Spaces:
Build error
Build error
NAVADA
commited on
Commit
·
b25dcfb
1
Parent(s):
e709f6b
Fix permissions: use non-root user and pre-create directories
Browse files- Dockerfile +16 -5
Dockerfile
CHANGED
|
@@ -1,19 +1,30 @@
|
|
| 1 |
FROM python:3.11-slim
|
| 2 |
|
| 3 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
|
| 5 |
-
|
|
|
|
|
|
|
|
|
|
| 6 |
RUN apt-get update && apt-get install -y \
|
| 7 |
gcc \
|
| 8 |
g++ \
|
| 9 |
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
| 10 |
|
| 11 |
# Copy requirements and install Python dependencies
|
| 12 |
-
COPY requirements.txt .
|
| 13 |
-
RUN pip install --no-cache-dir -r requirements.txt
|
| 14 |
|
| 15 |
# Copy application code
|
| 16 |
-
COPY . .
|
|
|
|
|
|
|
|
|
|
| 17 |
|
| 18 |
# Expose port for Hugging Face Spaces
|
| 19 |
EXPOSE 7860
|
|
|
|
| 1 |
FROM python:3.11-slim
|
| 2 |
|
| 3 |
+
# Create non-root user for security
|
| 4 |
+
RUN useradd -m -u 1000 user
|
| 5 |
+
USER user
|
| 6 |
+
ENV HOME=/home/user \
|
| 7 |
+
PATH=/home/user/.local/bin:$PATH
|
| 8 |
|
| 9 |
+
WORKDIR $HOME/app
|
| 10 |
+
|
| 11 |
+
# Install system dependencies as root, then switch back to user
|
| 12 |
+
USER root
|
| 13 |
RUN apt-get update && apt-get install -y \
|
| 14 |
gcc \
|
| 15 |
g++ \
|
| 16 |
&& rm -rf /var/lib/apt/lists/*
|
| 17 |
+
USER user
|
| 18 |
|
| 19 |
# Copy requirements and install Python dependencies
|
| 20 |
+
COPY --chown=user requirements.txt .
|
| 21 |
+
RUN pip install --user --no-cache-dir -r requirements.txt
|
| 22 |
|
| 23 |
# Copy application code
|
| 24 |
+
COPY --chown=user . .
|
| 25 |
+
|
| 26 |
+
# Create necessary directories with proper permissions
|
| 27 |
+
RUN mkdir -p $HOME/app/.files $HOME/app/.chainlit
|
| 28 |
|
| 29 |
# Expose port for Hugging Face Spaces
|
| 30 |
EXPOSE 7860
|