-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
297 lines (246 loc) · 12.3 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
# syntax=docker/dockerfile:1-labs
FROM --platform=$BUILDPLATFORM rust:1.84.0-alpine AS wasm
WORKDIR /workdir
# Install required tools and libraries
RUN \
--mount=type=cache,target=/usr/local/cargo/registry \
apk add --no-cache binaryen pkgconfig musl-dev openssl-dev && \
RUSTFLAGS="-Ctarget-feature=-crt-static" cargo install wasm-bindgen-cli && \
rustup target add wasm32-unknown-unknown && \
wget -O - https://rustwasm.github.io/wasm-pack/installer/init.sh | sh
# Get and build dependencies based on dummy `lib.rs`
RUN \
--mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=bind,source=wasm/Cargo.toml,target=Cargo.toml \
--mount=type=bind,source=wasm/Cargo.lock,target=Cargo.lock \
mkdir ./src && \
echo 'pub fn tmp() {}' > ./src/lib.rs && \
cargo build --release --target wasm32-unknown-unknown && \
rm ./src/lib.rs ./target/wasm32-unknown-unknown/release/deps/wasm.wasm
# Build WebAssembly package
RUN \
--mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=bind,source=wasm/Cargo.toml,target=Cargo.toml \
--mount=type=bind,source=wasm/Cargo.lock,target=Cargo.lock \
--mount=type=bind,source=wasm/src,target=src \
wasm-pack build -s rating-tracker --release && \
# Fix `package.json`
sed -E -i.bak 's/"module": "([A-Za-z0-9\-\.]+)",/"main": "\1",\n "module": "\1",/g ; s/^}$/}\n/' pkg/package.json && \
rm pkg/package.json.bak
FROM --platform=$BUILDPLATFORM node:22.13.1-alpine AS yarn
ENV FORCE_COLOR=true
ENV PRISMA_CLI_BINARY_TARGETS=linux-musl-openssl-3.0.x,linux-musl-arm64-openssl-3.0.x
WORKDIR /workdir
# Copy files required for installing dependencies
COPY packages/backend/prisma ./packages/backend/prisma
# Install dependencies
RUN \
--mount=type=bind,source=package.json,target=package.json \
--mount=type=bind,source=.yarnrc.yml,target=.yarnrc.yml \
--mount=type=bind,source=yarn.lock,target=yarn.lock \
--mount=type=bind,source=packages/backend/package.json,target=packages/backend/package.json \
--mount=type=bind,source=packages/commons/package.json,target=packages/commons/package.json \
--mount=type=bind,source=packages/frontend/package.json,target=packages/frontend/package.json \
--mount=type=bind,source=packages/wasm/package.json,target=packages/wasm/package.json \
--mount=type=bind,source=tools/package.json,target=tools/package.json \
--mount=type=bind,source=tools/.yarnrc.yml,target=tools/.yarnrc.yml \
--mount=type=bind,source=tools/yarn.lock,target=tools/yarn.lock \
corepack enable && \
yarn workspaces focus -A --production && \
yarn tools
FROM --platform=$BUILDPLATFORM node:22.13.1-alpine AS test-backend
ENV FORCE_COLOR=true
ENV DOMAIN=example.com
ENV SUBDOMAIN=subdomain
ENV SIGNAL_URL=http://127.0.0.1:8080
ENV SIGNAL_SENDER=+493012345678
ENV PATH="/workdir/tools/node_modules/.bin:${PATH}"
ENV PGDATA=/tmp/postgresql/data
ENV POSTGRES_HOST=127.0.0.1
WORKDIR /workdir
# Install PostgreSQL and initialize database
RUN \
apk add --no-cache postgresql-contrib && \
mkdir -p /run/postgresql && \
chown -R postgres:postgres /run/postgresql && \
su postgres -c 'initdb'
# Run backend tests
RUN \
--mount=type=bind,source=packages/backend,target=packages/backend,rw \
--mount=type=bind,source=packages/commons,target=packages/commons \
--mount=type=bind,source=.yarnrc.yml,target=.yarnrc.yml \
--mount=type=bind,source=package.json,target=package.json \
--mount=type=bind,source=tsconfig.json,target=tsconfig.json \
--mount=type=bind,source=yarn.lock,target=yarn.lock \
--mount=type=bind,from=yarn,source=/root/.cache,target=/root/.cache \
--mount=type=bind,from=yarn,source=/usr/local,target=/usr/local \
--mount=type=bind,from=yarn,source=/workdir/.yarn,target=.yarn \
--mount=type=bind,from=yarn,source=/workdir/.pnp.cjs,target=.pnp.cjs \
--mount=type=bind,from=yarn,source=/workdir/.pnp.loader.mjs,target=.pnp.loader.mjs \
--mount=type=bind,from=yarn,source=/workdir/packages/backend/prisma,target=packages/backend/prisma \
--mount=type=bind,from=yarn,source=/workdir/tools,target=tools \
--network=none \
