Add Dockerfile

2026-03-31 10:47:22 +01:00
parent a4f3d40543
commit 140ca2d2e5
2 changed files with 37 additions and 29 deletions
--- a/.gitea/workflows/docker.yaml
+++ b/.gitea/workflows/docker.yaml
@@ -0,0 +1,26 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches: [ "main" ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Login to Gitea Registry
+        run: |
+          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login gitea.umbra.mom \
+            -u "${{ secrets.REGISTRY_USER }}" --password-stdin
+
+      - name: Build image
+        run: |
+          docker build -t gitea.umbra.mom/jay/pub-quiz:latest .
+
+      - name: Push image
+        run: |
+          docker push gitea.umbra.mom/jay/pub-quiz:latest
--- a/40
+++ b/40
@@ -1,40 +1,22 @@
-# syntax=docker/dockerfile:1
-FROM python:3.13-slim
-
-# Pull uv binary from the official image (no pip overhead)
-COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /usr/local/bin/
-
-# Non-root user for security
-RUN adduser --disabled-password --no-create-home appuser
+FROM ghcr.io/astral-sh/uv:python3.13-bookworm-slim

 WORKDIR /app

-# Install dependencies first (layer is cached unless lock file changes)
+# Copy dependency files first (better caching)
 COPY pyproject.toml uv.lock ./
-RUN uv sync --frozen --no-dev --no-install-project

-# Copy application source
-COPY src/ ./src/
+# Install dependencies into project environment
+RUN uv sync --frozen --no-dev

-# data.csv is NOT baked into the image — it is mounted at runtime via docker-compose
-# so updates to the CSV don't require a rebuild.
+# Copy app source
+COPY . .

-RUN chown -R appuser:appuser /app
-USER appuser
-
-# WORKDIR=/app  → gunicorn CWD is /app → data.csv resolves to /app/data.csv (mounted volume)
-# PYTHONPATH=/app/src → 'app' module resolves to src/app.py
+ENV PYTHONUNBUFFERED=1
 ENV PYTHONPATH=/app/src
+ENV DATA_CSV_PATH=/app/data.csv
+ENV UV_PROJECT_ENVIRONMENT=/app/.venv
+ENV UV_LINK_MODE=copy

 EXPOSE 8000

-HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
-    CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000')"
-
-CMD ["uv", "run", "--no-dev", "gunicorn", \
-     "--workers", "2", \
-     "--bind", "0.0.0.0:8000", \
-     "--access-logfile", "-", \
-     "--error-logfile", "-", \
-     "app:app"]
-
+CMD ["uv", "run", "gunicorn", "--workers", "2", "--bind", "0.0.0.0:8000", "app:app"]