-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathDockerfile.prod
135 lines (99 loc) · 3.8 KB
/
Dockerfile.prod
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
ARG BASE_IMAGE="registry1.dso.mil/ironbank/opensource/nodejs/nodejs18:18.9.0"
FROM $BASE_IMAGE AS base
USER root
RUN yum install -y \
git \
make
RUN yum -y update libsolv libgcc libstdc++ cryptsetup-libs cyrus-sasl-lib gzip zlib nss xz-libs systemd libksba python3-libxml2 libxml2 libcurl curl
COPY ./postgres/tmp/RPM-GPG-KEY-PGDG-11 \
./postgres/tmp/postgresql11-server.rpm \
./postgres/tmp/postgresql11.rpm \
./postgres/tmp/postgresql11-libs.rpm \
./postgres/tmp/postgresql11-contrib.rpm \
/tmp/
RUN rpm --import /tmp/RPM-GPG-KEY-PGDG-11 && \
dnf install -y --nodocs glibc-langpack-en /tmp/postgresql11-server.rpm /tmp/postgresql11.rpm /tmp/postgresql11-libs.rpm /tmp/postgresql11-contrib.rpm && \
dnf clean all && \
rm -rf /var/cache/dnf
ARG APP_UID=1000
ARG APP_GID=1000
# key dirs & globally usable binaries/packages
ENV APP_ROOT="/opt/app-root"
ENV APP_DIR="${APP_ROOT}/src"
ENV APP_BACKEND_DIR="${APP_DIR}/backend"
ENV APP_FRONTEND_DIR="${APP_DIR}/frontend"
ENV APP_SHARED_DIR="${APP_ROOT}/shared"
ENV APP_SHARED_BIN="${APP_SHARED_DIR}/node_modules/.bin"
ENV PATH="${APP_SHARED_BIN}:${PATH}"
ENV NODE_MODULES_DIR="/usr/local/lib/node_modules"
ENV NPM_DIR="/usr/local/lib/node_modules/npm"
ENV LOGS="/logs/uotapp"
RUN mkdir -p \
"${APP_DIR}" \
"${APP_FRONTEND_DIR}" \
"${APP_BACKEND_DIR}" \
"${APP_SHARED_DIR}" \
"${LOGS}" \
&& chown -R "${APP_UID}":"${APP_GID}" "${APP_ROOT}" \
&& chown -R "${APP_UID}":"${APP_GID}" "${LOGS}"
# RUN cd "$NODE_MODULES_DIR" \
# && npm install -g [email protected]
# RUN cd "$NPM_DIR" \
# && npm install [email protected] --save-exact
USER "${APP_UID}":"${APP_GID}"
RUN cd "$APP_SHARED_DIR" \
&& npm install [email protected] --save-exact \
&& npm install nodemon sequelize-cli
FROM base AS builder
ARG APP_UID=1000
ARG APP_GID=1000
USER "${APP_UID}":"${APP_GID}"
COPY --chown="${APP_UID}":"${APP_GID}" ./frontend/package.json "${APP_FRONTEND_DIR}/package.json"
ARG NPM_PROFILE="dod-advana"
ARG NPM_REGISTRY="https://npm.pkg.github.com"
ARG NPM_AUTH_TOKEN=""
RUN cd "${APP_FRONTEND_DIR}" && \
([ -n "$NPM_AUTH_TOKEN" ] && ( \
_registry_fqdn=$(echo -n ${NPM_REGISTRY} | sed -E 's/^https?:\/\///') && \
echo "always-auth=true" >> .npmrc && \
echo "@${NPM_PROFILE}:registry=${NPM_REGISTRY}" >> .npmrc && \
echo "//${_registry_fqdn}/:_authToken=${NPM_AUTH_TOKEN}" > .npmrc \
)) && \
yarn config set @dod-advana:registry ${NPM_REGISTRY} && \
# yarn config set registry "https://registry.yarnpkg.com" && \
yarn install --production
COPY --chown="${APP_UID}":"${APP_GID}" ./frontend "${APP_FRONTEND_DIR}"
RUN cd "${APP_FRONTEND_DIR}" && \
npm run build
FROM base
ARG APP_UID=1000
ARG APP_GID=1000
USER "${APP_UID}":"${APP_GID}"
COPY --chown="${APP_UID}":"${APP_GID}" ./backend/package.json "${APP_BACKEND_DIR}/package.json"
ARG NPM_PROFILE="dod-advana"
ARG NPM_REGISTRY="https://npm.pkg.github.com"
ARG NPM_AUTH_TOKEN=""
RUN cd "${APP_BACKEND_DIR}" && \
([ -n "$NPM_AUTH_TOKEN" ] && ( \
_registry_fqdn=$(echo -n ${NPM_REGISTRY} | sed -E 's/^https?:\/\///') && \
echo "always-auth=true" >> .npmrc && \
echo "@${NPM_PROFILE}:registry=${NPM_REGISTRY}" >> .npmrc && \
echo "//${_registry_fqdn}/:_authToken=${NPM_AUTH_TOKEN}" >> .npmrc && \
echo "legacy-peer-deps=true" >> .npmrc \
)) && \
yarn install --production
USER root
RUN yum remove git -y
USER "${APP_UID}":"${APP_GID}"
USER root
RUN yum remove git -y
USER "${APP_UID}":"${APP_GID}"
COPY --chown="${APP_UID}":"${APP_GID}" ./backend "${APP_BACKEND_DIR}"
COPY --from=builder --chown="${APP_UID}":"${APP_GID}" "${APP_FRONTEND_DIR}/build" "${APP_BACKEND_DIR}/build"
RUN cd "${APP_BACKEND_DIR}"
RUN rm -rf /home/node/.cache
# http & https
EXPOSE 8990 8443
WORKDIR "${APP_BACKEND_DIR}"
ENTRYPOINT ["node"]
CMD ["index.js"]