You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
64 lines
1.5 KiB
64 lines
1.5 KiB
# 多阶段构建 - 构建阶段
|
|
FROM oven/bun:alpine AS builder
|
|
|
|
WORKDIR /app
|
|
|
|
# 复制依赖文件
|
|
COPY package.json bun.lockb ./
|
|
|
|
# 安装所有依赖(包括开发依赖)
|
|
RUN bun install --frozen-lockfile
|
|
|
|
# 复制源代码
|
|
COPY . .
|
|
|
|
# 构建阶段(如果需要)
|
|
RUN bun run build || true
|
|
|
|
# 生产阶段
|
|
FROM oven/bun:alpine AS production
|
|
|
|
# 创建非root用户
|
|
RUN addgroup -g 1001 -S nodejs && \
|
|
adduser -S bun -u 1001
|
|
|
|
WORKDIR /app
|
|
|
|
# 从构建阶段复制依赖
|
|
COPY --from=builder --chown=bun:nodejs /app/node_modules ./node_modules
|
|
COPY --from=builder --chown=bun:nodejs /app/package.json ./
|
|
COPY --from=builder --chown=bun:nodejs /app/bun.lockb ./
|
|
COPY --from=builder --chown=bun:nodejs /app/knexfile.mjs ./
|
|
|
|
# 复制应用代码
|
|
COPY --from=builder --chown=bun:nodejs /app/src ./src
|
|
COPY --from=builder --chown=bun:nodejs /app/public ./public
|
|
|
|
# 复制并设置入口脚本权限
|
|
COPY --chown=bun:nodejs entrypoint.sh ./entrypoint.sh
|
|
RUN chmod +x ./entrypoint.sh
|
|
|
|
# 创建必要的目录并设置权限
|
|
RUN mkdir -p /app/database /app/logs && \
|
|
chown -R bun:nodejs /app/database /app/logs
|
|
|
|
# 设置环境变量
|
|
ENV NODE_ENV=production
|
|
ENV BUN_ENV=production
|
|
ENV PORT=3000
|
|
|
|
# 暴露端口
|
|
EXPOSE 3000
|
|
|
|
# 切换到非root用户
|
|
USER bun
|
|
|
|
# 健康检查优化
|
|
HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
|
|
CMD bun --version && \
|
|
(wget --spider -q http://localhost:3000/health || \
|
|
wget --spider -q http://localhost:3000/ || \
|
|
exit 1)
|
|
|
|
# 设置入口点
|
|
ENTRYPOINT ["./entrypoint.sh"]
|
|
|