forked from EOP-OMB/opal
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
executable file
·38 lines (28 loc) · 1009 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
FROM python:3.8-slim-buster as stage1
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1
# set a directory for the app
WORKDIR /usr/src/app
# install dependencies
RUN apt update && apt-get upgrade -y
RUN apt install -y --no-install-recommends postgresql-client postgresql-contrib libpq-dev build-essential pkg-config libxml2-dev libxmlsec1-dev libxmlsec1-openssl apache2 apache2-dev
RUN apt clean
RUN rm -rf /var/lib/apt/lists/*
COPY ./requirements.txt /usr/src/app
# install Python requirements
RUN pip install --upgrade pip
RUN pip install --no-cache-dir -r requirements.txt
RUN pip install --no-cache-dir mod-wsgi
# Create Service account
RUN useradd -r -u 1001 opal
# copy all the files to the container
COPY . /usr/src/app/
# set ownership to service account and execute bit for statup script
RUN chown -R opal:opal .
RUN chmod u+x startup.sh
FROM stage1 as stage2
# run as an unprivileged user
USER opal
# use -p 8000:8000 with `docker run` to access the service
EXPOSE 8000
CMD ./startup.sh