Add user to dockerfile and create app in user home

Dockerfile

@@ -1,11 +1,14 @@
 FROM python:3.8.13 as base
 
-# RUN apt-get update && \
-#     apt-get -y install curl gunicorn python3
+# create user with id 1000 per huggingface
+RUN useradd -m -u 1000 user
+
+ENV HOME=/home/user \
+	PATH=/home/user/.local/bin:$PATH
 
 FROM base as python-base
 RUN curl -sSL https://bootstrap.pypa.io/get-pip.py | python3 -
-ENV APP_BASE_PATH="/opt/src"
+ENV APP_BASE_PATH="${HOME}/src"
 RUN mkdir -p ${APP_BASE_PATH}
 ENV PYTHONPATH="${APP_BASE_PATH}:${PYTHONPATH}"
 
@@ -19,9 +22,10 @@ COPY src/requirements.txt ./requirements.txt
 RUN python3 -m pip install -r requirements.txt
 
 FROM pip-install as copy-src
-COPY ./src /opt/src
-WORKDIR /opt/src
+USER user
+COPY --chown=user ./src ${APP_BASE_PATH}
+WORKDIR ${APP_BASE_PATH}
 
 
 FROM copy-src as production
-CMD ["/opt/src/run_app.sh"]
+CMD ["/home/user/src/run_app.sh"]

run_dev_container.sh

@@ -5,7 +5,7 @@ docker buildx build \
     . \
 && docker run -it \
     --rm \
-    --mount type=bind,source="$(pwd)/src",target=/opt/src \
+    --mount type=bind,source="$(pwd)/src",target=/home/user/src \
     --env-file .env \
     -p 7860:7860 \
     dev-$(basename `git rev-parse --show-toplevel`) \

run_pip_tools.sh

@@ -8,7 +8,7 @@ docker build \
     . \
 && docker run -it \
     --rm \
-    --mount type=bind,source="$(pwd)/src",target=/opt/src \
+    --mount type=bind,source="$(pwd)/src",target=/home/user/src \
     $CONTAINER_NAME \
     pip-compile requirements.in --resolver=backtracking