diff --git a/deployment/docker/runner/Dockerfile b/deployment/docker/runner/Dockerfile index 8d617be2..8023f9aa 100644 --- a/deployment/docker/runner/Dockerfile +++ b/deployment/docker/runner/Dockerfile @@ -36,7 +36,8 @@ RUN apk add --no-cache -U \ chown -R semaphore:0 /tmp/semaphore && \ chown -R semaphore:0 /etc/semaphore && \ chown -R semaphore:0 /var/lib/semaphore && \ - chown -R semaphore:0 /opt/semaphore + chown -R semaphore:0 /opt/semaphore && \ + find /usr/lib/python* -iname __pycache__ | xargs rm -rf COPY --chown=1001:0 ./deployment/docker/runner/ansible.cfg /tmp/semaphore/ansible.cfg COPY --from=builder /go/src/semaphore/deployment/docker/runner/runner-wrapper /usr/local/bin/ @@ -53,11 +54,11 @@ USER 1001 # renovate: datasource=pypi depName=ansible ENV ANSIBLE_VERSION 9.4.0 -RUN mkdir /opt/semaphore/venv - -RUN python3 -m venv /opt/semaphore/venv --system-site-packages && \ +RUN mkdir /opt/semaphore/venv && \ + python3 -m venv /opt/semaphore/venv --system-site-packages && \ source /opt/semaphore/venv/bin/activate && \ - pip3 install --upgrade pip ansible==${ANSIBLE_VERSION} boto3 botocore requests + pip3 install --upgrade pip ansible==${ANSIBLE_VERSION} boto3 botocore requests && \ + find /opt/semaphore/venv -iname __pycache__ | xargs rm -rf # Preventing ansible zombie processes. Tini kills zombies. ENTRYPOINT ["/sbin/tini", "--"] diff --git a/deployment/docker/runner/runner-wrapper b/deployment/docker/runner/runner-wrapper index fa9587a5..45c16e3b 100644 --- a/deployment/docker/runner/runner-wrapper +++ b/deployment/docker/runner/runner-wrapper @@ -18,7 +18,7 @@ fi if test -f "${SEMAPHORE_CONFIG_PATH}/requirements.txt"; then echoerr "Installing additional python dependencies" - pip3 install --upgrade --user \ + pip3 install --upgrade \ -r "${SEMAPHORE_CONFIG_PATH}/requirements.txt" else echoerr "No additional python dependencies to install" diff --git a/deployment/docker/server/Dockerfile b/deployment/docker/server/Dockerfile index ed535b34..e7a2bac3 100644 --- a/deployment/docker/server/Dockerfile +++ b/deployment/docker/server/Dockerfile @@ -36,7 +36,8 @@ bash curl git gnupg mysql-client openssh-client-default python3 python3-dev py3- chown -R semaphore:0 /tmp/semaphore && \ chown -R semaphore:0 /etc/semaphore && \ chown -R semaphore:0 /var/lib/semaphore && \ - chown -R semaphore:0 /opt/semaphore + chown -R semaphore:0 /opt/semaphore && \ + find /usr/lib/python* -iname __pycache__ | xargs rm -rf COPY --chown=1001:0 ./deployment/docker/server/ansible.cfg /tmp/semaphore/ansible.cfg COPY --from=builder /go/src/semaphore/deployment/docker/server/server-wrapper /usr/local/bin/ @@ -53,11 +54,11 @@ USER 1001 # renovate: datasource=pypi depName=ansible ENV ANSIBLE_VERSION 9.4.0 -RUN mkdir /opt/semaphore/venv - -RUN python3 -m venv /opt/semaphore/venv --system-site-packages && \ +RUN mkdir /opt/semaphore/venv && \ + python3 -m venv /opt/semaphore/venv --system-site-packages && \ source /opt/semaphore/venv/bin/activate && \ - pip3 install --upgrade pip ansible==${ANSIBLE_VERSION} boto3 botocore requests + pip3 install --upgrade pip ansible==${ANSIBLE_VERSION} boto3 botocore requests && \ + find /opt/semaphore/venv -iname __pycache__ | xargs rm -rf # Preventing ansible zombie processes. Tini kills zombies. ENTRYPOINT ["/sbin/tini", "--"] diff --git a/deployment/docker/server/server-wrapper b/deployment/docker/server/server-wrapper index e4f33ca2..65521d2a 100755 --- a/deployment/docker/server/server-wrapper +++ b/deployment/docker/server/server-wrapper @@ -190,7 +190,7 @@ fi if test -f "${SEMAPHORE_CONFIG_PATH}/requirements.txt"; then echoerr "Installing additional python dependencies" - pip3 install --upgrade --user \ + pip3 install --upgrade \ -r "${SEMAPHORE_CONFIG_PATH}/requirements.txt" else echoerr "No additional python dependencies to install"