mirror of
https://github.com/elastic/eland.git
synced 2025-07-11 00:02:14 +08:00
5dabe9c099
The config/certs directory of Elasticsearch is not readable by other users and groups. This work in the public image, which uses the root user, but the Wolfi image does not. Using the same user id fixes the problem.
47 lines
1.5 KiB
Docker
47 lines
1.5 KiB
Docker
# syntax=docker/dockerfile:1
|
|
FROM docker.elastic.co/wolfi/python:3.10-dev AS builder
|
|
|
|
WORKDIR /eland
|
|
ENV VIRTUAL_ENV=/eland/venv
|
|
RUN python3 -m venv $VIRTUAL_ENV
|
|
ENV PATH="$VIRTUAL_ENV/bin:$PATH"
|
|
|
|
ADD . /eland
|
|
|
|
ARG TARGETPLATFORM
|
|
RUN --mount=type=cache,target=/root/.cache/pip \
|
|
if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \
|
|
python3 -m pip install \
|
|
--no-cache-dir --disable-pip-version-check --extra-index-url https://download.pytorch.org/whl/cpu \
|
|
torch==2.3.1+cpu .[all]; \
|
|
else \
|
|
python3 -m pip install \
|
|
--no-cache-dir --disable-pip-version-check \
|
|
.[all]; \
|
|
fi
|
|
|
|
FROM docker.elastic.co/wolfi/python:3.10
|
|
|
|
WORKDIR /eland
|
|
ENV VIRTUAL_ENV=/eland/venv
|
|
ENV PATH="$VIRTUAL_ENV/bin:$PATH"
|
|
|
|
# Use the same `USER` instruction as Elasticsearch to make sure Eland can read
|
|
# a volume with Elasticsearch data in it. This is useful for --ca-cert.
|
|
USER 1000:0
|
|
|
|
COPY --from=builder /eland /eland
|
|
|
|
# The eland_import_hub_model script is intended to be executed by a shell,
|
|
# which will see its shebang line and then execute it with the Python
|
|
# interpreter of the virtual environment. We want to keep this behavior even
|
|
# with Wolfi so that users can use the image as before. To do that, we use two
|
|
# tricks:
|
|
#
|
|
# * copy /bin/sh (that is, busybox's ash) from the builder image
|
|
# * revert to Docker's the default entrypoint, which is the only way to pass
|
|
# parameters to `eland_import_hub_model` without needing quotes.
|
|
#
|
|
COPY --from=builder /bin/sh /bin/sh
|
|
ENTRYPOINT []
|