-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
73 lines (69 loc) · 2.56 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# This part contains the deployment source code only
FROM node:18-alpine3.19 as base
RUN apk --no-cache update && \
apk --no-cache upgrade && \
apk --no-cache add curl && \
npm install -g [email protected]
FROM base AS deployment
WORKDIR /cloudfront-dist
COPY ./cloudfront-dist/deployment/bin ./deployment/bin
COPY ./cloudfront-dist/deployment/lib ./deployment/lib
COPY ./cloudfront-dist/assets ./assets
COPY ./cloudfront-dist/deployment/package.json ./deployment/package.json
COPY ./cloudfront-dist/deployment/package-lock.json ./deployment/package-lock.json
COPY ./cloudfront-dist/deployment/.npmignore ./deployment/.npmignore
COPY ./cloudfront-dist/deployment/tsconfig.json ./deployment/tsconfig.json
COPY ./cloudfront-dist/deployment/cdk.json ./deployment/cdk.json
COPY ./cloudfront-dist/deploy.sh ./deploy.sh
RUN cd deployment && npm install
# this part contains the site content
FROM base AS content
WORKDIR /content
COPY ./dist/static ./static-dist/
COPY ./dist/public ./public-dist/
COPY ./templates ./templates
COPY ./locales ./locales
# this part contains the aws lambda middleware
FROM base AS lambda
RUN apk add --no-cache openssl
WORKDIR /server
COPY ./server .
RUN openssl req -nodes -new -x509 -keyout blip.key -out blip.cert -subj "/C=FR/ST=France/L=Grenoble/O=Diabeloop/OU=Platforms/[email protected]"
RUN npm install
FROM base AS final
RUN \
apk add --no-cache --virtual .user-deps shadow && \
apk --no-cache add bash && \
usermod -u 10669 node && groupmod -g 10669 node && \
apk del .user-deps
ENV AWS_ACCESS_KEY_ID=
ENV AWS_SECRET_ACCESS_KEY=
ENV AWS_ACCOUNT=
ENV AWS_DEFAULT_REGION='eu-west-1'
ENV STACK_PREFIX_NAME=
ENV STACK_VERSION=
ENV DNS_ZONE=
ENV DOMAIN_NAME=
ENV ALT_DOMAIN_NAME=
ENV BUCKET=
ENV FRONT_APP_NAME=blip
ENV TARGET_ENVIRONMENT=
ENV API_HOST=
ENV DIST_DIR=/dist
ENV ALLOW_SEARCH_ENGINE_ROBOTS=
ENV AUTH0_DOMAIN=
ENV AUTH0_CLIENT_ID=
WORKDIR /dist
RUN \
chown -v node:node /dist && \
chmod -v 750 /dist
COPY --from=lambda --chown=node:node /server ./server
COPY --from=deployment --chown=node:node /cloudfront-dist ./cloudfront-dist
COPY --from=deployment --chown=node:node /cloudfront-dist/deploy.sh ./deploy.sh
COPY --from=content --chown=node:node /content/static-dist ./static
# Using `root` owner to prevent security risk (but the prevention is only for the `public` folder, see YLP-3292)
COPY --from=content --chown=root:root --chmod=755 /content/public-dist ./public
COPY --from=content --chown=node:node /content/templates ./templates
COPY --from=content --chown=node:node /content/locales ./locales
ENTRYPOINT [ "/bin/bash" ]
CMD [ "deploy.sh" ]