From 229bb502fa91ae7bf5958a4f58285a0bf491de9d Mon Sep 17 00:00:00 2001 From: verovaleros Date: Thu, 24 Oct 2024 20:16:32 +0000 Subject: [PATCH 1/7] File no longer needed --- environment.yml | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 environment.yml diff --git a/environment.yml b/environment.yml deleted file mode 100644 index 94e800d..0000000 --- a/environment.yml +++ /dev/null @@ -1,7 +0,0 @@ -name: aip - -dependencies: - - python=3.11 - - pip - - pip: - - -r requirements.txt From 517ae72b4efe19cb307699dbd4a1b2379bdd2e04 Mon Sep 17 00:00:00 2001 From: verovaleros Date: Thu, 24 Oct 2024 20:16:57 +0000 Subject: [PATCH 2/7] File not updated and not needed --- version.py | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 version.py diff --git a/version.py b/version.py deleted file mode 100644 index b8b4d21..0000000 --- a/version.py +++ /dev/null @@ -1,10 +0,0 @@ -""" -GNU GENERAL PUBLIC LICENSE -Version 3, 29 June 2007 -Copyright (C) 2007 Free Software Foundation, Inc. -Everyone is permitted to copy and distribute verbatim copies -of this license document, but changing it is not allowed. -""" -#! /usr/local/bin/python3 - -__version__ = "2.1.0" From 505f44f7f3e15fd3ddad321d91be7e988c3ae8fc Mon Sep 17 00:00:00 2001 From: verovaleros Date: Thu, 24 Oct 2024 20:19:09 +0000 Subject: [PATCH 3/7] Add dockerignore --- .dockerignore | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..20b2a98 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,33 @@ +venv/ +env/ +*.pyc +*.pyo +*.pyd +__pycache__/ +*.so +*.egg +*.egg-info/ +.eggs/ +.git/ +.gitignore +.DS_Store +Thumbs.db +*.log +*.swp +*.tmp +build/ +dist/ +*.egg-info/ +*.tar.gz +*.zip +node_modules/ +.idea/ +.vscode/ +*.sublime-project +*.sublime-workspace +.dockerignore +Dockerfile +Dockerfile_MacM1 +images/ +.github +data/ From f8254164673ec2fde47f00e727a30a911a08e878 Mon Sep 17 00:00:00 2001 From: verovaleros Date: Thu, 24 Oct 2024 20:19:56 +0000 Subject: [PATCH 4/7] Remove unused production requirements --- requirements.txt | 4 ---- 1 file changed, 4 deletions(-) diff --git a/requirements.txt b/requirements.txt index 05ff93d..8e269bd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,10 +1,6 @@ netaddr==0.8.0 -maxminddb==2.2.0 zeeklog2pandas -ipython scikit-learn -pathlib joblib python-dotenv -matplotlib pandas From fc14471bff76855d8447f3080582ef4ebb297a39 Mon Sep 17 00:00:00 2001 From: verovaleros Date: Thu, 24 Oct 2024 20:20:51 +0000 Subject: [PATCH 5/7] Update to use venv --- etc/docker/entrypoint.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/etc/docker/entrypoint.sh b/etc/docker/entrypoint.sh index 3e4a4b5..409a6b5 100644 --- a/etc/docker/entrypoint.sh +++ b/etc/docker/entrypoint.sh @@ -6,11 +6,10 @@ set -e # Force the command prompt to display colors export force_color_prompt=yes -# Initialize Conda in the current shell session -source $HOME/miniconda3/etc/profile.d/conda.sh +# Activate the virtual environment +source "$HOME/AIP/venv/bin/activate" -# Activate the conda environment already created in the docker -conda activate aip # Execute any command passed to the container when run -exec "$@" +PYTHONPATH="$HOME/AIP/lib:$PYTHONPATH" python "$@" + From 4c8d77da5ffce81d3081c5583c1b62630198d697 Mon Sep 17 00:00:00 2001 From: verovaleros Date: Thu, 24 Oct 2024 20:31:19 +0000 Subject: [PATCH 6/7] New multi-stage slim dockerfile --- etc/docker/Dockerfile | 75 ++++++++++++++++++++++++------------------- 1 file changed, 42 insertions(+), 33 deletions(-) diff --git a/etc/docker/Dockerfile b/etc/docker/Dockerfile index 8688c1c..1571d59 100644 --- a/etc/docker/Dockerfile +++ b/etc/docker/Dockerfile @@ -1,59 +1,68 @@ -FROM python:3.12-slim -LABEL org.opencontainers.image.title="AIP" \ - org.opencontainers.image.description="This image runs the AIP framework for blocklist generation." \ - org.opencontainers.image.version="0.1.0" \ - org.opencontainers.image.created="2023-08-01" \ - org.opencontainers.image.source="https://github.com/stratosphereips/AIP" \ - org.opencontainers.image.source="Joaquin Bogado " \ - org.opencontainers.image.authors="Veronica Valeros " - +FROM python:3.12-slim AS builder -# Define arguments for username, UID, and GID +# Create a non-root user ARG username=aip ARG uid=1000 ARG gid=1000 -# Set environment variables based on these arguments ENV USER=$username ENV UID=$uid ENV GID=$gid ENV HOME=/home/$USER -# Create a group and user based on the UID and GID +RUN apt-get update && \ + apt-get