# HG changeset patch # User John Rouillard # Date 1737217220 18000 # Node ID 92dad05379f913b31c4183660f3dd71cc73e2827 # Parent 0d451fd19f1b75994510fc63121d63632e87cdb0 chore: quote some strings with variables and add comments make sure that a space in a variable doesn't cause a problem. Also merge two RUN commands. diff -r 0d451fd19f1b -r 92dad05379f9 scripts/Docker/Dockerfile --- a/scripts/Docker/Dockerfile Thu Jan 16 21:13:20 2025 -0500 +++ b/scripts/Docker/Dockerfile Sat Jan 18 11:20:20 2025 -0500 @@ -46,13 +46,12 @@ WORKDIR $appdir # Update to get security and other improvements; -RUN apk --no-cache upgrade - # Add packages needed to compile mysql, pgsql and other python modules. # Can't use apk to add python packages as it installs for base image # in /usr. # g++ installs cc1plus needed by pip install -RUN apk --no-cache add \ +RUN apk --no-cache upgrade; \ + apk --no-cache add \ file \ g++ \ gcc \ @@ -83,14 +82,18 @@ # suppress warning when running pip as root ENV PIP_ROOT_USER_ACTION=ignore +# force embedded script to fail on any error "-e" +# including in a pipeline (-o pipefail) (note pipefail +# is not documented, but setting it isn;t an error and +# works in testing) SHELL ["/bin/ash", "-eo", "pipefail", "-c"] ARG VERBOSE ARG pythonversion RUN [ -z "${VERBOSE}" ] || set -xv; \ CWD="$PWD" && \ - upgrades=$(python3 -m pip --no-cache-dir --disable-pip-version-check \ - list --outdated | awk 'NR > 2 {print $1}'); \ + upgrades="$(python3 -m pip --no-cache-dir --disable-pip-version-check \ + list --outdated | awk 'NR > 2 {print $1}')"; \ if [ -n "$upgrades" ]; then \ echo "Pip updating $upgrades"; \ python -m pip --no-cache-dir --disable-pip-version-check \ @@ -98,7 +101,7 @@ else \ echo "Nothing to pip update"; \ fi; \ - ls -l /usr/local/lib/python${pythonversion}/site-packages; \ + ls -l "/usr/local/lib/python${pythonversion}/site-packages"; \ VER=$(apk list -I 'xapian-core-dev' | \ sed 's/^xapian-core-dev-\([0-9.]*\)-.*/\1/') && \ cd /tmp && \ @@ -211,8 +214,8 @@ libstdc++ \ libxapian \ zstd-libs; \ - upgrades=$(python3 -m pip --no-cache-dir --disable-pip-version-check \ - list --outdated | awk 'NR > 2 {print $1}'); \ + upgrades="$(python3 -m pip --no-cache-dir --disable-pip-version-check \ + list --outdated | awk 'NR > 2 {print $1}')"; \ if [ -n "$upgrades" ]; then \ echo "Pip updating $upgrades"; \ python -m pip --no-cache-dir --disable-pip-version-check \