Skip to content

hmcts/cnp-node-base

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

148 Commits
.github
.github
 
 
alpine
alpine
 
 
debian
debian
 
 
LICENSE.md
LICENSE.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
renovate.json
renovate.json
 
 
test-build.sh
test-build.sh
 
 

Repository files navigation

cnp-nodejs-base

Build Status

Supported Images list

We recommend that you use the alpine image as it is smaller and most of the time has no vulnerabilities.

Tag OS NodeJS version
hmctspublic.azurecr.io/base/node:20-alpine Alpine LTS 20
hmctspublic.azurecr.io/base/node:20-bookworm-slim Debian bookworm LTS 20

Background

These images are based on nodeJS official ones using LTS versions, with the addition of a specific hmcts user, used for consistent runtime parameters.

Here are the defaults properties you inherit from using those base images:

Directive Default Values
WORKDIR /opt/app, accessible as $WORKDIR as well
CMD ["yarn", "start"]
USER hmcts

Nota Bene:

  • These images are primarily aimed at application runtimes, nothing prevents the use of other intermediate images to build your projects.
  • By default when the image is initially launched it will run under the context of the hmcts user. However you may have to switch to the root user to install OS dependencies.
  • The distroless nodeJS base image has been ruled out as it is still pretty experimental

Sample use

### base image ###
FROM hmctspublic.azurecr.io/base/node:20-alpine as base
COPY package.json yarn.lock ./
RUN yarn install

### runtime image ###
FROM base as runtime
COPY . .
# make sure you use the hmcts user
USER hmcts

You can also leverage on alpine distributions to create smaller runtime images:

Simple:

# ---- Dependencies image ----
FROM hmctspublic.azurecr.io/base/node:20-alpine as base
COPY --chown=hmcts:hmcts package.json yarn.lock ./
RUN yarn install --production

# ---- Runtime image ----
FROM base as runtime
COPY . .
EXPOSE 3000

More complex example:

FROM hmctspublic.azurecr.io/base/node:20-alpine as base

COPY package.json yarn.lock ./

FROM base as build

USER root
RUN apk add python2 make g++
USER hmcts

RUN yarn && npm rebuild node-sass

COPY . .
RUN yarn setup && rm -r node_modules/ && yarn install --production && rm -r ~/.cache/yarn

FROM base as runtime
COPY --from=build $WORKDIR ./
USER hmcts
EXPOSE 3000

Troubleshooting

Permission issues when I install apk/apt dependencies

Apk/apt packages installation requires the root user so you may switch temporarily to this user. e.g.:

### build image (Debian) ###
FROM hmctspublic.azurecr.io/base/node:20-bookworm-slim as base

USER root
RUN apt-get update && apt-get install ...
USER hmcts

COPY package.json yarn.lock ./
...

Yarn install fails because of permission issues

Depending on the post-installation steps, some script might need permissions on files owned by the root user. If this is the case, you can copy files from the host as hmcts user:

...
COPY --chown=hmcts:hmcts package.json yarn.lock .
...

Building images locally

$ make

This will generate the right tags so that you can use those images to build other nodejs-based projects by HMCTS.

Building images for sandbox

Sandbox is as its named, a sandbox registry. Thus, the base images are not automatically pushed in the sandbox registry hmctssandbox.

However you can still push them from your workstation using the following command:

$ make sandbox

License

This project is licensed under the MIT License - see the LICENSE file for details.

About

Base nodeJS images for HMCTS applications

Topics

nodejs docker containers base-image

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

83 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 13

Languages