-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathDockerfile.api
More file actions
66 lines (56 loc) · 2.54 KB
/
Dockerfile.api
File metadata and controls
66 lines (56 loc) · 2.54 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# Ubuntu 22.04 LTS: Stable, long-term support base with Python 3.10 pre-installed
# Chosen over Alpine for better compatibility with scientific Python packages
FROM ubuntu:22.04
# Set environment variables for optimal Python and container behavior
# Prevents interactive prompts during package installation (required for automated builds)
ENV DEBIAN_FRONTEND=noninteractive
# Ensures Python output is sent straight to terminal without buffering (better for Docker logs)
ENV PYTHONUNBUFFERED=1
# Prevents Python from writing .pyc files (reduces container size and improves security)
ENV PYTHONDONTWRITEBYTECODE=1
# Adds user's local bin to PATH for pip-installed executables (needed for non-root user setup)
ENV PATH="/home/app/.local/bin:$PATH"
# Install system dependencies required by the Python packages in requirements.txt
RUN apt-get update && apt-get install -y \
# Build tools required for compiling Python packages with C extensions
build-essential \
# Network utilities for health checks and API calls
curl \
wget \
# Version control (may be needed by some Python packages during installation)
git \
# Package configuration tool (required by some native dependencies)
pkg-config \
# SSL/TLS support (required by requests, urllib3, and HTTPS connections)
libssl-dev \
# Foreign Function Interface library (required by cryptography and other security packages)
libffi-dev \
# XML processing libraries (required by xmltodict and web scraping functionality)
libxml2-dev \
libxslt1-dev \
# Compression library (required by various Python packages)
zlib1g-dev \
# PostgreSQL client library (required by psycopg package for database connections)
libpq-dev \
# Clean up apt cache to reduce image size
&& rm -rf /var/lib/apt/lists/*
# Create non-root user for security best practices (prevents privilege escalation attacks)
RUN useradd -m -s /bin/bash app && \
mkdir -p /app && \
chown -R app:app /app
USER app
WORKDIR /app
# Install UV (https://docs.astral.sh/uv/getting-started/installation/)
RUN curl -LsSf https://astral.sh/uv/install.sh | sh
ENV PATH="/home/app/.local/bin:$PATH"
# (if requirements don't change, we can reuse the pip install layer)
COPY --chown=app:app .python-version .
COPY --chown=app:app README.md .
COPY --chown=app:app pyproject.toml .
COPY --chown=app:app uv.lock .
COPY --chown=app:app src/agentica-mini/pyproject.toml src/agentica-mini/pyproject.toml
RUN uv sync
# Copy the application code (done after pip install for better layer caching)
COPY --chown=app:app . .
RUN mkdir -p logs
CMD ["uv", "run", "python", "-m", "oversight.flask_app"]