Skip to content

Commit

Permalink
adding one-app
Browse files Browse the repository at this point in the history
  • Loading branch information
@johnfosborneiii
johnfosborneiii committed Nov 18, 2024
1 parent 48bab73 commit 947e4aa
Show file tree
Hide file tree
Showing 2 changed files with 138 additions and 0 deletions.
70 changes: 70 additions & 0 deletions docker/one-app/Chainguardfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
ARG VERSION=20-dev
# Use the pre-baked fat node image only in the builder
# which includes build utils preinstalled (e.g. gcc, make, etc).
# This will result in faster and reliable One App docker image
# builds as we do not have to run apk installs for alpine.
FROM cgr.dev/chainguard-private/node:$VERSION as builder
USER 0
WORKDIR /opt/build
RUN npm install -g npm --registry=https://registry.npmjs.org
COPY --chown=node:node ./ /opt/build
# npm ci does not run postinstall with root account
RUN NODE_ENV=development npm ci --build-from-source
# npm ci does not run postinstall with root account
# which is why there is a dev build
RUN NODE_ENV=development npm run build && \
mkdir -p /opt/one-app/development && \
chown node:node /opt/one-app/development && \
cp -r /opt/build/. /opt/one-app/development
# prod build
RUN NODE_ENV=production npm run build && \
NODE_ENV=production npm prune && \
mkdir -p /opt/one-app/production && \
chown node:node /opt/one-app/production && \
mv /opt/build/LICENSE.txt /opt/one-app/production && \
mv /opt/build/node_modules /opt/one-app/production && \
mv /opt/build/scripts /opt/one-app/production && \
mv /opt/build/package.json /opt/one-app/production && \
mv /opt/build/lib /opt/one-app/production && \
mv /opt/build/build /opt/one-app/production && \
mv /opt/build/bundle.integrity.manifest.json /opt/one-app/production && \
mv /opt/build/.build-meta.json /opt/one-app/production

# https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md#handling-kernel-signals
FROM cgr.dev/chainguard-private/node:$VERSION as node-tini
USER 0
RUN apk add --no-cache tini
ENTRYPOINT ["/sbin/tini", "--"]

# development image
# docker build . --target=development
FROM node-tini as development
ARG USER
ENV USER ${USER:-node}
ENV NODE_ENV=development
# exposing these ports as they are default for all the local dev servers
# see src/server/config/env/runtime.js
EXPOSE 3000
EXPOSE 3001
EXPOSE 3002
EXPOSE 3005
WORKDIR /opt/one-app
RUN chown node:node /opt/one-app
USER $USER
CMD ["scripts/start.sh"]
COPY --from=builder --chown=node:node /opt/one-app/development ./

# production image
# last so that it's the default image artifact
FROM node-tini as production
ARG USER
ENV USER ${USER:-node}
ENV NODE_ENV=production
# exposing these ports as they are defaults for one app and the prom metrics server
# see src/server/config/env/runtime.js
EXPOSE 3000
EXPOSE 3005
WORKDIR /opt/one-app
USER $USER
CMD ["scripts/start.sh"]
COPY --from=builder --chown=node:node /opt/one-app/production ./
68 changes: 68 additions & 0 deletions docker/one-app/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
ARG VERSION=20
# Use the pre-baked fat node image only in the builder
# which includes build utils preinstalled (e.g. gcc, make, etc).
# This will result in faster and reliable One App docker image
# builds as we do not have to run apk installs for alpine.
FROM node:$VERSION as builder
WORKDIR /opt/build
RUN npm install -g npm --registry=https://registry.npmjs.org
COPY --chown=node:node ./ /opt/build
# npm ci does not run postinstall with root account
RUN NODE_ENV=development npm ci --build-from-source
# npm ci does not run postinstall with root account
# which is why there is a dev build
RUN NODE_ENV=development npm run build && \
mkdir -p /opt/one-app/development && \
chown node:node /opt/one-app/development && \
cp -r /opt/build/. /opt/one-app/development
# prod build
RUN NODE_ENV=production npm run build && \
NODE_ENV=production npm prune && \
mkdir -p /opt/one-app/production && \
chown node:node /opt/one-app/production && \
mv /opt/build/LICENSE.txt /opt/one-app/production && \
mv /opt/build/node_modules /opt/one-app/production && \
mv /opt/build/scripts /opt/one-app/production && \
mv /opt/build/package.json /opt/one-app/production && \
mv /opt/build/lib /opt/one-app/production && \
mv /opt/build/build /opt/one-app/production && \
mv /opt/build/bundle.integrity.manifest.json /opt/one-app/production && \
mv /opt/build/.build-meta.json /opt/one-app/production

# https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md#handling-kernel-signals
FROM node:$VERSION-alpine as node-tini
RUN apk add --no-cache tini
ENTRYPOINT ["/sbin/tini", "--"]

# development image
# docker build . --target=development
FROM node-tini as development
ARG USER
ENV USER ${USER:-node}
ENV NODE_ENV=development
# exposing these ports as they are default for all the local dev servers
# see src/server/config/env/runtime.js
EXPOSE 3000
EXPOSE 3001
EXPOSE 3002
EXPOSE 3005
WORKDIR /opt/one-app
RUN chown node:node /opt/one-app
USER $USER
CMD ["scripts/start.sh"]
COPY --from=builder --chown=node:node /opt/one-app/development ./

# production image
# last so that it's the default image artifact
FROM node-tini as production
ARG USER
ENV USER ${USER:-node}
ENV NODE_ENV=production
# exposing these ports as they are defaults for one app and the prom metrics server
# see src/server/config/env/runtime.js
EXPOSE 3000
EXPOSE 3005
WORKDIR /opt/one-app
USER $USER
CMD ["scripts/start.sh"]
COPY --from=builder --chown=node:node /opt/one-app/production ./

0 comments on commit 947e4aa

Please sign in to comment.