Skip to content

added a docker container file for content planner agent #380

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

added a docker container file for content planner agent #380

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions samples/python/agents/content_planner/.dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
__pycache__/
*.pyc
*.pyo
*.pyd
*.log
*.md
.git/
.env
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

low

It's a common convention for text files to end with a newline character. This avoids potential issues with file concatenation and some command-line tools.

.env

15 changes: 15 additions & 0 deletions samples/python/agents/content_planner/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
FROM python:3.13-slim

COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

Using the :latest tag for uv can lead to non-reproducible builds, as the tag can be updated to point to a new version at any time, potentially introducing breaking changes. It's a best practice to pin to a specific version tag or, for maximum reproducibility, a digest.

COPY --from=ghcr.io/astral-sh/uv:0.2.2 /uv /uvx /bin/


EXPOSE 10001
WORKDIR /app

COPY . ./

RUN uv sync
Comment on lines +8 to +10
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

To leverage Docker's layer caching more effectively and speed up build times, you should copy only the dependency manifest files (pyproject.toml, requirements.txt) and install dependencies before copying the rest of the application code. This prevents re-installing dependencies on every code change.

COPY pyproject.toml requirements.txt ./
RUN uv sync
COPY . ./


# Run your agent
ENTRYPOINT ["uv", "run", ".","--host", "0.0.0.0", "--port", "10001"]
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

I have two suggestions for this section:

  1. Security (High): For security reasons, it's a best practice to run containers with a non-root user. You should create a dedicated user for the application and switch to it before the ENTRYPOINT. You can add the following lines before the ENTRYPOINT:

    # Create a non-root user and switch to it
RUN addgroup --system app && adduser --system --ingroup app app
USER app

  2. Flexibility (Low): Hardcoding the port makes the container less flexible. Consider using an environment variable to allow runtime configuration. This is also consistent with other Dockerfiles in the repository (e.g., adk_facts/Dockerfile).

    ENTRYPOINT ["sh", "-c", "uv run . --host 0.0.0.0 --port ${PORT:-10001}"]