Wrote non-root Dockerfile
This commit is contained in:
parent
12c1a2d206
commit
a60fa5d86f
GPG key ID:
B580B976584B5F30
3 changed files with 42 additions and 1 deletions
34
Dockerfile
Normal file
34
Dockerfile
Normal file
|
|
@ -0,0 +1,34 @@
|
|||
FROM python:3.9 AS builder
|
||||
|
||||
WORKDIR /wheels
|
||||
|
||||
# Update pip & build the wheels
|
||||
COPY ./setup.cfg ./
|
||||
RUN pip wheel -e .
|
||||
|
||||
|
||||
FROM python:3.9-slim
|
||||
|
||||
# Switch to non-root user
|
||||
RUN groupadd -r runner && \
|
||||
useradd -mrg runner runner
|
||||
|
||||
# Install the generated wheels
|
||||
COPY --from=builder /wheels /wheels
|
||||
RUN pip install \
|
||||
--no-cache-dir \
|
||||
--no-warn-script-location \
|
||||
-f /wheels \
|
||||
-e /wheels && \
|
||||
rm -rf /wheels
|
||||
|
||||
# Switch to non-root user
|
||||
USER runner
|
||||
|
||||
# Copy source files
|
||||
WORKDIR /usr/src/app
|
||||
COPY --chown=runner:runner ./app ./app
|
||||
COPY --chown=runner:runner setup.cfg setup.py ./
|
||||
|
||||
ENTRYPOINT ["python"]
|
||||
CMD ["app"]
|
||||
Reference in a new issue