Optimize Dockerfile #907
Open
Optimize Dockerfile #907
Commits on Dec 3, 2021
-
Fix resource_details parameter typo in audit.py
This typo caused an error for me when running Cloudmapper.
-
Ignore ancillary files when copying to Docker image
This commit updates the .dockerignore file with some files that are not relevant or useful in the context of a Docker image. This is a somewhat trivial change, but prevents changes to these files from triggering pointless layer rebuilds, and keeps the image's working directory more tidy. .github/: This contains a GitHub issue template, which is obviously not used inside the container. .gitignore: Since we are already ignoring the .git directory, this file will have no effect. .travis.yml: Similarly to .github/, this file is not used inside the container. config.json.demo: We are already ignoring account-data/, so this demo config will not be usable to my understanding.
-
Adjust Docker build to improve caching and reduce size
This commit makes some adjustments to the Dockerfile to avoid build cache invalidation where possible, as well as some other more subjective changes that I'll justify but would happily revert. Firstly, I combined the apt-get commands into a single layer which also deletes the package cache files, as shown in the Docker's best practices documentation [1]. Per the same documentation, I separated the list of packages into their own lines, sorted alphabetically, which makes updating the list of packages easier in the future, and makes changes easier to diff. I added an initial COPY of only the requirements.txt file before running `pip install`, followed by a full COPY of all the source files. This means that the requirements will only need to be downloaded, built, and installed when the requirements change, rather than invalidating the cached layer whenever any file is modified. I removed the AWS_DEFAULT_REGION environment variable, as the user should most likely be setting this explicitly anyways. Finally, I removed some of the packages being installed that appeared to not be useful in a Docker container: automake: Installed automatically as a recommended dependency of autoconf. python3.7-dev: The requirements appear to install successfully without this, and since the python Docker image is built from source, I'm not sure if this would even link properly. jq: While jq is useful for parsing the output, users can install it themselves if they need it (and can't just pipe the container output to jq on their local machine). awscli: Similarly to jq, this doesn't appear to be strictly necessary for using cloudmapper. [1] https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#sort-multi-line-arguments
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.