From a60fa5d86f884c1b9eb30065361f18733275f4e9 Mon Sep 17 00:00:00 2001
From: Jef Roosens <roosensjef@gmail.com>
Date: Tue, 18 May 2021 12:15:21 +0200
Subject: [PATCH] Wrote non-root Dockerfile

---
 .dockerignore   |  7 +++++++
 Dockerfile      | 34 ++++++++++++++++++++++++++++++++++
 app/__main__.py |  2 +-
 3 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 .dockerignore
 create mode 100644 Dockerfile

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..20ebb32
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,7 @@
+# Ignore everything
+*
+
+# The stuff necessary to build the image
+!app/
+!setup.cfg
+!setup.py
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..9b953d5
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,34 @@
+FROM python:3.9 AS builder
+
+WORKDIR /wheels
+
+# Update pip & build the wheels
+COPY ./setup.cfg ./
+RUN pip wheel -e .
+
+
+FROM python:3.9-slim
+
+# Switch to non-root user
+RUN groupadd -r runner && \
+    useradd -mrg runner runner
+
+# Install the generated wheels
+COPY --from=builder /wheels /wheels
+RUN pip install \
+        --no-cache-dir \
+        --no-warn-script-location \
+        -f /wheels \
+        -e /wheels && \
+    rm -rf /wheels
+
+# Switch to non-root user
+USER runner
+
+# Copy source files
+WORKDIR /usr/src/app
+COPY --chown=runner:runner ./app ./app
+COPY --chown=runner:runner setup.cfg setup.py ./
+
+ENTRYPOINT ["python"]
+CMD ["app"]
diff --git a/app/__main__.py b/app/__main__.py
index 787d6a4..dd82e5f 100644
--- a/app/__main__.py
+++ b/app/__main__.py
@@ -6,4 +6,4 @@ app = Quart("jos")
 async def hello():
     return "hello"
 
-app.run()
+app.run(host="0.0.0.0")