From f027760ac5b701ec7edffe72e265223821f9371b Mon Sep 17 00:00:00 2001
From: Mateusz Hajder <6783135+mhajder@users.noreply.github.com>
Date: Tue, 12 Aug 2025 10:18:52 +0200
Subject: [PATCH] chore: update Dockerfile to use Python 3.12 and improve
 dependency installation

---
 .dockerignore | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++
 .gitignore    |  4 ++-
 Dockerfile    | 42 ++++++++++++++++++++++-------
 3 files changed, 110 insertions(+), 11 deletions(-)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..07a3ea4
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,75 @@
+# Docker ignore file to reduce build context size
+
+# Temp files
+*~
+~*
+.*~
+\#*
+.#*
+*#
+dist
+
+# Build files
+build
+dist
+pkg
+*.egg
+*.egg-info
+
+# Debian Files
+debian/files
+debian/python-github-backup*
+
+# Sphinx build
+doc/_build
+
+# Generated man page
+doc/github_backup.1
+
+# Annoying macOS files
+.DS_Store
+._*
+
+# IDE configuration files
+.vscode
+.atom
+.idea
+*.code-workspace
+
+# RSA
+id_rsa
+id_rsa.pub
+
+# Virtual env
+venv
+.venv
+
+# Git
+.git
+.gitignore
+.gitchangelog.rc
+.github
+
+# Documentation
+*.md
+!README.md
+
+# Environment variables files
+.env
+.env.*
+!.env.example
+*.log
+
+# Cache files
+**/__pycache__/
+*.py[cod]
+
+# Docker files
+docker-compose.yml
+Dockerfile*
+
+# Other files
+release
+*.tar
+*.zip
+*.gzip
diff --git a/.gitignore b/.gitignore
index f0ed9db..652f035 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
-*.py[oc]
+*.py[cod]
 
 # Temp files
 *~
@@ -33,6 +33,7 @@ doc/github_backup.1
 # IDE configuration files
 .vscode
 .atom
+.idea
 
 README
 
@@ -42,3 +43,4 @@ id_rsa.pub
 
 # Virtual env
 venv
+.venv
diff --git a/Dockerfile b/Dockerfile
index 6217594..2c28829 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,16 +1,38 @@
-FROM python:3.9.18-slim
+FROM python:3.12-alpine3.22 AS builder
 
-RUN --mount=type=cache,target=/var/cache/apt \
-    apt-get update && apt-get install -y git git-lfs
+RUN pip install --no-cache-dir --upgrade pip \
+    && pip install --no-cache-dir uv
 
-WORKDIR /usr/src/app
+WORKDIR /app
 
-COPY release-requirements.txt .
-RUN --mount=type=cache,target=/root/.cache/pip \
-    pip install -r release-requirements.txt
+RUN --mount=type=cache,target=/root/.cache/uv \
+    --mount=type=bind,source=requirements.txt,target=requirements.txt \
+    --mount=type=bind,source=release-requirements.txt,target=release-requirements.txt \
+    uv venv \
+    && uv pip install -r release-requirements.txt
 
 COPY . .
-RUN --mount=type=cache,target=/root/.cache/pip \
-    pip install .
 
-ENTRYPOINT [ "github-backup" ]
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv pip install .
+
+
+FROM python:3.12-alpine3.22
+ENV PYTHONUNBUFFERED=1
+
+RUN apk add --no-cache \
+    ca-certificates \
+    git \
+    git-lfs \
+    && addgroup -g 1000 appuser \
+    && adduser -D -u 1000 -G appuser appuser
+
+COPY --from=builder --chown=appuser:appuser /app /app
+
+WORKDIR /app
+
+USER appuser
+
+ENV PATH="/app/.venv/bin:$PATH"
+
+ENTRYPOINT ["github-backup"]