| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109 |
- # 多阶段构建 - 构建阶段
- FROM node:20-alpine AS builder
- # 安装构建依赖,包括bcrypt编译所需的工具
- RUN apk add --no-cache \
- python3 \
- make \
- g++ \
- cairo-dev \
- jpeg-dev \
- pango-dev \
- musl-dev \
- giflib-dev \
- pixman-dev \
- pangomm-dev \
- libjpeg-turbo-dev \
- freetype-dev
- WORKDIR /app
- # 复制package文件
- COPY package*.json ./
- COPY tsconfig*.json ./
- # 安装所有依赖(包括开发依赖,因为需要tsc进行构建)
- RUN npm ci && \
- npm cache clean --force
- # 复制源代码
- COPY src ./src
- # 构建应用
- RUN npm run build
- # 开发阶段
- FROM node:20-alpine AS development
- # 安装运行时依赖和构建工具
- RUN apk add --no-cache \
- python3 \
- make \
- g++ \
- cairo-dev \
- jpeg-dev \
- pango-dev \
- musl-dev \
- giflib-dev \
- pixman-dev \
- pangomm-dev \
- libjpeg-turbo-dev \
- freetype-dev
- WORKDIR /app
- COPY package*.json ./
- RUN npm install
- COPY . .
- EXPOSE 3000 9229
- CMD ["npm", "run", "dev"]
- # 生产阶段
- FROM node:20-alpine AS production
- # 安装运行时依赖
- RUN apk add --no-cache \
- python3 \
- make \
- g++ \
- cairo-dev \
- jpeg-dev \
- pango-dev \
- musl-dev \
- giflib-dev \
- pixman-dev \
- pangomm-dev \
- libjpeg-turbo-dev \
- freetype-dev
- WORKDIR /app
- # 创建非root用户
- RUN addgroup -g 1001 -S nodejs && \
- adduser -S nodejs -u 1001
- # 复制依赖
- COPY package*.json ./
- RUN npm ci --only=production && \
- npm cache clean --force
- # 从构建阶段复制构建产物
- COPY --from=builder --chown=nodejs:nodejs /app/dist ./dist
- COPY --from=builder --chown=nodejs:nodejs /app/node_modules ./node_modules
- # 切换到非root用户
- USER nodejs
- # 暴露端口
- EXPOSE 3000
- # 健康检查
- HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
- CMD node dist/utils/healthcheck.js || exit 1
- # 启动应用
- CMD ["node", "dist/server.js"]
|