# 使用ARG定义可配置的构建参数 | Using ARG to define configurable build parameters ARG PYTHON_VERSION=3.10 ARG PIP_INDEX_URL=https://pypi.tuna.tsinghua.edu.cn/simple ARG PLAYWRIGHT_DOWNLOAD_HOST=https://npmmirror.com/mirrors/playwright # 第一阶段:构建依赖 | Stage 1: Build dependencies FROM python:${PYTHON_VERSION}-slim AS builder # 设置工作目录 | Set working directory WORKDIR /build # 设置pip镜像源以加速下载 | Set pip mirror to accelerate downloads ARG PIP_INDEX_URL RUN pip config set global.index-url ${PIP_INDEX_URL} # 安装构建依赖 | Install build dependencies RUN apt-get update && apt-get install -y --no-install-recommends \ build-essential \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* # 复制并安装requirements.txt | Copy and install requirements.txt COPY requirements.txt . RUN pip install --no-cache-dir --prefix=/install -r requirements.txt # 第二阶段:运行时环境 | Stage 2: Runtime environment FROM python:${PYTHON_VERSION}-slim # 添加构建信息标签 | Add build information labels ARG BUILD_DATE ARG VERSION LABEL org.opencontainers.image.created="${BUILD_DATE}" \ org.opencontainers.image.version="${VERSION}" \ org.opencontainers.image.title="OWL Project" \ org.opencontainers.image.description="OWL Project Docker Image" \ org.opencontainers.image.source="https://github.com/yourusername/owl" # 设置工作目录 | Set working directory WORKDIR /app # 设置pip镜像源以加速下载 | Set pip mirror to accelerate downloads ARG PIP_INDEX_URL RUN pip config set global.index-url ${PIP_INDEX_URL} # 从builder阶段复制已安装的Python包 | Copy installed Python packages from builder stage COPY --from=builder /install /usr/local # 优化apt安装,减少层数 | Optimize apt installation, reduce layers RUN apt-get update && apt-get install -y --no-install-recommends \ curl \ git \ ffmpeg \ libsm6 \ libxext6 \ # 添加xvfb和相关依赖 | Add xvfb and related dependencies xvfb \ xauth \ x11-utils \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* # 安装 Playwright 依赖(使用国内镜像源) | Install Playwright dependencies (using Chinese mirror) ENV PLAYWRIGHT_BROWSERS_PATH=/root/.cache/ms-playwright ARG PLAYWRIGHT_DOWNLOAD_HOST ENV PLAYWRIGHT_DOWNLOAD_HOST=${PLAYWRIGHT_DOWNLOAD_HOST} RUN pip install --no-cache-dir playwright && \ playwright install --with-deps chromium # 创建非root用户 | Create non-root user RUN groupadd -r owl && useradd -r -g owl -m owl # 复制项目文件 | Copy project files COPY owl/ ./owl/ COPY licenses/ ./licenses/ COPY assets/ ./assets/ COPY README.md . COPY README_zh.md . # 设置环境变量文件 | Set environment variables file COPY owl/.env_template ./owl/.env # 创建启动脚本 | Create startup script RUN echo '#!/bin/bash\nxvfb-run --auto-servernum --server-args="-screen 0 1280x960x24" python "$@"' > /usr/local/bin/xvfb-python && \ chmod +x /usr/local/bin/xvfb-python # 创建欢迎脚本 | Create welcome script RUN echo '#!/bin/bash\necho "欢迎使用OWL项目Docker环境!"\necho "Welcome to OWL Project Docker environment!"\necho ""\necho "可用的脚本 | Available scripts:"\nls -1 *.py | grep -v "__" | sed "s/^/- /"\necho ""\necho "运行示例 | Run examples:"\necho " xvfb-python run.py # 运行默认脚本 | Run default script"\necho " xvfb-python run_deepseek_example.py # 运行DeepSeek示例 | Run DeepSeek example"\necho ""\necho "或者使用自定义查询 | Or use custom query:"\necho " xvfb-python run.py \"你的问题 | Your question\""\necho ""' > /usr/local/bin/owl-welcome && \ chmod +x /usr/local/bin/owl-welcome # 设置工作目录 | Set working directory WORKDIR /app/owl # 设置适当的权限 | Set appropriate permissions RUN chown -R owl:owl /app RUN mkdir -p /root/.cache && chown -R owl:owl /root/.cache # 切换到非root用户 | Switch to non-root user # 注意:如果需要访问/dev/shm,可能仍需要root用户 | Note: If you need to access /dev/shm, you may still need root user # USER owl # 添加健康检查 | Add health check HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ CMD python -c "import sys; sys.exit(0 if __import__('os').path.exists('/app/owl') else 1)" # 容器启动命令 | Container startup command CMD ["/bin/bash", "-c", "owl-welcome && /bin/bash"]