", "--access-logfile", "-", "--error-logfile", "-"]