Spaces:
Sleeping
Sleeping
Update Dockerfile
Browse files- Dockerfile +11 -4
Dockerfile
CHANGED
|
@@ -1,17 +1,24 @@
|
|
| 1 |
-
# ---- Dockerfile
|
| 2 |
FROM python:3.10-slim
|
| 3 |
|
|
|
|
| 4 |
RUN apt-get update && apt-get install -y --no-install-recommends git ca-certificates && \
|
| 5 |
rm -rf /var/lib/apt/lists/*
|
| 6 |
|
| 7 |
-
#
|
|
|
|
|
|
|
|
|
|
| 8 |
ENV WORKSPACE=/home/user/workspace
|
| 9 |
-
RUN mkdir -p ${WORKSPACE}
|
|
|
|
|
|
|
|
|
|
| 10 |
WORKDIR ${WORKSPACE}
|
| 11 |
|
| 12 |
ENV PIP_NO_CACHE_DIR=1 PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1
|
| 13 |
|
| 14 |
-
|
|
|
|
| 15 |
RUN chmod +x /usr/local/bin/entrypoint.sh
|
| 16 |
|
| 17 |
EXPOSE 7860
|
|
|
|
|
|
|
| 1 |
FROM python:3.10-slim
|
| 2 |
|
| 3 |
+
# Dépendances système
|
| 4 |
RUN apt-get update && apt-get install -y --no-install-recommends git ca-certificates && \
|
| 5 |
rm -rf /var/lib/apt/lists/*
|
| 6 |
|
| 7 |
+
# Créer l'utilisateur 'user' (uid=1000), comme sur HF, et son home
|
| 8 |
+
RUN useradd -m -u 1000 user || true
|
| 9 |
+
|
| 10 |
+
# Espace de travail persistant et **inscriptible** par l'utilisateur
|
| 11 |
ENV WORKSPACE=/home/user/workspace
|
| 12 |
+
RUN mkdir -p ${WORKSPACE} && chown -R user:user /home/user
|
| 13 |
+
|
| 14 |
+
# Contexte d'exécution en tant que 'user' (non-root)
|
| 15 |
+
USER user
|
| 16 |
WORKDIR ${WORKSPACE}
|
| 17 |
|
| 18 |
ENV PIP_NO_CACHE_DIR=1 PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1
|
| 19 |
|
| 20 |
+
# Entrypoint
|
| 21 |
+
COPY --chown=user:user entrypoint.sh /usr/local/bin/entrypoint.sh
|
| 22 |
RUN chmod +x /usr/local/bin/entrypoint.sh
|
| 23 |
|
| 24 |
EXPOSE 7860
|