| # Menggunakan base image slim untuk efisiensi ukuran container dan meminimalisir attack surface | |
| FROM python:3.11-slim | |
| LABEL maintainer="aqso@gmail.com" | |
| # Konfigurasi environment untuk Docker HF Spaces | |
| ENV PYTHONUNBUFFERED=1 \ | |
| GRADIO_SERVER_NAME="0.0.0.0" \ | |
| GRADIO_SERVER_PORT=7860 \ | |
| HOME="/home/user" | |
| # Mitigasi Error Permission: Buat user non-root dengan UID 1000 sesuai regulasi HF Spaces | |
| RUN useradd -m -u 1000 user | |
| USER user | |
| ENV PATH="/home/user/.local/bin:$PATH" | |
| # Set working directory | |
| WORKDIR $HOME/app | |
| # Copy dependency list dan install | |
| COPY --chown=user requirements.txt . | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| # Copy seluruh source code | |
| COPY --chown=user . . | |
| # Expose port wajib HF Spaces | |
| EXPOSE 7860 | |
| # Eksekusi aplikasi | |
| CMD ["python", "app.py"] | |