From 6cb6c47047d494b713cfb96928a2f9a5e3fb909e Mon Sep 17 00:00:00 2001
From: Md Anindya Prodhan <mdanindya@google.com>
Date: Thu, 10 Oct 2024 07:21:05 +0000
Subject: [PATCH] Multi stage docker build for alpine image to limit the size
 increase due to manual python 3.11 install

---
 alpine/Dockerfile | 37 +++++++++++++++++++++++++------------
 1 file changed, 25 insertions(+), 12 deletions(-)

diff --git a/alpine/Dockerfile b/alpine/Dockerfile
index cfd6e37f..a3540ac5 100644
--- a/alpine/Dockerfile
+++ b/alpine/Dockerfile
@@ -1,14 +1,6 @@
 FROM docker:27.3.1 as static-docker-source
 
-FROM alpine:3.20
-ARG CLOUD_SDK_VERSION
-ENV CLOUD_SDK_VERSION=$CLOUD_SDK_VERSION
-ENV PATH /google-cloud-sdk/bin:$PATH
-COPY --from=static-docker-source /usr/local/bin/docker /usr/local/bin/docker
-COPY --from=static-docker-source /usr/local/libexec/docker/cli-plugins/docker-buildx /usr/local/libexec/docker/cli-plugins/docker-buildx
-RUN addgroup -g 1000 -S cloudsdk && \
-    adduser -u 1000 -S cloudsdk -G cloudsdk
-RUN if [ `uname -m` = 'x86_64' ]; then echo -n "x86_64" > /tmp/arch; else echo -n "arm" > /tmp/arch; fi;
+FROM alpine:3.20 as build_image
 # install python 3.11
 RUN apk --no-cache upgrade && apk --no-cache add \
         curl \
@@ -20,6 +12,7 @@ RUN apk --no-cache upgrade && apk --no-cache add \
         sqlite-dev \ 
         readline-dev \
 	libffi-dev \
+    &&  rm -rf /var/cache/apk/* \	
     && curl -O https://www.python.org/ftp/python/3.11.9/Python-3.11.9.tgz \
     && tar -xzf Python-3.11.9.tgz \
     && cd Python-3.11.9 \
@@ -36,13 +29,30 @@ RUN python3 --version && \
     python3 -m pip install crcmod && \
     # apk add --no-cache musl-dev rust cargo && \
     python3 -m pip install pyOpenSSL && \
-    python3 -m pip install cryptography
+    python3 -m pip install cryptography && \
+    rm -rf /root/.cache/pip && \
+    find / -name '*.pyc' -delete && \
+    find / -name '*__pycache__*' -exec rm -r {} \+
+
+FROM alpine:3.20 
+ARG CLOUD_SDK_VERSION
+ENV CLOUD_SDK_VERSION=$CLOUD_SDK_VERSION
+ENV PATH /google-cloud-sdk/bin:$PATH
+COPY --from=static-docker-source /usr/local/bin/docker /usr/local/bin/docker
+COPY --from=static-docker-source /usr/local/libexec/docker/cli-plugins/docker-buildx /usr/local/libexec/docker/cli-plugins/docker-buildx
+COPY --from=build_image /usr/local/lib/python3.11 /usr/local/lib/python3.11
+COPY --from=build_image /usr/bin/python3 /usr/bin/python3
+RUN addgroup -g 1000 -S cloudsdk && \
+    adduser -u 1000 -S cloudsdk -G cloudsdk
+RUN if [ `uname -m` = 'x86_64' ]; then echo -n "x86_64" > /tmp/arch; else echo -n "arm" > /tmp/arch; fi;
 RUN export CLOUDSDK_PYTHON=/usr/local/bin/python3.11
 RUN ARCH=`cat /tmp/arch` && apk --no-cache upgrade && apk --no-cache add \
-        bash \
+        curl \
+	bash \
         libc6-compat \
         openssh-client \
         git \
+	gnupg \
     && curl -O https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-${CLOUD_SDK_VERSION}-linux-${ARCH}.tar.gz && \
     tar xzf google-cloud-cli-${CLOUD_SDK_VERSION}-linux-${ARCH}.tar.gz && \
     rm google-cloud-cli-${CLOUD_SDK_VERSION}-linux-${ARCH}.tar.gz && \
@@ -50,8 +60,11 @@ RUN ARCH=`cat /tmp/arch` && apk --no-cache upgrade && apk --no-cache add \
     gcloud config set component_manager/disable_update_check true && \
     gcloud config set metrics/environment docker_image_alpine && \
     gcloud --version && \
-    python3 --version 
+    rm -rf /root/.cache/pip && \
+    find / -name '*.pyc' -delete && \
+    find / -name '*__pycache__*' -exec rm -r {} \+ 
     #python3.12 --version 	
+    
 RUN git config --system credential.'https://source.developers.google.com'.helper gcloud.sh
 VOLUME ["/root/.config"]