48 lines
1.2 KiB
Docker
48 lines
1.2 KiB
Docker
# === Stage 1: build dependencies ===
|
|
FROM python:3.13-slim AS builder
|
|
|
|
COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy only dependency files first (cache layer)
|
|
COPY pyproject.toml uv.lock ./
|
|
|
|
# Install dependencies into a self-contained venv
|
|
RUN uv sync --frozen --no-dev --no-install-project
|
|
|
|
# Copy application code
|
|
COPY . .
|
|
|
|
# Install the project itself
|
|
RUN uv sync --frozen --no-dev
|
|
|
|
|
|
# === Stage 2: runtime ===
|
|
FROM python:3.13-slim AS runtime
|
|
|
|
RUN groupadd --gid 1000 app && \
|
|
useradd --uid 1000 --gid app --shell /bin/bash --create-home app
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy the entire venv and application from builder
|
|
COPY --from=builder /app /app
|
|
|
|
# Remove files that must not be in the image
|
|
RUN rm -f .env .env.* && rm -rf __pycache__
|
|
|
|
ENV PATH="/app/.venv/bin:$PATH" \
|
|
PYTHONDONTWRITEBYTECODE=1 \
|
|
PYTHONUNBUFFERED=1
|
|
|
|
USER app
|
|
|
|
EXPOSE 3001
|
|
|
|
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
|
|
CMD ["python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:3001/health')"]
|
|
|
|
CMD ["uvicorn", "server:app", "--host", "0.0.0.0", "--port", "3001", \
|
|
"--log-level", "warning", "--timeout-keep-alive", "75"]
|