Spaces:
Sleeping
Sleeping
Update Dockerfile
Browse files- Dockerfile +42 -11
Dockerfile
CHANGED
|
@@ -1,21 +1,52 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
FROM python:3.9-slim
|
| 2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3 |
WORKDIR /app
|
| 4 |
|
| 5 |
-
|
| 6 |
-
|
| 7 |
-
|
| 8 |
-
|
| 9 |
-
|
| 10 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
|
| 12 |
-
|
| 13 |
-
|
|
|
|
|
|
|
| 14 |
|
| 15 |
-
|
|
|
|
|
|
|
| 16 |
|
|
|
|
|
|
|
| 17 |
EXPOSE 8501
|
| 18 |
|
| 19 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 20 |
|
| 21 |
-
ENTRYPOINT ["streamlit", "run", "src/streamlit_app.py", "--server.port=8501", "--server.address=0.0.0.0"]
|
|
|
|
| 1 |
+
# Dockerfile
|
| 2 |
+
|
| 3 |
+
# --- Stage 1: Base Image ---
|
| 4 |
+
# Use an official Python slim image as a parent image.
|
| 5 |
+
# Using a specific version (e.g., 3.9) ensures consistency.
|
| 6 |
+
# The 'slim' variant is smaller than the full image.
|
| 7 |
FROM python:3.9-slim
|
| 8 |
|
| 9 |
+
# --- Environment Variables ---
|
| 10 |
+
# Prevents Python from writing .pyc files to disc (improves performance in containers)
|
| 11 |
+
ENV PYTHONDONTWRITEBYTECODE 1
|
| 12 |
+
# Ensures that Python output is sent straight to the terminal without being buffered
|
| 13 |
+
ENV PYTHONUNBUFFERED 1
|
| 14 |
+
|
| 15 |
+
# --- Working Directory ---
|
| 16 |
+
# Set the working directory in the container to /app
|
| 17 |
WORKDIR /app
|
| 18 |
|
| 19 |
+
# --- Create a non-root user ---
|
| 20 |
+
# Create a user group and a user to run the app. This is a security best practice
|
| 21 |
+
# to avoid running the container as root. This will solve the PermissionError.
|
| 22 |
+
RUN addgroup --system streamlit && adduser --system --ingroup streamlit streamlit
|
| 23 |
+
|
| 24 |
+
# --- Install Dependencies ---
|
| 25 |
+
# Copy the requirements file first to leverage Docker's layer caching.
|
| 26 |
+
# If requirements.txt doesn't change, this layer won't be rebuilt.
|
| 27 |
+
COPY requirements.txt .
|
| 28 |
+
RUN pip install --no-cache-dir -r requirements.txt
|
| 29 |
+
|
| 30 |
+
# --- Copy Application Code ---
|
| 31 |
+
# Copy the local code to the container's /app directory
|
| 32 |
+
COPY . .
|
| 33 |
|
| 34 |
+
# --- Set Ownership ---
|
| 35 |
+
# Change the ownership of the /app directory to the non-root user.
|
| 36 |
+
# This ensures our application has the necessary permissions to read/write in its own directory.
|
| 37 |
+
RUN chown -R streamlit:streamlit /app
|
| 38 |
|
| 39 |
+
# --- Switch to non-root user ---
|
| 40 |
+
# Switch from root to our newly created user.
|
| 41 |
+
USER streamlit
|
| 42 |
|
| 43 |
+
# --- Expose Port ---
|
| 44 |
+
# Expose the port that Streamlit runs on.
|
| 45 |
EXPOSE 8501
|
| 46 |
|
| 47 |
+
# --- Run Application ---
|
| 48 |
+
# The command to run when the container starts.
|
| 49 |
+
# It tells Streamlit to run app.py and listen on all network interfaces,
|
| 50 |
+
# which is necessary for it to be accessible from outside the container.
|
| 51 |
+
CMD ["streamlit", "run", "app.py", "--server.port=8501", "--server.address=0.0.0.0"]
|
| 52 |
|
|
|