incidentops/Dockerfile

# Multi-stage Dockerfile for API and Worker services
FROM python:3.14-slim AS base

WORKDIR /app

# Install uv
COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/

# Install Python dependencies
COPY pyproject.toml uv.lock README.md ./
RUN uv sync --no-cache --no-dev

# Copy application code
COPY app/ ./app/
COPY worker/ ./worker/
COPY migrations/ ./migrations/

# Set up non-root user and cache directory
RUN useradd -m -u 1000 appuser && \
    mkdir -p /app/.cache && \
    chown -R appuser:appuser /app

ENV UV_CACHE_DIR=/app/.cache

# API service target
FROM base AS api

USER appuser
EXPOSE 8000

CMD ["uv", "run", "uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]

# Worker service target
FROM base AS worker

USER appuser

CMD ["uv", "run", "celery", "-A", "worker.celery_app", "worker", "--loglevel=info", "-Q", "critical,default,low"]