# syntax=docker/dockerfile:1.4 FROM debian:bookworm-slim AS deps WORKDIR /leCoffre-front # Installation des dépendances de base RUN apt-get update && apt-get upgrade -y && \ apt-get install -y --fix-missing \ ca-certificates curl jq git \ net-tools iputils-ping dnsutils \ netcat-openbsd telnet procps && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Installation de Node.js RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \ apt-get install -y nodejs && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* COPY package.json ./ COPY package-lock.json ./ # Installation des dépendances RUN --mount=type=cache,target=/root/.npm \ npm install --no-audit --no-fund # Configuration pour le développement FROM debian:bookworm-slim AS development WORKDIR /leCoffre-front # Installation des dépendances de base RUN apt-get update && apt-get upgrade -y && \ apt-get install -y --fix-missing \ ca-certificates curl jq git \ net-tools iputils-ping dnsutils \ netcat-openbsd telnet procps && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Installation de Node.js RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \ apt-get install -y nodejs && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* COPY --from=deps /leCoffre-front/node_modules ./node_modules COPY --from=deps /leCoffre-front/package.json ./package.json COPY . . # Création de l'utilisateur non-root RUN useradd -m -u 1000 lecoffreuser && \ mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front USER lecoffreuser CMD ["npm", "run", "dev"] EXPOSE 3000 # --- Build de production FROM debian:bookworm-slim AS builder WORKDIR /leCoffre-front # Installation des dépendances de base RUN apt-get update && apt-get upgrade -y && \ apt-get install -y --fix-missing \ ca-certificates curl jq git \ net-tools iputils-ping dnsutils \ netcat-openbsd telnet procps && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Installation de Node.js RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \ apt-get install -y nodejs && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* COPY --from=deps /leCoffre-front/node_modules ./node_modules COPY --from=deps /leCoffre-front/package.json ./package.json COPY . . # Arguments/variables d'environnement publics pour le build Next ARG NEXT_PUBLIC_BACK_API_PROTOCOL ARG NEXT_PUBLIC_BACK_API_HOST ARG NEXT_PUBLIC_BACK_API_PORT ARG NEXT_PUBLIC_BACK_API_ROOT_URL ARG NEXT_PUBLIC_BACK_API_VERSION ARG NEXT_PUBLIC_FRONT_APP_HOST ARG NEXT_PUBLIC_FRONT_APP_PORT ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT ARG NEXT_PUBLIC_IDNOT_CLIENT_ID ARG NEXT_PUBLIC_IDNOT_BASE_URL ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI ARG NEXT_PUBLIC_DOCAPOSTE_API_URL ARG NEXT_PUBLIC_HOTJAR_SITE_ID ARG NEXT_PUBLIC_HOTJAR_VERSION ARG NEXT_PUBLIC_4NK_URL ARG NEXT_PUBLIC_4NK_IFRAME_URL ARG NEXT_PUBLIC_API_URL ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS ARG NEXT_PUBLIC_BACK_BASE ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED ENV NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \ NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \ NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \ NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \ NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \ NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \ NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \ NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \ NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \ NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \ NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \ NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \ NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \ NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \ NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \ NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \ NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \ NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \ NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} \ NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE} \ NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED} RUN --mount=type=cache,target=/leCoffre-front/.next/cache npm run build # --- Image d'exécution "ext" FROM debian:bookworm-slim AS ext WORKDIR /leCoffre-front # Installation des dépendances de base RUN apt-get update && apt-get upgrade -y && \ apt-get install -y --fix-missing \ ca-certificates curl jq git \ net-tools iputils-ping dnsutils \ netcat-openbsd telnet procps && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Installation de Node.js RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \ apt-get install -y nodejs && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Re-déclarer les ARG pour l'étape runtime et les exposer en ENV ARG NEXT_PUBLIC_BACK_API_PROTOCOL ARG NEXT_PUBLIC_BACK_API_HOST ARG NEXT_PUBLIC_BACK_API_PORT ARG NEXT_PUBLIC_BACK_API_ROOT_URL ARG NEXT_PUBLIC_BACK_API_VERSION ARG NEXT_PUBLIC_FRONT_APP_HOST ARG NEXT_PUBLIC_FRONT_APP_PORT ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT ARG NEXT_PUBLIC_IDNOT_CLIENT_ID ARG NEXT_PUBLIC_IDNOT_BASE_URL ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI ARG NEXT_PUBLIC_DOCAPOSTE_API_URL ARG NEXT_PUBLIC_HOTJAR_SITE_ID ARG NEXT_PUBLIC_HOTJAR_VERSION ARG NEXT_PUBLIC_4NK_URL ARG NEXT_PUBLIC_4NK_IFRAME_URL ARG NEXT_PUBLIC_API_URL ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS ARG NEXT_PUBLIC_BACK_BASE ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED ENV NODE_ENV=production \ PORT=3000 \ NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \ NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \ NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \ NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \ NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \ NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \ NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \ NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \ NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \ NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \ NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \ NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \ NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \ NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \ NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \ NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \ NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \ NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \ NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} \ NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE} \ NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED} # Next.js standalone runtime (output: 'standalone') COPY --from=builder /leCoffre-front/.next/standalone ./ COPY --from=builder /leCoffre-front/.next/static ./.next/static COPY --from=builder /leCoffre-front/public ./public # Création de l'utilisateur non-root RUN useradd -m -u 1000 lecoffreuser && \ mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front USER lecoffreuser EXPOSE 3000 CMD ["node", "server.js"]