FROM python:3.9 | |
WORKDIR /code | |
COPY ./requirements.txt /code/requirements.txt | |
RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt | |
RUN useradd user | |
USER user | |
ENV HOME = /home/user \ | |
PATH=/home/user/.local/bin:$PATH | |
WORKDIR $HOME/app | |
COPY --chown=user . $HOME/app | |
CMD ["uvicorn", "app:app","--host", "0.0.0.0", "--port", "3000"] | |
# FROM python:3.9 | |
# Specifies that the base image is Python 3.9. | |
# WORKDIR /code | |
# Sets /code as the working directory for the rest of the Dockerfile instructions, if /code is not present, it is created. Used in docker files. | |
# COPY requirements.txt /code/ | |
# Copies requirements.txt from the host machine to the /code directory in the container. The path is relative to /code due to the WORKDIR instruction. | |
# RUN pip install --no-cache-dir --upgrade -r requirements.txt | |
# Runs pip install within the /code directory, installing Python packages specified in requirements.txt. | |
# COPY . /code/ | |
# Copies the rest of the application files from the host machine into the /code directory in the container. | |
# RUN useradd user | |
# Adds a new user named user to the container. This step is used to create a non-root user for better security practices. | |
# USER user | |
# Switches the user context to user. | |
# ENV HOME=/home/user \ PATH=/home/user/.local/bin:$PATH | |
# Setting the path as the local/bin where all executables like pip are found. Without this we have to mention path to pip everytime else computer does not know what pip is. But now, with the default executables path, it knows where to look pip for. This tells the computer, "Whenever you look for commands to run, also check the /home/user/.local/bin folder." | |
# WORKDIR $HOME/app | |
# Changes the working directory to $HOME/app (which resolves to /home/user/app). This sets the directory where the application files will be copied and run. | |
# COPY --chown=user . $HOME/app | |
# Copies the application files from your local machine to the $HOME/app directory in the container, setting the ownership to user. --chown=user ensures that the files are owned by the user rather than the root, which helps maintain the security context. | |
# CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "3000"] | |
# The CMD command tells Docker to start your web application with Uvicorn, make it available on the network, and listen on port 3000. |