Re: [PR] Distroless python sdk [beam]

Mon, 28 Oct 2024 17:52:33 -0700 


damondouglas commented on code in PR #32960:
URL: https://github.com/apache/beam/pull/32960#discussion_r1819935757


##########
sdks/python/test-suites/dataflow/common.gradle:
##########
@@ -380,6 +380,50 @@ task validatesContainer() {
   }
 }
 
+task validatesDistrolessContainer() {
+  def pyversion = "${project.ext.pythonVersion.replace('.', '')}"
+  dependsOn 'initializeForDataflowJob'
+  def pyProject = project(":sdks:python:container:py${pyversion}")
+  pyProject.ext['container-build-target'] = 'distroless'
+  rootProject.ext['docker-repository-root'] = 
"us.gcr.io/apache-beam-testing/${System.getenv('USER')}"
+  rootProject.ext['docker-tag'] = System.currentTimeMillis()
+  rootProject.ext['push-containers'] = true
+  dependsOn ":sdks:python:container:py${pyversion}:docker"
+
+  // TODO(damondouglas): the following is duplicate from 
container/common.gradle; attempts to single source via ext failed

Review Comment:
   Create Beam issue and reference in TODO



##########
sdks/python/container/Dockerfile:
##########
@@ -103,9 +103,24 @@ RUN if [ "$pull_licenses" = "true" ] ; then \
       python /tmp/license_scripts/pull_licenses_py.py ; \
     fi
 
-FROM beam
+FROM beam as base
 ARG pull_licenses
 COPY --from=third_party_licenses /opt/apache/beam/third_party_licenses 
/opt/apache/beam/third_party_licenses
 RUN if [ "$pull_licenses" != "true" ] ; then \
       rm -rf /opt/apache/beam/third_party_licenses ; \
     fi
+
+ARG TARGETARCH
+FROM gcr.io/distroless/python3-debian12:latest-${TARGETARCH} as distroless
+ARG py_version
+COPY --from=base /usr/local/include /usr/local/include
+COPY --from=base /usr/local/bin /usr/local/bin
+COPY --from=base /usr/local/lib /usr/local/lib

Review Comment:
   Add comments as to why these directories are needed.



##########
sdks/python/test-suites/dataflow/build.gradle:
##########
@@ -60,6 +60,12 @@ task validatesContainerTests {
   }
 }
 
+task validateDistrolessContainerTests {
+  getVersionsAsList('distroless_python_versions').each {
+    
dependsOn.add(":sdks:python:test-suites:dataflow:py${getVersionSuffix(it)}:validatesDistrolessContainer")
+  }
+}
+

Review Comment:
   Run this gradle task and submit results in PR description



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to