-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Reduces the overall final image size by using Azure Linux * Offers maximum compatibility with Azure infrastructure * Uses arbitrary user instead of 'root' * Supported by Microsoft
- Loading branch information
1 parent
5430458
commit 1fcd736
Showing
1 changed file
with
28 additions
and
29 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,36 +1,35 @@ | ||
| # Stage 1 - Restore and publish .NET layers | ||
| ARG ASPNET_IMAGE_TAG=8.0-bookworm-slim | ||
| ARG NODEJS_IMAGE_TAG=18.20-bullseye | ||
| FROM mcr.microsoft.com/dotnet/sdk:8.0 AS publish | ||
| WORKDIR /build | ||
| # Set the major version of dotnet | ||
| ARG DOTNET_VERSION=8.0 | ||
| # Set the major version of nodejs | ||
| ARG NODEJS_VERSION_MAJOR=22 | ||
|
|
||
| COPY ./Dfe.PrepareConversions/ ./Dfe.PrepareConversions/ | ||
| # Build assets | ||
| FROM "node:${NODEJS_VERSION_MAJOR}-bullseye-slim" AS assets | ||
| WORKDIR /app | ||
| COPY ./Dfe.PrepareConversions/Dfe.PrepareConversions/wwwroot /app | ||
| RUN npm install | ||
| RUN npm run build | ||
|
|
||
| # for info on secrets see https://docs.docker.com/build/ci/github-actions/secrets/ | ||
| # and https://render.com/docs/docker-secrets | ||
| # Build the app using the dotnet SDK | ||
| FROM "mcr.microsoft.com/dotnet/sdk:${DOTNET_VERSION}-azurelinux3.0" AS build | ||
| WORKDIR /build | ||
| COPY ./Dfe.PrepareConversions/ /build | ||
| COPY ./script/web-docker-entrypoint.sh /app/docker-entrypoint.sh | ||
|
|
||
| WORKDIR /build/Dfe.PrepareConversions | ||
| # Mount GitHub Token as a Docker secret so that NuGet Feed can be accessed | ||
| RUN --mount=type=secret,id=github_token dotnet nuget add source --username USERNAME --password $(cat /run/secrets/github_token) --store-password-in-clear-text --name github "https://nuget.pkg.github.com/DFE-Digital/index.json" | ||
| RUN dotnet restore Dfe.PrepareConversions.sln | ||
| RUN dotnet build -c Release Dfe.PrepareConversions.sln --no-restore | ||
| RUN dotnet publish Dfe.PrepareConversions -c Release -o /app --no-restore | ||
|
|
||
| # Stage 2 - Build assets | ||
| FROM node:${NODEJS_IMAGE_TAG} as build | ||
| COPY ./Dfe.PrepareConversions/Dfe.PrepareConversions/wwwroot /app/wwwroot | ||
| WORKDIR /app/wwwroot | ||
| RUN npm install | ||
| RUN npm run build | ||
|
|
||
| # Stage 3 - Final | ||
| ARG ASPNET_IMAGE_TAG | ||
| FROM "mcr.microsoft.com/dotnet/aspnet:${ASPNET_IMAGE_TAG}" AS final | ||
| LABEL org.opencontainers.image.source=https://github.com/DFE-Digital/prepare-academy-conversions | ||
| COPY --from=publish /app /app | ||
| COPY --from=build /app/wwwroot /app/wwwroot | ||
| RUN ["dotnet", "restore", "Dfe.PrepareConversions"] | ||
| RUN ["dotnet", "build", "Dfe.PrepareConversions", "--no-restore", "-c", "Release"] | ||
| RUN ["dotnet", "publish", "Dfe.PrepareConversions", "--no-build", "-o", "/app"] | ||
|
|
||
| # Build a runtime environment | ||
| FROM "mcr.microsoft.com/dotnet/aspnet:${DOTNET_VERSION}-azurelinux3.0" AS base | ||
| WORKDIR /app | ||
| COPY ./script/web-docker-entrypoint.sh ./docker-entrypoint.sh | ||
| RUN chmod +x ./docker-entrypoint.sh | ||
| ENV ASPNETCORE_HTTP_PORTS=80 | ||
| EXPOSE 80/tcp | ||
| LABEL org.opencontainers.image.source="https://github.com/DFE-Digital/prepare-academy-conversions" | ||
|
|
||
| COPY --from=build /app /app | ||
| COPY --from=assets /app /app/wwwroot | ||
| RUN ["chmod", "+x", "./docker-entrypoint.sh"] | ||
|
|
||
| USER $APP_UID |