update to python 3.13
This commit is contained in:
@@ -207,7 +207,7 @@ jobs:
|
||||
if echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker --config $DOCKER_CONFIG login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin; then
|
||||
echo "✅ Docker Hub login successful"
|
||||
|
||||
DOCKER_HUB_REPO="${{ secrets.DOCKER_HUB_USERNAME }}/nfoguard"
|
||||
DOCKER_HUB_REPO="sbcrumb/nfoguard"
|
||||
|
||||
# Tag and push dev image
|
||||
docker tag nfoguard:dev "$DOCKER_HUB_REPO:dev"
|
||||
@@ -229,7 +229,7 @@ jobs:
|
||||
|
||||
echo ""
|
||||
echo "🎉 DEV image available on Docker Hub!"
|
||||
echo "📦 DEV image: ${{ secrets.DOCKER_HUB_USERNAME }}/nfoguard:dev"
|
||||
echo "📦 DEV image: sbcrumb/nfoguard:dev"
|
||||
else
|
||||
echo "❌ Docker Hub login failed for DEV push"
|
||||
exit 1
|
||||
|
||||
@@ -207,7 +207,7 @@ jobs:
|
||||
echo "✅ Docker Hub login successful"
|
||||
|
||||
# Tag images for Docker Hub
|
||||
DOCKER_HUB_REPO="${{ secrets.DOCKER_HUB_USERNAME }}/nfoguard"
|
||||
DOCKER_HUB_REPO="sbcrumb/nfoguard"
|
||||
docker tag nfoguard:latest "$DOCKER_HUB_REPO:latest"
|
||||
docker tag nfoguard:latest "$DOCKER_HUB_REPO:${{ github.sha }}"
|
||||
docker tag nfoguard:latest "$DOCKER_HUB_REPO:v$(cat VERSION)"
|
||||
@@ -248,7 +248,7 @@ jobs:
|
||||
echo ""
|
||||
echo "📦 Available images:"
|
||||
echo " Local Gitea: 192.168.253.221:3000/jskala/nfoguard:latest"
|
||||
echo " Docker Hub: ${{ secrets.DOCKER_HUB_USERNAME }}/nfoguard:latest"
|
||||
echo " Docker Hub: sbcrumb/nfoguard:latest"
|
||||
|
||||
deploy:
|
||||
needs: build
|
||||
|
||||
+25
-31
@@ -1,45 +1,39 @@
|
||||
FROM python:3.11-slim
|
||||
FROM python:3.13-slim
|
||||
|
||||
# Set working directory
|
||||
# Set environment variables
|
||||
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||||
PYTHONUNBUFFERED=1 \
|
||||
PYTHONIOENCODING=utf-8
|
||||
|
||||
# Install system dependencies
|
||||
RUN apt-get update && apt-get install -y \
|
||||
curl \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Create app user and directory
|
||||
RUN useradd --create-home --shell /bin/bash app
|
||||
WORKDIR /app
|
||||
|
||||
# Set timezone and install system packages
|
||||
ENV TZ=America/New_York
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
sqlite3 curl gosu git tzdata \
|
||||
&& ln -snf /usr/share/zoneinfo/$TZ /etc/localtime \
|
||||
&& echo $TZ > /etc/timezone \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& apt-get clean \
|
||||
&& groupadd -g 1000 appuser \
|
||||
&& useradd -u 1000 -g appuser -m appuser
|
||||
|
||||
# Install Python dependencies efficiently
|
||||
# Copy requirements and install Python dependencies
|
||||
COPY requirements.txt .
|
||||
RUN pip install --no-cache-dir -r requirements.txt \
|
||||
&& pip cache purge \
|
||||
&& rm -rf ~/.cache/pip
|
||||
RUN pip install --no-cache-dir --upgrade pip && \
|
||||
pip install --no-cache-dir -r requirements.txt
|
||||
|
||||
# Copy application files in order of change frequency (for better caching)
|
||||
COPY VERSION .