install -y python3-venv && \ + rm -rf /var/lib/apt/lists/* + RUN groupadd -g $GID $USER && \ useradd -m -u $UID -g $GID -s /bin/bash $USER -COPY etc/docker/entrypoint.sh /usr/local/bin/ -RUN chmod u+x /usr/local/bin/entrypoint.sh - # Switch to the non-root user USER $USER -ENV PATH="$HOME/miniconda3/bin:$PATH" -ENV ENV_PREFIX=$HOME/env +WORKDIR $HOME/AIP + +COPY requirements.txt . -# Conda installation and setup -RUN python -c "import urllib.request; urllib.request.urlretrieve('https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh', '$HOME/miniconda.sh')" && \ - bash ~/miniconda.sh -b -p $HOME/miniconda3 && \ - rm ~/miniconda.sh +RUN python -m venv venv && \ + ./venv/bin/pip install --no-cache-dir -r requirements.txt -RUN conda init bash +# Remove unnecessary files +RUN find venv/ -type d -name '__pycache__' -exec rm -rf {} + +RUN find venv/ -type d -name 'tests' -exec rm -rf {} + && \ + find venv/ -type d -name '*.dist-info' -exec rm -rf {} + -# Set the working directory -WORKDIR $HOME/AIP +# Stage 2: Final stage +FROM python:3.12-slim + +# Create a non-root user +ARG username=aip +ARG uid=1000 +ARG gid=1000 -COPY environment.yml requirements.txt $HOME/AIP/ +ENV USER=$username +ENV UID=$uid +ENV GID=$gid +ENV HOME=/home/$USER + +RUN groupadd -g $GID $USER && \ + useradd -m -u $UID -g $GID -s /bin/bash $USER -RUN conda update --name base conda -RUN conda env create --file environment.yml && \ - conda clean --all --yes +# Copy the entrypoint script +COPY etc/docker/entrypoint.sh /usr/local/bin/ +RUN chmod u+x /usr/local/bin/entrypoint.sh + +# Switch to the non-root user +USER $USER + +WORKDIR $HOME/AIP -# Copy application -COPY . . +# Copy venv from the builder stage +COPY --from=builder $HOME/AIP/venv $HOME/AIP/venv -# Dynamically link aip to the correct site-packages folder -RUN ln -s $HOME/AIP/lib/aip $(conda run -n aip python -c "import site; print(site.getsitepackages()[0])")/aip +# Copy aip files +COPY --chown=$USER:$USER . . -RUN echo 'conda activate aip' >> $HOME/.bashrc +ENV PATH="$HOME/AIP/venv/bin:$PATH" ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ] From ea5e96bcc276512d68b49b8d83d8fcf9d09baae4 Mon Sep 17 00:00:00 2001 From: verovaleros Date: Sat, 26 Oct 2024 08:48:41 +0000 Subject: [PATCH 7/7] Not needed anymore --- etc/docker/Dockerfile_MacM1 | 59 ------------------------------------- 1 file changed, 59 deletions(-) delete mode 100644 etc/docker/Dockerfile_MacM1 diff --git a/etc/docker/Dockerfile_MacM1 b/etc/docker/Dockerfile_MacM1 deleted file mode 100644 index 8735353..0000000 --- a/etc/docker/Dockerfile_MacM1 +++ /dev/null @@ -1,59 +0,0 @@ -FROM python:3.12-slim -LABEL org.opencontainers.image.title="AIP" \ - org.opencontainers.image.description="This image runs the AIP framework for blocklist generation." \ - org.opencontainers.image.version="0.1.0" \ - org.opencontainers.image.created="2023-08-01" \ - org.opencontainers.image.source="https://github.com/stratosphereips/AIP" \ - org.opencontainers.image.source="Joaquin Bogado " \ - org.opencontainers.image.authors="Veronica Valeros " - - -# Define arguments for username, UID, and GID -ARG username=aip -ARG uid=1000 -ARG gid=1000 - -# Set environment variables based on these arguments -ENV USER=$username -ENV UID=$uid -ENV GID=$gid -ENV HOME=/home/$USER - -# Create a group and user based on the UID and GID -RUN groupadd -g $GID $USER && \ - useradd -m -u $UID -g $GID -s /bin/bash $USER - -COPY etc/docker/entrypoint.sh /usr/local/bin/ -RUN chmod u+x /usr/local/bin/entrypoint.sh - -# Switch to the non-root user -USER $USER -ENV PATH="$HOME/miniconda3/bin:$PATH" -ENV ENV_PREFIX=$HOME/env - - -# Conda installation and setup -RUN python -c "import urllib.request; urllib.request.urlretrieve('https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-aarch64.sh', '$HOME/miniconda.sh')" && \ - bash ~/miniconda.sh -b -p $HOME/miniconda3 && \ - rm ~/miniconda.sh - -RUN conda init bash - -# Set the working directory -WORKDIR $HOME/AIP - -COPY environment.yml requirements.txt $HOME/AIP/ - -RUN conda update --name base conda -RUN conda env create --file environment.yml && \ - conda clean --all --yes - -# Copy application -COPY . . - -# Dynamically link aip to the correct site-packages folder -RUN ln -s $HOME/AIP/lib/aip $(conda run -n aip python -c "import site; print(site.getsitepackages()[0])")/aip - -RUN echo 'conda activate aip' >> $HOME/.bashrc - -ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]