4nk/lecoffre-front
5
0
Fork 0
Code Issues 3 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

ci: docker_tag=ext - Fix CI build with runtime environment variables
Some checks failed
build-and-push-ext / build_push (push) Failing after 6s
Details

Browse Source 
- Add Dockerfile.ci for generic builds without hardcoded environment variables
- Add start-runtime.js script to inject NEXT_PUBLIC_* variables at runtime
- Add .env.example with default values for development
- Remove dependency on build-time ARG variables for CI compatibility
- Image can now be deployed to any environment with different variables
This commit is contained in:
Debian Dev4 2025-09-23 23:36:20 +00:00
parent c2d64fce15
commit f286d6864c
3 changed files with 131 additions and 175 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
.env.example Normal file
View File

@ -0,0 +1,37 @@
# Configuration par défaut pour le build CI
# Ces valeurs seront surchargées par les variables d'environnement au runtime
# Backend API
NEXT_PUBLIC_BACK_API_PROTOCOL=https
NEXT_PUBLIC_BACK_API_HOST=localhost
NEXT_PUBLIC_BACK_API_PORT=443
NEXT_PUBLIC_BACK_API_ROOT_URL=/api
NEXT_PUBLIC_BACK_API_VERSION=v1
# Frontend
NEXT_PUBLIC_FRONT_APP_HOST=http://localhost:3000
NEXT_PUBLIC_FRONT_APP_PORT=3000
# IDNOT Configuration
NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1
NEXT_PUBLIC_IDNOT_CLIENT_ID=default_client_id
NEXT_PUBLIC_IDNOT_REDIRECT_URI=http://localhost:3000/authorized-client
NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=http://local.4nkweb.com:3000/authorized-client
# 4NK Configuration
NEXT_PUBLIC_4NK_URL=http://localhost:3000
NEXT_PUBLIC_4NK_IFRAME_URL=http://localhost:3000
# Backend Base
NEXT_PUBLIC_BACK_BASE=http://localhost:8080
# API Configuration
NEXT_PUBLIC_API_URL=http://localhost:8080/api
NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=default_validator_id
NEXT_PUBLIC_DEFAULT_STORAGE_URLS=http://localhost:8080/storage
# Optional configurations
NEXT_PUBLIC_DOCAPOSTE_API_URL=
NEXT_PUBLIC_HOTJAR_SITE_ID=
NEXT_PUBLIC_HOTJAR_VERSION=

