-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
95 lines (72 loc) · 3.03 KB
/
Dockerfile
File metadata and controls
95 lines (72 loc) · 3.03 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# Research Agent Dockerfile
# Multi-stage build for smaller production images
# =============================================================================
# Base stage - Common dependencies
# =============================================================================
FROM python:3.12-slim-bookworm AS base
# Prevent Python from writing bytecode and buffering stdout/stderr
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
# pip configuration
PIP_NO_CACHE_DIR=1 \
PIP_DISABLE_PIP_VERSION_CHECK=1
# Install system dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
curl \
# For LaTeX PDF compilation (optional, remove if not needed)
texlive-latex-base \
texlive-latex-recommended \
texlive-fonts-recommended \
texlive-bibtex-extra \
biber \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get clean
# Create non-root user for security
RUN groupadd --gid 1000 appgroup \
&& useradd --uid 1000 --gid appgroup --shell /bin/bash --create-home appuser
WORKDIR /app
# =============================================================================
# Dependencies stage - Install Python packages
# =============================================================================
FROM base AS dependencies
# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
&& rm -rf /var/lib/apt/lists/*
# Copy only dependency files first for better caching
COPY pyproject.toml ./
# Install dependencies
RUN pip install --no-cache-dir .
# =============================================================================
# Development stage - For local development with hot reload
# =============================================================================
FROM dependencies AS development
# Install dev dependencies
RUN pip install --no-cache-dir ".[dev]"
# Copy source code
COPY --chown=appuser:appgroup src/ ./src/
COPY --chown=appuser:appgroup tests/ ./tests/
# Create outputs directory
RUN mkdir -p outputs && chown appuser:appgroup outputs
USER appuser
# Run with hot reload
CMD ["uvicorn", "src.main:app", "--host", "0.0.0.0", "--port", "8000", "--reload"]
# =============================================================================
# Production stage - Minimal image for deployment
# =============================================================================
FROM base AS production
# Copy installed packages from dependencies stage
COPY --from=dependencies /usr/local/lib/python3.12/site-packages /usr/local/lib/python3.12/site-packages
COPY --from=dependencies /usr/local/bin /usr/local/bin
# Copy source code
COPY --chown=appuser:appgroup src/ ./src/
# Create outputs directory
RUN mkdir -p outputs && chown appuser:appgroup outputs
USER appuser
# Expose port
EXPOSE 8000
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \
CMD curl -f http://localhost:8000/health || exit 1
# Run with production settings
CMD ["uvicorn", "src.main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "1"]