CodeExecutor-API/Dockerfile at dev · Saannddy/CodeExecutor-API · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
FROM debian:bookworm-slim

# Install system dependencies
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
    build-essential \
    default-jdk-headless \
    python3 \
    python3-pip \
    nodejs \
    npm && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

# Fix python naming
RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 1

# Create a non-root user
RUN useradd -m coder && \
    mkdir -p /usr/src/app && \
    chown coder:coder /usr/src/app

WORKDIR /usr/src/app

# Install python dependencies as root (system-wide)
COPY src/requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt --break-system-packages

# Copy application source
COPY --chown=coder:coder src/ .
COPY --chown=coder:coder alembic/ ./alembic/
COPY --chown=coder:coder alembic.ini .

USER coder

# Constrain JVM heap for child processes to save memory
ENV JAVA_TOOL_OPTIONS="-Xmx64m -Xms32m"

EXPOSE 3000

CMD ["gunicorn", "--workers", "2", "--preload", "--bind", "0.0.0.0:3000", "--timeout", "60", "--access-logfile", "-", "app:app"]