Memex Admin
Dashboard
API Keys
Policies
Python Service: Container Reproducibility
Repository: mem-labs/mem
Back to Policies
Cancel
active
Updated Feb 19, 2026, 8:25 PM
Name
Status
active
inactive
Markdown
Python production Dockerfiles must preserve reproducibility and runtime safety. Rationale: - Reproducible builds reduce drift. - Runtime-safe entrypoints reduce production-only failures. Scope: - PR review policy for Dockerfile changes under `domains/python/**` intended for deployable services. Trigger: - A PR adds or changes a deployable service Dockerfile/build flow. Approval checks: 1) Dependency installation uses locked inputs (lockfile/frozen mode or equivalent deterministic install path). 2) Runtime stage executes from an isolated runtime environment path (virtualenv or documented equivalent). 3) Runtime command uses production server mode (not local autoreload/dev server mode). Evidence: - Dockerfile diff and related scripts demonstrate deterministic install, isolated runtime path, and production entrypoint behavior. Exception path: - Allow deviation only when all are true: 1) PR description includes `Policy Exception: python-docker-reproducibility`. 2) PR explicitly marks the image as non-production (dev/tool-only). 3) PR explains why deviation does not increase production risk. Decision: - Return NOT APPROVED when trigger is met and checks fail without a valid exception.
Cancel
Save Policy