Update Dockerfile

Dockerfile

@@ -1,28 +1,24 @@
 # Use a slim base image to reduce potential vulnerabilities
 FROM python:3.10-slim-bookworm
 
+# Create a non-root user and group
+RUN groupadd -r appuser && useradd --no-log-init -r -g appuser appuser
+
 # Set the working directory
 WORKDIR /usr/src/app
 
 # Copy the requirements file and install the dependencies
-COPY requirements.txt .
+COPY --chown=appuser:appuser requirements.txt .
 
 # Install uv and the dependencies without caching to reduce image size
 RUN pip install --no-cache-dir uv==0.4.28 && \
     pip install --no-cache-dir -r requirements.txt
 
-# Copy the application code
+# Copy the application code with appropriate ownership
-COPY . .
+COPY --chown=appuser:appuser . .
 
-# Create a non-root user and group
+# Change permissions of the application directory
-RUN groupadd -r appuser && useradd --no-log-init -r -g appuser appuser
+RUN chmod -R 700 /usr/src/app
-
-# Change ownership of the app directory to the new user
-RUN chown -R appuser:appuser /usr/src/app
-
-# Restrict permissions on all directories except /usr/src/app and /tmp
-RUN chmod -R o-rwx / && \
-    chmod -R o+rx /usr/src/app /tmp
 
 # Switch to the non-root user
 USER appuser