lecoffre-front/Dockerfile

# syntax=docker/dockerfile:1.4
FROM node:19-alpine AS deps
WORKDIR /leCoffre-front

COPY package.json ./
COPY package-lock.json ./

RUN apk update && apk upgrade && apk add --no-cache \
    git \
    curl \
    wget \
    jq \
    busybox-extras \
    npm \
    coreutils \
    build-base \
    autoconf \
    automake \
    libtool \
    pkgconfig \
    cmake \
    ninja \
    clang \
    lldb \
    lld \
    make \
    tree \
    ncdu \
    mc \
    ctags \
    cscope \
    vim \
    emacs \
    sed \
    gawk \
    iputils \
    net-tools \
    iproute2 \
    python3 \
    python3-dev \
    py3-pip \
    go \
    rust \
    cargo \
    && npm install -g wscat || echo "wscat installation failed - continuing"

# Installation des dépendances
RUN --mount=type=cache,target=/root/.npm \
    npm install --no-audit --no-fund

# Configuration pour le développement
FROM node:19-alpine AS development
WORKDIR /leCoffre-front

COPY --from=deps /leCoffre-front/node_modules ./node_modules
COPY --from=deps /leCoffre-front/package.json ./package.json
COPY . .

# Création de l'utilisateur non-root
RUN adduser -D lecoffreuser --uid 10000 && chown -R lecoffreuser .

USER lecoffreuser

CMD ["npm", "run", "dev"]
EXPOSE 3000

# --- Build de production
FROM node:19-alpine AS builder
WORKDIR /leCoffre-front

COPY --from=deps /leCoffre-front/node_modules ./node_modules
COPY --from=deps /leCoffre-front/package.json ./package.json
COPY . .

# Arguments/variables d'environnement publics pour le build Next
ARG NEXT_PUBLIC_BACK_API_PROTOCOL
ARG NEXT_PUBLIC_BACK_API_HOST
ARG NEXT_PUBLIC_BACK_API_PORT
ARG NEXT_PUBLIC_BACK_API_ROOT_URL
ARG NEXT_PUBLIC_BACK_API_VERSION
ARG NEXT_PUBLIC_FRONT_APP_HOST
ARG NEXT_PUBLIC_FRONT_APP_PORT
ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT
ARG NEXT_PUBLIC_IDNOT_CLIENT_ID
ARG NEXT_PUBLIC_IDNOT_BASE_URL
ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI
ARG NEXT_PUBLIC_DOCAPOSTE_API_URL
ARG NEXT_PUBLIC_HOTJAR_SITE_ID
ARG NEXT_PUBLIC_HOTJAR_VERSION
ARG NEXT_PUBLIC_4NK_URL
ARG NEXT_PUBLIC_4NK_IFRAME_URL
ARG NEXT_PUBLIC_API_URL
ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID
ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS

ENV NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \
    NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \
    NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \
    NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \
    NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \
    NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \
    NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \
    NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \
    NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \
    NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \
    NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \
    NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \
    NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \
    NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \
    NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \
    NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \
    NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
    NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \
    NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS}

RUN --mount=type=cache,target=/leCoffre-front/.next/cache npm run build

# --- Image d'exécution "ext"
FROM node:19-alpine AS ext
WORKDIR /leCoffre-front

# Re-déclarer les ARG pour l'étape runtime et les exposer en ENV
ARG NEXT_PUBLIC_BACK_API_PROTOCOL
ARG NEXT_PUBLIC_BACK_API_HOST
ARG NEXT_PUBLIC_BACK_API_PORT
ARG NEXT_PUBLIC_BACK_API_ROOT_URL
ARG NEXT_PUBLIC_BACK_API_VERSION
ARG NEXT_PUBLIC_FRONT_APP_HOST
ARG NEXT_PUBLIC_FRONT_APP_PORT
ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT
ARG NEXT_PUBLIC_IDNOT_CLIENT_ID
ARG NEXT_PUBLIC_IDNOT_BASE_URL
ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI
ARG NEXT_PUBLIC_DOCAPOSTE_API_URL
ARG NEXT_PUBLIC_HOTJAR_SITE_ID
ARG NEXT_PUBLIC_HOTJAR_VERSION
ARG NEXT_PUBLIC_4NK_URL
ARG NEXT_PUBLIC_4NK_IFRAME_URL
ARG NEXT_PUBLIC_API_URL
ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID
ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS

ENV NODE_ENV=production \
    PORT=3000 \
    NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \
    NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \
    NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \
    NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \
    NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \
    NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \
    NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \
    NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \
    NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \
    NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \
    NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \
    NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \
    NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \
    NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \
    NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \
    NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \
    NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
    NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \
    NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS}

# Next.js standalone runtime (output: 'standalone')
COPY --from=builder /leCoffre-front/.next/standalone ./
COPY --from=builder /leCoffre-front/.next/static ./.next/static
COPY --from=builder /leCoffre-front/public ./public

# Création de l'utilisateur non-root
RUN adduser -D lecoffreuser --uid 10000 && chown -R lecoffreuser .
USER lecoffreuser

EXPOSE 3000
CMD ["node", "server.js"]