diff --git a/docker-compose-speckle.yml b/docker-compose-speckle.yml index 4bf1b2f8a..ce9516047 100644 --- a/docker-compose-speckle.yml +++ b/docker-compose-speckle.yml @@ -11,6 +11,9 @@ services: environment: FILE_SIZE_LIMIT_MB: '100' NGINX_ENVSUBST_OUTPUT_DIR: '/etc/nginx' + depends_on: + - speckle-server + - speckle-frontend-2 speckle-frontend-2: build: @@ -31,6 +34,9 @@ services: NUXT_REDIS_URL: 'redis://redis' LOG_LEVEL: 'info' LOG_PRETTY: 'true' + depends_on: + - speckle-server + # - redis speckle-server: build: @@ -86,6 +92,11 @@ services: FRONTEND_ORIGIN: 'http://127.0.0.1' ONBOARDING_STREAM_URL: 'https://latest.speckle.systems/projects/843d07eb10' + depends_on: + [] + # - minio + # - redis + # - postgres preview-service: build: @@ -102,6 +113,9 @@ services: LOG_LEVEL: 'info' LOG_PRETTY: 'true' REDIS_URL: 'redis://redis' + depends_on: + [] + # - redis webhook-service: build: @@ -114,6 +128,9 @@ services: LOG_LEVEL: 'info' LOG_PRETTY: 'true' PG_CONNECTION_STRING: 'postgres://speckle:speckle@postgres/speckle' + depends_on: + - speckle-server + # - postgres fileimport-service: build: @@ -128,3 +145,6 @@ services: PG_CONNECTION_STRING: 'postgres://speckle:speckle@postgres/speckle' SPECKLE_SERVER_URL: 'http://speckle-server:3000' FILE_IMPORT_TIME_LIMIT_MIN: 10 + depends_on: + - speckle-server + # - postgres diff --git a/packages/fileimport-service/Dockerfile b/packages/fileimport-service/Dockerfile index 34bdec8cc..cb960b910 100644 --- a/packages/fileimport-service/Dockerfile +++ b/packages/fileimport-service/Dockerfile @@ -5,7 +5,6 @@ WORKDIR /app COPY packages/fileimport-service/src/ifc-dotnet . RUN dotnet publish ifc-converter.csproj -c Release -o output/ - FROM mcr.microsoft.com/dotnet/runtime:8.0-noble AS runtime SHELL ["/bin/bash", "-o", "pipefail", "-c"] @@ -13,7 +12,6 @@ WORKDIR /speckle-server # configure tini ARG TINI_VERSION=v0.19.0 -ENV TINI_VERSION=${TINI_VERSION} # hadolint ignore=DL3008 RUN apt-get update -y \ @@ -63,6 +61,7 @@ RUN apt-get update -y \ COPY packages/fileimport-service/requirements.txt /speckle-server/ RUN pip install --break-system-packages --disable-pip-version-check --no-cache-dir --requirement /speckle-server/requirements.txt +# Consume the ARG from the global scope ARG NODE_ENV ENV NODE_ENV=${NODE_ENV} ARG NODE_BINARY_PATH=/usr/bin/node @@ -77,5 +76,4 @@ ENV IFC_DOTNET_DLL_PATH='/speckle-server/packages/fileimport-service/src/ifc-dot WORKDIR /speckle-server/packages/fileimport-service -ENTRYPOINT [ "tini", "--", "node", "--loader=./dist/src/aliasLoader.js" ] -CMD ["bin/www.js"] +ENTRYPOINT [ "tini", "--", "node", "--loader=./dist/src/aliasLoader.js", "bin/www.js"] diff --git a/packages/frontend-2/Dockerfile b/packages/frontend-2/Dockerfile index bbc070d45..777d53258 100644 --- a/packages/frontend-2/Dockerfile +++ b/packages/frontend-2/Dockerfile @@ -1,9 +1,5 @@ -FROM node:22-bookworm-slim@sha256:221ee67425de7a3c11ce4e81e63e50caaec82ede3a7d34599ab20e59d29a0cb5 AS build-stage ARG NODE_ENV=production -ARG BUILD_SOURCEMAPS=false - -# for better sourcemaps (the app still gets minified at the end) -ENV SKIP_LIBRARY_MINIFICATION=true +FROM node:22-bookworm-slim@sha256:221ee67425de7a3c11ce4e81e63e50caaec82ede3a7d34599ab20e59d29a0cb5 AS build-stage WORKDIR /speckle-server @@ -29,40 +25,39 @@ COPY