Wrote non-root Dockerfile

.dockerignore

@@ -0,0 +1,7 @@
+# Ignore everything
+*
+
+# The stuff necessary to build the image
+!app/
+!setup.cfg
+!setup.py

Dockerfile

@@ -0,0 +1,34 @@
+FROM python:3.9 AS builder
+
+WORKDIR /wheels
+
+# Update pip & build the wheels
+COPY ./setup.cfg ./
+RUN pip wheel -e .
+
+
+FROM python:3.9-slim
+
+# Switch to non-root user
+RUN groupadd -r runner && \
+    useradd -mrg runner runner
+
+# Install the generated wheels
+COPY --from=builder /wheels /wheels
+RUN pip install \
+        --no-cache-dir \
+        --no-warn-script-location \
+        -f /wheels \
+        -e /wheels && \
+    rm -rf /wheels
+
+# Switch to non-root user
+USER runner
+
+# Copy source files
+WORKDIR /usr/src/app
+COPY --chown=runner:runner ./app ./app
+COPY --chown=runner:runner setup.cfg setup.py ./
+
+ENTRYPOINT ["python"]
+CMD ["app"]

app/__main__.py

@@ -6,4 +6,4 @@ app = Quart("jos")
 async def hello():
     return "hello"
 
-app.run()
+app.run(host="0.0.0.0")