template-code-location/Dockerfile

FROM python:3.12-slim-bookworm

# --- Install uv (pinned for reproducibility) ---
COPY --from=ghcr.io/astral-sh/uv:0.10.8 /uv /uvx /bin/

WORKDIR /app

# Create non-root user with explicit UID/GID 1000
RUN addgroup --gid 1000 appgroup && \
    adduser --uid 1000 --gid 1000 --disabled-password --gecos "" appuser

# Install system dependencies:
#   - git: required to fetch util-services from GitLab (tool.uv.sources)
#   - curl: optional healthcheck / runtime tooling
RUN apt-get update \
    && apt-get install -y --no-install-recommends \
    git=1:2.39.5-0+deb12u3 \
    curl=7.88.1-10+deb12u14 \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* \
    && rm -rf /tmp/* \
    && rm -rf /var/tmp/*

# Ensure appuser can create the project virtual environment in /app
RUN chown appuser:appgroup /app

# Copy project metadata and source
COPY --chown=appuser:appgroup pyproject.toml .
COPY --chown=appuser:appgroup uv.lock .
COPY --chown=appuser:appgroup src/ ./src/

# uv environment knobs:
#   UV_COMPILE_BYTECODE  → disable .pyc precompile to reduce image size
#   UV_LINK_MODE=copy    → copy files instead of symlinks (required in Docker layers)
#   UV_SYSTEM_PYTHON=1   → install into the system Python (no extra venv needed)
ENV UV_COMPILE_BYTECODE=0
ENV UV_LINK_MODE=copy
ENV UV_SYSTEM_PYTHON=1

# Install the project and all dependencies, respecting [tool.uv.sources]
# (git source for util-services and pytorch-cpu index for torch)
# BuildKit cache mount keeps the uv package cache across builds
USER appuser

RUN --mount=type=cache,target=/home/appuser/.cache/uv,uid=1000,gid=1000 \
    uv sync --frozen --no-dev --no-install-package torch

# Put the project's venv on PATH (matches WORKDIR)
ENV PATH="/app/.venv/bin:${PATH}"
ENV PYTHONPATH="/app/src"
ENV HOME=/home/appuser

# Sanity-check: fail the build early if the dagster CLI is missing
RUN dagster --version

EXPOSE 4000

CMD ["dagster", "code-server", "start", "-h", "0.0.0.0", "-p", "4000", "-f", "src/template_code_location/repository.py"]