+8

.dockerignore

reviewed

··· 1 1 + .env 2 2 + .env.* 3 3 + .gitignore 4 4 + .DS_Store 5 5 + *.swp 6 6 + *~ 7 7 + __pycache__/ 8 8 + .venv

+14 -13

Containerfile

reviewed

··· 1 1 - FROM python:3.12-slim-bookworm 1 1 + FROM python:3.12-alpine 2 2 COPY --from=ghcr.io/astral-sh/uv:0.7.12 /uv /uvx /bin/ 3 3 4 4 + # Install build tools & runtime dependencies 5 5 + RUN apk add --no-cache \ 6 6 + ffmpeg \ 7 7 + file \ 8 8 + libmagic 9 9 + 10 10 + RUN mkdir -p /app/data 4 11 WORKDIR /app 5 12 6 6 - RUN \ 7 7 - --mount=type=cache,id=apt-cache,target=/var/cache/apt,sharing=locked \ 8 8 - --mount=type=cache,id=apt-lib-cache,target=/var/lib/apt,sharing=locked \ 9 9 - apt-get update; \ 10 10 - apt-get dist-upgrade -yq; \ 11 11 - apt-get install -y --no-install-recommends \ 12 12 - ffmpeg \ 13 13 - libmagic1 13 13 + # switch to a non-root user 14 14 + RUN adduser -D -u 1000 app && \ 15 15 + chown -R app:app /app 16 16 + USER app 14 17 15 18 # Enable bytecode compilation 16 19 ENV UV_COMPILE_BYTECODE=1 ··· 19 22 ENV UV_LINK_MODE=copy 20 23 21 24 # Install the project's dependencies using the lockfile and settings 25 25 + COPY ./uv.lock ./pyproject.toml /app/ 22 26 RUN --mount=type=cache,target=/root/.cache/uv \ 23 23 - --mount=type=bind,source=uv.lock,target=uv.lock \ 24 24 - --mount=type=bind,source=pyproject.toml,target=pyproject.toml \ 25 27 uv sync --locked --no-install-project --no-dev 26 28 27 29 # Define app data volume 28 30 VOLUME /app/data 29 31 30 32 # Then, add the rest of the project source code and install it 31 31 - # Installing separately from its dependencies allows optimal layer caching 32 33 COPY . /app 33 34 RUN --mount=type=cache,target=/root/.cache/uv \ 34 35 uv sync --locked --no-dev ··· 37 38 ENV PATH="/app/.venv/bin:$PATH" 38 39 39 40 # Set entrypoint to run the app using uv 40 40 - ENTRYPOINT ["uv", "run", "main.py"] 41 41 + ENTRYPOINT ["uv", "run", "main.py"]

-36

Containerfile-alpine

reviewed

··· 1 1 - FROM python:3.12-alpine 2 2 - COPY --from=ghcr.io/astral-sh/uv:0.7.12 /uv /uvx /bin/ 3 3 - 4 4 - WORKDIR /app 5 5 - 6 6 - # Install build tools & runtime dependencies 7 7 - RUN apk add --no-cache \ 8 8 - ffmpeg \ 9 9 - file \ 10 10 - libmagic 11 11 - 12 12 - # Enable bytecode compilation 13 13 - ENV UV_COMPILE_BYTECODE=1 14 14 - 15 15 - # Copy from the cache instead of linking since it's a mounted volume 16 16 - ENV UV_LINK_MODE=copy 17 17 - 18 18 - # Install the project's dependencies using the lockfile and settings 19 19 - RUN --mount=type=cache,target=/root/.cache/uv \ 20 20 - --mount=type=bind,source=uv.lock,target=uv.lock \ 21 21 - --mount=type=bind,source=pyproject.toml,target=pyproject.toml \ 22 22 - uv sync --locked --no-install-project --no-dev 23 23 - 24 24 - # Define app data volume 25 25 - VOLUME /app/data 26 26 - 27 27 - # Then, add the rest of the project source code and install it 28 28 - COPY . /app 29 29 - RUN --mount=type=cache,target=/root/.cache/uv \ 30 30 - uv sync --locked --no-dev 31 31 - 32 32 - # Place executables in the environment at the front of the path 33 33 - ENV PATH="/app/.venv/bin:$PATH" 34 34 - 35 35 - # Set entrypoint to run the app using uv 36 36 - ENTRYPOINT ["uv", "run", "main.py"]