timmy 修订了这个 Gist 3 months ago. 转到此修订
没有任何变更
timmy 修订了这个 Gist 3 months ago. 转到此修订
2 files changed, 79 insertions
.dockerignore(文件已创建)
| @@ -0,0 +1,15 @@ | |||
| 1 | + | .git | |
| 2 | + | __pycache__/ | |
| 3 | + | *.pyc | |
| 4 | + | *.pyo | |
| 5 | + | *.pyd | |
| 6 | + | *.swp | |
| 7 | + | .env | |
| 8 | + | .venv | |
| 9 | + | .uv/ | |
| 10 | + | dist/ | |
| 11 | + | build/ | |
| 12 | + | .eggs/ | |
| 13 | + | .coverage | |
| 14 | + | .pytest_cache/ | |
| 15 | + | node_modules/ | |
Dockerfile(文件已创建)
| @@ -0,0 +1,64 @@ | |||
| 1 | + | # syntax=docker/dockerfile:1.7 | |
| 2 | + | ||
| 3 | + | ############################## | |
| 4 | + | # 1) Base: Python 3.12 on Debian 12 (bookworm), slim 版 | |
| 5 | + | ############################## | |
| 6 | + | FROM python:3.12-slim-bookworm AS base | |
| 7 | + | ||
| 8 | + | # 取得套件清單、升級現有套件,並清理快取檔,縮小映像檔 | |
| 9 | + | RUN --mount=type=cache,target=/var/cache/apt \ | |
| 10 | + | apt-get update \ | |
| 11 | + | && apt-get -y upgrade \ | |
| 12 | + | && apt-get install -y --no-install-recommends ca-certificates curl \ | |
| 13 | + | && rm -rf /var/lib/apt/lists/* | |
| 14 | + | ||
| 15 | + | ############################## | |
| 16 | + | # 2) Tool stage: 從 uv 官方映像抓可執行檔 | |
| 17 | + | ############################## | |
| 18 | + | FROM ghcr.io/astral-sh/uv:latest AS uvbin | |
| 19 | + | ||
| 20 | + | ############################## | |
| 21 | + | # 3) Runtime: 把 uv 複製進來 + 建置專案 | |
| 22 | + | ############################## | |
| 23 | + | FROM base AS runtime | |
| 24 | + | ||
| 25 | + | # 複製 uv 執行檔 | |
| 26 | + | COPY --from=uvbin /uv /usr/local/bin/uv | |
| 27 | + | ||
| 28 | + | # 設定工作目錄 | |
| 29 | + | WORKDIR /app | |
| 30 | + | ||
| 31 | + | # --- 快取關鍵:先複製相依檔,再安裝 --- | |
| 32 | + | # 若你用 pyproject/uv.lock | |
| 33 | + | COPY pyproject.toml uv.lock* ./ | |
| 34 | + | # 若你是 requirements.txt 流程,也一起複製(可選) | |
| 35 | + | COPY requirements.txt* ./ | |
| 36 | + | ||
| 37 | + | # 安裝相依(優先使用 uv 的鎖定檔) | |
| 38 | + | # 1) 有 pyproject.toml/uv.lock:同步相依,但先不安裝專案本身(no-install-project) | |
| 39 | + | # 2) 否則退回 requirements.txt(若不存在此檔,指令會忽略) | |
| 40 | + | RUN set -eux; \ | |
| 41 | + | if [ -f "pyproject.toml" ]; then \ | |
| 42 | + | uv sync --frozen --no-dev --no-install-project; \ | |
| 43 | + | fi; \ | |
| 44 | + | if [ -f "requirements.txt" ]; then \ | |
| 45 | + | uv pip install -r requirements.txt; \ | |
| 46 | + | fi | |
| 47 | + | ||
| 48 | + | # 最後才複製所有程式碼(讓上面相依可以被 Docker layer 快取) | |
| 49 | + | COPY . . | |
| 50 | + | ||
| 51 | + | # 設 PYTHONPATH,讓程式能找到專案根目錄的模組 | |
| 52 | + | ENV PYTHONPATH=/app | |
| 53 | + | ||
| 54 | + | # 建立非 root 使用者,並給予 /app 權限 | |
| 55 | + | RUN useradd -m -u 10001 app \ | |
| 56 | + | && chown -R app:app /app | |
| 57 | + | USER app | |
| 58 | + | ||
| 59 | + | # 預設用 uv 的虛擬環境執行 Python(更安全、可重現) | |
| 60 | + | # 依你的專案啟動方式擇一: | |
| 61 | + | # - 若有 app 套件並可 python -m app 啟動 | |
| 62 | + | CMD ["uv", "run", "python", "-m", "app"] | |
| 63 | + | # - 或改為執行 main.py: | |
| 64 | + | # CMD ["uv", "run", "python", "main.py"] | |
上一页
下一页