Daneel
9c568a4a0a
Complete workflow guide for Perl, Python, Go, Ansible, Terraform, Podman. Includes working example files in examples/ directory.
45 lines
1.1 KiB
Docker
45 lines
1.1 KiB
Docker
# Dockerfile — Multi-stage build for a Python application.
|
|
#
|
|
# Navigate: SPC s i (imenu), Lint: flycheck (hadolint)
|
|
# Build: SPC m b (podman build), Run: SPC m r (podman run)
|
|
#
|
|
# Build: podman build -t myapp:latest -f Dockerfile .
|
|
# Run: podman run --rm -p 8080:8080 myapp:latest
|
|
|
|
# --- Stage 1: Build dependencies ---
|
|
FROM python:3.12-slim AS builder
|
|
|
|
WORKDIR /build
|
|
|
|
# Install dependencies first (layer caching)
|
|
COPY requirements.txt .
|
|
RUN pip install --no-cache-dir --prefix=/install -r requirements.txt
|
|
|
|
# --- Stage 2: Runtime image ---
|
|
FROM python:3.12-slim AS runtime
|
|
|
|
# Security: non-root user
|
|
RUN groupadd -r appuser && useradd -r -g appuser -d /app -s /sbin/nologin appuser
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy installed packages from builder
|
|
COPY --from=builder /install /usr/local
|
|
|
|
# Copy application code
|
|
COPY app/ ./app/
|
|
COPY main.py .
|
|
|
|
# Set ownership
|
|
RUN chown -R appuser:appuser /app
|
|
|
|
USER appuser
|
|
|
|
EXPOSE 8080
|
|
|
|
# Healthcheck: verify the app responds
|
|
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
|
|
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8080/health')" || exit 1
|
|
|
|
ENTRYPOINT ["python", "main.py"]
|