40 lines
984 B
Docker
40 lines
984 B
Docker
# Stage 1: Builder (Compilación y dependencias)
|
|
FROM python:3.14-slim as builder
|
|
|
|
WORKDIR /app
|
|
|
|
# Variables de entorno para optimizar Poetry y Pip
|
|
ENV POETRY_NO_INTERACTION=1 \
|
|
POETRY_VIRTUALENVS_IN_PROJECT=1 \
|
|
POETRY_VIRTUALENVS_CREATE=1 \
|
|
PIP_NO_CACHE_DIR=1
|
|
|
|
# Instalar Poetry
|
|
RUN pip install poetry
|
|
|
|
# Copiar archivos de configuración primero para aprovechar el caché de capas
|
|
COPY pyproject.toml poetry.lock ./
|
|
|
|
# Instalar dependencias de producción (sin dev)
|
|
RUN poetry install --without dev --no-root
|
|
|
|
# Stage 2: Runtime (Imagen final limpia)
|
|
FROM python:3.14-slim as runtime
|
|
|
|
WORKDIR /app
|
|
ENV VIRTUAL_ENV=/app/.venv \
|
|
PATH="/app/.venv/bin:$PATH"
|
|
|
|
# Copiar el entorno virtual generado en el stage anterior
|
|
COPY --from=builder /app/.venv /app/.venv
|
|
|
|
# Copiar el código fuente
|
|
COPY ./src /app/src
|
|
|
|
# Usuario no privilegiado por seguridad
|
|
RUN useradd -m appuser && chown -R appuser /app
|
|
USER appuser
|
|
|
|
# Punto de entrada
|
|
CMD ["python", "-m", "my_project.main"]
|