rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
gohorsejobs/backoffice/Dockerfile
Tiago Yamamoto 632fc78982 feat(ci): add backoffice to deploy pipeline + optimize Dockerfile 
- Add backoffice paths trigger to deploy workflow
- Implement conditional builds (only build changed services)
- Optimize Dockerfile with BuildKit cache mounts
- Update pnpm to latest version
- Remove HEALTHCHECK (not supported by Podman OCI format)
2025-12-28 10:47:28 -03:00

81 lines
2.5 KiB
Docker
Raw Blame History

# =============================================================================
# GoHorse Backoffice - Optimized Dockerfile with pnpm + BuildKit caching
# Target: < 200MB final image
# =============================================================================
# syntax=docker/dockerfile:1
# Stage 1: Base with pnpm (latest stable)
FROM mirror.gcr.io/library/node:20-alpine AS base
# Enable corepack and activate pnpm
RUN corepack enable && corepack prepare pnpm@latest --activate
# libc6-compat for native module compatibility
RUN apk add --no-cache libc6-compat
# Set pnpm store location for caching
ENV PNPM_HOME="/pnpm"
ENV PATH="$PNPM_HOME:$PATH"
# =============================================================================
# Stage 2: Install dependencies with BuildKit cache
# =============================================================================
FROM base AS deps
WORKDIR /app
# Copy only package files first (better layer caching)
COPY package.json pnpm-lock.yaml ./
# Use BuildKit cache mount for pnpm store - dramatically speeds up rebuilds
RUN --mount=type=cache,id=pnpm,target=/pnpm/store \
pnpm install --frozen-lockfile
# =============================================================================
# Stage 3: Build application
# =============================================================================
FROM base AS builder
WORKDIR /app
# Copy dependencies from deps stage
COPY --from=deps /app/node_modules ./node_modules
# Copy source files
COPY package.json pnpm-lock.yaml ./
COPY tsconfig*.json nest-cli.json ./
COPY src ./src
# Build the NestJS application
RUN pnpm build
# Prune dev dependencies for smaller production image
RUN --mount=type=cache,id=pnpm,target=/pnpm/store \
pnpm prune --prod
# =============================================================================
# Stage 4: Production - Minimal runtime
# =============================================================================
FROM mirror.gcr.io/library/node:20-alpine AS production
# Security: create non-root user
RUN addgroup -g 1001 -S nodejs && \
adduser -S nestjs -u 1001 -G nodejs
WORKDIR /app
# Copy only production artifacts (with proper ownership)
COPY --from=builder --chown=nestjs:nodejs /app/dist ./dist
COPY --from=builder --chown=nestjs:nodejs /app/node_modules ./node_modules
COPY --from=builder --chown=nestjs:nodejs /app/package.json ./
# Environment configuration
ENV NODE_ENV=production
ENV BACKOFFICE_PORT=3001
ENV BACKOFFICE_HOST=0.0.0.0
# Switch to non-root user for security
USER nestjs
EXPOSE 3001
# Start application
CMD ["node", "dist/main.js"]
Reference in a new issue View git blame Copy permalink