-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathDockerfile
57 lines (45 loc) · 1.62 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# FROM node:14-slim also works here
FROM node:14-alpine as base
# install curl for debugging
RUN apk add curl
# set our node environment, either development or production
# defaults to production, compose overrides this to development on build and run
ARG NODE_ENV=production
ENV NODE_ENV $NODE_ENV
# default to port 3000 for node
ARG PORT=3000
ENV PORT $PORT
EXPOSE $PORT
# install npm
RUN npm i
# install dependencies first
# we have to create the dir with root and change perms
RUN mkdir app && chown node:node app
WORKDIR /app
# the official node image provides an unprivileged user as a security best practice
# but we have to manually enable it. We put it here so npm installs dependencies as the same
# user who runs the app.
USER node
COPY --chown=node:node package.json package-lock.json* ./
RUN npm install --no-optional && npm cache clean --force
ENV PATH app/node_modules/.bin:$PATH
# a dev and build-only stage. we don't need to
# copy in code since we bind-mount it
FROM base as dev
ENV NODE_ENV=development
RUN npm install --only=development
# We use "npm start" here in development and node in production
CMD ["npm", "start"]
FROM dev as test
# copy in our source code last, as it changes the most
# copy in as node user, so permissions match what we need
COPY --chown=node:node . .
CMD ["npm", "test"]
# you would also run your tests here
# this only has minimal deps and files
FROM base as prod
# copy in as node user, so permissions match what we need
COPY --chown=node:node . .
# check every 30s to ensure this service returns HTTP 200
HEALTHCHECK --interval=600s CMD node ./src/healthcheck.js
CMD ["node", "./src/server.js"]