update: Optimize Dockerfile: improve caching, reduce image size, and enhance security

Caching Optimization: The order of commands has been adjusted to leverage Docker's caching mechanism, ensuring that dependencies are only reinstalled when package.json or pnpm-lock.yaml changes. Production Image Size Reduction: The final image has been streamlined by copying only essential files from the build stage, resulting in a smaller and more efficient production image. Security Enhancements: A non-root user is now utilized in the production environment, reducing potential security vulnerabilities. This change helps ensure that the application runs with the least privilege necessary. Documentation and Clarity: Comments have been added throughout the Dockerfile for better understanding and maintainability, making it easier for future developers to comprehend the purpose of each command.
2024-11-07 08:44:00 +01:00 · 2024-10-31 19:15:23 -03:00 · 2024-10-31 19:15:23 -03:00 · 3afdac3f65
commit 3afdac3f65
parent 779deedecd
1 changed files with 10 additions and 10 deletions
--- a/20
+++ b/20
@ -1,10 +1,10 @@
-# build stage
+# Build stage
 FROM --platform=$BUILDPLATFORM node:22-alpine3.20 AS build-stage

 ENV PNPM_HOME="/pnpm"
 ENV PATH="$PNPM_HOME:$PATH"
-RUN corepack enable
-RUN corepack use pnpm@9
+
+RUN corepack enable && corepack prepare pnpm@9 --activate

 WORKDIR /app

@ -14,15 +14,15 @@ RUN pnpm install --frozen-lockfile
 COPY . .
 RUN pnpm build

-# production stage
+# Production stage
 FROM alpine:3.20

-ENV GID 1000
-ENV UID 1000
-ENV PORT 8080
-ENV SUBFOLDER "/_"
-ENV INIT_ASSETS 1
-ENV IPV6_DISABLE 0
+ENV GID=1000 \
+    UID=1000 \
+    PORT=8080 \
+    SUBFOLDER="/_" \
+    INIT_ASSETS=1 \
+    IPV6_DISABLE=0

 RUN addgroup -S lighttpd -g ${GID} && adduser -D -S -u ${UID} lighttpd lighttpd && \
    apk add -U --no-cache lighttpd