-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDockerfile
More file actions
62 lines (47 loc) · 1.6 KB
/
Dockerfile
File metadata and controls
62 lines (47 loc) · 1.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
FROM python:3.14-slim
ARG APP_UID=1000
ARG APP_GID=1000
# Install system dependencies and language toolchains
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
nodejs \
npm \
git \
curl \
wget \
build-essential \
golang \
&& npm install -g ts-node typescript \
&& rm -rf /var/lib/apt/lists/*
RUN npm install -g typescript
# Set environment variables
ENV PYTHONDONTWRITEBYTECODE=1 \
DEBIAN_FRONTEND=noninteractive \
PYTHONUNBUFFERED=1 \
REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt \
UV_PROJECT_ENVIRONMENT=/opt/venv \
PORT=8000
# Install UV
COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
# Set working directory
WORKDIR /app
# Create non-root user early so we can chown directories later
RUN groupadd --gid ${APP_GID} app && useradd --uid ${APP_UID} --gid app --create-home app
# Copy dependency files
COPY pyproject.toml uv.lock* README.md ./
# Copy application code before syncing so the project package is available for install
COPY src/ ./src/
# Install dependencies using UV
RUN uv sync --frozen --no-dev && \
/opt/venv/bin/python -m pip --version && \
chown -R app:app /opt/venv /app
# Drop privileges for runtime
USER app
ENV PATH="/opt/venv/bin:${PATH}"
# Expose port
EXPOSE 8000
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD curl -f http://localhost:${PORT:-8000}/health || exit 1
# Run the application (uv will use the synced virtualenv)
CMD ["sh", "-c", "uvicorn mcp_code_interpreter.server:app --host 0.0.0.0 --port ${PORT:-8000}"]