packages/ui-components-nuxt ./packages/ui-components-nuxt/ COPY packages/tailwind-theme ./packages/tailwind-theme/ COPY packages/frontend-2 ./packages/frontend-2/ -# hadolint ignore=DL3059 -RUN PUPPETEER_SKIP_DOWNLOAD=true PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 yarn workspaces focus -A -# hadolint ignore=DL3059 -RUN yarn workspaces foreach --exclude "@speckle/frontend-2" -W run build - -# improve caching as other builds do not depend on server version -ARG SPECKLE_SERVER_VERSION=custom -# hadolint ignore=DL3059 -RUN yarn workspaces foreach --include "packages/frontend-2" -W run build - - -ENV TINI_VERSION=v0.19.0 +# install tini +ARG TINI_VERSION=v0.19.0 RUN apt-get update -y \ && DEBIAN_FRONTEND=noninteractive apt-get install -y \ --no-install-recommends \ ca-certificates=20230311 \ curl=7.88.1-10+deb12u12 \ - && curl -fsSL https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /tini \ - && chmod +x /tini \ + && curl -fsSL https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /usr/bin/tini \ + && chmod +x /usr/bin/tini \ && apt-get remove -y curl \ && apt-get autoremove -y \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* -FROM gcr.io/distroless/nodejs22-debian12:nonroot@sha256:ed26b3ab750110c51d9dbdfd6c697561dc40a01c296460c3494d47b550ef4126 AS production-stage -ARG NODE_ENV=production +# consume the ARG from the global scope +ARG NODE_ENV ENV NODE_ENV=${NODE_ENV} -COPY --link --from=build-stage /tini /tini +# hadolint ignore=DL3059 +RUN PUPPETEER_SKIP_DOWNLOAD=true PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 yarn workspaces focus -A -ENTRYPOINT ["/tini", "--"] +# hadolint ignore=DL3059 +RUN yarn workspaces foreach --exclude "@speckle/frontend-2" -W run build -USER nonroot +ARG BUILD_SOURCEMAPS=false +ENV BUILD_SOURCEMAPS=${BUILD_SOURCEMAPS} +# for better sourcemaps (the app still gets minified at the end) +ENV SKIP_LIBRARY_MINIFICATION=true +ARG SPECKLE_SERVER_VERSION=custom +# hadolint ignore=DL3059 +RUN yarn workspaces foreach --include "packages/frontend-2" -W run build +FROM gcr.io/distroless/nodejs22-debian12:nonroot@sha256:ed26b3ab750110c51d9dbdfd6c697561dc40a01c296460c3494d47b550ef4126 AS production-stage ENV PORT=8080 ENV NUXT_PUBLIC_MIXPANEL_TOKEN_ID=acd87c5a50b56df91a795e999812a3a4 @@ -70,7 +65,12 @@ ENV NUXT_PUBLIC_MIXPANEL_API_HOST=https://analytics.speckle.systems WORKDIR /speckle-server COPY --link --from=build-stage /speckle-server/packages/frontend-2/.output . +COPY --link --from=build-stage /usr/bin/tini /usr/bin/tini EXPOSE ${PORT} -CMD ["/nodejs/bin/node", "./server/index.mjs"] +# consume the ARG from the global scope +ARG NODE_ENV +ENV NODE_ENV=${NODE_ENV} +USER nonroot +ENTRYPOINT [ "tini", "--", "/nodejs/bin/node", "./server/index.mjs" ] diff --git a/packages/monitor-deployment/Dockerfile b/packages/monitor-deployment/Dockerfile index fc611e466..ada7de29e 100644 --- a/packages/monitor-deployment/Dockerfile +++ b/packages/monitor-deployment/Dockerfile @@ -7,19 +7,19 @@ WORKDIR /speckle-server # Download tini ARG TINI_VERSION=v0.19.0 -ENV TINI_VERSION=${TINI_VERSION} RUN apt-get update -y \ && DEBIAN_FRONTEND=noninteractive apt-get install -y \ --no-install-recommends \ ca-certificates=20230311 \ curl=7.88.1-10+deb12u12 \ - && curl -fsSL https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o ./tini \ - && chmod +x ./tini \ + && curl -fsSL https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /usr/bin/tini \ + && chmod +x /usr/bin/tini \ && apt-get remove -y curl \ && apt-get autoremove -y \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* +# Consume the ARG from the global scope ARG NODE_ENV ENV NODE_ENV=${NODE_ENV} @@ -46,15 +46,16 @@ RUN PUPPETEER_SKIP_DOWNLOAD=true PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 yarn workspa FROM gcr.io/distroless/nodejs18-debian12:nonroot@sha256:afdea027580f7afcaf1f316b2b3806690c297cb3ce6ddc5cf6a15804dc1c790f AS production-stage +# Consume the ARG from the global scope ARG NODE_ENV ENV NODE_ENV=${NODE_ENV} WORKDIR /speckle-server -COPY --link --from=build-stage /speckle-server/tini /usr/bin/tini +COPY --link --from=build-stage /usr/bin/tini /usr/bin/tini COPY --link --from=build-stage /speckle-server/packages/shared ./packages/shared COPY --link --from=build-stage /speckle-server/packages/monitor-deployment ./packages/monitor-deployment COPY --link --from=build-stage /speckle-server/node_modules ./node_modules WORKDIR /speckle-server/packages/monitor-deployment -ENTRYPOINT [ "tini", "--", "/nodejs/bin/node", "--loader=./dist/src/aliasLoader.js", "bin/www.js" ] +ENTRYPOINT [ "tini", "--", "/nodejs/bin/node", "--loader=./dist/src/aliasLoader.js", "./bin/www.js" ] diff --git a/packages/preview-service/Dockerfile b/packages/preview-service/Dockerfile index 8270f6479..19ad1a473 100644 --- a/packages/preview-service/Dockerfile +++ b/packages/preview-service/Dockerfile @@ -1,26 +1,14 @@ +ARG NODE_ENV=production + # NOTE: Docker context should be set to git root directory, to include the viewer FROM node:18-bookworm-slim@sha256:408f8cbbb7b33a5bb94bdb8862795a94d2b64c2d516856824fd86c4a5594a443 AS build-stage -ARG NODE_ENV=production +# Consume the ARG from the global scope +ARG NODE_ENV ENV NODE_ENV=${NODE_ENV} WORKDIR /speckle-server -# install wait -ARG WAIT_VERSION=2.8.0 -ENV WAIT_VERSION=${WAIT_VERSION} -RUN apt-get update -y \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y \ - --no-install-recommends \ - ca-certificates=20230311 \ - curl=7.88.1-10+deb12u12 \ - && curl -fsSL https://github.com/ufoscout/docker-compose-wait/releases/download/${WAIT_VERSION}/wait -o ./wait \ - && chmod +x ./wait \ - && apt-get remove -y curl \ - && apt-get autoremove -y \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* - COPY .yarnrc.yml . COPY .yarn ./.yarn COPY package.json yarn.lock ./ @@ -50,7 +38,7 @@ RUN yarn workspaces foreach -W run build FROM --platform=linux/amd64 node:22-bookworm-slim@sha256:221ee67425de7a3c11ce4e81e63e50caaec82ede3a7d34599ab20e59d29a0cb5 AS node SHELL ["/bin/bash", "-o", "pipefail", "-c"] -# Install tini and fonts +# Install tini, and fonts RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y \ --no-install-recommends \ @@ -78,8 +66,7 @@ RUN apt-get update && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* -COPY --link --from=build-stage /speckle-server/wait /wait - +# Consume the ARG from the global scope ARG NODE_ENV ENV NODE_ENV=${NODE_ENV} @@ -137,5 +124,4 @@ ENV USER_DATA_DIR='/tmp/puppeteer' # Run everything after as non-privileged user. USER pptruser - -CMD [ "tini", "--", "node", "--loader=./dist/bootstrap.js", "dist/main.js" ] +ENTRYPOINT [ "tini", "--", "node", "--loader=./dist/bootstrap.js", "./dist/main.js" ] diff --git a/packages/server/Dockerfile b/packages/server/Dockerfile index 1b7ee7a4f..da07519b8 100644 --- a/packages/server/Dockerfile +++ b/packages/server/Dockerfile @@ -1,24 +1,18 @@ ARG NODE_ENV=production FROM node:22-bookworm-slim@sha256:221ee67425de7a3c11ce4e81e63e50caaec82ede3a7d34599ab20e59d29a0cb5 AS build-stage -ARG NODE_ENV + WORKDIR /speckle-server -# install wait -ARG WAIT_VERSION=2.8.0 -ENV WAIT_VERSION=${WAIT_VERSION} # install tini ARG TINI_VERSION=v0.19.0 -ENV TINI_VERSION=${TINI_VERSION} RUN apt-get update -y \ && DEBIAN_FRONTEND=noninteractive apt-get install -y \ --no-install-recommends \ ca-certificates=20230311 \ curl=7.88.1-10+deb12u12 \ - && curl -fsSL https://github.com/ufoscout/docker-compose-wait/releases/download/${WAIT_VERSION}/wait -o ./wait \ - && chmod +x ./wait \ - && curl -fsSL https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o ./tini \ - && chmod +x ./tini \ + && curl -fsSL https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /usr/bin/tini \ + && chmod +x /usr/bin/tini \ && apt-get remove -y curl \ && apt-get autoremove -y \ && apt-get clean \ @@ -34,6 +28,9 @@ COPY packages/server/package.json ./packages/server/ COPY packages/shared/package.json ./packages/shared/ COPY packages/objectloader/package.json ./packages/objectloader/ +# Consume the ARG from the global scope +ARG NODE_ENV +ENV NODE_ENV=${NODE_ENV} RUN PUPPETEER_SKIP_DOWNLOAD=true PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 yarn workspaces focus --all # build shared libraries @@ -46,8 +43,6 @@ RUN yarn workspaces foreach -W run build # install only production dependencies # we need a clean environment, free of build dependencies FROM node:22-bookworm-slim@sha256:221ee67425de7a3c11ce4e81e63e50caaec82ede3a7d34599ab20e59d29a0cb5 AS dependency-stage -ARG NODE_ENV -ARG SPECKLE_SERVER_VERSION WORKDIR /speckle-server COPY .yarnrc.yml . @@ -60,12 +55,16 @@ COPY packages/shared/package.json ./packages/shared/ COPY packages/objectloader/package.json ./packages/objectloader/ WORKDIR /speckle-server/packages/server + +# Consume the ARG from the global scope +ARG NODE_ENV +ENV NODE_ENV=${NODE_ENV} +ARG SPECKLE_SERVER_VERSION RUN PUPPETEER_SKIP_DOWNLOAD=true PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 yarn workspaces focus --production FROM gcr.io/distroless/nodejs18-debian12:nonroot@sha256:afdea027580f7afcaf1f316b2b3806690c297cb3ce6ddc5cf6a15804dc1c790f AS production-stage -COPY --link --from=build-stage /speckle-server/wait /wait -COPY --link --from=build-stage /speckle-server/tini /tini +COPY --link --from=build-stage /usr/bin/tini /usr/bin/tini WORKDIR /speckle-server COPY --link --from=build-stage /speckle-server/package.json ./package.json @@ -83,9 +82,9 @@ COPY --link --from=dependency-stage /speckle-server/packages/server/node_module[ # Only for docker compose version, optimized for caching ARG SPECKLE_SERVER_VERSION=custom +# Consume the NODE_ENV ARG from the global scope ARG NODE_ENV ENV NODE_ENV=${NODE_ENV} \ SPECKLE_SERVER_VERSION=${SPECKLE_SERVER_VERSION} -ENTRYPOINT ["/nodejs/bin/node"] -CMD ["bin/www"] +ENTRYPOINT [ "tini", "--", "/nodejs/bin/node", "./bin/www" ] diff --git a/packages/webhook-service/Dockerfile