Dockerfile

FROM ghcr.io/osgeo/gdal:ubuntu-small-latest

# Install only essential packages not included in base image
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked     --mount=type=cache,target=/var/lib/apt,sharing=locked     apt-get update && apt-get install -y     python3-pip python3-venv     && rm -rf /var/lib/apt/lists/*

# Set up user and environment
ENV HOME=/home/user

# Create user with specific home directory
RUN useradd -m -d /home/user user &&     mkdir -p /home/user/.streamlit /home/user/.config/matplotlib /home/user/app &&     chown -R user:user /home/user &&     chmod -R 755 /home/user

# Other environment variables
ENV PATH=/home/user/.local/bin:/home/user/venv/bin:/snap/bin:/home/runner/.local/bin:/opt/pipx_bin:/home/runner/.cargo/bin:/home/runner/.config/composer/vendor/bin:/usr/local/.ghcup/bin:/home/runner/.dotnet/tools:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin     ARROW_HOME=/usr     PARQUET_HOME=/usr     PORT=7860     MPLCONFIGDIR=/home/user/.config/matplotlib

USER user
WORKDIR /home/user/app

# Create empty secrets.toml file
RUN mkdir -p /home/user/.streamlit &&     touch /home/user/.streamlit/secrets.toml &&     chmod 644 /home/user/.streamlit/secrets.toml

# Python setup (with correct permissions)
RUN python3 -m venv /home/user/venv &&     /home/user/venv/bin/pip install --no-cache-dir -U pip setuptools wheel

# Install streamlit and other requirements
RUN /home/user/venv/bin/pip install --no-cache-dir streamlit
COPY --chown=user requirements.txt .
RUN /home/user/venv/bin/pip install --no-cache-dir -r requirements.txt

COPY --chown=user . .

# Verify installations
RUN /home/user/venv/bin/streamlit --version &&     /home/user/venv/bin/python3 -c "from osgeo import gdal; print(f'GDAL version: {gdal.__version__}')"

# Use the venv python to run streamlit
CMD ["/home/user/venv/bin/python3", "-m", "streamlit", "run", "app.py", "--server.port=7860", "--server.address=0.0.0.0"]