Jan Novak
033349cafa
- Remove insecure SSL verification bypass in attendance.py - Add gunicorn as production WSGI server (Dockerfile + entrypoint) - Fix silent data loss in reconciliation (log + surface unmatched members) - Add required column validation in payment sheet parsing - Add input validation on /qr route (account format, amount bounds, SPD injection) - Centralize configuration into scripts/config.py - Extract credentials path to env-configurable constant - Hide unmatched transactions from reconcile-juniors page - Fix test mocks to bypass cache layer (all 8 tests now pass reliably) - Add pytest + pytest-cov dev dependencies - Fix typo "Inffering" in infer_payments.py - Update CLAUDE.md to reflect current project state Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
33 lines
690 B
Docker
33 lines
690 B
Docker
FROM python:3.13-alpine
|
|
|
|
RUN apk add --no-cache bash tzdata \
|
|
&& cp /usr/share/zoneinfo/Europe/Prague /etc/localtime \
|
|
&& echo "Europe/Prague" > /etc/timezone
|
|
|
|
ENV PYTHONUNBUFFERED=1
|
|
|
|
WORKDIR /app
|
|
|
|
RUN pip install --no-cache-dir \
|
|
flask \
|
|
google-api-python-client \
|
|
google-auth-httplib2 \
|
|
google-auth-oauthlib \
|
|
qrcode \
|
|
pillow \
|
|
gunicorn
|
|
|
|
COPY app.py Makefile ./
|
|
COPY scripts/ ./scripts/
|
|
COPY templates/ ./templates/
|
|
|
|
COPY build/entrypoint.sh /entrypoint.sh
|
|
RUN chmod +x /entrypoint.sh
|
|
|
|
EXPOSE 5001
|
|
|
|
HEALTHCHECK --interval=60s --timeout=5s --start-period=5s \
|
|
CMD wget -q -O /dev/null http://localhost:5001/ || exit 1
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|