-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
38 lines (35 loc) · 1.36 KB
/
Dockerfile
File metadata and controls
38 lines (35 loc) · 1.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Use multi-stage builds for efficiency and security
FROM node:24-alpine AS development-dependencies-env
WORKDIR /app
# Enable and prepare pnpm
RUN corepack enable && corepack prepare pnpm@latest --activate
# Copy only package.json and lock file first for better cache usage
COPY package.json pnpm-lock.yaml ./
RUN pnpm install --frozen-lockfile
# Copy the rest of the files needed for development (excluding files in .dockerignore)
COPY . .
FROM node:24-alpine AS production-dependencies-env
WORKDIR /app
RUN corepack enable && corepack prepare pnpm@latest --activate
COPY package.json pnpm-lock.yaml ./
RUN pnpm install --frozen-lockfile --prod
FROM node:24-alpine AS build-env
WORKDIR /app
RUN corepack enable && corepack prepare pnpm@latest --activate
COPY . .
COPY --from=development-dependencies-env /app/node_modules ./node_modules
RUN pnpm run build
FROM node:24-alpine
WORKDIR /app
ENV NODE_ENV=production
RUN corepack enable && corepack prepare pnpm@latest --activate
# Add a non-root user for security
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
COPY package.json pnpm-lock.yaml ./
COPY --from=production-dependencies-env /app/node_modules ./node_modules
COPY --from=build-env /app/build/client ./build
# Set permissions for the non-root user
RUN chown -R appuser:appgroup /app/build
USER appuser
EXPOSE 4173
CMD ["pnpm", "exec", "serve", "build", "-l", "4173"]