-
Notifications
You must be signed in to change notification settings - Fork 812
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Optimize Dockerfile #907
Open
wwalexander
wants to merge
3
commits into
duo-labs:main
Choose a base branch
from
wwalexander:optimize-docker
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Optimize Dockerfile #907
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This typo caused an error for me when running Cloudmapper.
This commit updates the .dockerignore file with some files that are not relevant or useful in the context of a Docker image. This is a somewhat trivial change, but prevents changes to these files from triggering pointless layer rebuilds, and keeps the image's working directory more tidy. .github/: This contains a GitHub issue template, which is obviously not used inside the container. .gitignore: Since we are already ignoring the .git directory, this file will have no effect. .travis.yml: Similarly to .github/, this file is not used inside the container. config.json.demo: We are already ignoring account-data/, so this demo config will not be usable to my understanding.
This commit makes some adjustments to the Dockerfile to avoid build cache invalidation where possible, as well as some other more subjective changes that I'll justify but would happily revert. Firstly, I combined the apt-get commands into a single layer which also deletes the package cache files, as shown in the Docker's best practices documentation [1]. Per the same documentation, I separated the list of packages into their own lines, sorted alphabetically, which makes updating the list of packages easier in the future, and makes changes easier to diff. I added an initial COPY of only the requirements.txt file before running `pip install`, followed by a full COPY of all the source files. This means that the requirements will only need to be downloaded, built, and installed when the requirements change, rather than invalidating the cached layer whenever any file is modified. I removed the AWS_DEFAULT_REGION environment variable, as the user should most likely be setting this explicitly anyways. Finally, I removed some of the packages being installed that appeared to not be useful in a Docker container: automake: Installed automatically as a recommended dependency of autoconf. python3.7-dev: The requirements appear to install successfully without this, and since the python Docker image is built from source, I'm not sure if this would even link properly. jq: While jq is useful for parsing the output, users can install it themselves if they need it (and can't just pipe the container output to jq on their local machine). awscli: Similarly to jq, this doesn't appear to be strictly necessary for using cloudmapper. [1] https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#sort-multi-line-arguments
Hello, Can I have you email? I would like to discuss details regarding cloudmapper |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR makes some adjustments to the Dockerfile and .dockerignore in the interest of efficiency and clarity for production usage. Specifics of the changes are described by their respective commits. Would love to hear any feedback on these ideas! Thank you so much for all your hard work!