| # Use an official Python runtime as a parent image | |
| FROM python:3.11-slim@sha256:5148c0e4bbb64271bca1d3322360ebf4bfb7564507ae32dd639322e4952a6b16 | |
| # Set environment variables | |
| ENV PYTHONDONTWRITEBYTECODE=1 | |
| ENV PYTHONUNBUFFERED=1 | |
| # Set work directory | |
| WORKDIR /app | |
| # Install dependencies | |
| COPY requirements.txt . | |
| RUN pip install --upgrade pip | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| # Copy project | |
| COPY . . | |
| # Expose the port the app runs on | |
| EXPOSE 5000 | |
| # Use a non-root user for security | |
| RUN adduser --disabled-password myuser | |
| USER myuser | |
| # Command to run the application using Gunicorn | |
| CMD ["gunicorn", "--bind", "0.0.0.0:5000", "proxy:app"] |