ARG NODE_VERSION="20" # ===== # 1. Build Stage # ===== FROM node:${NODE_VERSION}-alpine AS build_stage ENV BUILD_PATH="/app.build" # Make a directory to build the application in RUN mkdir -p $BUILD_PATH WORKDIR $BUILD_PATH # Install common build dependencies # see: https://github.com/gliderlabs/docker-alpine/blob/master/docs/usage.md (re: `--no-cache` flag) RUN apk add --no-cache \ python3 \ g++ \ make \ bash # Copy over the application files COPY package.json package-lock.json tsconfig.json ${BUILD_PATH}/ COPY src/ ${BUILD_PATH}/src/ # Install dependencies and build the application source # (mount the NPM credentials so we can install private packages) RUN --mount=type=secret,id=npmrc,target=/root/.npmrc npm ci RUN npm run tsc # Remove any dev dependencies now that the app is built RUN npm prune --production # ===== # 2. Distribution Stage # ===== FROM node:${NODE_VERSION}-alpine AS dist_stage ENV BUILD_PATH="/app.build" # Environment variables to control where the various application # components are located. You probably don't need to change these ENV APP_PATH="/app" ENV DATA_PATH="/app.data" ENV CONF_PATH="/app.conf" # Create a new user/group to run the application RUN addgroup appuser && \ adduser \ --no-create-home \ --disabled-password \ --gecos "" \ --ingroup appuser \ appuser # Make a directory to store configuration VOLUME [ "${DATA_PATH}" ] RUN mkdir -p ${DATA_PATH} && \ chown appuser:appuser ${DATA_PATH} && \ chmod 0700 ${DATA_PATH} # Make a directory to store configuration VOLUME [ "${CONF_PATH}" ] RUN mkdir -p ${CONF_PATH} && \ chown appuser:appuser ${CONF_PATH} && \ chmod 0500 ${CONF_PATH} # Copy over the built application code COPY --from=build_stage --chown=appuser:appuser --chmod=500 ${BUILD_PATH}/build/ ${APP_PATH}/ # Copy over the production node_modules COPY --from=build_stage --chown=appuser:appuser --chmod=500 ${BUILD_PATH}/node_modules/ /node_modules/ # Run the application with the user/group given permissions above USER appuser:appuser # Run the application by default ENTRYPOINT [ "node", "${APP_PATH}/start.js" ]