forked from InseeFrLab/onyxia
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
46 lines (44 loc) · 2.69 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# Before editing this, please be aware that:
# 1) The app and the Keycloak theme can't be build separately.
# ref: https://github.com/InseeFrLab/keycloakify#enable-loading-in-a-blink-of-an-eye-of-login-pages----external-assets
# 2) We use cra-envs.
# Doc: https://github.com/garronej/cra-envs
#
# The docker image is not ment to be built manually but in the CI pipeline:
# https://github.com/InseeFrLab/onyxia-web/blob/4fdf0e1c185bc4369a8975c0265d6829d3bb91f7/.github/workflows/ci.yml#L120-L124
# build environment
FROM alpine as build
WORKDIR /app
# We assume there is is a build.tar file in the CWD, see how it's optained:
# https://github.com/InseeFrLab/onyxia-web/blob/2576dc99f53d3ddda8dfd3a23f1bcbbdfdd8820b/.github/workflows/ci.yml#L24
# https://github.com/InseeFrLab/onyxia-web/blob/2576dc99f53d3ddda8dfd3a23f1bcbbdfdd8820b/.github/workflows/ci.yml#L30-L33
# https://github.com/InseeFrLab/onyxia-web/blob/4fdf0e1c185bc4369a8975c0265d6829d3bb91f7/.github/workflows/ci.yml#L115-L118
# We use ADD instead of COPY because build/ is in .dockerignore
ADD build.tar .
COPY .env .
COPY public/index.html ./public_index.html
COPY nginx.conf .
# We assume there is a cra-envs_package.json file contaning '{ "version": "X.Y.Z" }'
# 'X.Y.Z' beeing the version cra-envs in use in the project. See how it's optained:
# https://github.com/InseeFrLab/onyxia-web/blob/4fdf0e1c185bc4369a8975c0265d6829d3bb91f7/.github/workflows/ci.yml#L36-L40
# https://github.com/InseeFrLab/onyxia-web/blob/2bcb8a6c80494032dea690762314191cbf0048bb/.github/workflows/ci.yml#L15-L16
# https://github.com/InseeFrLab/onyxia-web/blob/2bcb8a6c80494032dea690762314191cbf0048bb/.github/workflows/ci.yml#L112-L114
COPY cra-envs_package.json node_modules/cra-envs/package.json
# production environment
FROM nginx:stable-alpine
RUN apk add --update nodejs npm
COPY --from=build /app/nginx.conf /etc/nginx/conf.d/default.conf
COPY --from=build /app/node_modules/cra-envs/package.json ./cra-envs_package.json
RUN npm i -g cra-envs@`node -e 'console.log(require("./cra-envs_package.json")["version"])'`
WORKDIR /usr/share/nginx
COPY --from=build /app/build ./html
COPY --from=build /app/.env .
COPY --from=build /app/public_index.html ./public/index.html
# Run as non-root
RUN sed -i.orig -e '/user[[:space:]]\+nginx/d' -e 's@pid[[:space:]]\+.*@pid /tmp/nginx.pid;@' /etc/nginx/nginx.conf && \
diff -u /etc/nginx/nginx.conf.orig /etc/nginx/nginx.conf ||: && \
chown nginx /usr/share/nginx/html/index.html && \
chown -Rc nginx /var/cache/nginx
# Equivalent to 'USER nginx', see: https://github.com/InseeFrLab/onyxia-web/pull/279
USER 101
ENTRYPOINT sh -c "npx embed-environnement-variables && nginx -g 'daemon off;'"