| FROM python:3.9-slim | |
| WORKDIR /app | |
| # Install system dependencies needed for OpenCV | |
| RUN apt-get update && apt-get install -y \ | |
| libgl1-mesa-glx \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Copy requirements and install dependencies as root to leverage caching | |
| COPY requirements.txt ./ | |
| RUN pip3 install --no-cache-dir -r requirements.txt | |
| # Copy the application code from your local `src` folder | |
| # This will copy `src/streamlit_app.py` and `src/best.pt` to the container | |
| COPY src/ ./src/ | |
| # --- User and Permission Setup --- | |
| # Create a group and user | |
| RUN groupadd --system appuser && useradd --system --gid appuser appuser | |
| # Change ownership of the entire app directory to the new user | |
| RUN chown -R appuser:appuser /app | |
| # Set the HOME environment variable for the non-root user. | |
| # THIS IS THE CRITICAL FIX for the original PermissionError. | |
| ENV HOME=/app | |
| # Switch to the non-root user for security | |
| USER appuser | |
| # --- End of User Setup --- | |
| EXPOSE 8501 | |
| HEALTHCHECK CMD curl --fail http://localhost:8501/_stcore/health || exit 1 | |
| # --- UPDATED ENTRYPOINT --- | |
| # Removed the unsupported `--global.gatherUsageStats` flag. | |
| # The `--browser.gatherUsageStats=false` is still valid and good practice. | |
| ENTRYPOINT ["streamlit", "run", "src/streamlit_app.py", "--server.port=8501", "--server.address=0.0.0.0", "--browser.gatherUsageStats=false"] |