|
||||
COPY core/ ./core/
|
||||
COPY clients/ ./clients/
|
||||
COPY nfoguard.py .
|
||||
# Copy application code
|
||||
COPY . .
|
||||
|
||||
# Copy git info to detect branch at runtime
|
||||
COPY .git/HEAD .git/
|
||||
COPY .git/refs/ .git/refs/
|
||||
# Set ownership
|
||||
RUN chown -R app:app /app
|
||||
|
||||
# Final setup in single layer
|
||||
RUN mkdir -p /app/data \
|
||||
&& chown -R appuser:appuser /app \
|
||||
&& printf '#!/bin/bash\nset -euo pipefail\nPUID=${PUID:-1000}\nPGID=${PGID:-1000}\nif [ "$(id -u)" -eq 0 ]; then\n groupmod -o -g "$PGID" appuser 2>/dev/null || groupadd -o -g "$PGID" appuser\n id appuser &>/dev/null || useradd -o -u "$PUID" -g "$PGID" -m appuser\n usermod -o -u "$PUID" -g "$PGID" appuser 2>/dev/null || true\n chown -R "$PUID:$PGID" /app || true\n exec gosu appuser "$@"\nelse\n exec "$@"\nfi' > /entrypoint.sh \
|
||||
&& chmod +x /entrypoint.sh
|
||||
# Switch to app user
|
||||
USER app
|
||||
|
||||
# Health check
|
||||
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
||||
CMD curl -f http://localhost:8080/health || exit 1
|
||||
|
||||
# Expose port
|
||||
EXPOSE 8080
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
||||
# Run the application
|
||||
CMD ["python", "nfoguard.py"]
|
||||
@@ -36,13 +36,13 @@ Add these secrets to your Gitea repository settings:
|
||||
## What Gets Published
|
||||
|
||||
### Main Branch (Production)
|
||||
- `yourusername/nfoguard:latest`
|
||||
- `yourusername/nfoguard:v1.5.2` (version from VERSION file)
|
||||
- `yourusername/nfoguard:sha-abc123` (git commit SHA)
|
||||
- `sbcrumb/nfoguard:latest`
|
||||
- `sbcrumb/nfoguard:v1.5.2` (version from VERSION file)
|
||||
- `sbcrumb/nfoguard:sha-abc123` (git commit SHA)
|
||||
|
||||
### Dev Branch
|
||||
- `yourusername/nfoguard:dev`
|
||||
- `yourusername/nfoguard:dev-sha-abc123`
|
||||
- `sbcrumb/nfoguard:dev`
|
||||
- `sbcrumb/nfoguard:dev-sha-abc123`
|
||||
|
||||
## Usage Examples
|
||||
|
||||
@@ -53,10 +53,10 @@ Once set up, users can pull from either registry:
|
||||
docker pull 192.168.253.221:3000/jskala/nfoguard:latest
|
||||
|
||||
# From Docker Hub (public access)
|
||||
docker pull yourusername/nfoguard:latest
|
||||
docker pull sbcrumb/nfoguard:latest
|
||||
|
||||
# Dev versions
|
||||
docker pull yourusername/nfoguard:dev
|
||||
docker pull sbcrumb/nfoguard:dev
|
||||
```
|
||||
|
||||
## Testing the Setup
|
||||
@@ -77,3 +77,13 @@ Watch the Actions tab in Gitea to see both registries being pushed to successful
|
||||
- **Public**: Anyone can use `docker pull yourusername/nfoguard:latest`
|
||||
- **Redundancy**: Multiple image sources
|
||||
- **Versioning**: Proper semantic versioning across both registries
|
||||
|
||||
## Quick Usage
|
||||
|
||||
```bash
|
||||
# Pull the latest stable release
|
||||
docker pull sbcrumb/nfoguard:latest
|
||||
|
||||
# Pull development version
|
||||
docker pull sbcrumb/nfoguard:dev
|
||||
```
|
||||
Reference in New Issue
Block a user