-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
38 lines (29 loc) · 1.05 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
FROM python:3.11-slim
# mention "admissionController" as the source of integration to bridgecrew.cloud
ENV BC_SOURCE=admissionController
ENV PIP_ENV_VERSION="2023.7.23"
ENV RUN_IN_DOCKER=True
RUN set -eux; \
apt-get update; \
apt-get -y --no-install-recommends upgrade; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY Pipfile Pipfile.lock ./
RUN set -eux; \
pip install --no-deps pipenv==${PIP_ENV_VERSION}; \
pipenv requirements > requirements.txt; \
pip install -r requirements.txt --no-deps; \
rm -f requirements.txt Pipfile Pipfile.lock; \
pip uninstall -y pipenv
COPY wsgi.py ./
COPY app ./app
# create the app user
RUN set -eux; \
addgroup --gid 11000 app; \
adduser --disabled-password --gecos "" --uid 11000 --ingroup app app; \
# chown all the files to the app user
chown -R app:app /app
# change to the app user
USER app
CMD gunicorn --certfile=/certs/webhook.crt --keyfile=/certs/webhook.key --bind 0.0.0.0:8443 wsgi:webhook