92d6e57fb8
- add debian-security archive repository - run apt-get upgrade for all available patches - upgrade pip/setuptools/wheel to latest py2.7 versions reduces container vulnerabilities from 293 to 130
36 lines
1.4 KiB
Docker
36 lines
1.4 KiB
Docker
FROM python:2.7-slim
|
|
|
|
WORKDIR /app
|
|
|
|
# fix EOL debian buster repos and apply all available security updates
|
|
RUN sed -i 's/deb.debian.org/archive.debian.org/g' /etc/apt/sources.list && \
|
|
sed -i 's/security.debian.org/archive.debian.org/g' /etc/apt/sources.list && \
|
|
sed -i '/buster-updates/d' /etc/apt/sources.list && \
|
|
echo 'deb http://archive.debian.org/debian-security buster/updates main' >> /etc/apt/sources.list && \
|
|
apt-get update && \
|
|
apt-get upgrade -y && \
|
|
apt-get install -y --no-install-recommends gcc libc-dev && \
|
|
rm -rf /var/lib/apt/lists/*
|
|
|
|
# upgrade pip/setuptools to latest Python 2.7 compatible versions
|
|
RUN pip install --upgrade "pip<21" "setuptools<45" "wheel<0.38"
|
|
|
|
# install dependencies (optional - bs4 can be skipped with --nobs)
|
|
COPY requirements.txt .
|
|
RUN pip install -r requirements.txt || true
|
|
|
|
# download ASN database for pyasn (if pyasn installed successfully)
|
|
RUN mkdir -p /app/data && \
|
|
python -c "import pyasn" 2>/dev/null && \
|
|
pyasn_util_download.py --latest && \
|
|
pyasn_util_convert.py --single rib.*.bz2 /app/data/ipasn.dat && \
|
|
rm -f rib.*.bz2 || \
|
|
echo "pyasn database setup skipped"
|
|
|
|
# remove build dependencies to keep image small
|
|
RUN apt-get purge -y gcc libc-dev && apt-get autoremove -y || true
|
|
|
|
COPY . .
|
|
|
|
# default: run syntax check
|
|
CMD ["python", "-m", "py_compile", "ppf.py", "soup_parser.py", "config.py", "fetch.py"] |