-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
65 lines (49 loc) · 2.27 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
ARG PY_VERSION=3.12
FROM amazon/aws-lambda-python:$PY_VERSION as install-stage
# Declare it a second time so it's brought into this scope.
ARG PY_VERSION
# Install the Python packages necessary to install the Lambda dependencies.
RUN python3 -m pip install --no-cache-dir \
pip \
setuptools \
wheel \
# This version of pipenv is the minimum version to allow passing arguments
# to pip with the --extra-pip-args option.
&& python3 -m pip install --no-cache-dir "pipenv>=2022.9.8"
# Install git to allow pipenv to install dependencies from git repositories.
RUN dnf update -y && dnf install -y git
WORKDIR /tmp
# Copy in the dependency files.
COPY src/py$PY_VERSION/ .
# Install the Lambda dependencies.
#
# The --extra-pip-args option is used to pass necessary arguments to the
# underlying pip calls.
RUN pipenv sync --system --extra-pip-args="--no-cache-dir --target ${LAMBDA_TASK_ROOT}"
# Download the AWS CA certificate bundle so the Lambda function can securely
# communicate with AWS DocumentDB.
RUN curl https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem \
--output ${LAMBDA_TASK_ROOT}/global-bundle.pem
FROM amazon/aws-lambda-python:$PY_VERSION as build-stage
###
# For a list of pre-defined annotation keys and value types see:
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
###
# github@cisa.dhs.gov is a very generic email distribution, and it is
# unlikely that anyone on that distribution is familiar with the
# particulars of your repository. It is therefore *strongly*
# suggested that you use an email address here that is specific to the
# person or group that maintains this repository; for example:
# LABEL org.opencontainers.image.authors="vm-fusion-dev-group@trio.dhs.gov"
LABEL org.opencontainers.image.authors="github@cisa.dhs.gov"
LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security Agency"
# Declare it a third time so it's brought into this scope.
ARG PY_VERSION
# This must be present in the image to generate a deployment artifact.
ENV BUILD_PY_VERSION=$PY_VERSION
COPY --from=install-stage ${LAMBDA_TASK_ROOT} ${LAMBDA_TASK_ROOT}
WORKDIR ${LAMBDA_TASK_ROOT}
# Copy in the handler.
COPY src/lambda_handler.py .
# Ensure our handler is invoked when the image is used.
CMD ["lambda_handler.handler"]