| FROM python:3.10-slim | |
| # ββ Base OS packages ββββββββββββββββββββββββββββββββββββββββββββββββ | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| gcc python3-dev openssl curl ca-certificates gnupg build-essential \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # ββ MariaDB client libs βββββββββββββββββββββββββββββββββββββββββββββ | |
| RUN curl -LsSO https://r.mariadb.com/downloads/mariadb_repo_setup && \ | |
| chmod +x mariadb_repo_setup && ./mariadb_repo_setup --mariadb-server-version="mariadb-11.7" && \ | |
| apt-get update && apt-get install -y --no-install-recommends \ | |
| libmariadb3 libmariadb-dev && \ | |
| apt-get clean && rm -rf /var/lib/apt/lists/* | |
| # ββ Python tooling βββββββββββββββββββββββββββββββββββββββββββββββββ | |
| RUN pip install --no-cache-dir uv==0.1.37 # pin to avoid future breakage | |
| WORKDIR /app | |
| COPY . /app | |
| # Install your project + FastMCP server dependencies | |
| RUN uv pip install -e .[server] --system | |
| # ββ Create unprivileged runtime user βββββββββββββββββββββββββββββββ | |
| RUN useradd -m -u 1000 user | |
| USER user | |
| # ββ Environment ββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ENV HOME=/home/user \ | |
| PATH=/home/user/.local/bin:$PATH \ | |
| UV_NO_CACHE=1 \ | |
| UV_CACHE_DIR=/dev/null \ | |
| PORT=7860 | |
| # ββ Expose and health-check ββββββββββββββββββββββββββββββββββββββββ | |
| EXPOSE 7860 | |
| HEALTHCHECK --interval=30s --timeout=5s --start-period=15s \ | |
| CMD curl -f http://localhost:7860/ || exit 1 | |
| # ββ Launch wrapper app (app.py) instead of CLI βββββββββββββββββββββ | |
| CMD uvicorn app:app --host 0.0.0.0 --port $PORT --workers 1 | |