upflow/Dockerfile at main · coji/upflow · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
ARG NODE_VERSION=24.14.0
ARG PNPM_VERSION=10.32.1

# --- Build base: includes native build tools for better-sqlite3 ---
FROM node:${NODE_VERSION}-slim AS build-base

RUN apt-get update \
  && apt-get install --no-install-recommends -y openssl curl ca-certificates build-essential python3 \
  && apt-get clean \
  && npm i -g pnpm@${PNPM_VERSION} \
  && rm -rf /var/lib/apt/lists/*


# --- Runtime base: minimal packages for production ---
FROM node:${NODE_VERSION}-slim AS runtime-base

RUN apt-get update \
  && apt-get install --no-install-recommends -y openssl openssh-client sqlite3 procps curl ca-certificates unzip vim \
  && apt-get clean \
  && npm i -g pnpm@${PNPM_VERSION} \
  && curl -sSf https://atlasgo.sh | sh \
  && rm -rf /var/lib/apt/lists/*


# --- Install all node_modules (dev + prod) ---
FROM build-base AS deps

WORKDIR /upflow

COPY package.json pnpm-lock.yaml ./
RUN pnpm fetch


# --- Production node_modules only ---
FROM build-base AS production-deps

ENV NODE_ENV=production
WORKDIR /upflow

COPY --from=deps /upflow/node_modules /upflow/node_modules
COPY package.json pnpm-lock.yaml ./
RUN pnpm install --prod --offline --frozen-lockfile


# --- Build the app ---
FROM build-base AS build

WORKDIR /upflow

COPY --from=deps /upflow/node_modules /upflow/node_modules
COPY package.json pnpm-lock.yaml ./
RUN pnpm install --offline --frozen-lockfile && pnpm rebuild better-sqlite3

COPY . .

# Sentry (optional). DSN is baked into the client bundle at build time; server reads SENTRY_DSN at runtime.
# SENTRY_PUBLISH_RELEASE=1 enables source map upload (requires SENTRY_AUTH_TOKEN).
ARG SENTRY_DSN
ARG SENTRY_AUTH_TOKEN
ARG SENTRY_TRACES_SAMPLE_RATE
ARG SENTRY_PUBLISH_RELEASE

RUN SENTRY_DSN="$SENTRY_DSN" \
    VITE_SENTRY_DSN="$SENTRY_DSN" \
    SENTRY_TRACES_SAMPLE_RATE="$SENTRY_TRACES_SAMPLE_RATE" \
    VITE_SENTRY_TRACES_SAMPLE_RATE="$SENTRY_TRACES_SAMPLE_RATE" \
    SENTRY_AUTH_TOKEN="$SENTRY_AUTH_TOKEN" \
    SENTRY_PUBLISH_RELEASE="$SENTRY_PUBLISH_RELEASE" \
    pnpm run build


# --- Production image ---
FROM runtime-base

ENV UPFLOW_DATA_DIR="/upflow/data"
ENV PORT="8080"
ENV NODE_ENV="production"

# add shortcut for connecting to database CLI
RUN printf '#!/bin/sh\nset -x\nsqlite3 "${UPFLOW_DATA_DIR}/data.db"\n' > /usr/local/bin/database-cli && chmod +x /usr/local/bin/database-cli

WORKDIR /upflow

COPY --from=production-deps /upflow/node_modules /upflow/node_modules
COPY --from=build /upflow/build /upflow/build
COPY --from=build /upflow/public /upflow/public
COPY --from=build /upflow/db /upflow/db
COPY --from=build /upflow/atlas.hcl /upflow/atlas.hcl
COPY --from=build /upflow/package.json /upflow/package.json
COPY --from=build /upflow/tsconfig.json /upflow/tsconfig.json
COPY --from=build /upflow/start.sh /upflow/start.sh
COPY --from=build /upflow/app /upflow/app
COPY --from=build /upflow/batch /upflow/batch
COPY --from=build /upflow/ops/remote /upflow/ops/remote
COPY --from=build /upflow/server.mjs /upflow/server.mjs
COPY --from=build /upflow/instrument.server.mjs /upflow/instrument.server.mjs

CMD [ "sh", "./start.sh" ]