-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
69 lines (39 loc) · 1.22 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# syntax=docker/dockerfile:1
ARG PYTHON_VERSION=3.12
FROM python:${PYTHON_VERSION}-slim-bookworm AS base
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
PATH="/app/venv/bin:$PATH"
RUN apt-get update && apt-get install -y --no-install-recommends \
curl \
&& rm -rf /var/lib/apt/lists/*
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--shell "/sbin/nologin" \
--uid "${UID}" \
appuser
USER appuser
WORKDIR /app
FROM base AS base-deps
ENV PATH="/home/appuser/.local/bin:$PATH"
RUN pip install --user poetry==1.8.2 \
&& python -m venv venv
ENV VIRTUAL_ENV="/app/venv"
COPY pyproject.toml poetry.lock ./
FROM base-deps AS server-deps
RUN poetry install --sync --with=server
FROM base-deps AS worker-deps
RUN poetry install --sync --with=worker
FROM base AS server
COPY --from=server-deps /app/venv ./venv
COPY . .
EXPOSE 8000
CMD ["uvicorn", "scanner.main:app", "--host=0.0.0.0", "--port=8000"]
HEALTHCHECK CMD curl --fail http://localhost:8000/scans || exit 1
FROM base AS worker
COPY --from=worker-deps /app/venv ./venv
COPY . .
CMD ["celery", "-A", "scanner.tasks", "worker", "--loglevel=info"]
HEALTHCHECK CMD ["celery", "-A", "scanner.tasks", "inspect", "ping"]