| # 第一阶段:Node.js 20 LTS 构建环境 | |
| FROM node:20-alpine AS node-builder | |
| WORKDIR /app | |
| # 如果有 Node.js 依赖,在这里安装 | |
| # COPY package*.json ./ | |
| # RUN npm ci --only=production | |
| # 第二阶段:Python 3.12 构建环境 | |
| FROM python:3.12-slim AS python-builder | |
| WORKDIR /app | |
| # 安装构建依赖 | |
| RUN apt-get update && apt-get install -y \ | |
| gcc \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # 复制并安装 Python 依赖 | |
| COPY requirements.txt . | |
| RUN pip install --no-cache-dir --user -r requirements.txt | |
| # 第三阶段:生产运行环境 | |
| FROM python:3.12-slim AS production | |
| # 设置环境变量 | |
| ENV PYTHONDONTWRITEBYTECODE=1 \ | |
| PYTHONUNBUFFERED=1 \ | |
| PATH="/home/user/.local/bin:$PATH" | |
| # 创建非 root 用户 | |
| RUN useradd --create-home --shell /bin/bash user | |
| WORKDIR /app | |
| # 从构建阶段复制 Python 包 | |
| COPY --from=python-builder /root/.local /home/user/.local | |
| # 复制应用代码 | |
| COPY --chown=user . . | |
| # 切换到非 root 用户 | |
| USER user | |
| # 暴露 HuggingFace 标准端口 | |
| EXPOSE 7860 | |
| # 健康检查 | |
| HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \ | |
| CMD curl -f http://localhost:7860/health || exit 1 | |
| # 启动命令 | |
| CMD ["gunicorn", "-k", "uvicorn.workers.UvicornWorker", "-w", "1", "-b", "0.0.0.0:7860", "app:app"] | |