# Use a lightweight Python image FROM python:3.10.12 # Install system dependencies RUN apt-get update && apt-get install -y \ libgl1-mesa-glx \ libglib2.0-0 \ && rm -rf /var/lib/apt/lists/* # Create a non-root user RUN useradd -m -u 1000 user # Set up the working directory WORKDIR /app # Copy the requirements and install dependencies COPY requirements.txt . RUN pip install --no-cache-dir --upgrade -r requirements.txt # Copy the rest of the application COPY . . # Create and set permissions for the cache directory RUN mkdir -p /.cache /app/.cache && \ chown -R user:user /.cache /app/.cache && \ chmod -R u+w,go-w /.cache /app/.cache # Set up the environment variables ENV ALEMBIC_CONFIG=alembic.ini ENV TORCH_HOME=/app/.cache/torch # Switch to the non-root user USER user # Run the application, including the migration step CMD ["bash", "-c", "alembic upgrade head && uvicorn main:app --host 0.0.0.0 --port 7860"]