su postgres -c 'postgres -c fsync=off -c synchronous_commit=off -c full_page_writes=off &' && \
yarn workspace @rating-tracker/backend test && \
mkdir -p /coverage && \
mv packages/backend/coverage /coverage/backend
FROM --platform=$BUILDPLATFORM node:22.13.1-alpine AS test-commons
ENV FORCE_COLOR=true
WORKDIR /workdir
# Run commons tests
RUN \
--mount=type=bind,source=packages/commons,target=packages/commons,rw \
--mount=type=bind,source=.yarnrc.yml,target=.yarnrc.yml \
--mount=type=bind,source=package.json,target=package.json \
--mount=type=bind,source=tsconfig.json,target=tsconfig.json \
--mount=type=bind,source=yarn.lock,target=yarn.lock \
--mount=type=bind,from=yarn,source=/root/.cache,target=/root/.cache \
--mount=type=bind,from=yarn,source=/usr/local,target=/usr/local \
--mount=type=bind,from=yarn,source=/workdir/.yarn,target=.yarn \
--mount=type=bind,from=yarn,source=/workdir/.pnp.cjs,target=.pnp.cjs \
--mount=type=bind,from=yarn,source=/workdir/.pnp.loader.mjs,target=.pnp.loader.mjs \
--network=none \
yarn workspace @rating-tracker/commons test && \
mkdir -p /coverage && \
mv packages/commons/coverage /coverage/commons
FROM --platform=$BUILDPLATFORM node:22.13.1-alpine AS test-frontend
ENV FORCE_COLOR=true
WORKDIR /workdir
# Run frontend tests
RUN \
--mount=type=bind,source=packages/commons,target=packages/commons \
--mount=type=bind,source=packages/frontend,target=packages/frontend,rw \
--mount=type=bind,from=wasm,source=/workdir/pkg,target=packages/wasm \
--mount=type=bind,source=.yarnrc.yml,target=.yarnrc.yml \
--mount=type=bind,source=package.json,target=package.json \
--mount=type=bind,source=tsconfig.json,target=tsconfig.json \
--mount=type=bind,source=yarn.lock,target=yarn.lock \
--mount=type=bind,from=yarn,source=/root/.cache,target=/root/.cache \
--mount=type=bind,from=yarn,source=/usr/local,target=/usr/local \
--mount=type=bind,from=yarn,source=/workdir/.yarn,target=.yarn \
--mount=type=bind,from=yarn,source=/workdir/.pnp.cjs,target=.pnp.cjs \
--mount=type=bind,from=yarn,source=/workdir/.pnp.loader.mjs,target=.pnp.loader.mjs \
--network=none \
yarn workspace @rating-tracker/frontend test && \
mkdir -p /coverage && \
mv packages/frontend/coverage /coverage/frontend
FROM --platform=$BUILDPLATFORM node:22.13.1-alpine AS build-backend
ENV NODE_ENV=production
ENV FORCE_COLOR=true
WORKDIR /workdir
# Build backend
RUN \
--mount=type=bind,source=packages/backend,target=packages/backend,rw \
--mount=type=bind,source=packages/commons,target=packages/commons \
--mount=type=bind,source=.yarnrc.yml,target=.yarnrc.yml \
--mount=type=bind,source=package.json,target=package.json \
--mount=type=bind,source=tsconfig.json,target=tsconfig.json \
--mount=type=bind,source=yarn.lock,target=yarn.lock \
--mount=type=bind,from=yarn,source=/root/.cache,target=/root/.cache \
--mount=type=bind,from=yarn,source=/usr/local,target=/usr/local \
--mount=type=bind,from=yarn,source=/workdir/.yarn,target=.yarn \
--mount=type=bind,from=yarn,source=/workdir/.pnp.cjs,target=.pnp.cjs \
--mount=type=bind,from=yarn,source=/workdir/.pnp.loader.mjs,target=.pnp.loader.mjs \
--mount=type=bind,from=yarn,source=/workdir/packages/backend/prisma,target=packages/backend/prisma \
--network=none \
# Bundle backend
yarn workspace @rating-tracker/backend build && \
# Parse backend bundle for correctness and executability in Node.js
/bin/sh -c 'cd packages/backend && EXIT_AFTER_READY=1 node -r ./test/env.ts dist/server.mjs' && \
# Create directories for target container and copy only necessary files
mkdir -p /app/public/api-docs /app/prisma/client && \
cp -r packages/backend/dist/* /app && \
cp -r packages/backend/prisma/migrations /app/prisma && \
cp packages/backend/prisma/client/schema.prisma /app/prisma/client && \
ln -s ./client/schema.prisma /app/prisma/schema.prisma
FROM --platform=$BUILDPLATFORM node:22.13.1-alpine AS build-frontend
ENV NODE_ENV=production
ENV FORCE_COLOR=true
WORKDIR /workdir
# Build frontend
RUN \
--mount=type=bind,source=packages/commons,target=packages/commons \
--mount=type=bind,source=packages/frontend,target=packages/frontend,rw \
