forked from iconify/api
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
89 lines (73 loc) · 3.21 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
ARG ARCH=amd64
ARG NODE_VERSION=16
ARG OS=bullseye-slim
ARG ICONIFY_API_VERSION=3.0.0
ARG SRC_PATH=./
#### Stage BASE ########################################################################################################
FROM ${ARCH}/node:${NODE_VERSION}-${OS} AS base
# This gives node.js apps access to the OS CAs
ENV NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
# This handles using special APT sources during build only (it is safe to comment these 3 following lines out):
RUN cp /etc/apt/sources.list /etc/apt/sources.list.original
COPY tmp/sources.list /tmp/sources.list.tmp
RUN ([ -s /tmp/sources.list.tmp ] && mv -f /tmp/sources.list.tmp /etc/apt/sources.list && cat /etc/apt/sources.list) || (cat /etc/apt/sources.list)
# Add temporary CERTs needed during build (it is safe to comment the following 1 line out):
COPY tmp/build-ca-cert.crt /usr/local/share/ca-certificates/build-ca-cert.crt
# Install tools, create data dir, add user and set rights
RUN set -ex && \
apt-get update && \
apt-get install --no-install-recommends -y \
ca-certificates \
bash \
curl \
nano \
git && \
mkdir -p /data/iconify-api && \
npm i selfupdate --location=global && \
deluser --remove-home node && \
useradd --home-dir /data/iconify-api --uid 1000 --shell /bin/bash iconify-api && \
chown -R iconify-api:root /data/iconify-api && chmod -R g+rwX /data/iconify-api && \
apt-get clean && \
rm -rf /tmp/* && \
# Restore the original sources.list
([ -s /etc/apt/sources.list.original ] && mv /etc/apt/sources.list.original /etc/apt/sources.list) && \
# Remove the temporary build CA cert
rm -f /usr/local/share/ca-certificates/build-ca-cert.crt
# Set work directory
WORKDIR /data/iconify-api
#### Stage iconify-api-install #########################################################################################
FROM base AS iconify-api-install
ARG SRC_PATH
# Make CERTAIN peer dependencies are installed, otherwise this will very likely fail
COPY ${SRC_PATH} /data/iconify-api/
COPY init.sh /init.sh
RUN cp -fR /data/iconify-api/src/config /data/config_default && \
npm install
#### Stage RELEASE #####################################################################################################
FROM iconify-api-install AS RELEASE
ARG BUILD_DATE
ARG BUILD_VERSION
ARG BUILD_REF
ARG ICONIFY_API_VERSION
ARG ARCH
ARG TAG_SUFFIX=default
LABEL org.label-schema.build-date=${BUILD_DATE} \
org.label-schema.docker.dockerfile="Dockerfile" \
org.label-schema.license="MIT" \
org.label-schema.name="Iconify API.js" \
org.label-schema.version=${BUILD_VERSION} \
org.label-schema.description="Node.js version of api.iconify.design" \
org.label-schema.url="https://github.com/iconify/api.js" \
org.label-schema.vcs-ref=${BUILD_REF} \
org.label-schema.vcs-type="Git" \
org.label-schema.vcs-url="https://github.com/iconify/api.js" \
org.label-schema.arch=${ARCH} \
authors="Vjacheslav Trushkin"
RUN rm -rf /tmp/*
# Env variables
ENV ICONIFY_API_VERSION=$ICONIFY_API_VERSION
# Expose the listening port of Iconify API
EXPOSE 3000
# Add a healthcheck (default every 30 secs)
HEALTHCHECK CMD curl http://localhost:3000/ || exit 1
ENTRYPOINT ["/init.sh"]