-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathDockerfile
More file actions
92 lines (73 loc) · 3.01 KB
/
Dockerfile
File metadata and controls
92 lines (73 loc) · 3.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# SQLite-vec builder stage - separate stage for better caching
FROM python:3.13-slim AS sqlite-vec-builder
# Install build dependencies for compiling sqlite-vec
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
gcc \
make \
git \
gettext \
libsqlite3-dev \
&& rm -rf /var/lib/apt/lists/*
# Build sqlite-vec extension with cache mount for git and build artifacts
RUN --mount=type=cache,target=/var/cache/git \
--mount=type=cache,target=/tmp/sqlite-vec-build \
cd /tmp \
&& git clone --depth 1 --branch v0.1.6 https://github.com/asg017/sqlite-vec.git \
&& cd sqlite-vec \
&& make loadable \
&& mkdir -p /sqlite-vec-dist \
&& cp dist/vec0.* /sqlite-vec-dist/
# Main builder stage
FROM python:3.13-slim AS builder
# Create non-root user
RUN groupadd --gid 1000 app && \
useradd --uid 1000 --gid app --shell /bin/bash --create-home app
# Install uv
COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
# Set working directory and change ownership
WORKDIR /app
RUN chown app:app /app
# Switch to non-root user
USER app
# Copy source code and migrations
COPY --chown=app:app src/ ./src/
COPY --chown=app:app migrations/ ./migrations/
RUN --mount=type=cache,target=/home/app/.cache/uv,uid=1000,gid=1000 \
--mount=type=bind,source=uv.lock,target=uv.lock \
--mount=type=bind,source=pyproject.toml,target=pyproject.toml \
--mount=type=bind,source=README.md,target=README.md \
uv sync --package mcp-optimizer --no-dev --locked --no-editable
# Copy pre-built sqlite-vec extension
COPY --from=sqlite-vec-builder /sqlite-vec-dist/vec0.so /app/.venv/lib/python3.13/site-packages/sqlite_vec/vec0.so
USER root
RUN chown app:app /app/.venv/lib/python3.13/site-packages/sqlite_vec/vec0.so
USER app
FROM python:3.13-slim AS runner
# Create non-root user (same as builder stage)
RUN groupadd --gid 1000 app && \
useradd --uid 1000 --gid app --shell /bin/bash --create-home app
# Install system dependencies (jq for JSON query support)
RUN apt-get update && apt-get install -y --no-install-recommends jq && rm -rf /var/lib/apt/lists/*
# Create app directory and set ownership
WORKDIR /app
RUN chown app:app /app
# Copy the environment and migrations
COPY --from=builder --chown=app:app /app/.venv /app/.venv
COPY --from=builder --chown=app:app /app/migrations /app/migrations
# Copy pre-downloaded models from build context
# Models are architecture-independent (ONNX format) and downloaded by scripts/download_models.py
COPY --chown=app:app models/fastembed /app/.cache/fastembed
COPY --chown=app:app models/tiktoken /app/.cache/tiktoken
COPY --chown=app:app models/llmlingua /app/.cache/llmlingua
# Switch to non-root user
USER app
# Set default environment variables for container deployment
ENV TOOLHIVE_HOST=host.docker.internal
ENV RUNNING_IN_DOCKER=1
ENV FASTEMBED_CACHE_PATH=/app/.cache/fastembed
ENV TIKTOKEN_CACHE_DIR=/app/.cache/tiktoken
ENV LLMLINGUA_MODEL_PATH=/app/.cache/llmlingua
ENV COLORED_LOGS=false
# Run the application
CMD ["/app/.venv/bin/mcpo"]