Dockerfile for python 3.13 on Debian/Ubuntu bookworm-slim

▶️ for running Streamlit OpenAI FastAPI
▶️ please modify codes if you are using Dockerfile for other applications

The Dockerfile is annotated for easy reading. Best practices incorporated, highlighted 👇

Features:

• container for application serving end-users
• Debian/Ubuntu bookworm slim base image => smaller image size, faster build
• multi-stage build
  • discard build tools in final stage
  • nearly 50% smaller image size compared to standard build
• optimized order of comamnds
  • fewer layers to cache => faster build
  • application code copied into container near end of build process. No effect on prior steps for changes made only to application code during development.
• combined RUN, COPY and ADD commands since they add layers
• option to remove Jupyter Notebook files if you are not using container for data science
• virtualenv for isolation
• non-root user (least privilege principle)
  • container to run application meant for end user. No write permission. No shell access.
• healthcheck for working (not just running) container
• no secrets stored in code, in environment, during build-time, in build history, in secrets manager. No logs.

Notes:

• Alpine Linux's base image is very small. However,
  • it uses some different components, e.g. musl libc instead of glibc
  • Size is small because many dependencies are absent. Downloading takes time and adds bloat.
  • risk of breaking when running or updating/changing libraries during development.

Recommendations:

• tag images properly. :latest is NOT recommended.
• set memory and CPU limits
• secure network for running container

Some compatible python package versions:

• streamlit 1.41.1
• fastapi 0.115.6
• openai 1.58.1
• pytest 8.3.4
• pytest-mock 3.14.0
• pytest-asyncio 0.25.0
• pydantic 2.10.4
• numpy 2.2.1
• pandas 2.2.3