A quick note how to build the Python interpreter and any Python packages needed in a way:

Is all built from exactly known sources which can be archived
The build can be reproduced
The final build can be isolated from the network entirely

This is implemented as a three stage Docker file. The first stage prepares the basic O/S. The second stage is essentially used only to download the sources of the Python interpreter and the packages; but since in Python packages need to be installed in order to determine all of the their dependencies there in fact can be a lot of building in this step.

The final step is copying to sources to a clean stage and rebuilding everything just from the local sources.

FROM debian:bookworm as compilesys

LABEL maintainer "Bojan Nikolic <bojan@bnikolic.co.uk>"
SHELL ["/bin/bash", "-c"]

WORKDIR /
RUN apt-get update
# From pyenv docker file
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \
        make \
        build-essential \
        libssl-dev \
        zlib1g-dev \
        libbz2-dev \
        libreadline-dev \
        libsqlite3-dev \
        wget \
        curl \
        llvm \
        libncurses5-dev \
        libncursesw5-dev \
        xz-utils \
        tk-dev \
        libffi-dev \
        liblzma-dev \
        git 

RUN git clone https://github.com/pyenv/pyenv.git /pyenv


FROM compilesys as downbuild

ENV PYENV_ROOT /pyenv
RUN mkdir -p /pysrcs
ENV PYTHON_BUILD_CACHE_PATH /pysrcs
RUN /pyenv/bin/pyenv install 3.10.10
RUN eval "$(/pyenv/bin/pyenv init -)" && /pyenv/bin/pyenv local 3.10.10 && python -m venv venv
RUN /venv/bin/pip download --no-binary :all:   hello-c-extension  -d /pysrcs



FROM compilesys as isolatedbuild

COPY --from=downbuild /pysrcs /pysrcs

SHELL ["/bin/bash", "-c"]

WORKDIR /

ENV PYENV_ROOT /pyenv
ENV PYTHON_BUILD_CACHE_PATH /pysrcs
RUN /pyenv/bin/pyenv install 3.10.10
RUN eval "$(/pyenv/bin/pyenv init -)" && /pyenv/bin/pyenv local 3.10.10 && python -m venv venv

RUN /venv/bin/pip install hello-c-extension --no-index --find-links /pysrcs

Need more help?

Services related to Python software packaging: https://bnikolic.co.uk/2023/05/22/python-ssc

Building the Python interpreter and Python packages from known sources

Need more help?

Related Posts You May Enjoy:

Seasonal adjustment in Azure Synapse using sktime Python

Isolated Python on Windows using Sandboxes Python

Notes on somewhat reducing trust of third-party Python packages Python

Building Google's Jax library from source using Nix Python

Need strategic help with your project? Let us know at webs@bnikolic.co.uk, we may be able to assist!

Any comments, suggestions or enquiries? Send a message: