From 74b22808196d0c40a419520a65a3e4a8010830ad Mon Sep 17 00:00:00 2001 From: Sampo Tawast <5328394+sirtawast@users.noreply.github.com> Date: Fri, 22 Dec 2023 16:52:49 +0200 Subject: [PATCH] chore: remove development stage from docker file (#2610) * chore: remove development stage from docker file Based on: https://helsinkisolutionoffice.atlassian.net/browse/PLAENH-1270?focusedCommentId=104635 * feat: separate compose dockerfile from the one used in production --- compose.benefit.yml | 2 + compose.employer.yml | 1 + compose.handler.yml | 2 + compose.tet-admin.yml | 1 + compose.tet-youth.yml | 1 + compose.tet.yml | 6 +- frontend/Dockerfile | 92 +++++++++------------------- frontend/Dockerfile-localdevelopment | 57 +++++++++++++++++ 8 files changed, 96 insertions(+), 66 deletions(-) create mode 100644 frontend/Dockerfile-localdevelopment diff --git a/compose.benefit.yml b/compose.benefit.yml index cd0a714f0a..8abdf4ffbc 100644 --- a/compose.benefit.yml +++ b/compose.benefit.yml @@ -40,6 +40,7 @@ services: applicant: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3000 @@ -57,6 +58,7 @@ services: handler: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3100 diff --git a/compose.employer.yml b/compose.employer.yml index 81392ea08b..dc478f4fec 100644 --- a/compose.employer.yml +++ b/compose.employer.yml @@ -41,6 +41,7 @@ services: employer: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3100 diff --git a/compose.handler.yml b/compose.handler.yml index d7e120ff5b..d988f3f330 100644 --- a/compose.handler.yml +++ b/compose.handler.yml @@ -41,6 +41,7 @@ services: youth: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3100 @@ -58,6 +59,7 @@ services: handler: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3200 diff --git a/compose.tet-admin.yml b/compose.tet-admin.yml index 4704cfe256..71806c15a3 100644 --- a/compose.tet-admin.yml +++ b/compose.tet-admin.yml @@ -39,6 +39,7 @@ services: admin: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3000 diff --git a/compose.tet-youth.yml b/compose.tet-youth.yml index a2ae5c0881..916b92a224 100644 --- a/compose.tet-youth.yml +++ b/compose.tet-youth.yml @@ -39,6 +39,7 @@ services: youth: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3000 diff --git a/compose.tet.yml b/compose.tet.yml index 096654fe13..9ba5cacd83 100644 --- a/compose.tet.yml +++ b/compose.tet.yml @@ -11,8 +11,8 @@ services: POSTGRES_USER: tet POSTGRES_PASSWORD: tet POSTGRES_DB: tet - LC_COLLATE: 'fi_FI.UTF-8' - LC_CTYPE: 'fi_FI.UTF-8' + LC_COLLATE: "fi_FI.UTF-8" + LC_CTYPE: "fi_FI.UTF-8" ports: - 5434:5432 volumes: @@ -41,6 +41,7 @@ services: youth: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3000 @@ -58,6 +59,7 @@ services: admin: build: context: ./frontend + dockerfile: Dockerfile-localdevelopment target: development args: PORT: 3000 diff --git a/frontend/Dockerfile b/frontend/Dockerfile index 4761bf1543..c27092919f 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -15,46 +15,17 @@ ARG FOLDER # Yarn ENV YARN_VERSION 1.22.10 - -RUN yarn policies set-version "$YARN_VERSION" -RUN yarn config set ignore-engines true +RUN yarn policies set-version "$YARN_VERSION" && \ + yarn config set ignore-engines true WORKDIR /app # Install dependencies -COPY --chown=appuser:appuser package.json yarn.lock ./ -COPY --chown=appuser:appuser $PROJECT/$FOLDER/package.json $PROJECT/$FOLDER/package.json -COPY --chown=appuser:appuser $PROJECT/shared/package.json* $PROJECT/shared/package.json -COPY --chown=appuser:appuser shared/package.json shared/package.json -RUN --mount=type=cache,target="$PWD/.yarn_cache",sharing=locked YARN_CACHE_FOLDER="$PWD"/.yarn_cache yarn --frozen-lockfile --check-files --network-timeout 600000 - -# ============================= -FROM appbase AS development -# ============================= - -# Copy all files -COPY --chown=appuser:appuser . . - -# Use non-root user -USER appuser - -# Set V8 max heap size to 2GB (default is 512MB) -# This prevents Docker Compose from crashing due to out of memory errors -ENV NODE_OPTIONS="--max_old_space_size=2048" - -ARG PROJECT -ARG FOLDER -# Use non-root user -USER appuser -WORKDIR /app - -# Copy all files -COPY --chown=appuser:appuser . . - -ENV NEXT_TELEMETRY_DISABLED 1 -# Bake package.json start command into the image -ENV DEV_START "yarn --cwd $PROJECT/$FOLDER dev" -CMD ["sh", "-c", "${DEV_START}"] +COPY --chown=appuser:0 package.json yarn.lock lerna.json ./ +COPY --chown=appuser:0 $PROJECT/$FOLDER/package.json $PROJECT/$FOLDER/package.json +COPY --chown=appuser:0 $PROJECT/shared/package.json* $PROJECT/shared/package.json +COPY --chown=appuser:0 shared/package.json shared/package.json +RUN --mount=type=cache,target=/app/.yarn_cache,sharing=locked YARN_CACHE_FOLDER=/app/.yarn_cache yarn --frozen-lockfile --check-files --network-timeout 600000 # =================================== FROM appbase AS