Создание Docker контейнера
This commit is contained in:
74
Dockerfile
Normal file
74
Dockerfile
Normal file
@@ -0,0 +1,74 @@
|
||||
# syntax=docker/dockerfile:1.7
|
||||
|
||||
# ============================================================
|
||||
# Stage 1 — builder
|
||||
# ============================================================
|
||||
FROM python:3.13-slim AS builder
|
||||
|
||||
# Metadata arguments (для CI/CD)
|
||||
ARG BUILD_DATE
|
||||
ARG VCS_REF
|
||||
ARG VERSION=dev
|
||||
|
||||
# Python runtime оптимизация
|
||||
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||||
PYTHONUNBUFFERED=1
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# Установка uv (копируем бинарник напрямую — быстрее pip)
|
||||
COPY --from=ghcr.io/astral-sh/uv:0.10.8 /uv /uvx /bin/
|
||||
|
||||
# Копируем только файлы зависимостей (Docker cache layer)
|
||||
COPY pyproject.toml uv.lock* ./
|
||||
|
||||
# Установка зависимостей
|
||||
RUN --mount=type=cache,target=/root/.cache/uv \
|
||||
uv sync --no-dev --frozen
|
||||
|
||||
# ============================================================
|
||||
# Stage 2 — runtime
|
||||
# ============================================================
|
||||
FROM python:3.13-slim
|
||||
|
||||
ARG BUILD_DATE
|
||||
ARG VCS_REF
|
||||
ARG VERSION=dev
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# Python runtime оптимизация
|
||||
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||||
PYTHONUNBUFFERED=1 \
|
||||
PATH="/app/.venv/bin:$PATH" \
|
||||
PYTHONPATH="/app"
|
||||
|
||||
# Создание non-root пользователя
|
||||
RUN groupadd -g 1000 app \
|
||||
&& useradd -u 1000 -g app -m -s /usr/sbin/nologin app
|
||||
|
||||
# Копируем виртуальное окружение
|
||||
COPY --from=builder /app/.venv /app/.venv
|
||||
|
||||
# Копируем код приложения
|
||||
COPY --chown=app:app . .
|
||||
|
||||
# Создаём runtime директории
|
||||
RUN mkdir -p logs data \
|
||||
&& chown -R app:app /app
|
||||
|
||||
USER app
|
||||
|
||||
# OCI image metadata
|
||||
LABEL org.opencontainers.image.title="Python Application" \
|
||||
org.opencontainers.image.description="Production Python container" \
|
||||
org.opencontainers.image.version="${VERSION}" \
|
||||
org.opencontainers.image.created="${BUILD_DATE}" \
|
||||
org.opencontainers.image.revision="${VCS_REF}"
|
||||
|
||||
# Healthcheck (опционально)
|
||||
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
|
||||
CMD python -c "import socket; s=socket.socket(); s.connect(('127.0.0.1',8000)); s.close()" || exit 1
|
||||
|
||||
# Default command
|
||||
CMD ["python", "main.py"]
|
||||
Reference in New Issue
Block a user