Enhance Dockerfile to create vector store and chat history directories with appropriate permissions, and run the application as a non-root user
Browse files- Dockerfile +11 -0
Dockerfile
CHANGED
@@ -9,6 +9,10 @@ RUN apt-get update && apt-get install -y \
|
|
9 |
software-properties-common \
|
10 |
&& rm -rf /var/lib/apt/lists/*
|
11 |
|
|
|
|
|
|
|
|
|
12 |
# Copy requirements first to leverage Docker cache
|
13 |
COPY requirements.txt .
|
14 |
RUN pip install --no-cache-dir -r requirements.txt
|
@@ -16,8 +20,15 @@ RUN pip install --no-cache-dir -r requirements.txt
|
|
16 |
# Copy the rest of the application
|
17 |
COPY . .
|
18 |
|
|
|
|
|
|
|
|
|
19 |
# Make port 8000 available to the world outside this container
|
20 |
EXPOSE 8000
|
21 |
|
|
|
|
|
|
|
22 |
# Run the application
|
23 |
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "8000"]
|
|
|
9 |
software-properties-common \
|
10 |
&& rm -rf /var/lib/apt/lists/*
|
11 |
|
12 |
+
# Create directory for vector store and set permissions
|
13 |
+
RUN mkdir -p /app/vector_store /app/chat_history && \
|
14 |
+
chmod 777 /app/vector_store /app/chat_history
|
15 |
+
|
16 |
# Copy requirements first to leverage Docker cache
|
17 |
COPY requirements.txt .
|
18 |
RUN pip install --no-cache-dir -r requirements.txt
|
|
|
20 |
# Copy the rest of the application
|
21 |
COPY . .
|
22 |
|
23 |
+
# Set permissions for the application directory
|
24 |
+
RUN chown -R 1000:1000 /app && \
|
25 |
+
chmod -R 755 /app
|
26 |
+
|
27 |
# Make port 8000 available to the world outside this container
|
28 |
EXPOSE 8000
|
29 |
|
30 |
+
# Run the application as non-root user
|
31 |
+
USER 1000
|
32 |
+
|
33 |
# Run the application
|
34 |
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "8000"]
|