Skip to content

Commit

Permalink
Merge pull request #21 from xyvora/dockerfile
Browse files Browse the repository at this point in the history 
User non-root user in docker
  • Loading branch information
@sanders41
sanders41 authored Dec 23, 2024
2 parents 9022732 + cbe7da5 commit cd93c2a
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 14 deletions.
22 changes: 9 additions & 13 deletions backend/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@ WORKDIR /app

ENV \
PYTHONUNBUFFERED=true \
PATH=/root/.cargo/bin:$PATH
PATH=/root/.cargo/bin:$PATH \
UV_PYTHON_INSTALL_DIR=/opt/uv/python

RUN : \
&& apt-get update \
Expand All @@ -28,32 +29,27 @@ RUN : \

FROM ubuntu:24.04

WORKDIR /app
RUN useradd --create-home appuser

RUN : \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
curl \
ca-certificates \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*

ADD https://astral.sh/uv/install.sh /uv-installer.sh
RUN mkdir -p /app && chown appuser:appuser /app

RUN sh /uv-installer.sh && rm /uv-installer.sh
WORKDIR /app

ENV \
PYTHONUNBUFFERED=true \
PATH="/root/.local/bin/:/app/.venv/bin:$PATH" \
PATH="/app/.venv/bin:$PATH" \
WORKERS="1" \
PORT="8000"

COPY --from=builder /app/.venv /app/.venv
COPY --from=builder /app/app /app/app
COPY --from=builder /opt/uv/python /opt/uv/python
COPY ./scripts/entrypoint.sh /app

RUN chmod +x /app/entrypoint.sh

EXPOSE 8000

USER appuser

ENTRYPOINT ["./entrypoint.sh"]
2 changes: 1 addition & 1 deletion backend/scripts/entrypoint.sh
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
#!/bin/bash

exec uv run uvicorn app.main:app --host 0.0.0.0 --port ${PORT:-8000} --workers ${WORKERS:-1}
exec uvicorn app.main:app --host 0.0.0.0 --port ${PORT:-8000} --workers ${WORKERS:-1}

0 comments on commit cd93c2a

Please sign in to comment.