Spaces:

S-Dreamer
/

CryptoTrader

Sleeping

S-Dreamer commited on Jul 30

Commit

3dfad9a

verified ·

1 Parent(s): 25397f0

Update Dockerfile

Files changed (1) hide show

Dockerfile CHANGED Viewed

@@ -1,16 +1,36 @@
-FROM python:3.11
 WORKDIR /code
-COPY ./requirements.txt /code/requirements.txt
 RUN python3 -m pip install --no-cache-dir --upgrade pip
 RUN python3 -m pip install --no-cache-dir --upgrade -r /code/requirements.txt
-COPY . .
-CMD ["panel", "serve", "/code/app.py", "--address", "0.0.0.0", "--port", "7860",  "--allow-websocket-origin", "*"]
-RUN mkdir /.cache
-RUN chmod 777 /.cache
-RUN mkdir .chroma
-RUN chmod 777 .chroma

+# Use a smaller, more efficient base image
+FROM python:3.11-slim
+# Set environment variables to prevent caching and writing .pyc files
+ENV PYTHONDONTWRITEBYTECODE 1
+ENV PYTHONUNBUFFERED 1
+# Set the working directory
 WORKDIR /code
+# Create a non-root user and group to run the application
+RUN addgroup --system appgroup && adduser --system --group appuser
+# Create necessary directories and set permissions *before* copying files
+# This improves layer caching.
+RUN mkdir -p /.cache ./.chroma \
+    && chown -R appuser:appgroup /.cache ./.chroma
+# Copy dependency file and set permissions
+COPY --chown=appuser:appgroup ./requirements.txt /code/requirements.txt
+# Install dependencies
 RUN python3 -m pip install --no-cache-dir --upgrade pip
 RUN python3 -m pip install --no-cache-dir --upgrade -r /code/requirements.txt
+# Copy the rest of the application code and set permissions
+COPY --chown=appuser:appgroup . .
+# Switch to the non-root user
+USER appuser
+# Expose the port the app runs on
+EXPOSE 7860
+# Define the command to run the application
+CMD ["panel", "serve", "/code/app.py", "--address", "0.0.0.0", "--port", "7860",  "--allow-websocket-origin", "*"]