-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDockerfile.oci
More file actions
84 lines (62 loc) · 2.39 KB
/
Dockerfile.oci
File metadata and controls
84 lines (62 loc) · 2.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# Multi-stage build for TMI-UX on Oracle Cloud Infrastructure (OCI) Container Instances
# Uses oci configuration (environment.oci.ts)
# Runtime: Oracle Linux 9
# Stage 1: Build the Angular application
FROM container-registry.oracle.com/os/oraclelinux:9-slim AS builder
# Install Node.js 22 LTS from Oracle AppStream
RUN microdnf module enable -y nodejs:22 && \
microdnf install -y nodejs npm && \
microdnf clean all && \
rm -rf /var/cache/yum
# Set working directory
WORKDIR /app
# Install pnpm globally
RUN npm install -g pnpm@10.18.3
# Copy package files
COPY package.json pnpm-lock.yaml ./
# Install dependencies
RUN pnpm install --frozen-lockfile
# Copy application source
COPY . .
# Build the application with OCI configuration
RUN pnpm run build:oci
# Isolate runtime dependencies (express, express-rate-limit) for stage 2
# This runs in the builder stage which has npm registry access
RUN mkdir /runtime && \
cd /runtime && \
echo '{"name":"tmi-ux-server","version":"1.0.0","type":"module","dependencies":{"express":"^5.2.1","express-rate-limit":"^8.3.1"}}' > package.json && \
npm install --omit=dev
# Stage 2: Production server on Oracle Linux 9
FROM container-registry.oracle.com/os/oraclelinux:9-slim
ARG APP_VERSION=unknown
LABEL org.opencontainers.image.version=$APP_VERSION
# Install Node.js 22 LTS from Oracle AppStream
RUN microdnf module enable -y nodejs:22 && \
microdnf install -y nodejs && \
microdnf clean all && \
rm -rf /var/cache/yum
# Set working directory
WORKDIR /app
# Create non-root user for security
RUN useradd -r -u 1001 -g root appuser
# Copy runtime node_modules from builder (no npm registry access needed)
COPY --from=builder /runtime/node_modules ./node_modules
COPY --from=builder /runtime/package.json ./
# Copy built application from builder stage
COPY --from=builder /app/dist ./dist
# Copy server file
COPY server.js ./
# Change ownership to non-root user
RUN chown -R appuser:root /app
# Switch to non-root user
USER appuser
# Expose port 8080 (OCI Container Instances default)
EXPOSE 8080
# Set environment variables
ENV PORT=8080
ENV NODE_ENV=production
# Health check for OCI Container Instances
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD node -e "require('http').get('http://localhost:8080/', (r) => process.exit(r.statusCode === 200 ? 0 : 1))" || exit 1
# Start the server
CMD ["node", "server.js"]