--mount=type=bind,source=.yarnrc.yml,target=.yarnrc.yml \
--mount=type=bind,source=package.json,target=package.json \
--mount=type=bind,source=tsconfig.json,target=tsconfig.json \
--mount=type=bind,source=yarn.lock,target=yarn.lock \
--mount=type=bind,from=wasm,source=/workdir/pkg,target=packages/wasm \
--mount=type=bind,from=yarn,source=/root/.cache,target=/root/.cache \
--mount=type=bind,from=yarn,source=/usr/local,target=/usr/local \
--mount=type=bind,from=yarn,source=/workdir/.yarn,target=.yarn \
--mount=type=bind,from=yarn,source=/workdir/.pnp.cjs,target=.pnp.cjs \
--mount=type=bind,from=yarn,source=/workdir/.pnp.loader.mjs,target=.pnp.loader.mjs \
--network=none \
# Bundle frontend
yarn workspace @rating-tracker/frontend build && \
# Create directories for target container and copy only necessary files
mkdir -p /app/public && \
cp -r packages/frontend/dist/* /app/public
FROM --platform=$BUILDPLATFORM eclipse-temurin:21.0.5_11-jre-alpine AS result
# Install bash and download and extract Codacy coverage reporter
RUN \
apk add --no-cache bash && \
wget -qO - https://coverage.codacy.com/get.sh > /usr/local/bin/codacy-coverage && \
chmod +x /usr/local/bin/codacy-coverage && \
codacy-coverage download
WORKDIR /coverage
# Add build artifacts
COPY --from=build-backend /app /app
COPY --from=build-frontend /app/public/. /app/public
# Copy coverage reports from test stages
COPY --from=test-backend /coverage/backend /coverage/backend
COPY --from=test-commons /coverage/commons /coverage/commons
COPY --from=test-frontend /coverage/frontend /coverage/frontend
ENTRYPOINT [ "codacy-coverage" ]
# required for Renovate to update the base image:
FROM node:22.13.1-alpine AS node
FROM alpine:3.21.2 AS deploy-base
ARG TARGETARCH
# Install standard libraries and copy Node.js binary
RUN \
--mount=type=bind,from=node,source=/usr/local/bin/node,target=/mnt/usr/local/bin/node \
--mount=type=bind,from=node,source=/etc,target=/mnt/etc \
apk add --no-cache libstdc++ && \
cp -a /mnt/etc/group /etc/group && \
cp -a /mnt/etc/passwd /etc/passwd && \
cp -a /mnt/usr/local/bin/node /usr/local/bin/node
FROM deploy-base AS deploy
ARG TARGETARCH
ENV NODE_ENV=production
ENV PATH="/app/tools/node_modules/.bin:${PATH}"
USER node:node
WORKDIR /app
# Set OCI image labels
ARG BUILD_DATE
LABEL \
org.opencontainers.image.title="Rating Tracker" \
org.opencontainers.image.authors="Marvin A. Ruder <[email protected]>" \
org.opencontainers.image.description="A web service fetching and providing financial and ESG ratings for stocks." \
org.opencontainers.image.url="https://github.com/marvinruder/rating-tracker" \
org.opencontainers.image.source="https://github.com/marvinruder/rating-tracker" \
org.opencontainers.image.vendor="Marvin A. Ruder" \
org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.version="6.1.0" \
org.opencontainers.image.created=$BUILD_DATE
# Define health check
HEALTHCHECK CMD wget -qO /dev/null http://localhost:$PORT/api/status || exit 1
RUN \
--mount=type=bind,from=yarn,source=/workdir/tools,target=/mnt/app/tools \
cp -r /mnt/app/tools /app && \
if [ "$TARGETARCH" == "amd64" ]; then \
rm /app/tools/node_modules/@prisma/engines/libquery_engine-linux-musl-arm64-openssl-3.0.x.so.node; \
rm /app/tools/node_modules/@prisma/engines/schema-engine-linux-musl-arm64-openssl-3.0.x; \
elif [ "$TARGETARCH" == "arm64" ]; then \
rm /app/tools/node_modules/@prisma/engines/libquery_engine-linux-musl-openssl-3.0.x.so.node; \
rm /app/tools/node_modules/@prisma/engines/schema-engine-linux-musl-openssl-3.0.x; \
fi
RUN \
--mount=type=bind,from=result,source=app,target=/mnt/app \
cp -r /mnt/app / && \
if [ "$TARGETARCH" == "amd64" ]; then \
ln -s /app/tools/node_modules/@prisma/engines/libquery_engine-linux-musl-openssl-3.0.x.so.node /app/prisma/client/libquery_engine-linux-musl-openssl-3.0.x.so.node; \
elif [ "$TARGETARCH" == "arm64" ]; then \
ln -s /app/tools/node_modules/@prisma/engines/libquery_engine-linux-musl-arm64-openssl-3.0.x.so.node /app/prisma/client/libquery_engine-linux-musl-arm64-openssl-3.0.x.so.node; \
fi
CMD [ "node", "--enable-source-maps", "server.mjs" ]