# syntax=docker/dockerfile:1.4 FROM node:19-alpine AS deps WORKDIR /leCoffre-front COPY package.json ./ COPY package-lock.json ./ RUN apk update && apk add --no-cache openssh-client git # Forward SSH agent via BuildKit (clé jamais écrite dans l'image) RUN --mount=type=ssh \ --mount=type=cache,target=/root/.npm \ mkdir -p /root/.ssh && \ ssh-keyscan git.4nkweb.com >> /root/.ssh/known_hosts && \ npm install --no-audit --no-fund # Configuration pour le développement FROM node:19-alpine AS development WORKDIR /leCoffre-front COPY --from=deps /leCoffre-front/node_modules ./node_modules COPY --from=deps /leCoffre-front/package.json ./package.json COPY . . # Création de l'utilisateur non-root RUN adduser -D lecoffreuser --uid 10000 && chown -R lecoffreuser . USER lecoffreuser CMD ["npm", "run", "dev"] EXPOSE 3000 # --- Build de production FROM node:19-alpine AS builder WORKDIR /leCoffre-front COPY --from=deps /leCoffre-front/node_modules ./node_modules COPY --from=deps /leCoffre-front/package.json ./package.json COPY . . # Arguments/variables d'environnement publics pour le build Next ARG NEXT_PUBLIC_BACK_API_PROTOCOL ARG NEXT_PUBLIC_BACK_API_HOST ARG NEXT_PUBLIC_BACK_API_PORT ARG NEXT_PUBLIC_BACK_API_ROOT_URL ARG NEXT_PUBLIC_BACK_API_VERSION ARG NEXT_PUBLIC_FRONT_APP_HOST ARG NEXT_PUBLIC_FRONT_APP_PORT ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT ARG NEXT_PUBLIC_IDNOT_CLIENT_ID ARG NEXT_PUBLIC_IDNOT_BASE_URL ARG NEXT_PUBLIC_DOCAPOSTE_API_URL ARG NEXT_PUBLIC_HOTJAR_SITE_ID ARG NEXT_PUBLIC_HOTJAR_VERSION ARG NEXT_PUBLIC_4NK_URL ARG NEXT_PUBLIC_API_URL ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS ENV NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \ NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \ NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \ NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \ NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \ NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \ NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \ NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \ NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \ NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \ NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \ NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \ NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \ NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \ NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \ NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \ NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} RUN --mount=type=cache,target=/leCoffre-front/.next/cache npm run build # --- Image d'exécution "ext" FROM node:19-alpine AS ext WORKDIR /leCoffre-front ENV NODE_ENV=production \ PORT=3000 # Next.js standalone runtime (output: 'standalone') COPY --from=builder /leCoffre-front/.next/standalone ./ COPY --from=builder /leCoffre-front/.next/static ./.next/static COPY --from=builder /leCoffre-front/public ./public # Création de l'utilisateur non-root RUN adduser -D lecoffreuser --uid 10000 && chown -R lecoffreuser . USER lecoffreuser EXPOSE 3000 CMD ["node", "server.js"]