build: add alpine-based dockerfile

[outlook84]

Modifications / 改动点

Add alpine-based dockerfile, decrease container size to less than 800MB from 1.8G.

Default timezone is Asia/Shanghai, it can be changed via setting TZ ENV，for example: TZ=Asia/Singapore.

• This is NOT a breaking change. / 这不是一个破坏性变更。

Screenshots or Test Results / 运行截图或测试结果

---

Checklist / 检查清单

• 😊 如果 PR 中有新加入的功能，已经通过 Issue / 邮件等方式和作者讨论过。/ If there are new features added in the PR, I have discussed it with the authors through issues/emails, etc.
• 👀 我的更改经过了良好的测试，并已在上方提供了“验证步骤”和“运行截图”。/ My changes have been well-tested, and "Verification Steps" and "Screenshots" have been provided above.
• 🤓 我确保没有引入新依赖库，或者引入了新依赖库的同时将其添加到了 requirements.txt 和 pyproject.toml 文件相应位置。/ I have ensured that no new dependencies are introduced, OR if new dependencies are introduced, they have been added to the appropriate locations in requirements.txt and pyproject.toml.
• 😮 我的更改没有引入恶意代码。/ My changes do not introduce malicious code.

Summary by Sourcery

Build:

• 引入基于 Alpine 的 Dockerfile，以显著减小容器镜像大小，并通过 TZ 环境变量设置可配置的默认时区。

Original summary in English

Summary by Sourcery

Build:

• Introduce an Alpine-based Dockerfile to significantly reduce container image size and set a configurable default timezone via the TZ environment variable.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new Dockerfile based on Alpine Linux, aiming to drastically reduce the final container image size. By implementing a multi-stage build process, it separates build-time dependencies from runtime requirements, resulting in a more efficient and smaller deployment artifact. The change also sets a default timezone for the container, which can be customized.

Highlights

• New Alpine-based Dockerfile: Introduced a new Dockerfile.alpine to provide a lightweight container image for the application, leveraging Alpine Linux for a minimal footprint.
• Container Size Reduction: Significantly reduced the Docker image size from approximately 1.8GB to less than 800MB by implementing a multi-stage build process with Alpine Linux.
• Timezone Configuration: Configured the default timezone within the container to 'Asia/Shanghai', with the flexibility for users to override it via the TZ environment variable.

Changelog

• Dockerfile.alpine
  • Added a new Dockerfile for building an Alpine-based image.
  • Implemented a multi-stage build process for efficient dependency management.
  • Included installation of build-time and runtime dependencies using apk.
  • Utilized uv for Python dependency management and installation.
  • Set the default timezone to Asia/Shanghai.
  • Exposed port 6185 and defined the application entry point.

Activity

• The pull request author provided a detailed description including motivation, changes, and verification steps with screenshots.
• The author confirmed that this is not a breaking change and that new features were discussed.
• The author ensured that changes were well-tested and no new malicious code or unmanaged dependencies were introduced.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[sourcery-ai]

Hey - 我在这里给出了一些高层次的反馈：

• 建议将镜像中的默认时区切换为 UTC，并让使用者通过环境变量 TZ 来覆盖，这样可以避免对于非 Asia/Shanghai 区域用户的意外行为。
• 如果已经存在一个非 Alpine 的 Dockerfile，你可能希望把通用的构建步骤重构为共享的 ARG 或基础构建阶段，这样在两个 Dockerfile 之间就不需要重复配置和依赖变更。

给 AI Agent 的提示

请根据本次代码评审中的评论进行修改：

## 总体评论
- 建议将镜像中的默认时区切换为 UTC，并让使用者通过环境变量 TZ 来覆盖，这样可以避免对于非 Asia/Shanghai 区域用户的意外行为。
- 如果已经存在一个非 Alpine 的 Dockerfile，你可能希望把通用的构建步骤重构为共享的 ARG 或基础构建阶段，这样在两个 Dockerfile 之间就不需要重复配置和依赖变更。

---

Sourcery 对开源项目是免费的——如果你觉得我们的评审有帮助，欢迎分享 ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{帮我变得更有用！请在每条评论上点 👍 或 👎，我会利用这些反馈来改进对你代码的评审。}

Original comment in English

Hey - I've left some high level feedback:

• Consider switching the default timezone in the image to UTC and letting consumers override it via TZ, to avoid surprising behavior for users outside Asia/Shanghai.
• If there is an existing non-Alpine Dockerfile, you may want to refactor common build steps into shared ARGs or a base stage so that configuration and dependency changes don't need to be duplicated across two Dockerfiles.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Consider switching the default timezone in the image to UTC and letting consumers override it via TZ, to avoid surprising behavior for users outside Asia/Shanghai.
- If there is an existing non-Alpine Dockerfile, you may want to refactor common build steps into shared ARGs or a base stage so that configuration and dependency changes don't need to be duplicated across two Dockerfiles.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[dosubot]

Related Documentation

Checked 1 published document(s) in 1 knowledge base(s). No updates required.

^{How did I do? Any feedback?}  

[gemini-code-assist]

Code Review

This pull request introduces an Alpine-based Dockerfile, which is a great initiative to reduce the container image size. My review focuses on applying Docker best practices to further optimize the new file. I've provided suggestions to improve layer caching for faster builds, enhance dependency management, reduce the final image size by questioning unnecessary runtime dependencies, and correct the way application source code is copied to ensure consistency and security.

[gemini-code-assist]

This command copies the application source from the build context, not from the builder stage. This can lead to inconsistencies if the code changes between stages and may inadvertently include local files (like .git or .env) in the final image. It's safer and more consistent to copy the source code from the builder stage, which is where dependencies were installed against.

COPY --from=builder /AstrBot/ /AstrBot/

[gemini-code-assist]

To optimize Docker layer caching, it's recommended to copy only the files required for dependency installation first (e.g., pyproject.toml), install the dependencies, and then copy the rest of the source code. The current COPY . . command invalidates the cache for the dependency installation layer whenever any file in the project changes, leading to longer build times.

[gemini-code-assist]

The dependencies socksio and pilk are installed in a separate step. For better maintainability and to have a single source of truth for all Python dependencies, consider adding them to your pyproject.toml file. This would allow uv to manage them along with all other project dependencies.

[gemini-code-assist]

The runtime image includes git and nodejs, which contribute significantly to the image size. Please verify if they are both strictly necessary at runtime. If they are only needed during the build process (e.g., git for fetching dependencies, nodejs for building assets), they should be confined to the builder stage to keep the final image as lean as possible.