@@ -3,13 +3,10 @@ ARG POSTHOG_API_KEY=posthog-api-key
3
3
ARG INTERCOM_ID=intercom-id
4
4
ARG CAPTCHA_SITE_KEY=captcha-site-key
5
5
6
- FROM node:20-alpine AS base
6
+ FROM node:20-slim AS base
7
7
8
8
FROM base AS frontend-dependencies
9
9
10
- # Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
11
- RUN apk add --no-cache libc6-compat
12
-
13
10
WORKDIR /app
14
11
15
12
COPY frontend/package.json frontend/package-lock.json ./
@@ -45,8 +42,8 @@ RUN npm run build
45
42
FROM base AS frontend-runner
46
43
WORKDIR /app
47
44
48
- RUN addgroup --system --gid 1001 nodejs
49
- RUN adduser --system --uid 1001 non-root-user
45
+ RUN groupadd --system --gid 1001 nodejs
46
+ RUN useradd --system --uid 1001 --gid nodejs non-root-user
50
47
51
48
COPY --from=frontend-builder --chown=non-root-user:nodejs /app/dist ./
52
49
@@ -56,21 +53,23 @@ USER non-root-user
56
53
## BACKEND
57
54
##
58
55
FROM base AS backend-build
59
- RUN addgroup --system --gid 1001 nodejs \
60
- && adduser --system --uid 1001 non-root-user
61
56
62
57
WORKDIR /app
63
58
64
59
# Install all required dependencies for build
65
- RUN apk -- update add \
60
+ RUN apt-get update && apt-get install -y \
66
61
python3 \
67
62
make \
68
63
g++ \
69
64
unixodbc \
70
- freetds \
65
+ freetds-bin \
71
66
unixodbc-dev \
72
67
libc-dev \
73
- freetds-dev
68
+ freetds-dev \
69
+ && rm -rf /var/lib/apt/lists/*
70
+
71
+ RUN groupadd --system --gid 1001 nodejs
72
+ RUN useradd --system --uid 1001 --gid nodejs non-root-user
74
73
75
74
COPY backend/package*.json ./
76
75
RUN npm ci --only-production
@@ -86,18 +85,19 @@ FROM base AS backend-runner
86
85
WORKDIR /app
87
86
88
87
# Install all required dependencies for runtime
89
- RUN apk -- update add \
88
+ RUN apt-get update && apt-get install -y \
90
89
python3 \
91
90
make \
92
91
g++ \
93
92
unixodbc \
94
- freetds \
93
+ freetds-bin \
95
94
unixodbc-dev \
96
95
libc-dev \
97
- freetds-dev
96
+ freetds-dev \
97
+ && rm -rf /var/lib/apt/lists/*
98
98
99
99
# Configure ODBC
100
- RUN printf "[FreeTDS]\nDescription = FreeTDS Driver\nDriver = /usr/lib/libtdsodbc.so\nSetup = /usr/lib/libtdsodbc .so\nFileUsage = 1\n" > /etc/odbcinst.ini
100
+ RUN printf "[FreeTDS]\nDescription = FreeTDS Driver\nDriver = /usr/lib/x86_64-linux-gnu/odbc/ libtdsodbc.so\nSetup = /usr/lib/x86_64-linux-gnu/odbc/libtdsS .so\nFileUsage = 1\n" > /etc/odbcinst.ini
101
101
102
102
COPY backend/package*.json ./
103
103
RUN npm ci --only-production
@@ -109,34 +109,35 @@ RUN mkdir frontend-build
109
109
# Production stage
110
110
FROM base AS production
111
111
112
- RUN apk add --upgrade --no-cache ca-certificates
113
- RUN apk add --no-cache bash curl && curl -1sLf \
114
- 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash \
115
- && apk add infisical=0.31.1 && apk add --no-cache git
116
-
117
- WORKDIR /
118
-
119
- # Install all required runtime dependencies
120
- RUN apk --update add \
112
+ RUN apt-get update && apt-get install -y \
113
+ ca-certificates \
114
+ bash \
115
+ curl \
116
+ git \
121
117
python3 \
122
118
make \
123
119
g++ \
124
120
unixodbc \
125
- freetds \
121
+ freetds-bin \
126
122
unixodbc-dev \
127
123
libc-dev \
128
124
freetds-dev \
129
- bash \
130
- curl \
131
- git \
132
- openssh
125
+ openssh-client \
126
+ && rm -rf /var/lib/apt/lists/*
127
+
128
+ # Install Infisical CLI
129
+ RUN curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | bash \
130
+ && apt-get update && apt-get install -y infisical=0.31.1 \
131
+ && rm -rf /var/lib/apt/lists/*
132
+
133
+ WORKDIR /
133
134
134
135
# Configure ODBC in production
135
- RUN printf "[FreeTDS]\nDescription = FreeTDS Driver\nDriver = /usr/lib/libtdsodbc.so\nSetup = /usr/lib/libtdsodbc .so\nFileUsage = 1\n" > /etc/odbcinst.ini
136
+ RUN printf "[FreeTDS]\nDescription = FreeTDS Driver\nDriver = /usr/lib/x86_64-linux-gnu/odbc/ libtdsodbc.so\nSetup = /usr/lib/x86_64-linux-gnu/odbc/libtdsS .so\nFileUsage = 1\n" > /etc/odbcinst.ini
136
137
137
138
# Setup user permissions
138
- RUN addgroup --system --gid 1001 nodejs \
139
- && adduser --system --uid 1001 non-root-user
139
+ RUN groupadd --system --gid 1001 nodejs \
140
+ && useradd --system --uid 1001 --gid nodejs non-root-user
140
141
141
142
# Give non-root-user permission to update SSL certs
142
143
RUN chown -R non-root-user /etc/ssl/certs
@@ -154,9 +155,7 @@ ENV INTERCOM_ID=$INTERCOM_ID
154
155
ARG CAPTCHA_SITE_KEY
155
156
ENV CAPTCHA_SITE_KEY=$CAPTCHA_SITE_KEY
156
157
157
-
158
158
COPY --from=backend-runner /app /backend
159
-
160
159
COPY --from=frontend-runner /app ./backend/frontend-build
161
160
162
161
ARG INFISICAL_PLATFORM_VERSION
0 commit comments