Dockerfile

# syntax=docker/dockerfile:1

# Base image using the specified Python version
ARG PYTHON_VERSION=3.12.3
FROM python:${PYTHON_VERSION}-slim as base

# Set environment variables to prevent Python from writing .pyc files
# and to keep Python from buffering stdout and stderr
ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1

# Set working directory inside the container
WORKDIR /app

# Install TensorFlow, Keras, and tf-keras
# Using a single RUN command to reduce layers
RUN pip install tensorflow==2.16.1 keras tf-keras

# Create a non-privileged user to run the application
# Follow best practices from Docker's user handling
ARG UID=10001
RUN adduser --disabled-password --gecos "" --home "/nonexistent" \
    --shell "/sbin/nologin" --no-create-home --uid "${UID}" appuser

# Prepare environment for Transformers and NLTK
# Creating cache directories with appropriate permissions
ENV TRANSFORMERS_CACHE=/tmp/.cache/huggingface \
    NLTK_DATA=/tmp/nltk_data
RUN mkdir -p $TRANSFORMERS_CACHE $NLTK_DATA && chmod -R 777 $TRANSFORMERS_CACHE $NLTK_DATA

# Copy the Python requirements file and install dependencies
# Using a single COPY to reduce layers and ensure requirements.txt is present
COPY requirements.txt .
RUN pip install -r requirements.txt

# Copy the rest of the application source code into the container
COPY . .

# Switch to the non-privileged user for running the application
USER appuser

# Expose the port that the application will listen on
EXPOSE 7860

# Command to run the application using uvicorn
CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "7860"]