blanchon commited on
Commit
3a54942
Β·
1 Parent(s): 2f4ec9d
Files changed (1) hide show
  1. Dockerfile +41 -40
Dockerfile CHANGED
@@ -1,65 +1,66 @@
 
1
  FROM ghcr.io/astral-sh/uv:python3.12-bookworm-slim
2
 
3
- # ---------- build args ----------
4
  ARG PORT=8001
5
  ARG TRANSPORT_SERVER_URL=https://blanchon-robothub-transportserver.hf.space/api
6
 
7
- # ---------- system packages ----------
8
- RUN apt-get update && apt-get install -y --no-install-recommends \
9
- build-essential gcc g++ \
10
- libgl1-mesa-glx libglib2.0-0 libsm6 libxext6 libxrender-dev libgomp1 \
11
- ffmpeg git \
12
- && apt-get clean && rm -rf /var/lib/apt/lists/*
13
-
14
- # ---------- app user ----------
15
- RUN groupadd -r appuser && useradd -m -r -g appuser -s /bin/bash appuser
16
-
17
- # ---------- cache directories & environment ----------
18
- ENV HOME=/home/appuser
19
- ENV \
20
- HF_HOME=$HOME/.cache \
21
- HF_HUB_CACHE=$HOME/.cache/hub \
22
- HUGGINGFACE_HUB_CACHE=$HOME/.cache/hub \
23
- TRANSFORMERS_CACHE=$HOME/.cache/huggingface/hub \
24
- UV_CACHE_DIR=$HOME/.cache/uv \
25
- PYTHONUNBUFFERED=1 \
26
  PYTHONDONTWRITEBYTECODE=1 \
27
  UV_SYSTEM_PYTHON=1 \
28
  UV_COMPILE_BYTECODE=1 \
29
  PORT=${PORT} \
30
  TRANSPORT_SERVER_URL=${TRANSPORT_SERVER_URL}
31
 
32
- # create the caches while still root, then chown to appuser
33
- RUN mkdir -p "$HF_HUB_CACHE" "$TRANSFORMERS_CACHE" "$UV_CACHE_DIR" \
34
- && chown -R appuser:appuser "$HOME/.cache"
 
 
 
 
35
 
36
- # switch to non-root user (no inline comment!)
37
- USER appuser
 
 
 
 
 
 
 
 
 
38
 
39
- # ---------- workdir ----------
 
 
 
40
  WORKDIR /app
41
 
42
- # ---------- copy manifests first ----------
43
- COPY --chown=appuser:appuser pyproject.toml uv.lock* ./
44
- COPY --chown=appuser:appuser external/ ./external/
45
 
46
- # ---------- install deps ----------
47
- RUN --mount=type=cache,target=$UV_CACHE_DIR,uid=1000,gid=1000 \
48
  uv sync --locked --no-install-project --no-dev
49
 
50
- # ---------- copy source ----------
51
- COPY --chown=appuser:appuser . .
 
52
 
53
- # ---------- install the project itself ----------
54
- RUN --mount=type=cache,target=$UV_CACHE_DIR,uid=1000,gid=1000 \
55
  uv sync --locked --no-editable --no-dev
56
 
57
- # ---------- virtual-env path ----------
58
- ENV PATH="/app/.venv/bin:$PATH"
59
 
60
- # ---------- runtime ----------
61
  EXPOSE ${PORT}
 
 
62
  HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
63
- CMD python -c "import urllib.request, os; urllib.request.urlopen(f'http://localhost:{os.getenv(\"PORT\")}/api/health')" || exit 1
64
 
65
- CMD ["sh", "-c", "python launch_simple.py --host 0.0.0.0 --port ${PORT} --transport-server-url ${TRANSPORT_SERVER_URL}"]
 
 
1
+ # ─────────────────────────── base image ───────────────────────────
2
  FROM ghcr.io/astral-sh/uv:python3.12-bookworm-slim
3
 
 
4
  ARG PORT=8001
5
  ARG TRANSPORT_SERVER_URL=https://blanchon-robothub-transportserver.hf.space/api
6
 
7
+ # ──────────────────────── core environment ────────────────────────
8
+ ENV PYTHONUNBUFFERED=1 \
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
9
  PYTHONDONTWRITEBYTECODE=1 \
10
  UV_SYSTEM_PYTHON=1 \
11
  UV_COMPILE_BYTECODE=1 \
12
  PORT=${PORT} \
13
  TRANSPORT_SERVER_URL=${TRANSPORT_SERVER_URL}
14
 
15
+ # ────────────────────────── OS packages ───────────────────────────
16
+ RUN apt-get update && \
17
+ apt-get install -y --no-install-recommends \
18
+ build-essential gcc g++ \
19
+ libgl1-mesa-glx libglib2.0-0 libsm6 libxext6 libxrender-dev libgomp1 \
20
+ ffmpeg git && \
21
+ apt-get clean && rm -rf /var/lib/apt/lists/*
22
 
23
+ # ────────────────────────── app user ──────────────────────────────
24
+ RUN groupadd -r appuser && useradd -m -r -g appuser -s /bin/bash appuser
25
+ ENV HOME=/home/appuser
26
+ ENV USER=appuser
27
+
28
+ # All caches live in the user’s home β†’ no writes to system paths
29
+ ENV HF_HOME=$HOME/.cache/huggingface \
30
+ HF_HUB_CACHE=$HOME/.cache/huggingface/hub \
31
+ TRANSFORMERS_CACHE=$HOME/.cache/huggingface/transformers \
32
+ XDG_CACHE_HOME=$HOME/.cache \
33
+ UV_CACHE_DIR=$HOME/.cache/uv
34
 
35
+ RUN mkdir -p $HF_HUB_CACHE $TRANSFORMERS_CACHE $UV_CACHE_DIR && \
36
+ chown -R $USER:$USER $HOME/.cache
37
+
38
+ # ───────────────────────── project code ───────────────────────────
39
  WORKDIR /app
40
 
41
+ # 1️⃣ copy lockfiles first for layer-caching
42
+ COPY pyproject.toml uv.lock* /app/
43
+ COPY external/ /app/external/
44
 
45
+ RUN --mount=type=cache,target=/tmp/uv-cache \
 
46
  uv sync --locked --no-install-project --no-dev
47
 
48
+ # 2️⃣ copy the rest & install the project
49
+ COPY . /app/
50
+ RUN chown -R $USER:$USER /app
51
 
52
+ RUN --mount=type=cache,target=/tmp/uv-cache \
 
53
  uv sync --locked --no-editable --no-dev
54
 
55
+ # ───────────────────────── runtime user ───────────────────────────
56
+ USER appuser
57
 
58
+ # Expose port (parameterized)
59
  EXPOSE ${PORT}
60
+
61
+ # Health check
62
  HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
63
+ CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:${PORT}/api/health')" || exit 1
64
 
65
+ # Run the application
66
+ CMD ["sh", "-c", "python launch_simple.py --host 0.0.0.0 --port ${PORT} --transport-server-url ${TRANSPORT_SERVER_URL}"]