James McCool
commited on
Commit
·
c84befd
1
Parent(s):
37a73c1
Refactor Dockerfile to enhance user permissions and streamline app setup. This update includes creating a non-root user, setting the working directory, and upgrading pip before installing dependencies, improving security and deployment efficiency.
Browse files- Dockerfile +10 -6
Dockerfile
CHANGED
|
@@ -13,14 +13,18 @@ COPY requirements.txt ./
|
|
| 13 |
COPY src/ ./src/
|
| 14 |
COPY .streamlit/ ./.streamlit/
|
| 15 |
|
| 16 |
-
|
| 17 |
|
| 18 |
ENV MONGO_URI="mongodb+srv://multichem:Xr1q5wZdXPbxdUmJ@testcluster.lgwtp5i.mongodb.net/?retryWrites=true&w=majority&appName=TestCluster"
|
| 19 |
-
|
| 20 |
-
|
| 21 |
-
|
| 22 |
-
|
| 23 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 24 |
|
| 25 |
EXPOSE 8501
|
| 26 |
|
|
|
|
| 13 |
COPY src/ ./src/
|
| 14 |
COPY .streamlit/ ./.streamlit/
|
| 15 |
|
| 16 |
+
|
| 17 |
|
| 18 |
ENV MONGO_URI="mongodb+srv://multichem:Xr1q5wZdXPbxdUmJ@testcluster.lgwtp5i.mongodb.net/?retryWrites=true&w=majority&appName=TestCluster"
|
| 19 |
+
RUN useradd -m -u 1000 user
|
| 20 |
+
USER user
|
| 21 |
+
ENV HOME=/home/user\
|
| 22 |
+
PATH=/home/user/.local/bin:$PATH
|
| 23 |
+
WORKDIR $HOME/app
|
| 24 |
+
RUN pip install --no-cache-dir --upgrade pip
|
| 25 |
+
COPY --chown=user . $HOME/app
|
| 26 |
+
|
| 27 |
+
RUN pip3 install -r requirements.txt
|
| 28 |
|
| 29 |
EXPOSE 8501
|
| 30 |
|