db1e1b1038
Install uv to /usr/local/bin in both builder and runtime stages (via UV_INSTALL_DIR=/usr/local/bin, UV_NO_MODIFY_PATH=1) so the final image’s USER app can execute `uv` without relying on /root/.local/bin. This removes the permission/path mismatch that caused “exec: 'uv': not found” at startup, while preserving BuildKit cache mounts for fast `uv build`/`uv sync`. The image still installs the graphiti-core wheel first, sets PATH to include /app/.venv/bin, and runs `uv run uvicorn` on port 8000 for a clean, reproducible launch in Compose/Portainer.
73 lines
2 KiB
Docker
73 lines
2 KiB
Docker
# syntax=docker/dockerfile:1.9
|
|
|
|
# ---------- builder ----------
|
|
FROM python:3.12-slim AS builder
|
|
WORKDIR /app
|
|
|
|
# Build deps
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
gcc curl ca-certificates && rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install uv system-wide so any user can run it
|
|
RUN curl -LsSf https://astral.sh/uv/install.sh | env UV_INSTALL_DIR=/usr/local/bin UV_NO_MODIFY_PATH=1 sh
|
|
|
|
# Docker/uv performance knobs
|
|
ENV UV_COMPILE_BYTECODE=1 \
|
|
UV_LINK_MODE=copy \
|
|
UV_PYTHON_DOWNLOADS=never
|
|
|
|
# Project sources
|
|
COPY ./pyproject.toml ./README.md ./
|
|
COPY ./graphiti_core ./graphiti_core
|
|
|
|
# Build wheel (BuildKit cache)
|
|
RUN --mount=type=cache,target=/root/.cache/uv \
|
|
uv build
|
|
|
|
# Make wheel available to runtime
|
|
RUN --mount=type=cache,target=/root/.cache/uv \
|
|
pip install dist/*.whl
|
|
|
|
|
|
# ---------- runtime ----------
|
|
FROM python:3.12-slim
|
|
|
|
# Minimal runtime deps + uv in system path
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
curl ca-certificates && rm -rf /var/lib/apt/lists/*
|
|
|
|
RUN curl -LsSf https://astral.sh/uv/install.sh | env UV_INSTALL_DIR=/usr/local/bin UV_NO_MODIFY_PATH=1 sh
|
|
|
|
# Docker/uv runtime knobs
|
|
ENV UV_COMPILE_BYTECODE=1 \
|
|
UV_LINK_MODE=copy \
|
|
UV_PYTHON_DOWNLOADS=never
|
|
|
|
# Non-root user
|
|
RUN groupadd -r app && useradd -r -d /app -g app app
|
|
|
|
# Install core wheel first (system site)
|
|
COPY --from=builder /app/dist/*.whl /tmp/
|
|
RUN --mount=type=cache,target=/root/.cache/uv \
|
|
uv pip install --system /tmp/*.whl
|
|
|
|
# Server app
|
|
WORKDIR /app
|
|
COPY ./server/pyproject.toml ./server/README.md ./server/uv.lock ./
|
|
COPY ./server/graph_service ./graph_service
|
|
|
|
# Resolve server env (creates /app/.venv)
|
|
RUN --mount=type=cache,target=/root/.cache/uv \
|
|
uv sync --frozen --no-dev
|
|
|
|
# Own app dir and prefer venv binaries
|
|
RUN chown -R app:app /app
|
|
ENV PYTHONUNBUFFERED=1 \
|
|
PATH="/app/.venv/bin:$PATH"
|
|
|
|
USER app
|
|
ENV PORT=8000
|
|
EXPOSE 8000
|
|
|
|
# uv is now in /usr/local/bin (on PATH) and accessible to user app
|
|
CMD ["uv", "run", "uvicorn", "graph_service.main:app", "--host", "0.0.0.0", "--port", "8000"]
|