33 lines
744 B
Docker
33 lines
744 B
Docker
# -------- Stage 1: base --------
|
|
FROM python:3.11-slim
|
|
|
|
# -------- Env --------
|
|
ENV PYTHONUNBUFFERED=1 \
|
|
PYTHONDONTWRITEBYTECODE=1
|
|
|
|
# -------- System deps (minimal) --------
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
curl \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# -------- Workdir --------
|
|
WORKDIR /app
|
|
|
|
# -------- Dependencies --------
|
|
COPY requirements.txt .
|
|
RUN pip install --no-cache-dir -r requirements.txt
|
|
|
|
# -------- App --------
|
|
COPY app.py .
|
|
|
|
# -------- Non-root user --------
|
|
RUN useradd -m appuser
|
|
USER appuser
|
|
|
|
# -------- Healthcheck --------
|
|
HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
|
|
CMD curl -f http://localhost:5000/healthz || exit 1
|
|
|
|
# -------- Run --------
|
|
CMD ["python", "app.py"]
|