Spaces:
Sleeping
Sleeping
| # ============================================================ | |
| # 30-Day Readmission Risk API β Dockerfile | |
| # ============================================================ | |
| # Multi-stage approach: | |
| # Stage 1: Install dependencies (cached layer) | |
| # Stage 2: Copy application code (rebuilt on code changes) | |
| # | |
| # This ordering means code changes don't trigger | |
| # a full dependency reinstall β builds are fast. | |
| # ============================================================ | |
| # Base image β Python 3.11 slim (smaller than full Python image) | |
| # Pinned to specific digest for reproducibility in production | |
| FROM python:3.11-slim | |
| # Metadata | |
| LABEL maintainer="Ibrahim β Health Tech Engineer" | |
| LABEL description="30-Day Hospital Readmission Risk Prediction API" | |
| LABEL version="1.0.0" | |
| # Set working directory inside container | |
| WORKDIR /app | |
| # --- System dependencies --- | |
| # libgomp1: required by XGBoost for parallel tree building | |
| # gcc: required to compile some Python packages | |
| # curl: useful for health checks | |
| RUN apt-get update && apt-get install -y \ | |
| libgomp1 \ | |
| gcc \ | |
| curl \ | |
| && apt-get clean \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # --- Python dependencies --- | |
| # Copy requirements first β Docker caches this layer | |
| # If requirements.txt hasn't changed, pip install is skipped | |
| COPY requirements-docker.txt . | |
| # Install setuptools first β fixes pkg_resources issue | |
| # Then install all requirements | |
| RUN pip install --no-cache-dir --upgrade pip setuptools && \ | |
| pip install --no-cache-dir -r requirements-docker.txt | |
| # --- Application code --- | |
| # Copy source code | |
| COPY src/ ./src/ | |
| # Copy model artifacts | |
| # These are the trained model files from Lesson 4 | |
| COPY models/ ./models/ | |
| # Copy any config files | |
| COPY .env* ./ | |
| # --- Security: run as non-root user --- | |
| # Running as root inside containers is a security risk | |
| # Create a dedicated user for the application | |
| RUN useradd --create-home --shell /bin/bash appuser && \ | |
| chown -R appuser:appuser /app | |
| USER appuser | |
| # --- Runtime configuration --- | |
| # Document the port (doesn't actually publish it β that's docker run -p) | |
| EXPOSE 7860 | |
| CMD ["uvicorn", "src.api.main:app", \ | |
| "--host", "0.0.0.0", \ | |
| "--port", "7860", \ | |
| "--workers", "1"] |