# Use an official Python runtime with a specific version for stability FROM python:3.11-slim # Set environment variables for Hugging Face cache ENV TRANSFORMERS_CACHE=/app/cache ENV HF_HOME=/app/cache ENV XDG_CACHE_HOME=/app/cache ENV HF_HUB_DISABLE_SYMLINKS_WARNING=1 ENV PYTORCH_CUDA_ALLOC_CONF=expandable_segments:True # Install system dependencies required for some Python packages RUN apt-get update && apt-get install -y \ gcc \ g++ \ make \ && rm -rf /var/lib/apt/lists/* # Set the working directory WORKDIR /app # Create a non-root user first to avoid permission issues RUN adduser --disabled-password --gecos '' myuser # --- ADD THIS LINE --- # Give the new user ownership of the working directory RUN chown -R myuser:myuser /app # Create cache directory with proper permissions RUN mkdir -p /app/cache && chown myuser:myuser /app/cache # Copy requirements first to leverage Docker cache COPY --chown=myuser:myuser requirements.txt . # Install Python dependencies as non-root user USER myuser RUN pip install --no-cache-dir --user -r requirements.txt # Add user's local bin to PATH ENV PATH="/home/myuser/.local/bin:${PATH}" # Pre-download models during build to avoid runtime issues RUN python -c "\ from sentence_transformers import SentenceTransformer; \ SentenceTransformer('sentence-transformers/all-MiniLM-L6-v2'); \ from transformers import AutoModelForSequenceClassification, AutoTokenizer; \ AutoModelForSequenceClassification.from_pretrained('MoritzLaurer/DeBERTa-v3-base-mnli-fever-anli', cache_dir='/app/cache'); \ from transformers import T5Tokenizer, T5ForConditionalGeneration; \ T5ForConditionalGeneration.from_pretrained('google/flan-t5-base', cache_dir='/app/cache'); \ from transformers import pipeline; \ pipeline('image-classification', model='umm-maybe/AI-image-detector'); \ " # Copy the rest of your application code COPY --chown=myuser:myuser . . # Set up environment variable for Google Vision API ENV GOOGLE_VISION_API="" # Expose the port the app runs on EXPOSE 7860 # Run the FastAPI server when the container launches CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"]