Spaces:
Runtime error
Runtime error
| # Use the base Python image | |
| FROM python:3.9 | |
| # Set up a new user named "user" with user ID 1000 | |
| # This creates a new user within the Docker container with user ID 1000. | |
| RUN useradd -m -u 1000 user | |
| # Overrides permissions for Hugging Face Docker. | |
| # Switches to the newly created user to run subsequent commands, enhancing security. | |
| USER user | |
| # Set environment variables for the user's home directory and executable path | |
| ENV HOME=/home/user \ | |
| PATH=/home/user/.local/bin:$PATH | |
| # Set the working directory to /home/user/app | |
| WORKDIR $HOME/app | |
| # Install Python dependencies first to avoid reinstalling on code changes | |
| # Copy the requirements.txt file into the container and install dependencies. | |
| COPY ./requirements.txt $HOME/app/requirements.txt | |
| RUN pip install --no-cache-dir --upgrade -r requirements.txt \ | |
| && pip install --no-cache-dir --upgrade pymongo | |
| # Switch back to root to install system dependencies | |
| USER root | |
| # Install system dependencies | |
| RUN apt-get update \ | |
| && apt-get install -y ffmpeg python3-pyaudio portaudio19-dev \ | |
| && apt-get clean | |
| # Switch back to the user | |
| USER user | |
| # Expose the secret OPENAI_API_KEY at buildtime and use its value as an environment variable | |
| RUN --mount=type=secret,id=OPENAI_API_KEY,mode=0444,required=true \ | |
| echo "export OPENAI_API_KEY=$(cat /run/secrets/OPENAI_API_KEY)" >> /home/user/app/.env | |
| RUN --mount=type=secret,id=PINECONE_API_KEY,mode=0444,required=true \ | |
| echo "export PINECONE_API_KEY=$(cat /run/secrets/PINECONE_API_KEY)" >> /home/user/app/.env | |
| RUN --mount=type=secret,id=MONGO_URI,mode=0444,required=true \ | |
| echo "export MONGO_URI=$(cat /run/secrets/MONGO_URI)" >> /home/user/app/.env | |
| # Source the .env file to set environment variables | |
| RUN echo "source $HOME/app/.env" >> $HOME/.bashrc | |
| # Copy the rest of the application into the container | |
| # This includes your Python scripts, models, and any other necessary files. | |
| COPY --chown=user . $HOME/app | |
| # Specify the command to run when the container starts | |
| # Here, it runs the "app.py" script using the Python interpreter. | |
| CMD ["python", "app.py"] | |
| # -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | |
| # Overview | |
| # This Dockerfile is used to build a Docker image for a Python application. | |
| # It starts with the official Python 3.9 image as a base. | |
| # It then sets up a new user, switches to that user for security reasons, and defines environment variables. | |
| # The working directory is set to "/home/user/app," where Python dependencies are installed from the "requirements.txt" file. | |
| # The entire application is copied into the container. | |
| # Finally, the CMD directive specifies that the "app.py" script should run when the container starts. | |
| # Architecture: | |
| # In the context of Hugging Face Docker Spaces, this Docker image encapsulates your Python application, | |
| # ensuring that it runs consistently across different environments (linus, macOS, windows, etc). | |
| # Docker containers provide a lightweight and isolated environment for applications, enhancing portability and reproducibility. | |
| # The use of a non-root user and defined environment variables contributes to security best practices. | |
| # The "CMD" instruction specifies the default behavior of the container. | |