From 347413a349433ff62370ba4405c957ab9f2bd89b Mon Sep 17 00:00:00 2001 From: Akash Kumar Date: Mon, 22 Sep 2025 12:01:58 +0000 Subject: [PATCH 1/2] chore: parametize debian codename Signed-off-by: Akash Kumar --- flask-mongo/Dockerfile | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/flask-mongo/Dockerfile b/flask-mongo/Dockerfile index f892efb..1a62212 100644 --- a/flask-mongo/Dockerfile +++ b/flask-mongo/Dockerfile @@ -1,17 +1,32 @@ -# Use the official Python image as the base image -FROM python:3.9 +# Define an argument for the Debian version with a default value +# This allows you to build for a specific version, e.g., bullseye, bookworm, or trixie +ARG DEBIAN_VERSION=bookworm -# Set the working directory within the container +# Use the argument in the FROM instruction +FROM python:3.9-slim-${DEBIAN_VERSION} + +# Set the working directory WORKDIR /app -# Copy the application code into the container +# Create a non-root user to run the application +RUN addgroup --system appgroup && adduser --system --ingroup appgroup appuser + +# Copy the requirements file and install dependencies +# This is done first to leverage Docker's layer caching +COPY requirements.txt . +RUN pip install --no-cache-dir -r requirements.txt + +# Copy the rest of the application code COPY . . -# Install the required packages -RUN pip3 install -r requirements.txt +# Change ownership of the app directory to the non-root user +RUN chown -R appuser:appgroup /app + +# Switch to the non-root user +USER appuser # Expose the port that the Flask app will run on EXPOSE 6000 # Start the Flask application -CMD ["python3", "app.py"] \ No newline at end of file +CMD ["python3", "app.py"] From 1c55d2e6d9e6777d093f1bd1355d96e90fffe87c Mon Sep 17 00:00:00 2001 From: Akash Kumar Date: Tue, 14 Oct 2025 09:15:46 +0000 Subject: [PATCH 2/2] fix: add DNS/NSS configuration to Dockerfile Signed-off-by: Akash Kumar --- flask-mongo/Dockerfile | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/flask-mongo/Dockerfile b/flask-mongo/Dockerfile index 1a62212..2e22bb8 100644 --- a/flask-mongo/Dockerfile +++ b/flask-mongo/Dockerfile @@ -5,6 +5,17 @@ ARG DEBIAN_VERSION=bookworm # Use the argument in the FROM instruction FROM python:3.9-slim-${DEBIAN_VERSION} +# --- DNS/NSS fix (bullseye-slim often lacks these) --- +RUN set -eux; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + libnss-dns libnss-files netbase ca-certificates && \ + rm -rf /var/lib/apt/lists/*; \ + # Ensure glibc actually consults DNS + if ! grep -q '^hosts:.*\bdns\b' /etc/nsswitch.conf 2>/dev/null; then \ + echo 'hosts: files dns' > /etc/nsswitch.conf; \ + fi + # Set the working directory WORKDIR /app