FROM alpine:3.21 AS alpine-upgrader RUN apk upgrade --no-cache FROM scratch AS alpine-upgraded COPY --from=alpine-upgrader / / CMD ["/bin/sh"] FROM alpine-upgraded AS pkg-builder RUN apk -U add \ sudo \ alpine-sdk \ apkbuild-pypi RUN mkdir -p /var/cache/distfiles && \ adduser -D packager && \ addgroup packager abuild && \ chgrp abuild /var/cache/distfiles && \ chmod g+w /var/cache/distfiles && \ echo "packager ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers WORKDIR /work USER packager RUN abuild-keygen -a -i -n COPY --chown=packager:packager packages/ ./ RUN cd py3-weasyprint && \ abuild -r FROM alpine-upgraded RUN addgroup --system weasyprint \ && adduser --system --ingroup weasyprint weasyprint RUN --mount=from=pkg-builder,source=/home/packager/packages/work,target=/packages \ --mount=from=pkg-builder,source=/etc/apk/keys,target=/etc/apk/keys \ apk add --no-cache --repository /packages \ font-liberation \ font-liberation-sans-narrow \ ttf-linux-libertine \ python3 \ py3-aiohttp \ py3-weasyprint ENV PYTHONUNBUFFERED 1 WORKDIR /app USER weasyprint EXPOSE 8080 COPY server.py . CMD ["python3", "server.py"]