Dockerfile

FROM python:3.10

# Get secret DB_URL and output it to /test at buildtime
RUN --mount=type=secret,id=DB_URL,mode=0444,required=true \
   cat /run/secrets/DB_URL > /test

# Set up a new user named "user" with user ID 1000
RUN useradd -m -u 1000 user

# Switch to the "user" user
USER user

# Set home to the user's home directory
ENV HOME=/home/user \
	PATH=/home/user/.local/bin:$PATH

# Set the working directory to the user's home directory
WORKDIR $HOME/app

# Copy the current directory contents into the container at $HOME/app setting the owner to the user
COPY --chown=user . $HOME/app

RUN pip install --no-cache-dir poetry

RUN poetry install --only main

CMD ["poetry", "run", "start"]