-
Notifications
You must be signed in to change notification settings - Fork 2
/
Dockerfile
39 lines (32 loc) · 1.18 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# Needed for specifying source image as --build-arg, which is then used as COPY --from=
ARG CONTENT_IMAGE=content
ARG APP_IMAGE=app
FROM node:20-alpine AS app-base
WORKDIR /a2j
COPY package.json package-lock.json ./
RUN npm ci --omit=dev --omit=optional
FROM scratch AS app
WORKDIR /a2j-app
COPY --link --from=app-base /a2j/node_modules ./node_modules/
COPY ./build ./build/
COPY ./app/services ./app/services/
COPY ./data ./data/
COPY ./public ./public/
COPY ./start.sh ./server.js package.json ./
FROM scratch AS content
COPY ./content.json /
# === PROD IMAGE
FROM ${CONTENT_IMAGE} AS contentStageForCopy
FROM ${APP_IMAGE} AS appStageForCopy
FROM node:20-alpine AS prod
# TODO: Check https://hub.docker.com/r/library/node/tags?name=alpine3.20
# - Remove npm upgrade if CVE-2024-21538 is fixed (https://scout.docker.com/vulnerabilities/id/CVE-2024-21538?s=github)
RUN npm update -g npm && npm cache clean --force && \
apk add --no-cache dumb-init && rm -rf /var/cache/apk/*
USER node
WORKDIR /a2j
COPY --link --chown=node:node --from=appStageForCopy /a2j-app/ ./
COPY --link --from=contentStageForCopy /content.json ./
EXPOSE 3000
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD ["sh", "./start.sh"]