ARG BASE_IMAGE=ghcr.io/meta-pytorch/openenv-base:latest FROM ${BASE_IMAGE} AS builder WORKDIR /app # Ensure git and curl are available RUN apt-get update && \ apt-get install -y --no-install-recommends git curl ca-certificates && \ rm -rf /var/lib/apt/lists/* # Build argument to control whether we're building standalone or in-repo ARG BUILD_MODE=in-repo ARG ENV_NAME=rl_code_fix_env # Copy environment code (always at root of build context) COPY . /app/env # For in-repo builds, openenv is already vendored in the build context # For standalone builds, openenv will be installed via pyproject.toml WORKDIR /app/env # Ensure uv is available RUN if ! command -v uv >/dev/null 2>&1; then \ curl -LsSf https://astral.sh/uv/install.sh | env UV_INSTALL_DIR=/usr/local/bin sh; \ fi # Install dependencies using uv sync # If uv.lock exists, use it; otherwise resolve on the fly RUN --mount=type=cache,target=/root/.cache/uv \ if [ -f uv.lock ]; then \ uv sync --frozen --no-install-project --no-editable; \ else \ uv sync --no-install-project --no-editable; \ fi RUN --mount=type=cache,target=/root/.cache/uv \ if [ -f uv.lock ]; then \ uv sync --frozen --no-editable; \ else \ uv sync --no-editable; \ fi # Final runtime stage FROM ${BASE_IMAGE} # Install curl for health check RUN apt-get update && \ apt-get install -y --no-install-recommends curl && \ rm -rf /var/lib/apt/lists/* WORKDIR /app # Copy environment code + its in-place virtualenv from builder. # Keep the venv at the same path it was created with (/app/env/.venv) # to avoid relocation issues and dual-venv path conflicts. COPY --from=builder /app/env /app/env # Use the single in-repo venv ENV VIRTUAL_ENV="/app/env/.venv" ENV PATH="/app/env/.venv/bin:$PATH" # Hermetic runtime: keep imports pinned to repo code + active venv. ENV PYTHONPATH="/app/env" ENV PYTHONNOUSERSITE="1" ENV PYTHONDONTWRITEBYTECODE="1" # Health check HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ CMD curl -f http://localhost:8000/health || exit 1 # Expose the application port EXPOSE 8000 # Run the FastAPI server # The module path is constructed to work with the /app/env structure ENV ENABLE_WEB_INTERFACE=true CMD ["sh", "-c", "cd /app/env && uvicorn server.app:app --host 0.0.0.0 --port 8000"]