Wrote non-root Dockerfile

pull/17/head^2
Jef Roosens 2021-05-18 12:15:21 +02:00
parent 12c1a2d206
commit a60fa5d86f
Signed by: Jef Roosens
GPG Key ID: B580B976584B5F30
3 changed files with 42 additions and 1 deletions

7
.dockerignore 100644
View File

@ -0,0 +1,7 @@
# Ignore everything
*
# The stuff necessary to build the image
!app/
!setup.cfg
!setup.py

34
Dockerfile 100644
View File

@ -0,0 +1,34 @@
FROM python:3.9 AS builder
WORKDIR /wheels
# Update pip & build the wheels
COPY ./setup.cfg ./
RUN pip wheel -e .
FROM python:3.9-slim
# Switch to non-root user
RUN groupadd -r runner && \
useradd -mrg runner runner
# Install the generated wheels
COPY --from=builder /wheels /wheels
RUN pip install \
--no-cache-dir \
--no-warn-script-location \
-f /wheels \
-e /wheels && \
rm -rf /wheels
# Switch to non-root user
USER runner
# Copy source files
WORKDIR /usr/src/app
COPY --chown=runner:runner ./app ./app
COPY --chown=runner:runner setup.cfg setup.py ./
ENTRYPOINT ["python"]
CMD ["app"]

View File

@ -6,4 +6,4 @@ app = Quart("jos")
async def hello(): async def hello():
return "hello" return "hello"
app.run() app.run(host="0.0.0.0")