mirror of
https://github.com/Unstructured-IO/unstructured.git
synced 2025-07-22 08:27:03 +00:00

### Summary Updates the `Dockerfile` to use the Chainguard `wolfi-base` image to reduce CVEs. Also adds a step in the docker publish job that scans the images and checks for CVEs before publishing. The job will fail if there are high or critical vulnerabilities. ### Testing Run `make docker-run-dev` and then `python3.11` once you're in. And that point, you can try: ```python from unstructured.partition.auto import partition elements = partition(filename="example-docs/DA-1p.pdf", skip_infer_table_types=["pdf"]) elements ``` Stop the container once you're done.
22 lines
672 B
Bash
Executable File
22 lines
672 B
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
set -euo pipefail
|
|
DOCKER_REPOSITORY="${DOCKER_REPOSITORY:-quay.io/unstructured-io/unstructured}"
|
|
PIP_VERSION="${PIP_VERSION:-23.1.2}"
|
|
DOCKER_IMAGE="${DOCKER_IMAGE:-unstructured:dev}"
|
|
|
|
DOCKER_BUILD_CMD=(docker buildx build --load -f Dockerfile
|
|
--build-arg PIP_VERSION="$PIP_VERSION"
|
|
--build-arg BUILDKIT_INLINE_CACHE=1
|
|
--progress plain
|
|
--platform linux/amd64
|
|
--cache-from "$DOCKER_REPOSITORY":latest
|
|
-t "$DOCKER_IMAGE" .)
|
|
|
|
# only build for specific platform if DOCKER_BUILD_PLATFORM is set
|
|
if [ -n "${DOCKER_BUILD_PLATFORM:-}" ]; then
|
|
DOCKER_BUILD_CMD+=("--platform=$DOCKER_BUILD_PLATFORM")
|
|
fi
|
|
|
|
DOCKER_BUILDKIT=1 "${DOCKER_BUILD_CMD[@]}"
|