-
Notifications
You must be signed in to change notification settings - Fork 32
Expand file tree
/
Copy pathDockerfile
More file actions
57 lines (45 loc) · 2.11 KB
/
Dockerfile
File metadata and controls
57 lines (45 loc) · 2.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
FROM docker.io/node:25@sha256:c69f4e0640e5b065f2694579793e4309f1e0e49868b0f2fea29c44d9c0dc2caf as builder
WORKDIR /opt/app-root/src/
COPY src/ src/
COPY public/ public/
COPY index.html .
COPY vite.config.js .
COPY package*.json .
COPY README.md .
# Use safe-chain wrapper for npm to mitigate supply chain attacks
RUN npm install -g @aikidosec/safe-chain \
&& rm -fr .cache .npm
# From now on we use aikido-npm directly instead of npm as the wrapper scripts don't work in this Dockerfile environment
# install run deps & dev deps
RUN aikido-npm ci \
&& rm -fr .cache .npm
RUN aikido-npm run build
# Actual production image
# Use a minimal image for production
# Specific SHA256 so dependabot can update it
# See https://github.com/lucacome/docker-image-update-checker/issues/71
FROM docker.io/nginxinc/nginx-unprivileged:latest@sha256:c18d5e1673c851cb459a10d3a2c164e485191d97254ac6815a0cb1c1a767b9b6 as production
# Copy the built files from the builder stage to the nginx html directory
COPY --from=builder /opt/app-root/src/dist/ /usr/share/nginx/html/
# Updated nginx configuration
COPY container-src/nginx-templates/default.conf.template /etc/nginx/templates/default.conf.template
# Adjust permissions on the conf.d directory so our template can be used
# Switch to root to change permissions
USER 0
RUN chgrp -R 101 /etc/nginx/conf.d
# Switch back to www-data
USER 101:101
# Ensure NGINX uses resolvers set in /etc/resolv.conf
ENV NGINX_ENTRYPOINT_LOCAL_RESOLVERS=1
EXPOSE 8080
LABEL org.opencontainers.image.title="jsonschemalint"
LABEL org.opencontainers.image.description="Web interface for jsonschemalint.com - a JSON Schema linter"
LABEL org.opencontainers.image.authors="Nick Maynard"
LABEL org.opencontainers.image.url="https://jsonschemalint.com"
LABEL org.opencontainers.image.source="https://github.com/nickmaynard/jsonschemalint"
LABEL org.opencontainers.image.licenses="MIT"
LABEL org.opencontainers.image.base.name="docker.io/nginxinc/nginx-unprivileged:latest"
LABEL org.opencontainers.image.revision=""
LABEL org.opencontainers.image.version=""
LABEL org.opencontainers.image.created=""
LABEL maintainer="Nick Maynard"