Spaces:
Sleeping
Sleeping
Update Dockerfile
Browse files- Dockerfile +10 -2
Dockerfile
CHANGED
|
@@ -4,10 +4,13 @@ FROM python:3.11-slim
|
|
| 4 |
# Set the working directory inside the container
|
| 5 |
WORKDIR /code
|
| 6 |
|
| 7 |
-
# --- *** ADD THIS LINE *** ---
|
| 8 |
# Set an environment variable to tell Hugging Face where to cache models.
|
| 9 |
-
# This avoids permission errors by using a local, writable directory.
|
| 10 |
ENV HF_HOME /code/.cache
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
# --- ********************* ---
|
| 12 |
|
| 13 |
# Copy the requirements file and install dependencies
|
|
@@ -17,6 +20,11 @@ RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt
|
|
| 17 |
# Copy the rest of the application code
|
| 18 |
COPY ./app.py /code/app.py
|
| 19 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 20 |
# Expose the port the app runs on
|
| 21 |
EXPOSE 8000
|
| 22 |
|
|
|
|
| 4 |
# Set the working directory inside the container
|
| 5 |
WORKDIR /code
|
| 6 |
|
|
|
|
| 7 |
# Set an environment variable to tell Hugging Face where to cache models.
|
|
|
|
| 8 |
ENV HF_HOME /code/.cache
|
| 9 |
+
|
| 10 |
+
# --- *** ADD THIS LINE *** ---
|
| 11 |
+
# Create the cache directory and change its ownership to the default 'python' user.
|
| 12 |
+
# This gives our application the necessary permissions to write model files.
|
| 13 |
+
RUN mkdir -p /code/.cache && chown -R python:python /code/.cache
|
| 14 |
# --- ********************* ---
|
| 15 |
|
| 16 |
# Copy the requirements file and install dependencies
|
|
|
|
| 20 |
# Copy the rest of the application code
|
| 21 |
COPY ./app.py /code/app.py
|
| 22 |
|
| 23 |
+
# --- *** ADD THIS LINE TO SWITCH USER *** ---
|
| 24 |
+
# Switch to the non-root 'python' user to run the application securely
|
| 25 |
+
USER python
|
| 26 |
+
# --- ************************************** ---
|
| 27 |
+
|
| 28 |
# Expose the port the app runs on
|
| 29 |
EXPOSE 8000
|
| 30 |
|