Skip to content
This repository has been archived by the owner on Sep 25, 2024. It is now read-only.

Commit

Permalink
Update based on a comment I found
Browse files Browse the repository at this point in the history
  • Loading branch information
@edhgoose
edhgoose committed Apr 22, 2024
1 parent 0d2bee1 commit 2531be5
Show file tree
Hide file tree
Showing 3 changed files with 89 additions and 282 deletions.
92 changes: 62 additions & 30 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,54 +1,86 @@
FROM amazonlinux:2023 as builder

# Set up working directories
RUN mkdir -p /opt/python

# Install packages
RUN dnf update -y
RUN dnf install -y gcc openssl-devel bzip2-devel libffi-devel zlib-devel wget make tar xz

# Download and install Python 3.12
WORKDIR /opt
RUN wget https://www.python.org/ftp/python/3.12.1/Python-3.12.1.tar.xz
RUN tar xvf Python-3.12.1.tar.xz
WORKDIR /opt/Python-3.12.1
RUN ./configure --enable-optimizations --prefix=/opt/python
RUN make -j
RUN make install

FROM amazonlinux:2023
FROM --platform=linux/x86_64 public.ecr.aws/lambda/python:3.9

# Set up working directories
RUN mkdir -p /opt/app
RUN mkdir -p /opt/app/build
RUN mkdir -p /opt/app/bin/

# Copy over the python binaries
COPY --from=builder /opt/python /opt/python

# Copy in the lambda source
WORKDIR /opt/app
COPY ./*.py /opt/app/
COPY requirements.txt /opt/app/requirements.txt

# Install packages
RUN dnf update -y
RUN dnf install -y cpio openssl bzip2 libffi yum-utils zip unzip less
# update security
RUN : \
&& yum -y update --security \
&& yum clean all \
&& rm -rf /var/cache/yum \
&& :

# This had --no-cache-dir, tracing through multiple tickets led to a problem in wheel
RUN /opt/python/bin/pip3 install -r requirements.txt
RUN rm -rf /root/.cache/pip
# Install required packages
RUN : \
&& yum update -y \
&& yum install -y \
cpio \
python3 \
python3-pip \
yum-utils \
zip \
unzip \
less \
libtool-ltdl \
binutils \
&& yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \
&& pip3 install -r /opt/app/requirements.txt \
&& yum clean all \
&& rm -rf /var/cache/yum \
&& :

# Download libraries we need to run in lambda
WORKDIR /tmp
RUN yumdownloader -x \*i686 --archlist=x86_64 clamav clamav-lib clamav-update libtool-ltdl
RUN yumdownloader -x \*i686 --archlist=x86_64 \
clamav \
clamav-lib \
clamav-scanner-systemd \
clamav-update \
elfutils-libs \
json-c \
lz4 \
pcre2 \
systemd-libs \
libprelude \
gnutls \
libtasn1 \
lib64nettle \
nettle \
libtool-ltdl \
libxml2 \
xz-libs \
xz-devel

RUN rpm2cpio clamav-0*.rpm | cpio -idmv
RUN rpm2cpio clamav-lib*.rpm | cpio -idmv
RUN rpm2cpio clamav-update*.rpm | cpio -idmv
RUN rpm2cpio clamd-0*.rpm | cpio -idmv
RUN rpm2cpio elfutils-libs*.rpm | cpio -idmv
RUN rpm2cpio json-c*.rpm | cpio -idmv
RUN rpm2cpio lz4*.rpm | cpio -idmv
RUN rpm2cpio pcre*.rpm | cpio -idmv
RUN rpm2cpio systemd-libs*.rpm | cpio -idmv
RUN rpm2cpio gnutls* | cpio -idmv
RUN rpm2cpio nettle* | cpio -idmv
RUN rpm2cpio libtasn1* | cpio -idmv
RUN rpm2cpio libtool-ltdl* | cpio -idmv
RUN rpm2cpio libxml2* | cpio -idmv
RUN rpm2cpio xz-libs* | cpio -idmv
RUN rpm2cpio xz-devel* | cpio -idmv
RUN rpm2cpio lib* | cpio -idmv
RUN rpm2cpio *.rpm | cpio -idmv

# Copy over the binaries and libraries
RUN cp /tmp/usr/bin/clamscan /tmp/usr/bin/freshclam /tmp/usr/lib64/* /opt/app/bin/
RUN cp -r /tmp/usr/bin/clamscan /tmp/usr/bin/freshclam /tmp/usr/lib64/* /opt/app/bin/

# Fix the freshclam.conf settings
RUN echo "DatabaseMirror database.clamav.net" > /opt/app/bin/freshclam.conf
Expand All @@ -58,7 +90,7 @@ RUN echo "CompressLocalDatabase yes" >> /opt/app/bin/freshclam.conf
WORKDIR /opt/app
RUN zip -r9 --exclude="*test*" /opt/app/build/lambda.zip *.py bin

WORKDIR /opt/python/lib/python3.12/site-packages
WORKDIR /var/lang/lib/python3.9/site-packages
RUN zip -r9 /opt/app/build/lambda.zip *

WORKDIR /opt/app
WORKDIR /opt/app
Loading

0 comments on commit 2531be5

Please sign in to comment.