danial/docker-registry
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
1ecefc80af4c491ffd6eb5dac4def291b0f97492
docker-registry/kami-spider-monorepo/Dockerfile.base
danial 1ecefc80af chore(docker): 优化 Playwright 浏览器安装和配置 
- 设置 PLAYWRIGHT_BROWSERS_PATH 环境变量指向 /app/.browsers
- 创建 /app/.browsers 目录用于存放浏览器文件
- 分别以 root 用户和 appuser 用户执行 Playwright 依赖和浏览器安装
- 提升 /app/.browsers 目录权限,保证 appuser 访问权限
- 调整安装步骤顺序,优化权限和用户切换流程

docs(kami-gateway): 新增 kami-gateway 模块文档及构建脚本说明

- 添加了 kami-gateway 模块的整体介绍及项目结构概述
- 详细描述了基础镜像构建流程和核心组件(Dockerfile.base 与 build-base-image.sh)
- 分析了 Go 依赖管理方式及 Docker 构建优化机制
- 介绍了 CI/CD 集成流程及自动化构建逻辑
- 阐述了性能优化措施,包括中国镜像源配置和极速构建策略
- 提供了常见故障排查指南以提高镜像构建和推送的稳定性
- 补充了安全性设计,如非 root 用户运行和证书管理

chore(docker): 更新 Go 模块代理地址

- 将 GOPROXY 从 https://goproxy.cn 更改为 https://goproxy.io
- 保持其他环境变量配置不变
- 解决国内代理访问速度或稳定性问题
2025-12-17 15:33:59 +08:00

87 lines
2.5 KiB
Docker
Raw Blame History

FROM python:3.13-slim
# Set environment variables
ENV PYTHONUNBUFFERED=1 \
PYTHONDONTWRITEBYTECODE=1 \
UV_COMPILE_BYTECODE=1 \
UV_LINK_MODE=copy \
PATH="/app/.venv/bin:$PATH" \
UV_CACHE_DIR=/tmp/uv-cache \
PLAYWRIGHT_BROWSERS_PATH=/app/.browsers \
PYDEVD_DISABLE=1 \
PYDEVD_DISABLE_FILE_VALIDATION=1 \
PYCHARM_DEBUG="false" \
PYTEST_CURRENT_TEST="false"
# Install system dependencies for Playwright and runtime
RUN apt-get update && apt-get install -y --no-install-recommends \
# Core utilities
ca-certificates \
curl \
# Playwright runtime dependencies
fonts-liberation \
libnss3 \
libatk-bridge2.0-0 \
libdrm2 \
libxkbcommon0 \
libxcomposite1 \
libxdamage1 \
libxrandr2 \
libgbm1 \
libasound2 \
libcups2t64 \
libxfixes3 \
libcairo2 \
libpango-1.0-0 \
&& rm -rf /var/lib/apt/lists/*
# Install UV package manager
COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
# Create non-root user with home directory and set up directories
RUN groupadd -r appuser && useradd -r -g appuser -d /home/appuser -m appuser \
&& mkdir -p /app \
&& mkdir -p /app/.browsers \
&& mkdir -p /home/appuser/.cache \
&& chown -R appuser:appuser /app /home/appuser
# Switch to non-root user for dependency installation
USER appuser
# Set working directory
WORKDIR /app
# Copy dependency files
COPY --chown=appuser:appuser pyproject.toml ./
COPY --chown=appuser:appuser uv.lock ./
# Install Python dependencies using UV
RUN if [ "$USE_PROXY" = "1" ]; then \
uv sync --frozen --no-dev --no-install-project --index-url https://pypi.tuna.tsinghua.edu.cn/simple/; \
else \
uv sync --frozen --no-dev --no-install-project; \
fi && \
rm -rf "$UV_CACHE_DIR"
# Switch back to root user to install Playwright system dependencies
USER root
# Install Playwright system dependencies for chromium
RUN /app/.venv/bin/playwright install-deps chromium
# Switch to appuser to install browsers (must be done by the user who will run them)
USER appuser
# Install Playwright browsers to the shared path
RUN /app/.venv/bin/playwright install chromium
# Switch back to root for final cleanup
USER root
# Ensure browser cache directory has correct permissions for appuser
RUN chmod -R 755 /app/.browsers
# Label the image
LABEL maintainer="kami-spider-team" \
version="1.0.0" \
description="Complete base image for kami_spider applications with Python, UV, all dependencies and Playwright browsers"
Reference in New Issue View Git Blame Copy Permalink