Enhancement (ci): Refactor Dockerfiles to reduce image size

startersclan · Oct 31, 2023 · 58a5741 · 58a5741
1 parent a26adb1
commit 58a5741
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 50 deletions.
diff --git a/Dockerfile.daemon b/Dockerfile.daemon
@@ -1,4 +1,27 @@
-FROM perl:5.38.0-slim-buster AS base
+FROM alpine:latest AS build
+
+RUN set -eux; \
+    # Download the GeoIP binary. Maxmind discontinued distributing the GeoLite Legacy databases. See: https://support.maxmind.com/geolite-legacy-discontinuation-notice/
+    # So let's download it from our fork of GeoLiteCity.dat
+    wget -qO- https://github.com/startersclan/GeoLiteCity-data/raw/c14d99c42446f586e3ca9c89fe13714474921d65/GeoLiteCity.dat > /GeoLiteCity.dat; \
+    # Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
+    # In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
+    wget -qO- https://cdn.jsdelivr.net/npm/[email protected]/GeoLite2-City.mmdb.gz > /GeoLite2-City.mmdb.gz; \
+    gzip -d /GeoLite2-City.mmdb.gz;
+
+# Copy scripts and set permissions
+COPY scripts /scripts
+RUN set -eux; \
+    mv -v /GeoLiteCity.dat /scripts/GeoLiteCity/GeoLiteCity.dat; \
+    mv -v /GeoLite2-City.mmdb /scripts/GeoLiteCity/GeoLite2-City.mmdb; \
+    find /scripts -type d -exec chmod 750 {} \;; \
+    find /scripts -type f -exec chmod 640 {} \;; \
+    find /scripts -type f -name '*.sh' -exec chmod 750 {} \;; \
+    find /scripts -type f -name '*.pl' -exec chmod 750 {} \;; \
+    find /scripts -type f -name 'run_*' -exec chmod 750 {} \;; \
+    ls -al /scripts/*
+
+FROM perl:5.38.0-slim-buster AS dev
 
 # Install modules
 RUN set -eux; \
@@ -45,41 +68,14 @@ RUN set -eux; \
         openssl \
     && rm -rf /var/lib/apt/lists/*
 
-RUN set -eux; \
-    mkdir -p /scripts /scripts/GeoLiteCity; \
-    cd /scripts/GeoLiteCity; \
-    # Download the GeoIP binary. Maxmind discontinued distributing the GeoLite Legacy databases. See: https://support.maxmind.com/geolite-legacy-discontinuation-notice/
-    # So let's download it from our fork of GeoLiteCity.dat
-    wget -qO- https://github.com/startersclan/GeoLiteCity-data/raw/c14d99c42446f586e3ca9c89fe13714474921d65/GeoLiteCity.dat > GeoLiteCity.dat; \
-    chmod 666 GeoLiteCity.dat; \
-    # Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
-    # In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
-    wget -qO- https://cdn.jsdelivr.net/npm/[email protected]/GeoLite2-City.mmdb.gz > GeoLite2-City.mmdb.gz; \
-    gzip -d GeoLite2-City.mmdb.gz; \
-    chmod 666 GeoLite2-City.mmdb; \
-    ls -al
+COPY --from=build /scripts /scripts
 
-# Copy scripts and set permissions
-COPY scripts /scripts2
-RUN set -eux; \
-    ls /scripts2 | grep -v GeoLiteCity | while read -r i; do mv -v "/scripts2/$i" /scripts; done; \
-    mv -v /scripts2/GeoLiteCity/* /scripts/GeoLiteCity/; \
-    rm -rf /scripts2; \
-    find /scripts; \
-    find /scripts -type d -exec chmod 750 {} \;; \
-    find /scripts -type f -exec chmod 640 {} \;; \
-    find /scripts -type f -name '*.sh' -exec chmod 750 {} \;; \
-    find /scripts -type f -name '*.pl' -exec chmod 750 {} \;; \
-    find /scripts -type f -name 'run_*' -exec chmod 750 {} \;;
+WORKDIR /scripts
 
 EXPOSE 27500/udp
 
 STOPSIGNAL SIGINT
 
-WORKDIR /scripts
-
 ENTRYPOINT ["perl", "./hlstats.pl"]
 
-FROM base AS dev
-
-FROM base AS prod
+FROM dev AS prod
diff --git a/Dockerfile.web b/Dockerfile.web
@@ -1,7 +1,21 @@
-FROM php:8.1-fpm-alpine AS base
-ARG TARGETPLATFORM
-ARG BUILDPLATFORM
-RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM"
+ARG IMAGE=php:8.1-fpm-alpine
+FROM $IMAGE AS build
+
+# Set permissions for 'www-data' user
+# COPY --chown=www-data:www-data --chmod=640  /web /web
+COPY ./web /web
+RUN set -eux; \
+    chown -R www-data:www-data /web; \
+    find /web -type d -exec chmod 750 {} \; ; \
+    find /web -type f -exec chmod 640 {} \; ;
+
+COPY ./heatmaps /heatmaps
+RUN set -eux; \
+    chown -R www-data:www-data /heatmaps; \
+    find /heatmaps -type d -exec chmod 750 {} \; ; \
+    find /heatmaps -type f -exec chmod 640 {} \; ;
+
+FROM $IMAGE AS dev
 
 # Install nginx and supervisor for multi-process container
 RUN apk add --no-cache ca-certificates nginx supervisor
@@ -67,25 +81,12 @@ WORKDIR /web
 
 CMD ["/usr/bin/supervisord", "-c", "/supervisor.conf", "--pidfile", "/run/supervisord.pid"]
 
-FROM base AS dev
-
 FROM dev AS prod
 
 # Disable xdebug
 RUN set -eux; \
     rm /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini; \
     php -m;
 
-# Set permissions for 'www-data' user
-# COPY --chown=www-data:www-data --chmod=640  /web /web
-COPY ./web /web
-RUN set -eux; \
-    chown -R www-data:www-data /web; \
-    find /web -type d -exec chmod 750 {} \; ; \
-    find /web -type f -exec chmod 640 {} \; ;
-
-COPY ./heatmaps /heatmaps
-RUN set -eux; \
-    chown -R www-data:www-data /heatmaps; \
-    find /heatmaps -type d -exec chmod 750 {} \; ; \
-    find /heatmaps -type f -exec chmod 640 {} \; ;
+COPY --from=build /web /web
+COPY --from=build /heatmaps /heatmaps