58b42f7d7c
* Code Cleanup (#158) * print coverage report * create sonar-project property file * install all py dependencies in one step * code cleanup * reduce cognitive complexity * do not build on *.yml changes * optimise versionstring handling (#159) - Reading the version string from the image updates it even if the image is re-pulled without re-deployment * fix linter warning * exclude *.pyi filese * ignore some rules for tests * cleanup (#160) * Sonar qube 3 (#163) fix SonarQube warnings in modbus.py * Sonar qube 3 (#164) * fix SonarQube warnings * Sonar qube 3 (#165) * cleanup * Add support for TSUN Titan inverter Fixes #161 * fix SonarQube warnings * fix error * rename field "config" * SonarQube reads flake8 output * don't stop on flake8 errors * flake8 scan only app/src for SonarQube * update flake8 run * ignore flake8 C901 * cleanup * fix linter warnings * ignore changed *.yml files * read sensor list solarman data packets * catch 'No route to' error and log only in debug mode * fix unit tests * add sensor_list configuration * adapt unit tests * fix SonarQube warnings * Sonar qube 3 (#166) * add unittests for mqtt.py * add mock * move test requirements into a file * fix unit tests * fix formating * initial version * fix SonarQube warning
80 lines
2.4 KiB
Docker
80 lines
2.4 KiB
Docker
ARG SERVICE_NAME="tsun-proxy"
|
|
ARG UID=1000
|
|
ARG GID=1000
|
|
|
|
#
|
|
# first stage for our base image
|
|
FROM python:3.12-alpine AS base
|
|
USER root
|
|
|
|
COPY --chmod=0700 ./hardening_base.sh .
|
|
RUN apk upgrade --no-cache && \
|
|
apk add --no-cache su-exec && \
|
|
./hardening_base.sh && \
|
|
rm ./hardening_base.sh
|
|
|
|
#
|
|
# second stage for building wheels packages
|
|
FROM base AS builder
|
|
|
|
# copy the dependencies file to the root dir and install requirements
|
|
COPY ./requirements.txt /root/
|
|
RUN apk add --no-cache build-base && \
|
|
python -m pip install --no-cache-dir -U pip wheel && \
|
|
python -OO -m pip wheel --no-cache-dir --wheel-dir=/root/wheels -r /root/requirements.txt
|
|
|
|
|
|
#
|
|
# third stage for our runtime image
|
|
FROM base AS runtime
|
|
ARG SERVICE_NAME
|
|
ARG VERSION
|
|
ARG UID
|
|
ARG GID
|
|
ARG LOG_LVL
|
|
ARG environment
|
|
|
|
ENV SERVICE_NAME=$SERVICE_NAME
|
|
ENV UID=$UID
|
|
ENV GID=$GID
|
|
ENV LOG_LVL=$LOG_LVL
|
|
ENV HOME=/home/$SERVICE_NAME
|
|
|
|
|
|
# set the working directory in the container
|
|
WORKDIR /home/$SERVICE_NAME
|
|
|
|
VOLUME ["/home/$SERVICE_NAME/log", "/home/$SERVICE_NAME/config"]
|
|
|
|
# install the requirements from the wheels packages from the builder stage
|
|
# and unistall python packages and alpine package manger to reduce attack surface
|
|
COPY --from=builder /root/wheels /root/wheels
|
|
COPY --chmod=0700 ./hardening_final.sh .
|
|
RUN python -m pip install --no-cache --no-index /root/wheels/* && \
|
|
rm -rf /root/wheels && \
|
|
python -m pip uninstall --yes setuptools wheel pip && \
|
|
apk --purge del apk-tools && \
|
|
./hardening_final.sh && \
|
|
rm ./hardening_final.sh
|
|
|
|
|
|
# copy the content of the local src and config directory to the working directory
|
|
COPY --chmod=0700 entrypoint.sh /root/entrypoint.sh
|
|
COPY config .
|
|
COPY src .
|
|
RUN echo ${VERSION} > /proxy-version.txt
|
|
RUN date > /build-date.txt
|
|
EXPOSE 5005 8127 10000
|
|
|
|
# command to run on container start
|
|
ENTRYPOINT ["/root/entrypoint.sh"]
|
|
CMD [ "python3", "./server.py" ]
|
|
|
|
|
|
LABEL org.opencontainers.image.title="TSUN Gen3 Proxy"
|
|
LABEL org.opencontainers.image.authors="Stefan Allius"
|
|
LABEL org.opencontainers.image.source=https://github.com/s-allius/tsun-gen3-proxy
|
|
LABEL org.opencontainers.image.description='This proxy enables a reliable connection between TSUN third generation inverters (eg. TSOL MS600, MS800, MS2000) and an MQTT broker to integrate the inverter into typical home automations.'
|
|
LABEL org.opencontainers.image.licenses="BSD-3-Clause"
|
|
LABEL org.opencontainers.image.vendor="Stefan Allius"
|