-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.api
More file actions
31 lines (26 loc) · 995 Bytes
/
Dockerfile.api
File metadata and controls
31 lines (26 loc) · 995 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Build stage for the Rust materializer
FROM rust:1.88 AS builder
WORKDIR /build
COPY materialize/ .
RUN cargo build --release
# Runtime stage
FROM python:3.12
EXPOSE 8000
ENV DATABASE_URL="mongodb://cvh-backend:27017"
WORKDIR /app
# Install curl (for ECS health checks) and download AWS DocumentDB CA bundle
RUN apt-get update && apt-get install -y --no-install-recommends curl && rm -rf /var/lib/apt/lists/* \
&& mkdir -p /etc/cfdb/certs \
&& curl --fail -sS -o /etc/cfdb/certs/global-bundle.pem https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem \
&& chmod 644 /etc/cfdb/certs/global-bundle.pem
# Install the materializer binary
COPY --from=builder /build/target/release/materialize /usr/local/bin/materialize
# Install Python dependencies
COPY . /app
RUN pip install --no-cache-dir -e ".[dev]"
RUN pip install uvicorn
# Create non-root user
RUN useradd app
USER app
WORKDIR /app/src
CMD ["uvicorn", "cfdb.api.main:app", "--host", "0.0.0.0", "--port", "8000"]