From a5a233d9136c3cd17bf0b0de73a9d9e1c45eb6f8 Mon Sep 17 00:00:00 2001 From: Peter Grainger Date: Tue, 19 Jan 2021 22:07:49 +0000 Subject: [PATCH] feat(docker): refactor of Dockerfile and avoid loading dev dependency in prod Refactor of the Dockerfile to keep as minimal as possible and add documentation. Also moved an npm module reference to only be referenced in development --- .dockerignore | 5 +++-- Dockerfile | 34 ++++++++++++++++++++++------------ packages/server/app.js | 2 +- packages/server/package.json | 4 ++-- 4 files changed, 28 insertions(+), 17 deletions(-) diff --git a/.dockerignore b/.dockerignore index 68b39e280..986d2b689 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,5 +1,5 @@ .circleci -**/node_modules +node_modules test-queries .editorconfig .gitignore @@ -13,4 +13,5 @@ package.json .env.example .eslintrc.json .mocharc.js -readme.md \ No newline at end of file +readme.md +.env \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 5336e21f6..3f5259a30 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,27 +1,37 @@ -FROM node:14.15.4-alpine3.10@sha256:fe215d05cdde4b7f2a0f546c88a8ddc4f5fa280a204acdfc2383afe901fd6d84 as build +# Initial build stage. Will not be included in minimal production image +FROM node:12.20.1-alpine3.12@sha256:42998ae4420998ff3255fc2d6884e882bd32f06d45b057f4b042e33bf48a1240 as build -USER node +WORKDIR /opt -WORKDIR /home/node +COPY packages/frontend . -COPY --chown=node packages/ . +# Create the static frontend files in the dist folder +RUN npm ci && \ + npm run build -RUN npm --prefix frontend install frontend && \ - npm --prefix frontend run build - -FROM node:14.15.4-alpine3.10@sha256:fe215d05cdde4b7f2a0f546c88a8ddc4f5fa280a204acdfc2383afe901fd6d84 +# Minimal production image +FROM node:12.20.1-alpine3.12@sha256:42998ae4420998ff3255fc2d6884e882bd32f06d45b057f4b042e33bf48a1240 ENV NODE_ENV production -RUN mkdir -p frontend/dist server +RUN apk add --no-cache tini=0.19.0-r0 -COPY --from=build /home/node/frontend/dist frontend/dist -COPY --chown=node packages/server server +RUN mkdir frontend server -RUN npm --prefix server install server +COPY --from=build --chown=node /opt/dist /home/node/frontend/dist +COPY --chown=node packages/server /home/node/server + +# Use a non-root user for security best practices USER node +# Run the application from the non root users home directory WORKDIR /home/node/server +# Install dependencies +RUN npm ci + +# Init for containers https://github.com/krallin/tini +ENTRYPOINT [ "/sbin/tini", "--" ] + CMD ["node", "bin/www"] \ No newline at end of file diff --git a/packages/server/app.js b/packages/server/app.js index d22700eef..9647cd765 100644 --- a/packages/server/app.js +++ b/packages/server/app.js @@ -86,7 +86,6 @@ exports.init = async ( ) => { return { app, graphqlServer } } -const { createProxyMiddleware } = require( 'http-proxy-middleware' ) /** * Starts a http server, hoisting the express app to it. @@ -102,6 +101,7 @@ exports.startHttp = async ( app ) => { // Handles frontend proxying: // Dev mode -> proxy form the local webpack server if ( process.env.NODE_ENV === 'development' ) { + const { createProxyMiddleware } = require( 'http-proxy-middleware' ) const frontendProxy = createProxyMiddleware( { target: `http://localhost:${frontendPort}`, changeOrigin: true, ws: false, logLevel: 'silent' } ) app.use( '/', frontendProxy ) diff --git a/packages/server/package.json b/packages/server/package.json index 0aeb4aa4b..5fa4bad89 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -56,8 +56,7 @@ "pg": "^7.18.2", "pg-query-stream": "^3.4.2", "redis": "^3.0.2", - "zxcvbn": "^4.4.2", - "http-proxy-middleware": "^1.0.6" + "zxcvbn": "^4.4.2" }, "devDependencies": { "@apollo/client": "^3.3.6", @@ -72,6 +71,7 @@ "cross-env": "^7.0.3", "cz-conventional-changelog": "^3.1.0", "eslint": "^7.16.0", + "http-proxy-middleware": "^1.0.6", "lerna": "^3.22.1", "mocha": "^7.2.0", "node-fetch": "^2.6.1",