Update Dockerfile

Dockerfile

@@ -1,20 +1,40 @@
-# Use an official Python runtime as a parent image
-FROM python:3.9-slim
+# --- Stage 1: Build Dependencies ---
+FROM python:3.9-slim as builder
 
-# Set the working directory in the container
+# Set working directory
 WORKDIR /app
 
-# Copy the requirements file into the container at /app
-COPY requirements.txt .
+# Install uvloop first as it's a build dependency for some packages
+RUN pip install --no-cache-dir uvloop
 
-# Install any needed packages specified in requirements.txt
+# Copy requirements and install them
+COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
 
-# Copy the rest of the application code into the container at /app
+
+# --- Stage 2: Final Production Image ---
+FROM python:3.9-slim
+
+# Set the working directory
+WORKDIR /app
+
+# Create a non-root user and group for security
+RUN addgroup --system app && adduser --system --group app
+
+# Copy installed packages from the builder stage
+COPY --from=builder /usr/local/lib/python3.9/site-packages /usr/local/lib/python3.9/site-packages
+
+# Copy the application code
 COPY . .
 
-# Make port 8000 available to the world outside this container
+# Change ownership of the app directory to the non-root user
+RUN chown -R app:app /app
+
+# Switch to the non-root user
+USER app
+
+# Expose the port the app runs on
 EXPOSE 8000
 
-# Run main.py when the container launches
-CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"]
+# Run the application using Gunicorn
+CMD ["gunicorn", "-c", "gunicorn_conf.py", "main:app"]