43 lines
993 B
Docker
43 lines
993 B
Docker
# Build stage
|
|
FROM node:20-alpine AS builder
|
|
|
|
#buat user baru untuk security setup
|
|
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
|
|
|
|
WORKDIR /app
|
|
|
|
# change ownership untuk user baru
|
|
RUN chown -R appuser:appgroup /app
|
|
|
|
COPY package.json pnpm-lock.yaml ./
|
|
RUN npm install -g pnpm
|
|
RUN pnpm install --frozen-lockfile
|
|
|
|
COPY . .
|
|
RUN npx prisma generate
|
|
RUN pnpm run build
|
|
RUN chown -R appuser:appgroup /app/node_modules
|
|
|
|
# Production stage
|
|
FROM node:20-alpine AS runner
|
|
WORKDIR /app
|
|
|
|
#buat user di runner stage
|
|
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
|
|
|
|
COPY package*.json ./
|
|
COPY --from=builder /app/.next ./.next
|
|
COPY --from=builder /app/public ./public
|
|
COPY --from=builder /app/prisma ./prisma
|
|
COPY --from=builder /app/node_modules ./node_modules
|
|
COPY --from=builder /app/src ./src
|
|
COPY --chown=appuser:appgroup --from=builder /app/node_modules ./node_modules
|
|
|
|
ENV NODE_ENV=production
|
|
EXPOSE 3000
|
|
|
|
#ganti user jadi non root
|
|
USER appuser
|
|
|
|
CMD ["npm", "run", "start"]
|