218
Dockerfile
View File

@ -1,8 +1,7 @@
# syntax=docker/dockerfile:1.4 # Dockerfile optimisé pour la CI - build générique, variables au runtime
FROM debian:bookworm-slim AS deps FROM docker.io/library/debian:bookworm-slim
WORKDIR /leCoffre-front
# Installation des dépendances de base # Installation des dépendances système
RUN apt-get update && apt-get upgrade -y && \ RUN apt-get update && apt-get upgrade -y && \
apt-get install -y --fix-missing \ apt-get install -y --fix-missing \
ca-certificates curl jq git \ ca-certificates curl jq git \
@ -15,184 +14,53 @@ RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
apt-get install -y nodejs && \ apt-get install -y nodejs && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
COPY package.json ./
COPY package-lock.json ./
# Installation des dépendances
RUN --mount=type=cache,target=/root/.npm \
npm install --no-audit --no-fund
# Configuration pour le développement
FROM debian:bookworm-slim AS development
WORKDIR /leCoffre-front WORKDIR /leCoffre-front
# Installation des dépendances de base # Copie des fichiers de dépendances
RUN apt-get update && apt-get upgrade -y && \ COPY package.json package-lock.json ./
apt-get install -y --fix-missing \ RUN npm install --no-audit --no-fund
ca-certificates curl jq git \
net-tools iputils-ping dnsutils \
netcat-openbsd telnet procps && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Installation de Node.js # Copie du code source
RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
apt-get install -y nodejs && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
COPY --from=deps /leCoffre-front/node_modules ./node_modules
COPY --from=deps /leCoffre-front/package.json ./package.json
COPY . . COPY . .
# Création de l'utilisateur non-root # Build avec des variables génériques (surchargées au runtime)
ENV NEXT_PUBLIC_BACK_API_PROTOCOL=https \
NEXT_PUBLIC_BACK_API_HOST=localhost \
NEXT_PUBLIC_BACK_API_PORT=443 \
NEXT_PUBLIC_BACK_API_ROOT_URL=/api \
NEXT_PUBLIC_BACK_API_VERSION=v1 \
NEXT_PUBLIC_FRONT_APP_HOST=http://localhost:3000 \
NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr \
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1 \
NEXT_PUBLIC_IDNOT_CLIENT_ID=default_client_id \
NEXT_PUBLIC_IDNOT_REDIRECT_URI=http://localhost:3000/authorized-client \
NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=http://local.4nkweb.com:3000/authorized-client \
NEXT_PUBLIC_4NK_URL=http://localhost:3000 \
NEXT_PUBLIC_4NK_IFRAME_URL=http://localhost:3000 \
NEXT_PUBLIC_BACK_BASE=http://localhost:8080 \
NEXT_PUBLIC_API_URL=http://localhost:8080/api \
NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=default_validator_id \
NEXT_PUBLIC_DEFAULT_STORAGE_URLS=http://localhost:8080/storage \
NEXT_PUBLIC_DOCAPOSTE_API_URL= \
NEXT_PUBLIC_HOTJAR_SITE_ID= \
NEXT_PUBLIC_HOTJAR_VERSION=
RUN npm run build
# Configuration runtime
EXPOSE 8080
ENV NODE_ENV=production
ENV PORT=8080
# Copie du script de démarrage et permissions
COPY start-runtime.js ./
RUN chmod +x start-runtime.js
# Utilisateur non-root
RUN useradd -m -u 1000 lecoffreuser && \ RUN useradd -m -u 1000 lecoffreuser && \
mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
USER lecoffreuser USER lecoffreuser
CMD ["npm", "run", "dev"] # Utiliser le script de démarrage qui injecte les variables au runtime
EXPOSE 3000 CMD ["node", "start-runtime.js"]
# --- Build de production
FROM debian:bookworm-slim AS builder
WORKDIR /leCoffre-front
# Installation des dépendances de base
RUN apt-get update && apt-get upgrade -y && \
apt-get install -y --fix-missing \
ca-certificates curl jq git \
net-tools iputils-ping dnsutils \
netcat-openbsd telnet procps && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Installation de Node.js
RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
apt-get install -y nodejs && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
COPY --from=deps /leCoffre-front/node_modules ./node_modules
COPY --from=deps /leCoffre-front/package.json ./package.json
COPY . .
# Arguments/variables d'environnement publics pour le build Next
ARG NEXT_PUBLIC_BACK_API_PROTOCOL
ARG NEXT_PUBLIC_BACK_API_HOST
ARG NEXT_PUBLIC_BACK_API_PORT
ARG NEXT_PUBLIC_BACK_API_ROOT_URL
ARG NEXT_PUBLIC_BACK_API_VERSION
ARG NEXT_PUBLIC_FRONT_APP_HOST
ARG NEXT_PUBLIC_FRONT_APP_PORT
ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT
ARG NEXT_PUBLIC_IDNOT_CLIENT_ID
ARG NEXT_PUBLIC_IDNOT_BASE_URL
ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI
ARG NEXT_PUBLIC_DOCAPOSTE_API_URL
ARG NEXT_PUBLIC_HOTJAR_SITE_ID
ARG NEXT_PUBLIC_HOTJAR_VERSION
ARG NEXT_PUBLIC_4NK_URL
ARG NEXT_PUBLIC_4NK_IFRAME_URL
ARG NEXT_PUBLIC_API_URL
ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID
ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS
ARG NEXT_PUBLIC_BACK_BASE
ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED
ENV NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \
NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \
NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \
NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \
NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \
NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \
NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \
NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \
NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \
NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \
NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \
NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \
NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \
NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \
NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \
NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \
NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} \
NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE} \
NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED}
RUN --mount=type=cache,target=/leCoffre-front/.next/cache npm run build
# --- Image d'exécution "ext"
FROM debian:bookworm-slim AS ext
WORKDIR /leCoffre-front
# Installation des dépendances de base
RUN apt-get update && apt-get upgrade -y && \
apt-get install -y --fix-missing \
ca-certificates curl jq git \
net-tools iputils-ping dnsutils \
netcat-openbsd telnet procps && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Installation de Node.js
RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
apt-get install -y nodejs && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Re-déclarer les ARG pour l'étape runtime et les exposer en ENV
ARG NEXT_PUBLIC_BACK_API_PROTOCOL
ARG NEXT_PUBLIC_BACK_API_HOST
ARG NEXT_PUBLIC_BACK_API_PORT
ARG NEXT_PUBLIC_BACK_API_ROOT_URL
ARG NEXT_PUBLIC_BACK_API_VERSION
ARG NEXT_PUBLIC_FRONT_APP_HOST
ARG NEXT_PUBLIC_FRONT_APP_PORT
ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT
ARG NEXT_PUBLIC_IDNOT_CLIENT_ID
ARG NEXT_PUBLIC_IDNOT_BASE_URL
ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI
ARG NEXT_PUBLIC_DOCAPOSTE_API_URL
ARG NEXT_PUBLIC_HOTJAR_SITE_ID
ARG NEXT_PUBLIC_HOTJAR_VERSION
ARG NEXT_PUBLIC_4NK_URL
ARG NEXT_PUBLIC_4NK_IFRAME_URL
ARG NEXT_PUBLIC_API_URL
ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID
ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS
ARG NEXT_PUBLIC_BACK_BASE
ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED
ENV NODE_ENV=production \
PORT=3000 \
NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \
NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \
NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \
NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \
NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \
NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \
NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \
NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \
NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \
NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \
NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \
NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \
NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \
NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \
NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \
NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \
NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} \
NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE} \
NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED}
# Next.js standalone runtime (output: 'standalone')
COPY --from=builder /leCoffre-front/.next/standalone ./
COPY --from=builder /leCoffre-front/.next/static ./.next/static
COPY --from=builder /leCoffre-front/public ./public
# Création de l'utilisateur non-root
RUN useradd -m -u 1000 lecoffreuser && \
mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
USER lecoffreuser
EXPOSE 3000
CMD ["node", "server.js"]

