mo/mitlist
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f2df1c50dd
mitlist/be/Dockerfile.prod
mohamad 161292ff3b
All checks were successful
Deploy to Production, build images and push to Gitea Registry / build_and_push (pull_request) Successful in 1m54s
Details
refactor: Optimize Dockerfiles and deployment workflow for improved performance and reliability 
- Updated Dockerfiles to use `python:3.11-slim` for reduced image size and enhanced build efficiency.
- Implemented multi-stage builds with selective file copying and non-root user creation for better security.
- Enhanced deployment workflow with retry logic for image pushes and added cleanup steps for Docker resources.
- Improved build commands with BuildKit optimizations for both backend and frontend images.
2025-06-01 16:26:49 +02:00

70 lines
1.7 KiB
Docker
Raw Blame History

# Multi-stage build for production - optimized for size
FROM python:3.11-slim AS builder
# Set environment variables
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
PIP_NO_CACHE_DIR=1 \
PIP_DISABLE_PIP_VERSION_CHECK=1
# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
gcc \
g++ \
libpq-dev \
&& rm -rf /var/lib/apt/lists/*
# Install Python dependencies
COPY requirements.txt .
RUN pip install --user --no-cache-dir -r requirements.txt
# Production stage - minimal image
FROM python:3.11-slim AS production
# Set environment variables
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
PATH=/home/appuser/.local/bin:$PATH
# Install only runtime dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
libpq5 \
curl \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get clean
# Create non-root user
RUN groupadd -g 1001 appuser && \
useradd -u 1001 -g appuser -m appuser
# Copy Python packages from builder stage
COPY --from=builder /root/.local /home/appuser/.local
# Set working directory
WORKDIR /app
# Copy only necessary application files (be selective)
COPY --chown=appuser:appuser app/ ./app/
COPY --chown=appuser:appuser *.py ./
COPY --chown=appuser:appuser requirements.txt ./
# Create logs directory
RUN mkdir -p /app/logs && chown -R appuser:appuser /app
# Switch to non-root user
USER appuser
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD curl -f http://localhost:8000/health || exit 1
# Expose port
EXPOSE 8000
# Production command
CMD ["uvicorn", "app.main:app", \
"--host", "0.0.0.0", \
"--port", "8000", \
"--workers", "4", \
"--access-log", \
"--log-level", "info"]
Reference in New Issue View Git Blame Copy Permalink