Commit ·
8fdadd3
1
Parent(s): d0d0769
Run app as non-root with venv
Browse files- Dockerfile +10 -2
Dockerfile
CHANGED
|
@@ -6,8 +6,16 @@ ENV PYTHONDONTWRITEBYTECODE=1 \
|
|
| 6 |
WORKDIR /app
|
| 7 |
|
| 8 |
COPY pyproject.toml README.md ddgs_cli.py app.py ./
|
| 9 |
-
RUN python -m
|
| 10 |
-
&&
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
|
| 12 |
EXPOSE 7860
|
| 13 |
|
|
|
|
| 6 |
WORKDIR /app
|
| 7 |
|
| 8 |
COPY pyproject.toml README.md ddgs_cli.py app.py ./
|
| 9 |
+
RUN python -m venv /opt/venv \
|
| 10 |
+
&& /opt/venv/bin/pip install --no-cache-dir --upgrade pip \
|
| 11 |
+
&& /opt/venv/bin/pip install --no-cache-dir .
|
| 12 |
+
|
| 13 |
+
ENV PATH="/opt/venv/bin:$PATH"
|
| 14 |
+
|
| 15 |
+
RUN useradd --uid 1000 --create-home appuser \
|
| 16 |
+
&& chown -R 1000:1000 /app
|
| 17 |
+
|
| 18 |
+
USER 1000
|
| 19 |
|
| 20 |
EXPOSE 7860
|
| 21 |
|