staticbuilder @@ -86,27 +57,19 @@ ARG SENTRY_RELEASE ARG NEXT_PUBLIC_ASKEM_API_KEY ARG NEXT_PUBLIC_SHOW_COOKIE_BANNER -# Use non-root user -USER appuser +USER appuser:0 WORKDIR /app # copy all files -COPY --chown=appuser:appuser . . +COPY --chown=appuser:0 . . # Build application WORKDIR /app/$PROJECT/$FOLDER/ RUN yarn build -# Clean all dependencies (this should avoid caching + missing /pages directory problem) -USER root -RUN rm -rf node_modules - -USER appuser -RUN yarn cache clean - # ========================================== -FROM helsinkitest/node:18-slim AS production +FROM appbase AS production # ========================================== ARG PORT @@ -115,34 +78,35 @@ ARG FOLDER ARG SENTRY_RELEASE ENV SENTRY_RELEASE=$SENTRY_RELEASE -# Use non-root user -USER appuser - WORKDIR /app -# Copy files needed by yarn install -COPY --chown=appuser:appuser package.json yarn.lock lerna.json ./ -COPY --chown=appuser:appuser $PROJECT/$FOLDER/package.json $PROJECT/$FOLDER/package.json -COPY --chown=appuser:appuser $PROJECT/shared/package.json $PROJECT/shared/package.json -COPY --chown=appuser:appuser shared/package.json shared/package.json +USER root + +RUN rm -rf $PROJECT/$FOLDER/node_modules \ + $PROJECT/shared/node_modules \ + $PROJECT/node_modules \ + shared/node_modules \ + node_modules + +USER appuser:0 -# Install production dependencies -RUN yarn install --production --check-files --ignore-scripts --prefer-offline && yarn cache clean --force +# Install production dependencies +RUN --mount=type=cache,target=/app/.yarn_cache,sharing=locked YARN_CACHE_FOLDER=/app/.yarn_cache yarn install --production --check-files --ignore-scripts --prefer-offline && yarn cache clean --force # Copy files needed by nextjs -COPY --from=staticbuilder --chown=appuser:appuser app/$PROJECT/$FOLDER/.next $PROJECT/$FOLDER/.next -COPY --from=staticbuilder --chown=appuser:appuser app/$PROJECT/$FOLDER/next-i18next.config.js app/$PROJECT/$FOLDER/next.config.js $PROJECT/$FOLDER/ -COPY --from=staticbuilder --chown=appuser:appuser app/next.config.js ./ -COPY --from=staticbuilder --chown=appuser:appuser app/shared/src/server/next-server.js shared/src/server/ +COPY --chown=appuser:0 --from=staticbuilder app/$PROJECT/$FOLDER/.next $PROJECT/$FOLDER/.next +COPY --chown=appuser:0 --from=staticbuilder app/$PROJECT/$FOLDER/next-i18next.config.js app/$PROJECT/$FOLDER/next.config.js $PROJECT/$FOLDER/ +COPY --chown=appuser:0 --from=staticbuilder app/next.config.js ./ +COPY --chown=appuser:0 --from=staticbuilder app/shared/src/server/next-server.js shared/src/server/ # Copy public directory -COPY --chown=appuser:appuser $PROJECT/$FOLDER/public $PROJECT/$FOLDER/public +COPY --chown=appuser:0 $PROJECT/$FOLDER/public $PROJECT/$FOLDER/public + +ENV NEXT_TELEMETRY_DISABLED 1 # Expose port EXPOSE $PORT -ENV NEXT_TELEMETRY_DISABLED 1 - # Start nextjs server ENV PROD_START "yarn --cwd $PROJECT/$FOLDER start" CMD ["sh", "-c", "${PROD_START}"] diff --git a/frontend/Dockerfile-localdevelopment b/frontend/Dockerfile-localdevelopment new file mode 100644 index 0000000000..7e3d8cdd79 --- /dev/null +++ b/frontend/Dockerfile-localdevelopment @@ -0,0 +1,57 @@ +# ======================================= +FROM docker.io/helsinkitest/node:18-slim AS distbase +# ======================================= + +# Install ca-certificates so that Sentry can upload source maps +RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates && apt-get clean + +# ============================= +FROM distbase AS appbase +# ============================= + +# Build ARGS +ARG PROJECT +ARG FOLDER + +# Yarn +ENV YARN_VERSION 1.22.21 + +RUN yarn policies set-version "$YARN_VERSION" +RUN yarn config set ignore-engines true + +WORKDIR /app + +# Install dependencies +COPY --chown=appuser:appuser package.json yarn.lock ./ +COPY --chown=appuser:appuser $PROJECT/$FOLDER/package.json $PROJECT/$FOLDER/package.json +COPY --chown=appuser:appuser $PROJECT/shared/package.json* $PROJECT/shared/package.json +COPY --chown=appuser:appuser shared/package.json shared/package.json +RUN --mount=type=cache,target="$PWD/.yarn_cache",sharing=locked YARN_CACHE_FOLDER="$PWD"/.yarn_cache yarn --frozen-lockfile --check-files --network-timeout 600000 + +# ============================= +FROM appbase AS development +# ============================= + +# Copy all files +COPY --chown=appuser:appuser . . + +# Use non-root user +USER appuser + +# Set V8 max heap size to 2GB (default is 512MB) +# This prevents Docker Compose from crashing due to out of memory errors +ENV NODE_OPTIONS="--max_old_space_size=2048" + +ARG PROJECT +ARG FOLDER +# Use non-root user +USER appuser +WORKDIR /app + +# Copy all files +COPY --chown=appuser:appuser . . + +ENV NEXT_TELEMETRY_DISABLED 1 +# Bake package.json start command into the image +ENV DEV_START "yarn --cwd $PROJECT/$FOLDER dev" +CMD ["sh", "-c", "${DEV_START}"]