61 lines
1.7 KiB
Docker
61 lines
1.7 KiB
Docker
# Dockerfile multi-stage pour la CI - build générique, variables au runtime
|
|
|
|
# Stage de base
|
|
FROM docker.io/library/debian:bookworm-slim AS base
|
|
|
|
# Installation des dépendances système
|
|
RUN apt-get update && apt-get upgrade -y && \
|
|
apt-get install -y --fix-missing \
|
|
ca-certificates curl jq git \
|
|
net-tools iputils-ping dnsutils \
|
|
netcat-openbsd telnet procps && \
|
|
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
|
|
# Installation de Node.js
|
|
RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
|
|
apt-get install -y nodejs && \
|
|
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
|
|
WORKDIR /leCoffre-front
|
|
|
|
# Stage de build
|
|
FROM base AS builder
|
|
|
|
# Copie des fichiers de dépendances
|
|
COPY package.json package-lock.json ./
|
|
RUN npm install --no-audit --no-fund
|
|
|
|
# Copie du code source
|
|
COPY . .
|
|
|
|
# Build sans injection de variables NEXT_PUBLIC_* (évite tout bake-time)
|
|
|
|
RUN npm run build
|
|
|
|
# Stage de production (stage 'ext' pour la CI)
|
|
FROM base AS ext
|
|
|
|
# Copie des fichiers buildés depuis le stage builder
|
|
COPY --from=builder /leCoffre-front/.next ./.next
|
|
COPY --from=builder /leCoffre-front/public ./public
|
|
COPY --from=builder /leCoffre-front/package.json ./package.json
|
|
COPY --from=builder /leCoffre-front/node_modules ./node_modules
|
|
|
|
# Copie du script de démarrage
|
|
COPY start-runtime.js ./
|
|
RUN chmod +x start-runtime.js
|
|
|
|
# Configuration runtime
|
|
EXPOSE 8080
|
|
ENV NODE_ENV=production
|
|
ENV PORT=8080
|
|
|
|
# Utilisateur non-root
|
|
RUN useradd -m -u 1000 lecoffreuser && \
|
|
mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
|
|
|
|
USER lecoffreuser
|
|
|
|
# Utiliser le script de démarrage qui injecte les variables au runtime
|
|
CMD ["node", "start-runtime.js"]
|