FROM python:3.11-slim # Set environment variables ENV PYTHONUNBUFFERED=1 \ PYTHONDONTWRITEBYTECODE=1 \ PIP_NO_CACHE_DIR=1 \ PIP_DISABLE_PIP_VERSION_CHECK=1 # Create non-root user first RUN useradd --create-home --shell /bin/bash --uid 1000 app # Set work directory WORKDIR /app # Install system dependencies RUN apt-get update && apt-get install -y \ gcc \ g++ \ curl \ && rm -rf /var/lib/apt/lists/* # Change ownership of /app to app user RUN chown -R app:app /app # Switch to app user USER app # Install UV for faster Python package management RUN pip install --user uv # Add user's pip bin to PATH ENV PATH="/home/app/.local/bin:$PATH" # Copy pyproject.toml and uv.lock COPY --chown=app:app pyproject.toml uv.lock ./ # Install Python dependencies as app user RUN uv sync --frozen --no-dev # Copy application code COPY --chown=app:app . . # Expose port EXPOSE 8000 # Health check HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \ CMD curl -f http://localhost:8000/api/health || exit 1 # Run the application CMD ["uv", "run", "python", "-m", "uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"]