feat(V2): Dockerfile unico multi-stage in root

Build multi-stage builder/runtime, uv sync --frozen, utente non-root uid 1000, healthcheck su /health, CMD cerbero-mcp. Smoke test passato: /health 200 OK, immagine cerbero-mcp:2.0.0 229MB content size. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-30 18:54:38 +02:00
parent f34452b2dd
commit 6148461ac1
1 changed files with 27 additions and 0 deletions
@@ -0,0 +1,27 @@
+# syntax=docker/dockerfile:1.7
+
+FROM python:3.11-slim AS builder
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        build-essential curl && rm -rf /var/lib/apt/lists/*
+RUN pip install --no-cache-dir "uv>=0.5,<0.7"
+WORKDIR /app
+COPY pyproject.toml uv.lock ./
+COPY src ./src
+RUN uv sync --frozen --no-dev
+
+FROM python:3.11-slim AS runtime
+LABEL org.opencontainers.image.title="cerbero-mcp" \
+      org.opencontainers.image.version="2.0.0" \
+      org.opencontainers.image.source="https://github.com/AdrianoDev/cerbero"
+WORKDIR /app
+COPY --from=builder /app /app
+ENV PATH="/app/.venv/bin:$PATH" \
+    HOST=0.0.0.0 \
+    PORT=9000 \
+    PYTHONUNBUFFERED=1
+RUN useradd -m -u 1000 app && chown -R app:app /app
+USER app
+EXPOSE 9000
+HEALTHCHECK --interval=30s --timeout=5s --retries=3 --start-period=10s \
+    CMD python -c "import os, urllib.request; urllib.request.urlopen(f'http://localhost:{os.environ.get(\"PORT\",\"9000\")}/health', timeout=3).close()"
+CMD ["cerbero-mcp"]