49 lines
1.4 KiB
Docker
49 lines
1.4 KiB
Docker
# An example of using standalone Python builds with multistage images.
|
|
|
|
# First, build the application in the `/app` directory
|
|
FROM ghcr.io/astral-sh/uv:bookworm-slim AS builder
|
|
ENV UV_COMPILE_BYTECODE=1 UV_LINK_MODE=copy
|
|
|
|
# Configure the Python directory so it is consistent
|
|
ENV UV_PYTHON_INSTALL_DIR=/python
|
|
|
|
# Only use the managed Python version
|
|
ENV UV_PYTHON_PREFERENCE=only-managed
|
|
|
|
# Install Python before the project for caching
|
|
RUN uv python install 3.13
|
|
|
|
WORKDIR /app
|
|
RUN --mount=type=cache,target=/root/.cache/uv \
|
|
--mount=type=bind,source=uv.lock,target=uv.lock \
|
|
--mount=type=bind,source=pyproject.toml,target=pyproject.toml \
|
|
uv sync --locked --no-install-project --no-dev
|
|
COPY . /app
|
|
RUN --mount=type=cache,target=/root/.cache/uv \
|
|
uv sync --locked --no-dev
|
|
|
|
# Then, use a final image without uv
|
|
FROM debian:bookworm-slim
|
|
|
|
# Setup a non-root user
|
|
RUN groupadd --system --gid 999 nonroot \
|
|
&& useradd --system --gid 999 --uid 999 --create-home nonroot
|
|
|
|
# Copy the Python version
|
|
COPY --from=builder --chown=python:python /python /python
|
|
|
|
# Copy the application from the builder
|
|
COPY --from=builder --chown=nonroot:nonroot /app /app
|
|
|
|
# Place executables in the environment at the front of the path
|
|
ENV PATH="/app/.venv/bin:$PATH"
|
|
ENV TOKEN=
|
|
|
|
# Use the non-root user to run our application
|
|
USER nonroot
|
|
|
|
# Use `/bot` as the working directory
|
|
WORKDIR /app
|
|
|
|
# Run the FastAPI application by default
|
|
CMD ["python", "-m", "bot"] |