Deploy

Dockerfile

@@ -1,42 +1,33 @@
 # Dockerfile
 
-# 1. Choose a base Python image
-#    Using a specific version is recommended for reproducibility.
-#    The '-slim' variant is smaller.
-FROM python:3.12-slim
+FROM python:3.10-slim
 
-# 2. Set environment variables (optional but good practice)
-ENV PYTHONDONTWRITEBYTECODE 1 
-ENV PYTHONUNBUFFERED 1       
+ENV PYTHONDONTWRITEBYTECODE 1
+ENV PYTHONUNBUFFERED 1
 
 # Create a non-root user and group
 ARG UID=1000
 ARG GID=1000
 RUN groupadd -g ${GID} --system appgroup && useradd -u ${UID} -g appgroup --system appuser
 
-
-# 3. Set the working directory inside the container
 WORKDIR /app
 
 # Create data directory and set permissions
 RUN mkdir /app/data && chown appuser:appgroup /app/data
 
-# 4. Copy only the requirements file first to leverage Docker cache
+# Copy requirements and install as root first (some packages might need it)
 COPY requirements.txt .
-
-# 5. Install dependencies
-#    --no-cache-dir makes the image smaller
-#    --upgrade pip ensures we have the latest pip
 RUN pip install --no-cache-dir --upgrade pip && \
     pip install --no-cache-dir -r requirements.txt
 
-# 6. Copy the rest of the application code into the working directory
+# Copy application code and set permissions
 COPY . .
+RUN chown -R appuser:appgroup /app
+
+# Switch to the non-root user
+USER appuser
 
-# 7. Expose the port the app runs on (uvicorn default is 8000)
 EXPOSE 8000
 
-# 8. Define the default command to run when the container starts
-#    Use exec form for proper signal handling.
-#    Do NOT use --reload in production.
+# Run uvicorn as the non-root user
 CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"]