Update to debian 12. Install dependencies via venv to avoi useless copy files in next stage and reduce image size. Better apt-get install and no upgrade. Removed wheel install because already specified in requirements.txt. Use groupadd and useradd instead of addgroup and adduser. Copy entire folder, useless files are ignored via dockerignore. Set PATH to venv. Added TZ specification.

Author: rizlas

Dockerfile

@@ -1,39 +1,33 @@
-FROM python:3.9-slim-bullseye AS PREBUILD
+FROM python:3.9-slim-bookworm AS builder
 
-# Install dependencies
-RUN apt-get update && apt-get -y upgrade && apt-get install -y git-core
-
-COPY requirements.txt /tmp/requirements.txt
-
-RUN pip3 install --upgrade pip && \
-    pip3 install wheel && \
-    pip3 install -r /tmp/requirements.txt && \
-    pip3 install --upgrade git+https://github.com/vmware/vsphere-automation-sdk-python.git
-
-
-FROM python:3.9-slim-bullseye
+COPY requirements.txt .
 
 # Install dependencies
-RUN apt-get update && apt-get -y upgrade
+RUN apt-get update && apt-get install -y --no-install-recommends git && \
+    rm -rf /var/lib/apt/lists/* && \
+    python3 -m venv /opt/netbox-sync/venv && \
+    /opt/netbox-sync/venv/bin/python3 -m pip install --upgrade pip && \
+    /opt/netbox-sync/venv/bin/pip install -r requirements.txt && \
+    /opt/netbox-sync/venv/bin/pip install --upgrade git+https://github.com/vmware/vsphere-automation-sdk-python.git
 
-# Run the application
-WORKDIR /app
+FROM python:3.9-slim-bookworm AS netbox-sync
 
-RUN set -eux; \
-  addgroup --gid 1000 netbox-sync; \
-  adduser --uid 1000 --ingroup netbox-sync --shell /bin/sh --home /home/netbox-sync --disabled-password \
-          --gecos "netbox-sync,0815,2342,9001" netbox-sync
+# Copy installed packages
+COPY --from=builder /opt/netbox-sync/venv /opt/netbox-sync/venv
 
-# Prepare the application
-COPY Dockerfile LICENSE.txt netbox-sync.py README.md requirements.txt settings-example.ini /app/
-COPY module /app/module
+# Add netbox-sync user
+RUN groupadd --gid 1000 netbox-sync && \
+    useradd --uid 1000 --gid netbox-sync --shell /bin/sh \ 
+    --no-create-home --system netbox-sync
 
-RUN chown -R netbox-sync:netbox-sync /app
+USER netbox-sync
 
-# disable upgrading setup tools due to bug in setuptools and automation sdk
-# once this is fixed, switch back to: pip3 install --upgrade pip setuptools
-COPY --from=PREBUILD /usr/local /usr/local
+# Prepare the application
+WORKDIR /app
+COPY --chown=netbox-sync:netbox-sync . .
 
-USER netbox-sync
+# Use virtual env packages and allow timezone setup
+ENV PATH=/opt/netbox-sync/venv/bin:$PATH
+ENV TZ=Europe/Berlin
 
 ENTRYPOINT ["python3", "netbox-sync.py"]