-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
118 lines (97 loc) · 2.82 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
#
# 🧑💻 Development
#
FROM node:21-alpine as dev
# add the missing shared libraries from alpine base image
RUN apk add --no-cache libc6-compat
# Create app folder
WORKDIR /app
# Set to dev environment
ENV NODE_ENV development
# Create non-root user for Docker
RUN addgroup --system --gid 1001 node || true
RUN adduser --system --uid 1001 node || true
# Copy source code into app folder
COPY --chown=node:node . .
# Install dependencies
RUN yarn --frozen-lockfile
# Set Docker as a non-root user
USER node
#
# 🏡 Production Build
#
FROM node:21-alpine as build
WORKDIR /app
RUN apk add --no-cache libc6-compat
RUN apk add --no-cache curl
# Set to production environment
ENV NODE_ENV production
ARG DATABASE_NAME
ARG DATABASE_HOST
ARG DATABASE_USER
ARG DATABASE_PASSWORD
ARG REDIS_HOST
ARG REDIS_PORT
ARG SESSION_SECRET
ARG GOOGLE_CLIENT_ID
ARG GOOGLE_CLIENT_SECRET
ENV DATABASE_NAME $DATABASE_NAME
ENV DATABASE_HOST $DATABASE_HOST
ENV DATABASE_USER $DATABASE_USER
ENV DATABASE_PASSWORD $DATABASE_PASSWORD
ENV REDIS_HOST $REDIS_HOST
ENV REDIS_PORT $REDIS_PORT
ENV SESSION_SECRET $SESSION_SECRET
ENV GOOGLE_CLIENT_ID $GOOGLE_CLIENT_ID
ENV GOOGLE_CLIENT_SECRET $GOOGLE_CLIENT_SECRET
# Re-create non-root user for Docker
RUN addgroup --system --gid 1001 node || true
RUN adduser --system --uid 1001 node || true
# In order to run `yarn build` we need access to the Nest CLI.
# Nest CLI is a dev dependency.
COPY --chown=node:node --from=dev /app/node_modules ./node_modules
# Copy source code
COPY --chown=node:node . .
# Generate the production build. The build script runs "nest build" to compile the application.
RUN yarn build
# Install only the production dependencies and clean cache to optimize image size.
RUN yarn --frozen-lockfile --production && yarn cache clean
# Set Docker as a non-root user
USER node
#
# 🚀 Production Server
#
FROM node:21-alpine as prod
WORKDIR /app
RUN apk add --no-cache libc6-compat
RUN apk add --no-cache curl
# Set to production environment
ENV NODE_ENV production
ARG DATABASE_NAME
ARG DATABASE_HOST
ARG DATABASE_USER
ARG DATABASE_PASSWORD
ARG REDIS_HOST
ARG REDIS_PORT
ARG SESSION_SECRET
ARG GOOGLE_CLIENT_ID
ARG GOOGLE_CLIENT_SECRET
ENV DATABASE_NAME $DATABASE_NAME
ENV DATABASE_HOST $DATABASE_HOST
ENV DATABASE_USER $DATABASE_USER
ENV DATABASE_PASSWORD $DATABASE_PASSWORD
ENV REDIS_HOST $REDIS_HOST
ENV REDIS_PORT $REDIS_PORT
ENV SESSION_SECRET $SESSION_SECRET
ENV GOOGLE_CLIENT_ID $GOOGLE_CLIENT_ID
ENV GOOGLE_CLIENT_SECRET $GOOGLE_CLIENT_SECRET
# Re-create non-root user for Docker
RUN addgroup --system --gid 1001 node || true
RUN adduser --system --uid 1001 node || true
# Copy only the necessary files
COPY --chown=node:node --from=build /app/dist dist
COPY --chown=node:node --from=build /app/node_modules node_modules
# Set Docker as non-root user
USER node
EXPOSE 3000
CMD ["node", "dist/src/main.js"]