Spaces:
Running
Running
| FROM python:3.11-slim | |
| WORKDIR /app | |
| # Create a non-root user and group | |
| RUN groupadd -r appgroup && useradd -r -g appgroup -d /app -s /sbin/nologin -c "Docker image user" appuser | |
| # Copy requirements file first to leverage Docker cache | |
| COPY --chown=appuser:appgroup requirements.txt . | |
| # Grant appuser ownership of /app | |
| RUN chown appuser:appgroup /app | |
| # Switch to the non-root user | |
| USER appuser | |
| # Create and activate virtual environment | |
| RUN python -m venv .venv | |
| ENV PATH="/app/.venv/bin:$PATH" | |
| # Install dependencies using standard pip | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| # Copy application code | |
| # Ensure the appuser owns the application code as well | |
| COPY --chown=appuser:appgroup server.py . | |
| # Expose the port the server runs on | |
| EXPOSE 7860 | |
| # Command to run the server with python directly | |
| CMD ["python", "server.py"] |