copilot: docker optimize.
Some checks failed
Build and Push Docker Image / buildx (push) Has been cancelled
Some checks failed
Build and Push Docker Image / buildx (push) Has been cancelled
This commit is contained in:
27
Dockerfile
27
Dockerfile
@@ -1,19 +1,30 @@
|
||||
FROM node:25-alpine
|
||||
FROM node:lts-alpine
|
||||
|
||||
# Use a non-root working directory
|
||||
WORKDIR /app
|
||||
|
||||
# Install dependencies
|
||||
COPY package*.json ./
|
||||
RUN npm install --production
|
||||
# Copy package files first to leverage Docker layer caching
|
||||
COPY package.json package-lock.json ./
|
||||
|
||||
# Copy application code
|
||||
# Install production dependencies deterministically
|
||||
# --omit=dev keeps devDependencies out of the final install
|
||||
RUN npm ci --omit=dev --no-audit --no-fund
|
||||
|
||||
# Copy the rest of the application
|
||||
COPY . .
|
||||
|
||||
# Create directory for database with open permissions
|
||||
RUN mkdir -p /app/data && chmod 777 /app/data
|
||||
# Install tiny helper to drop privileges at container start
|
||||
# and keep image small (no cache)
|
||||
RUN apk add --no-cache su-exec
|
||||
|
||||
# Set environment variable for database path
|
||||
# Runtime entrypoint ensures the data dir ownership and drops privileges
|
||||
COPY scripts/entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
ENV NODE_ENV=production
|
||||
ENV DB_PATH=/app/data/data.db
|
||||
|
||||
EXPOSE 3000
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
CMD ["node", "server.js"]
|
||||
|
||||
Reference in New Issue
Block a user