b/packages/webhook-service/Dockerfile index efcb27260..f70a93d09 100644 --- a/packages/webhook-service/Dockerfile +++ b/packages/webhook-service/Dockerfile @@ -2,9 +2,6 @@ ARG NODE_ENV=production FROM node:22-bookworm-slim@sha256:221ee67425de7a3c11ce4e81e63e50caaec82ede3a7d34599ab20e59d29a0cb5 AS build-stage -ARG NODE_ENV -ENV NODE_ENV=${NODE_ENV} - WORKDIR /speckle-server COPY .yarnrc.yml . @@ -15,6 +12,9 @@ COPY packages/frontend-2/type-augmentations/stubs ./packages/frontend-2/type-aug COPY packages/webhook-service/package.json ./packages/webhook-service/ COPY packages/shared/package.json ./packages/shared/ +# Consume the NODE_ENV ARG from the global scope +ARG NODE_ENV +ENV NODE_ENV=${NODE_ENV} RUN PUPPETEER_SKIP_DOWNLOAD=true PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 yarn workspaces focus --all COPY packages/shared ./packages/shared/ @@ -22,19 +22,14 @@ COPY packages/webhook-service/src ./packages/webhook-service/ RUN yarn workspaces foreach -W run build -ARG WAIT_VERSION=2.8.0 -ENV WAIT_VERSION=${WAIT_VERSION} ARG TINI_VERSION=v0.19.0 -ENV TINI_VERSION=${TINI_VERSION} RUN apt-get update -y \ && DEBIAN_FRONTEND=noninteractive apt-get install -y \ --no-install-recommends \ ca-certificates=20230311 \ curl=7.88.1-10+deb12u12 \ - && curl -fsSL https://github.com/ufoscout/docker-compose-wait/releases/download/${WAIT_VERSION}/wait -o ./wait \ - && chmod +x ./wait \ - && curl -fsSL https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o ./tini \ - && chmod +x ./tini \ + && curl -fsSL https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /usr/bin/tini \ + && chmod +x /usr/bin/tini \ && apt-get remove -y curl \ && apt-get autoremove -y \ && apt-get clean \ @@ -42,8 +37,6 @@ RUN apt-get update -y \ FROM node:22-bookworm-slim@sha256:221ee67425de7a3c11ce4e81e63e50caaec82ede3a7d34599ab20e59d29a0cb5 AS dependency-stage # yarn install -ARG NODE_ENV -ENV NODE_ENV=${NODE_ENV} WORKDIR /speckle-server @@ -56,18 +49,23 @@ COPY packages/webhook-service/package.json ./packages/webhook-service/ COPY packages/shared/package.json ./packages/shared/ WORKDIR /speckle-server/packages/webhook-service + +# Consume the NODE_ENV ARG from the global scope +ARG NODE_ENV +ENV NODE_ENV=${NODE_ENV} RUN PUPPETEER_SKIP_DOWNLOAD=true PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 yarn workspaces focus --production FROM gcr.io/distroless/nodejs22-debian12:nonroot@sha256:ed26b3ab750110c51d9dbdfd6c697561dc40a01c296460c3494d47b550ef4126 AS production-stage -ARG NODE_ENV -ENV NODE_ENV=${NODE_ENV} WORKDIR /speckle-server/packages/webhook-service/ COPY packages/webhook-service/src . -COPY --link --from=build-stage /speckle-server/wait /usr/bin/wait -COPY --link --from=build-stage /speckle-server/tini /usr/bin/tini +COPY --link --from=build-stage /usr/bin/tini /usr/bin/tini COPY --link --from=build-stage /speckle-server/packages/shared ./packages/shared COPY --link --from=build-stage /speckle-server/packages/webhook-service ./packages/webhook-service COPY --link --from=dependency-stage /speckle-server/node_modules ./node_modules -ENTRYPOINT [ "tini", "--", "/nodejs/bin/node", "main.js"] +# Consume the NODE_ENV ARG from the global scope +ARG NODE_ENV +ENV NODE_ENV=${NODE_ENV} + +ENTRYPOINT [ "tini", "--", "/nodejs/bin/node", "main.js" ]