-
Notifications
You must be signed in to change notification settings - Fork 451
/
Dockerfile
116 lines (94 loc) · 3.87 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
# ------------------
# Tmp image to precompile
# ------------------
FROM badouralix/curl-jq AS precompile
COPY tsconfig.build.json /tsconfig.build.json
RUN jq '. | del(.references[] | select(.path == "packages/cli"))' tsconfig.build.json > tsconfig.docker.json
# ------------------
# New tmp image
# ------------------
FROM node:20.18.1-bookworm-slim AS build
# Setup the app WORKDIR
WORKDIR /app/tmp
# Copy and install dependencies separately from the app's code
# To leverage Docker's cache when no dependency has changed
COPY packages/data-ingestion/package.json ./packages/data-ingestion/package.json
COPY packages/database/package.json ./packages/database/package.json
COPY packages/frontend/package.json ./packages/frontend/package.json
COPY packages/jobs/package.json ./packages/jobs/package.json
COPY packages/kvstore/package.json ./packages/kvstore/package.json
COPY packages/logs/package.json ./packages/logs/package.json
COPY packages/node-client/package.json ./packages/node-client/package.json
COPY packages/nango-yaml/package.json ./packages/nango-yaml/package.json
COPY packages/orchestrator/package.json ./packages/orchestrator/package.json
COPY packages/persist/package.json ./packages/persist/package.json
COPY packages/records/package.json ./packages/records/package.json
COPY packages/runner/package.json ./packages/runner/package.json
COPY packages/scheduler/package.json ./packages/scheduler/package.json
COPY packages/server/package.json ./packages/server/package.json
COPY packages/shared/package.json ./packages/shared/package.json
COPY packages/types/package.json ./packages/types/package.json
COPY packages/connect-ui/package.json ./packages/connect-ui/package.json
COPY packages/utils/package.json ./packages/utils/package.json
COPY packages/webapp/package.json ./packages/webapp/package.json
COPY packages/webhooks/package.json ./packages/webhooks/package.json
COPY packages/fleet/package.json ./packages/fleet/package.json
COPY package*.json ./
# Install every dependencies
RUN true \
&& npm ci
# At this stage we copy back all sources
COPY --from=precompile --chown=node:node tsconfig.docker.json /app/tmp
COPY . /app/tmp
# Build the backend separately because it can be cached --in the same build for production and staging-- when we change the env vars
RUN true \
&& npm run ts-build:docker
# /!\ Do not set NODE_ENV=production before building, it will break some modules
# ENV NODE_ENV=production
ARG image_env
ARG posthog_key
ARG sentry_key
# TODO: remove the need for this
ENV REACT_APP_ENV $image_env
ENV REACT_APP_PUBLIC_POSTHOG_HOST https://app.posthog.com
ENV REACT_APP_PUBLIC_POSTHOG_KEY $posthog_key
ENV REACT_APP_PUBLIC_SENTRY_KEY $sentry_key
# Build the frontend
RUN true \
&& npm run -w @nangohq/webapp build \
&& npm run -w @nangohq/connect-ui build
# Clean src
RUN true \
&& rm -rf packages/*/src \
# && rm -rf packages/*/lib will break database migrations because they are not compiled; barely saves a few MBs
&& rm -rf packages/*/public
# Clean dev dependencies
RUN true \
&& npm prune --omit=dev --omit=peer --omit=optional
# ---- Web ----
# Resulting new, minimal image
FROM node:20.18.1-bookworm-slim as web
# Install a more recent npm
RUN npm install -g [email protected]
# - Bash is just to be able to log inside the image and have a decent shell
RUN true \
&& apt update && apt-get install -y bash ca-certificates \
&& update-ca-certificates \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false
# Do not use root to run the app
# BUT it does not work with secret mount (could not find a solution yet)
# TODO: fix this
# USER node
WORKDIR /app/nango
# Code
# COPY --from=build --chown=node:node /app/tmp /app/nango
COPY --from=build /app/tmp /app/nango
ARG image_env
ARG git_hash
ENV PORT=8080
ENV NODE_ENV=production
ENV IMAGE_ENV $image_env
ENV GIT_HASH $git_hash
ENV SERVER_RUN_MODE=DOCKERIZED
EXPOSE 8080