-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
74 lines (60 loc) · 2.42 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
##########################################################################################
# Builder image
##########################################################################################
# Using python debian slim version
FROM python:3.12.4-slim AS builder-image
# Update and install dependencies
RUN apt-get update -y \
&& apt-get install --no-install-recommends -y gcc python3-dev \
# Clean up
&& apt-get autoremove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/*
# Create and activate virtual environment
# Using final folder name to avoid path issues with packages
RUN python3.12 -m venv /home/appuser/venv
ENV PATH="/home/appuser/venv/bin:$PATH"
# Install python dependencies
COPY requirements.txt .
RUN python3 -m pip install --upgrade pip
RUN pip3 install --no-cache-dir wheel
RUN pip3 install --no-cache-dir -r requirements.txt
##########################################################################################
# Runner image
##########################################################################################
# Using python debian slim version
FROM python:3.12.4-slim AS runner-image
# Update and install dependencies
RUN apt-get update -y \
&& apt-get upgrade -y \
# Clean up
&& apt-get autoremove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/*
# Create a non-root user appuser with home directory
RUN set -ex \
# Create a non-root user
&& addgroup --system --gid 1001 appgroup \
&& adduser --system --uid 1001 --gid 1001 appuser --home /home/appuser
# Create app directory and copy virtual environment from builder image
RUN mkdir /home/appuser/app
COPY --from=builder-image /home/appuser/venv /home/appuser/venv
# Set the working directory to app directory and copy source files
WORKDIR /home/appuser/app
COPY . .
# Give ownership of app directory to appuser
RUN chown -R appuser:appgroup /home/appuser/app
ENV PIP_DEFAULT_TIMEOUT=100 \
# Allow statements and log messages to immediately appear
PYTHONUNBUFFERED=1 \
# disable a pip version check to reduce run-time & log-spam
PIP_DISABLE_PIP_VERSION_CHECK=1 \
# cache is useless in docker image, so disable to reduce image size
PIP_NO_CACHE_DIR=1
# Set python virtual environment path and add it to PATH
ENV VIRTUAL_ENV=/home/appuser/venv
ENV PATH="/home/appuser/venv/bin:$PATH"
EXPOSE 8080
CMD ["python3", "main.py"]
# Set the user to run the application as non root
USER appuser