mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-07-04 19:21:51 +00:00
feat(mcp): add Dockerfile for MCP Server containerization (#8768)
This commit is contained in:
committed by
GitHub
parent
23e1cc281d
commit
e32cebc553
@@ -0,0 +1,54 @@
|
||||
# =============================================================================
|
||||
# Build stage - Install dependencies and build the application
|
||||
# =============================================================================
|
||||
FROM ghcr.io/astral-sh/uv:python3.13-alpine AS builder
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# Performance optimizations for uv:
|
||||
# UV_COMPILE_BYTECODE=1: Pre-compile Python files to .pyc for faster startup
|
||||
# UV_LINK_MODE=copy: Use copy instead of symlinks to avoid potential issues
|
||||
ENV UV_COMPILE_BYTECODE=1 UV_LINK_MODE=copy
|
||||
|
||||
# Install dependencies first for better Docker layer caching
|
||||
# This allows dependency layer to be reused when only source code changes
|
||||
COPY uv.lock pyproject.toml ./
|
||||
RUN --mount=type=cache,target=/root/.cache/uv \
|
||||
uv sync --frozen --no-install-project
|
||||
|
||||
# Copy all source code and install the project
|
||||
# --frozen ensures reproducible builds by using exact versions from uv.lock
|
||||
COPY . .
|
||||
RUN --mount=type=cache,target=/root/.cache/uv \
|
||||
uv sync --frozen
|
||||
|
||||
# =============================================================================
|
||||
# Final stage - Minimal runtime environment
|
||||
# =============================================================================
|
||||
FROM python:3.13-alpine
|
||||
|
||||
LABEL maintainer="https://github.com/prowler-cloud"
|
||||
|
||||
# Create non-root user for security
|
||||
# Using specific UID/GID for consistency across environments
|
||||
RUN addgroup -g 1001 prowler && \
|
||||
adduser -D -u 1001 -G prowler prowler
|
||||
|
||||
WORKDIR /app
|
||||
USER prowler
|
||||
|
||||
# Copy only the necessary files from builder stage to minimize image size:
|
||||
# 1. Virtual environment with all dependencies and the installed package
|
||||
COPY --from=builder --chown=prowler /app/.venv /app/.venv
|
||||
|
||||
# 2. Source code needed at runtime (for imports and module resolution)
|
||||
COPY --from=builder --chown=prowler /app/prowler_mcp_server /app/prowler_mcp_server
|
||||
|
||||
# 3. Project metadata file (may be needed by some packages at runtime)
|
||||
COPY --from=builder --chown=prowler /app/pyproject.toml /app/pyproject.toml
|
||||
|
||||
# Add virtual environment to PATH so prowler-mcp command is available
|
||||
ENV PATH="/app/.venv/bin:$PATH"
|
||||
|
||||
# Entry point for the MCP server
|
||||
ENTRYPOINT ["prowler-mcp"]
|
||||
Reference in New Issue
Block a user