36 lines
1.5 KiB
Docker
36 lines
1.5 KiB
Docker
FROM node:16-buster AS builder
|
|
# Install doppler CLI
|
|
RUN (curl -Ls --tlsv1.2 --proto "=https" --retry 3 https://cli.doppler.com/install.sh) | sh -s -- --verify-signature
|
|
# node images create a non-root user that we can use
|
|
USER node
|
|
WORKDIR /home/node/build
|
|
COPY --chown=node:node . .
|
|
# Pass `DOPPLER_TOKEN` at build time to create an encrypted snapshot for high-availability
|
|
ARG DOPPLER_TOKEN
|
|
RUN \
|
|
doppler secrets download doppler.encrypted.json &&\
|
|
npm ci --no-progress --ignore-scripts &&\
|
|
doppler run --fallback=doppler.encrypted.json --command="npm run create:config" &&\
|
|
doppler run --fallback=doppler.encrypted.json --command="npm run build:curriculum" &&\
|
|
doppler run --fallback=doppler.encrypted.json --command="npm run build:server"
|
|
|
|
FROM node:16-alpine as depends
|
|
USER node
|
|
WORKDIR /home/node/depends
|
|
COPY --chown=node:node . .
|
|
RUN npm ci --production --workspace=api-server --no-progress --ignore-scripts
|
|
|
|
FROM node:16-alpine
|
|
RUN npm i -g pm2@4
|
|
USER node
|
|
WORKDIR /home/node/api
|
|
COPY --from=builder --chown=node:node /home/node/build/api-server/lib/ api-server/lib/
|
|
COPY --from=builder --chown=node:node /home/node/build/utils/ utils/
|
|
COPY --from=builder --chown=node:node /home/node/build/config/ config/
|
|
COPY --from=depends --chown=node:node /home/node/depends/api-server/node_modules/ api-server/node_modules/
|
|
COPY --from=depends --chown=node:node /home/node/depends/node_modules/ node_modules/
|
|
WORKDIR /home/node/api/api-server
|
|
CMD ["pm2-runtime", "./lib/production-start.js"]
|
|
|
|
# TODO: don't copy mocks/fixtures
|