Mercurial > libervia-backend
annotate docker/pubsub/Dockerfile @ 4212:5f2d496c633f
core: get rid of `pickle`:
Use of `pickle` to serialise data was a technical legacy that was causing trouble to store
in database, to update (if a class was serialised, a change could break update), and to
security (pickle can lead to code execution).
This patch remove all use of Pickle in favour in JSON, notably:
- for caching data, a Pydantic model is now used instead
- for SQLAlchemy model, the LegacyPickle is replaced by JSON serialisation
- in XEP-0373 a class `PublicKeyMetadata` was serialised. New method `from_dict` and
`to_dict` method have been implemented to do serialisation.
- new methods to (de)serialise data can now be specified with Identity data types. It is
notably used to (de)serialise `path` of avatars.
A migration script has been created to convert data (for upgrade or downgrade), with
special care for XEP-0373 case. Depending of size of database, this migration script can
be long to run.
rel 443
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Fri, 23 Feb 2024 13:31:04 +0100 |
| parents | 43cc8c27adc7 |
| children | 31c84a32c897 |
| rev | line source |
|---|---|
|
3641
0ffaa231138c
docker: Libervia revision can now be specified:
Goffi <goffi@goffi.org>
parents:
3613
diff
changeset
|
1 FROM debian:bullseye-slim |
| 3381 | 2 |
| 3 LABEL maintainer="Goffi <tmp_dockerfiles@goffi.org>" | |
| 4 | |
| 5 ARG DEBIAN_FRONTEND=noninteractive | |
| 6 | |
| 7 RUN apt-get update && apt-get upgrade -y && \ | |
|
3446
d2298ed6de7f
docker (pubsub): install latest version of `postgresql-client` with PostgreSQL own Debian repos.
Goffi <goffi@goffi.org>
parents:
3445
diff
changeset
|
8 apt-get install -y --no-install-recommends locales python3-dev python3-venv python3-wheel mercurial libpq-dev gcc gnupg && \ |
|
d2298ed6de7f
docker (pubsub): install latest version of `postgresql-client` with PostgreSQL own Debian repos.
Goffi <goffi@goffi.org>
parents:
3445
diff
changeset
|
9 # we install postgresql repository to have latest version |
|
d2298ed6de7f
docker (pubsub): install latest version of `postgresql-client` with PostgreSQL own Debian repos.
Goffi <goffi@goffi.org>
parents:
3445
diff
changeset
|
10 echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \ |
|
d2298ed6de7f
docker (pubsub): install latest version of `postgresql-client` with PostgreSQL own Debian repos.
Goffi <goffi@goffi.org>
parents:
3445
diff
changeset
|
11 python3 -c 'from urllib.request import urlopen; print(urlopen("https://www.postgresql.org/media/keys/ACCC4CF8.asc").read().decode())' | apt-key add - && \ |
|
d2298ed6de7f
docker (pubsub): install latest version of `postgresql-client` with PostgreSQL own Debian repos.
Goffi <goffi@goffi.org>
parents:
3445
diff
changeset
|
12 # now we can install the client |
|
d2298ed6de7f
docker (pubsub): install latest version of `postgresql-client` with PostgreSQL own Debian repos.
Goffi <goffi@goffi.org>
parents:
3445
diff
changeset
|
13 apt-get install -y --no-install-recommends postgresql-client && \ |
| 3381 | 14 # it's better to have a dedicated user |
|
3497
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
15 useradd -m libervia && \ |
|
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
16 mkdir /src && chown libervia:libervia /src && \ |
| 3381 | 17 # we need UTF-8 locale |
| 18 sed -i "s/# en_US.UTF-8/en_US.UTF-8/" /etc/locale.gen && locale-gen | |
| 19 | |
| 20 ENV LC_ALL en_US.UTF-8 | |
| 21 | |
|
3497
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
22 WORKDIR /home/libervia |
|
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
23 COPY entrypoint.sh /home/libervia |
|
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
24 RUN chown libervia:libervia /home/libervia/entrypoint.sh && chmod 0555 /home/libervia/entrypoint.sh |
| 3381 | 25 |
|
3497
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
26 USER libervia |
|
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
27 RUN python3 -m venv libervia_env && libervia_env/bin/pip install -U pip wheel && cd /src && \ |
| 3381 | 28 # we install thoses packages in editable mode, so we can replace them easily with volumes |
|
3497
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
29 hg clone https://repos.goffi.org/sat_tmp && ~/libervia_env/bin/pip install -e sat_tmp && \ |
|
3730
43cc8c27adc7
docker: don't move `.egg_info` files anymore:
Goffi <goffi@goffi.org>
parents:
3646
diff
changeset
|
30 hg clone https://repos.goffi.org/sat_pubsub && ~/libervia_env/bin/pip install -e sat_pubsub |
| 3381 | 31 |
|
3497
73e04040d577
docker: update following name changes:
Goffi <goffi@goffi.org>
parents:
3446
diff
changeset
|
32 ENTRYPOINT ["/home/libervia/entrypoint.sh"] |