FROM python:3.10-slim-bullseye AS base

WORKDIR /app

# Set utf-8 encoding for Python et al
ENV LANG=C.UTF-8 \
	# Turn off writing .pyc files
	PYTHONDONTWRITEBYTECODE=1 \
	# Reduce the OS system calls for this tool it makes a difference
	PYTHONUNBUFFERED=1 \
	# Disables cache dir in pip
	PIP_NO_CACHE_DIR=1 \
	# Virtual environment
	VENV="/opt/venv" \
	# Add new user
	APPUSER=appuser \
	# Ensure that the python and pip executables used in the image
	PATH="${VENV}/bin:$PATH"


FROM base as builder

COPY requirements.txt .
RUN apt-get update \
	&& apt-get install -y git build-essential


RUN python -m venv ${VENV} \
	&& . ${VENV}/bin/activate \
    && pip install --upgrade pip \
	&& pip3 install torch torchvision torchaudio --index-url https://download.pytorch.org/whl/cpu \
    && pip install -r requirements.txt

FROM base as runner


COPY api.py .

COPY --from=builder ${VENV} ${VENV}
ENV PATH="${VENV}/bin:$PATH"

# Update permissions & change user to not run as root
RUN chgrp -R 0 /app \
    && chmod -R g=u /app \
    && groupadd -r ${APPUSER} \
    && useradd -r -g ${APPUSER} ${APPUSER} \
    && chown -R ${APPUSER}:${APPUSER} /app \
    && usermod -d /app ${APPUSER}


CMD ["/opt/venv/bin/uvicorn", "api:app", "--host", "0.0.0.0"]