Hugging Face's logo

Spaces:
Rauhan
/
vibbabackendsample
Sleeping

App Files Community
Rauhan commited on
Commit
2a8ce92
·
1 Parent(s): b80844d

UPDATE:

Browse files
Files changed (1) hide show
  1. Dockerfile +30 -5
Dockerfile CHANGED
@@ -1,17 +1,42 @@
 
1
  FROM python:3.12-slim
2
 
3
- COPY . /app
 
 
 
 
 
4
 
 
5
  WORKDIR /app
6
 
7
- USER root
 
 
8
 
 
9
  RUN pip install uv
10
 
11
- RUN uv sync
 
12
 
13
- RUN chmod -R 777 /app
 
 
 
14
 
15
- EXPOSE 7860
 
16
 
 
 
 
 
 
 
 
 
 
 
17
  CMD ["uv", "run", "main.py"]
 
1
+ # 1. Start from a slim, official Python base image
2
  FROM python:3.12-slim
3
 
4
+ # 2. Set environment variables
5
+ # - Prevents Python from writing .pyc files
6
+ # - Prevents Python from buffering stdout and stderr
7
+ # - Sets the location for uv's cache to a user-owned directory
8
+ ENV PYTHONDONTWRITEBYTECODE 1
9
+ ENV PYTHONUNBUFFERED 1
10
 
11
+ # 3. Set the working directory
12
  WORKDIR /app
13
 
14
+ # 4. Create a non-root user to run the application
15
+ # This is a critical security best practice.
16
+ RUN useradd --create-home --shell /bin/bash appuser
17
 
18
+ # 5. Install uv globally (as root, which is fine for this step)
19
  RUN pip install uv
20
 
21
+ # 6. Copy only the dependency file first to leverage Docker's layer caching
22
+ COPY pyproject.toml ./
23
 
24
+ # 7. Install dependencies. This layer will only be re-built if pyproject.toml changes.
25
+ # We also ensure the virtual environment is created with correct ownership.
26
+ RUN uv sync --system-site-packages && \
27
+ chown -R appuser:appuser /app/.venv
28
 
29
+ # 8. Copy the rest of the application source code
30
+ COPY . .
31
 
32
+ # 9. Change ownership of the entire app directory to the non-root user
33
+ RUN chown -R appuser:appuser /app
34
+
35
+ # 10. Switch to the non-root user
36
+ USER appuser
37
+
38
+ # 11. Expose the correct port that the application runs on
39
+ EXPOSE 8000
40
+
41
+ # 12. Define the command to run the application
42
  CMD ["uv", "run", "main.py"]