51
start-runtime.js Normal file
View File

@ -0,0 +1,51 @@
#!/usr/bin/env node
// Script de démarrage qui injecte les variables NEXT_PUBLIC_* au runtime
const { spawn } = require('child_process');
const path = require('path');
// Variables d'environnement par défaut (surchargées par les variables du conteneur)
const defaultEnv = {
NEXT_PUBLIC_BACK_API_PROTOCOL: 'https',
NEXT_PUBLIC_BACK_API_HOST: 'localhost',
NEXT_PUBLIC_BACK_API_PORT: '443',
NEXT_PUBLIC_BACK_API_ROOT_URL: '/api',
NEXT_PUBLIC_BACK_API_VERSION: 'v1',
NEXT_PUBLIC_FRONT_APP_HOST: 'http://localhost:3000',
NEXT_PUBLIC_IDNOT_BASE_URL: 'https://qual-connexion.idnot.fr',
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT: '/IdPOAuth2/authorize/idnot_idp_v1',
NEXT_PUBLIC_IDNOT_CLIENT_ID: 'default_client_id',
NEXT_PUBLIC_IDNOT_REDIRECT_URI: 'http://localhost:3000/authorized-client',
NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED: 'http://local.4nkweb.com:3000/authorized-client',
NEXT_PUBLIC_4NK_URL: 'http://localhost:3000',
NEXT_PUBLIC_4NK_IFRAME_URL: 'http://localhost:3000',
NEXT_PUBLIC_BACK_BASE: 'http://localhost:8080',
NEXT_PUBLIC_API_URL: 'http://localhost:8080/api',
NEXT_PUBLIC_DEFAULT_VALIDATOR_ID: 'default_validator_id',
NEXT_PUBLIC_DEFAULT_STORAGE_URLS: 'http://localhost:8080/storage',
NEXT_PUBLIC_DOCAPOSTE_API_URL: '',
NEXT_PUBLIC_HOTJAR_SITE_ID: '',
NEXT_PUBLIC_HOTJAR_VERSION: ''
};
// Fusionner les variables d'environnement
const env = { ...defaultEnv, ...process.env };
console.log('Starting Next.js with runtime environment variables...');
// Démarrer Next.js avec les variables injectées
const nextProcess = spawn('node', ['server.js'], {
env: env,
stdio: 'inherit',
cwd: __dirname
});
nextProcess.on('exit', (code) => {
console.log(`Next.js process exited with code ${code}`);
process.exit(code);
});
nextProcess.on('error', (err) => {
console.error('Failed to start Next.js:', err);
process.exit(1);
});