File size: 1,714 Bytes
784101f
9e79661
784101f
a3c2c72
 
 
 
784101f
 
 
 
a3c2c72
 
 
4925cbd
 
 
a3c2c72
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
784101f
4925cbd
 
 
 
 
 
784101f
7effb2a
 
 
68b3cf9
 
7effb2a
77c6297
 
7effb2a
 
784101f
7effb2a
 
784101f
7effb2a
 
784101f
7effb2a
784101f
7effb2a
784101f
7effb2a
68b3cf9
 
 
 
7effb2a
 
784101f
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# ---- Build stage ----
FROM python:3.11-slim-bookworm AS builder

WORKDIR /app

COPY requirements.txt requirements.txt
COPY requirements-dev.txt requirements-dev.txt
    
ARG TEST

# Installer les dépendances
RUN apt-get update && apt-get install -y --no-install-recommends \
  build-essential \
  libpq-dev \
  curl \
  postgresql \
  postgresql-contrib && \
  pip install --upgrade pip && \
  pip install --no-cache-dir -r requirements.txt && \
  if [ "$TEST" = "true" ]; then \
    pip install --no-cache-dir -r requirements-dev.txt; \
  fi && \
  apt-get remove -y build-essential && \
  apt-get autoremove -y && \
  rm -rf /var/lib/apt/lists/*

# ---- Runtime stage ----
FROM python:3.11-slim-bookworm

WORKDIR /app

COPY --from=builder /usr/local/lib/python3.11 /usr/local/lib/python3.11
COPY --from=builder /usr/local/bin /usr/local/bin

RUN apt-get update && apt-get install -y --no-install-recommends \
    libpq-dev \
    postgresql \
    postgresql-contrib && \
    rm -rf /var/lib/apt/lists/*

# Copier le code
COPY ./entrypoint.sh /tmp/entrypoint.sh
COPY ./src /app/src
COPY ./tests /app/tests
COPY ./pytest.ini /app/pytest.ini
COPY ./.env.test /app/.env.test

RUN mkdir -p /app/data/atp

WORKDIR /app

# Pour que les imports soient résolus depuis /app
ENV PYTHONPATH=/app

# Exposer le port
EXPOSE 7860

# Healthcheck sur FastAPI
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
  CMD curl -f http://localhost:7860/check_health || exit 1

# Utilisateur non-root pour la sécurité
RUN useradd --create-home appuser

# Give permissions to the appuser
RUN chown -R appuser:appuser /app

USER appuser

# Entrypoint (par exemple pour lancer uvicorn)
CMD ["/tmp/entrypoint.sh"]