Skip to content

Commit 6c446d8

Browse files
KTrain5169KTrain5169
committed
this works apparently but not the previous version? ok
1 parent 832142e commit 6c446d8

1 file changed

Lines changed: 23 additions & 10 deletions

File tree

.devcontainer/Dockerfile

Lines changed: 23 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -9,25 +9,38 @@ LABEL org.opencontainers.image.source="https://github.com/${GITHUB_REPOSITORY}"
99
LABEL org.opencontainers.image.description="A Python container to use with NeuroPilot."
1010
LABEL org.opencontainers.image.licenses="MIT"
1111

12-
# Install OS packages
13-
RUN apt-get update && apt-get install -y --no-install-recommends \
14-
ca-certificates curl build-essential git python3 \
15-
&& rm -rf /var/lib/apt/lists/*
12+
# Create a dedicated 'python' user & group early so --chown=python:python works
13+
# Use system user so it has a predictable uid/gid
14+
RUN groupadd --system python \
15+
&& useradd --system --create-home --gid python --shell /bin/bash python
16+
17+
# Install OS packages (do not install python3 — base image already has Python)
18+
RUN apt-get update \
19+
&& apt-get install -y --no-install-recommends \
20+
ca-certificates curl build-essential git \
21+
&& rm -rf /var/lib/apt/lists/*
1622

1723
# set absolute workdir
1824
RUN mkdir -p ${APP_DIR}
1925
WORKDIR ${APP_DIR}
2026

21-
# Copy package manifests first (cache-friendly)
27+
# Copy only requirements first (cache-friendly)
2228
COPY requirements.txt ${APP_DIR}/
2329

24-
# Copy rest of the repo (this includes .vscode if you want it in the image)
25-
COPY --chown=python:python . ${APP_DIR}
30+
# Install Python deps as root (cached when requirements.txt unchanged)
31+
RUN pip install --no-cache-dir -r requirements.txt
2632

27-
RUN pip install -r requirements.txt
33+
# Copy the rest of the repo into the image and set ownership to the python user.
34+
# NOTE: --chown requires BuildKit. If your environment doesn't support it, remove --chown and
35+
# rely on the chown step below (which is tolerant).
36+
COPY --chown=python:python . ${APP_DIR}
2837

29-
# Ensure permissions (tolerant)
30-
RUN if [ -d "${APP_DIR}" ]; then chown -R node:node "${APP_DIR}" || true; fi
38+
# Ensure permissions (tolerant). This avoids build failure on filesystems that disallow chown.
39+
RUN if [ -d "${APP_DIR}" ]; then chown -R python:python "${APP_DIR}" || true; fi
3140

41+
# Switch to the non-root 'python' user
3242
USER python
3343
ENV HOME=/home/python
44+
45+
# Default command
46+
CMD ["bash"]

0 commit comments

Comments
 (0)