-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathDockerfile
113 lines (90 loc) · 4.23 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
# syntax=docker/dockerfile:1.6.0
# SPDX-FileCopyrightText: 2017-2023 City of Espoo
#
# SPDX-License-Identifier: LGPL-2.1-or-later
ARG NGINX_VERSION=1.26.0
FROM node:22.13.0-bookworm-slim AS builder
ARG CACHE_BUST
USER root
WORKDIR /project
RUN apt-get update \
&& apt-get -y dist-upgrade \
&& apt-get -y install ca-certificates \
&& rm -rf /var/lib/apt/lists/*
COPY ./.yarn ./.yarn
COPY ./package.json ./yarn.lock ./.yarnrc.yml ./
RUN yarn install --immutable
COPY . .
ARG EVAKA_CUSTOMIZATIONS=espoo
COPY --from=customizations . src/lib-customizations/${EVAKA_CUSTOMIZATIONS}/
ARG ICONS=free
ARG SENTRY_PUBLISH_ENABLED="false"
ARG SENTRY_AUTH_TOKEN=""
ARG SENTRY_ORG="espoo-voltti"
ARG build=none
ARG commit=none
ENV EVAKA_CUSTOMIZATIONS="$EVAKA_CUSTOMIZATIONS"
ENV ICONS="$ICONS"
ENV SENTRY_PUBLISH_ENABLED="$SENTRY_PUBLISH_ENABLED"
ENV SENTRY_ORG="$SENTRY_ORG"
ENV SENTRY_AUTH_TOKEN="$SENTRY_AUTH_TOKEN"
ENV SENTRY_NO_PROGRESS_BAR="1"
ENV APP_BUILD="$build"
ENV APP_COMMIT="$commit"
RUN export NODE_OPTIONS="--max-old-space-size=4096" \
&& yarn build
FROM nginx:${NGINX_VERSION}
ARG CACHE_BUST
LABEL maintainer="https://github.com/espoon-voltti/evaka"
ENV NGINX_ENV=local \
TZ=UTC
# https://github.com/hairyhenderson/gomplate
ARG GOMPLATE_VERSION=v4.0.1
ARG GOMPLATE_SHA256="5aeae23cbc51e243967162a62edba0098218668a09cdaa6d6de1b228c070990f"
# https://github.com/espoon-voltti/s3-downloader/
ARG S3_DOWNLOADER_VERSION=v1.4.1
ARG S3_DOWNLOADER_SHA256="520ea232e83a7cefe2a87d4f2af8433e383a4351464e213b7dd3b78ca0dc200f"
RUN apt-get update \
&& apt-get -y dist-upgrade \
&& apt-get remove --auto-remove -y nginx-module-image-filter nginx-module-njs nginx-module-xslt \
&& curl -sSfL "https://github.com/hairyhenderson/gomplate/releases/download/${GOMPLATE_VERSION}/gomplate_linux-amd64" \
-o /bin/gomplate \
&& chmod +x /bin/gomplate \
&& echo "${GOMPLATE_SHA256} /bin/gomplate" | sha256sum -c - \
&& curl -sSfL https://github.com/espoon-voltti/s3-downloader/releases/download/${S3_DOWNLOADER_VERSION}/s3downloader-linux-amd64 \
-o /bin/s3download \
&& chmod +x /bin/s3download \
&& echo "${S3_DOWNLOADER_SHA256} /bin/s3download" | sha256sum -c - \
&& rm -rf /var/lib/apt/lists/*
# https://docs.datadoghq.com/tracing/setup_overview/proxy_setup/?tab=nginx # update version using get_latest_release
ARG OPENTRACING_NGINX_VERSION=v0.35.1
ARG OPENTRACING_NGINX_SHA256="34e0fa9f110a6052a4f75451bc93e4de8d1a32229b523fb4748feee6bfb1d3ba"
ARG DD_OPENTRACING_CPP_VERSION=v1.3.7
ARG DD_OPENTRACING_CPP_SHA256="df9a8097c3d6f6e5a96f96db0f3919b5b7b35df3d10c5fcc530707a878e2dd00"
RUN cd /tmp \
&& curl -sSfLO "https://github.com/opentracing-contrib/nginx-opentracing/releases/download/${OPENTRACING_NGINX_VERSION}/linux-amd64-nginx-${NGINX_VERSION}-ngx_http_module.so.tgz" \
&& echo "${OPENTRACING_NGINX_SHA256} linux-amd64-nginx-${NGINX_VERSION}-ngx_http_module.so.tgz" | sha256sum -c - \
&& tar zxf "linux-amd64-nginx-${NGINX_VERSION}-ngx_http_module.so.tgz" -C /usr/lib/nginx/modules \
&& rm "linux-amd64-nginx-${NGINX_VERSION}-ngx_http_module.so.tgz" \
&& curl -sSfLO https://github.com/DataDog/dd-opentracing-cpp/releases/download/${DD_OPENTRACING_CPP_VERSION}/linux-amd64-libdd_opentracing_plugin.so.gz \
&& echo "${DD_OPENTRACING_CPP_SHA256} linux-amd64-libdd_opentracing_plugin.so.gz" | sha256sum -c - \
&& gunzip linux-amd64-libdd_opentracing_plugin.so.gz -c > /usr/local/lib/libdd_opentracing_plugin.so \
&& rm linux-amd64-libdd_opentracing_plugin.so.gz \
&& apt-get remove --auto-remove -y curl
COPY ./proxy/files/bin/ /bin/
COPY ./proxy/files/internal/ /internal/
COPY ./proxy/files/etc/ /etc/
ENTRYPOINT ["/bin/proxy-entrypoint.sh"]
CMD ["nginx", "-g", "daemon off;"]
COPY --from=builder /project/dist/bundle/citizen-frontend /static/
COPY --from=builder /project/dist/bundle/employee-frontend /static/employee
COPY --from=builder /project/dist/bundle/employee-mobile-frontend /static/employee/mobile
COPY --from=builder /project/src/maintenance-page-frontend /static/maintenance-page
# Add build and commit environment variables and labels
# for tracing the image to the commit and build from which the image has been built.
ARG build=none
ARG commit=none
ENV APP_BUILD="$build" \
APP_COMMIT="$commit"
LABEL fi.espoo.build="$build" \
fi.espoo.commit="$commit"