update Docker File to low vulnerabilities
This commit is contained in:
Pongsatorn
parent
7085a6e00f
commit
3d0aaab8b3
2 changed files with 17 additions and 13 deletions
4
.gitignore
vendored
4
.gitignore
vendored
|
|
@ -1,3 +1,7 @@
|
||||||
|
# Do not know how to use
|
||||||
|
archive/
|
||||||
|
Dockerfile
|
||||||
|
|
||||||
/models
|
/models
|
||||||
app.log
|
app.log
|
||||||
*.pt
|
*.pt
|
||||||
|
|
|
||||||
26
Dockerfile
26
Dockerfile
|
|
@ -1,20 +1,20 @@
|
||||||
# Use the official Python image from the Docker Hub
|
# Use newer, more secure base image
|
||||||
FROM python:3.13-bookworm
|
FROM python:3.13-alpine
|
||||||
|
|
||||||
# Set the working directory in the container
|
# Update system packages first
|
||||||
WORKDIR /app
|
RUN apk update && apk upgrade
|
||||||
|
|
||||||
# Copy the requirements file into the container at /app
|
# Install minimal dependencies
|
||||||
|
RUN apk add --no-cache mesa-gl
|
||||||
|
|
||||||
|
# Use specific package versions
|
||||||
COPY requirements.txt .
|
COPY requirements.txt .
|
||||||
|
RUN pip install --no-cache-dir --upgrade pip && \
|
||||||
|
pip install --no-cache-dir -r requirements.txt
|
||||||
|
|
||||||
# Update apt, install libgl1, and clear apt cache
|
# Run as non-root user
|
||||||
RUN apt update && apt install -y libgl1 && rm -rf /var/lib/apt/lists/*
|
RUN adduser -D -s /bin/sh appuser
|
||||||
|
USER appuser
|
||||||
|
|
||||||
# Install any dependencies specified in requirements.txt
|
|
||||||
RUN pip install --no-cache-dir -r requirements.txt
|
|
||||||
|
|
||||||
# Copy the rest of the application code into the container at /app
|
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
# Run the application
|
|
||||||
CMD ["python3", "-m", "fastapi", "run", "--host", "0.0.0.0", "--port", "8000"]
|
CMD ["python3", "-m", "fastapi", "run", "--host", "0.0.0.0", "--port", "8000"]
|
||||||
Loading…
Add table
Add a link
Reference in a new issue