This repository has been archived by the owner on Mar 12, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
70 lines (53 loc) · 2.25 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
FROM node:12 as builder
LABEL [email protected]
LABEL org.opencontainers.image.created=03/31/20
LABEL org.opencontainers.image.title="Outcome Service Dockerfile"
LABEL org.opencontainers.image.url=
LABEL org.opencontainers.image.source=
WORKDIR /node/app
# Copy package.json and package-lock and
# install node_modules before copying all files
# in order to leverage better caching.
# The package-lock.json file will be ignored if
# it does not exist.
COPY package.json package-lock.json* ./
# For logging purposes
RUN npm config list
# Install production dependencies in /node_modules
RUN npm install --silent && npm cache clean --force
# Copy the entire app, with all TS files
COPY . .
RUN chmod 755 ./wait-for-container.sh
# Transpile TS to JS in /dist
RUN npm run build
# Use Debian for final image instead of Alpine.
# Debian works better with image scanning tools.
# Alpine is used above for faster build and then discarded.
FROM builder as prod
EXPOSE 3000
# jq is required for the ./uninstall-dev script
RUN apt-get update && \
apt-get install -y jq
# Uninstall dev dependencies.
# They are not needed for production image
RUN ./uninstall-dev.sh
# Install tini to /tini and give it executable permission
ADD https://github.com/krallin/tini/releases/download/v0.17.0/tini /tini
RUN chmod +x /tini
WORKDIR /var/www
# Use node user that is defined in upstream image instead of root.
# This user will be referenced when executing RUN, CMD, and ENTRYPOINT.
# Everything else will still be executed with root.
USER node
# The final image will only contain dist, node_modules, and tini.
COPY --from=builder /node/app/node_modules node_modules/
COPY --from=builder /node/app/dist dist/
# Use node instead of npm for better linux process signal passing
# npm does not respond to SIGINT/SIGTERM for graceful shutdown
# node can be configured to respond to SIGINIT/SIGTERM
# We use "tini" for signal response, but "tini" does not handle graceful shutdown
# Custom code can be added for better handle graceful shutdown
# Without tini, linux will kill the container after 10 seconds of waiting
# We want to prevent killing containers on production servers during rolling updates
ENTRYPOINT [ "/tini", "--" ]
CMD [ "node", "./dist/main" ]