Spaces:
Running
Running
Commit
•
a19c976
1
Parent(s):
697d242
push3
Browse files- Dockerfile +9 -3
Dockerfile
CHANGED
|
@@ -36,13 +36,19 @@ COPY requirements.txt /tmp/requirements.txt
|
|
| 36 |
RUN pip install --no-cache-dir --upgrade pip \
|
| 37 |
&& pip install --no-cache-dir -r /tmp/requirements.txt
|
| 38 |
|
| 39 |
-
#
|
| 40 |
-
|
| 41 |
-
|
| 42 |
RUN chown -R user:user /code
|
| 43 |
|
|
|
|
|
|
|
|
|
|
| 44 |
WORKDIR /code
|
| 45 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 46 |
# Use secrets during build
|
| 47 |
RUN --mount=type=secret,id=HOST,required=true \
|
| 48 |
--mount=type=secret,id=DJANGO_SECRET,required=true \
|
|
|
|
| 36 |
RUN pip install --no-cache-dir --upgrade pip \
|
| 37 |
&& pip install --no-cache-dir -r /tmp/requirements.txt
|
| 38 |
|
| 39 |
+
# Create a user and set permissions
|
| 40 |
+
RUN useradd -m -u 1000 user
|
|
|
|
| 41 |
RUN chown -R user:user /code
|
| 42 |
|
| 43 |
+
# Copy application code
|
| 44 |
+
COPY --chown=user . /code
|
| 45 |
+
|
| 46 |
WORKDIR /code
|
| 47 |
|
| 48 |
+
# Switch to the new user
|
| 49 |
+
USER user
|
| 50 |
+
ENV PATH="/home/user/.local/bin:$PATH"
|
| 51 |
+
|
| 52 |
# Use secrets during build
|
| 53 |
RUN --mount=type=secret,id=HOST,required=true \
|
| 54 |
--mount=type=secret,id=DJANGO_SECRET,required=true \
|