Improved (and fixed) Dockerfile

Dockerfile

@@ -1,31 +1,43 @@
-FROM ubuntu:18.04
+# The builder image, used to build the virtual environment
+FROM python:3.8-buster as builder
 
-RUN set -e -x ;\
-    useradd -rm app
+RUN apt-get update && \
+    apt-get install -y libkrb5-dev libsasl2-dev libldap2-dev libssl-dev && \
+    rm -rf /var/lib/apt/lists/*
 
-RUN set -e -x ;\
-    export DEBIAN_FRONTEND=noninteractive ;\
-    apt-get -y update ;\
-    apt-get -y upgrade ;\
-    apt-get -y install python3-dev python3-venv build-essential libkrb5-dev libsasl2-dev libldap2-dev libssl-dev krb5-user ;\
-    rm -rf /var/lib/apt/lists
+RUN pip install poetry==1.5.1
+
+ENV POETRY_NO_INTERACTION=1 \
+    POETRY_VIRTUALENVS_IN_PROJECT=1 \
+    POETRY_VIRTUALENVS_CREATE=1 \
+    POETRY_CACHE_DIR=/tmp/poetry_cache
+
+WORKDIR /venv
+
+COPY pyproject.toml ./
+COPY poetry.lock ./
+RUN touch README.md
+
+RUN poetry install --no-root && \
+    rm -rf $POETRY_CACHE_DIR
+
+# The runtime image, used to just run the code provided its virtual environment
+FROM python:3.8-slim-buster as runtime
+RUN apt-get update && \
+    apt-get install -y libldap2-dev krb5-user --no-install-recommends && \
+    rm -rf /var/lib/apt/lists/*
 
 COPY krb5.conf /etc/krb5.conf
 
-RUN set -e -x ;\
-    mkdir /app ;\
-    chown app:app /app
+ENV VIRTUAL_ENV=/venv/.venv \
+    PATH="/venv/.venv/bin:$PATH"
 
-USER app
-
-COPY requirements.txt /app/requirements.txt
-
-RUN set -e -x ;\
-    python3 -m venv /app/venv ;\
-    /app/venv/bin/pip install -r /app/requirements.txt
-
-COPY --chown=app webapp /app/webapp
+COPY --from=builder ${VIRTUAL_ENV} ${VIRTUAL_ENV}
 
 WORKDIR /app
 
-CMD ["/app/venv/bin/uwsgi", "--socket=0.0.0.0:8000", "--protocol=http", "--manage-script-name", "--force-cwd=/app", "--mount", "/=webapp:app"]
+COPY . .
+
+STOPSIGNAL SIGINT
+
+CMD ["uwsgi", "--socket=0.0.0.0:8000", "--protocol=http", "--manage-script-name", "--force-cwd=/app", "--mount", "/=webapp:app"]