-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
152 lines (122 loc) · 4.52 KB
/
Dockerfile
File metadata and controls
152 lines (122 loc) · 4.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
# KITA Poll - Docker Configuration
# Optimized multi-stage build for smaller production image
# Uses PUPPETEER_SKIP_CHROMIUM_DOWNLOAD to avoid 300MB bundled Chromium
# ============================================
# Stage 1: Dependencies (build tools + native modules)
# ============================================
FROM node:22-slim AS deps
# Install build dependencies for native modules (canvas, pdfkit)
# Note: Full apt reset to guarantee fresh package lists (no stale GPG signatures)
RUN rm -rf /var/lib/apt/lists/* /var/cache/apt/* /etc/apt/apt.conf.d/docker-clean && \
apt-get clean && \
apt-get update --allow-releaseinfo-change && \
apt-get install -y --no-install-recommends \
python3 \
make \
g++ \
libcairo2-dev \
libpango1.0-dev \
libjpeg-dev \
libgif-dev \
libpixman-1-dev \
&& rm -rf /var/lib/apt/lists/*
# Skip Puppeteer Chromium download (we use system Chromium in production)
ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install all dependencies
RUN npm ci && npm cache clean --force
# ============================================
# Stage 2: Builder (compile TypeScript + Vite)
# ============================================
FROM node:22-slim AS builder
# Skip Puppeteer Chromium download
ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
WORKDIR /app
# Copy dependencies from deps stage
COPY --from=deps /app/node_modules ./node_modules
COPY package*.json ./
# Copy source files (only what's needed for build)
COPY client ./client
COPY server ./server
COPY shared ./shared
COPY tsconfig.json ./
COPY vite.config.ts ./
COPY tailwind.config.ts ./
COPY postcss.config.js ./
COPY components.json ./
COPY drizzle.config.ts ./
# Build the frontend (Vite)
RUN npm run build
# ============================================
# Stage 3: Production Runtime
# ============================================
FROM node:22-slim AS production
# Install minimal runtime dependencies
# - canvas/pdfkit: libcairo2 libpango-1.0-0 libjpeg62-turbo libgif7 libpixman-1-0
# - Puppeteer: chromium (system installation, not bundled)
# - Database: postgresql-client (for pg_isready)
# - Utilities: wget for health checks
# Note: Full apt reset to guarantee fresh package lists (no stale GPG signatures)
RUN rm -rf /var/lib/apt/lists/* /var/cache/apt/* /etc/apt/apt.conf.d/docker-clean && \
apt-get clean && \
apt-get update --allow-releaseinfo-change && \
apt-get install -y --no-install-recommends \
libcairo2 \
libpango-1.0-0 \
libpangocairo-1.0-0 \
libjpeg62-turbo \
libgif7 \
libpixman-1-0 \
chromium \
fonts-liberation \
postgresql-client \
wget \
&& rm -rf /var/lib/apt/lists/* \
&& rm -rf /var/cache/apt/*
# Configure Puppeteer to use system Chromium (skip bundled download)
ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium
# Create non-root user for security
RUN groupadd -g 1001 nodejs && \
useradd -u 1001 -g nodejs -m nodejs
WORKDIR /app
# Copy package files
COPY package*.json ./
# Copy node_modules from deps stage (with Puppeteer Chromium skipped)
COPY --from=deps /app/node_modules ./node_modules
# Copy server source (needed for tsx runtime)
COPY --from=builder /app/server ./server
# Copy server tests directly from context (needed for admin test panel functionality)
COPY server/tests ./server/tests
COPY --from=builder /app/shared ./shared
COPY --from=builder /app/tsconfig.json ./
COPY --from=builder /app/drizzle.config.ts ./
COPY --from=builder /app/vite.config.ts ./
COPY vitest.config.ts ./
# Copy client source files needed by UI consistency tests (alertConsistency.test.ts)
COPY --from=builder /app/client/src/components ./client/src/components
COPY --from=builder /app/client/src/pages ./client/src/pages
COPY --from=builder /app/client/src/index.css ./client/src/index.css
# Copy migrations for schema setup
COPY migrations ./migrations
# Copy built frontend
COPY --from=builder /app/dist/public ./server/public
# Copy entrypoint script
COPY docker-entrypoint.sh ./
RUN chmod +x docker-entrypoint.sh
# Create uploads directory with correct permissions
RUN mkdir -p uploads && chown -R nodejs:nodejs /app
# Switch to non-root user
USER nodejs
# Expose port
EXPOSE 5000
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:5000/api/v1/health || exit 1
# Environment variables
ENV NODE_ENV=production
ENV PORT=5000
# Use entrypoint for automatic setup
ENTRYPOINT ["./docker-entrypoint.sh"]