1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-12-22 19:07:54 +01:00
unleash.unleash/Dockerfile

39 lines
813 B
Docker
Raw Normal View History

chore(deps): update node.js to v18.20.1 (#6801) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | Pending | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---|---|---|---| | [node](https://togithub.com/nodejs/node) | final | patch | `18.20.0-alpine` -> `18.20.1-alpine` | | [![age](https://developer.mend.io/api/mc/badges/age/docker/node/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/docker/node/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/docker/node/18.20.0/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/node/18.20.0/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [node](https://togithub.com/nodejs/node) | stage | patch | `18.20.0-alpine` -> `18.20.1-alpine` | | [![age](https://developer.mend.io/api/mc/badges/age/docker/node/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/docker/node/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/docker/node/18.20.0/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/node/18.20.0/18.20.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [@types/node](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node) ([source](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)) | devDependencies | patch | [`18.19.26` -> `18.19.28`](https://renovatebot.com/diffs/npm/@types%2fnode/18.19.26/18.19.28) | `18.19.30` (+1) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fnode/18.19.28?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@types%2fnode/18.19.28?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@types%2fnode/18.19.26/18.19.28?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fnode/18.19.26/18.19.28?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v18.20.1`](https://togithub.com/nodejs/node/releases/tag/v18.20.1): 2024-04-03, Version 18.20.1 &#x27;Hydrogen&#x27; (LTS), @&#8203;RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v18.20.0...v18.20.1) This is a security release. ##### Notable Changes - CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High) - CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium) - llhttp version 9.2.1 - undici version 5.28.4 ##### Commits - \[[`60d24938de`](https://togithub.com/nodejs/node/commit/60d24938de)] - **deps**: update undici to v5.28.4 (Matteo Collina) [nodejs-private/node-private#577](https://togithub.com/nodejs-private/node-private/pull/577) - \[[`5d4d5848cf`](https://togithub.com/nodejs/node/commit/5d4d5848cf)] - **http**: do not allow OBS fold in headers by default (Paolo Insogna) [nodejs-private/node-private#558](https://togithub.com/nodejs-private/node-private/pull/558) - \[[`0fb816dbcc`](https://togithub.com/nodejs/node/commit/0fb816dbcc)] - **src**: ensure to close stream when destroying session (Anna Henningsen) [nodejs-private/node-private#561](https://togithub.com/nodejs-private/node-private/pull/561) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 7pm every weekday,before 5am every weekday" in timezone Europe/Madrid, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/Unleash/unleash). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-08 21:51:36 +02:00
ARG NODE_VERSION=18.20.1-alpine
FROM node:$NODE_VERSION as builder
WORKDIR /unleash
COPY . /unleash
2022-08-29 15:00:04 +02:00
RUN yarn config set network-timeout 300000
chore: Optimize docker build oss (#3951) ## About the changes Reduce the build time of OSS docker image from [~30m](https://github.com/Unleash/unleash/actions/workflows/docker_publish.yaml) to [under 15m](https://github.com/Unleash/unleash/actions/runs/5222180536/jobs/9427342758) 1. Build frontend outside docker multiplatform. 2. Allow `frontend/build` to be copied to the image by removing this from `.dockerignore` 3. Run with `--ignore-scripts` to avoid building the frontend on the `prepare` script, but this requires us to run all the prepare scripts manually (except the frontend build). **Note:** we need to build frontend in the `prepare` script to be able to have source code dependencies ## Manual Testing Manually downloaded from https://hub.docker.com/r/unleashorg/unleash-server/tags?page=1 and compared both `unleash` folders from main and the version built with the new process https://github.com/Unleash/unleash/actions/runs/5223078089/jobs/9429430190#step:5:48 ![Screenshot from 2023-06-10 21-11-33](https://github.com/Unleash/unleash/assets/455064/60a41739-904d-480d-8d80-bf17b7a70432) No major difference was spotted (only expected changes due to development done in main) **Command used to extract the contents:** ``` cd /tmp mkdir main && cd main docker pull unleashorg/unleash-server:main-edge-18-alpine docker export $(docker create unleashorg/unleash-server:main-edge-18-alpine) > container.tar && tar xvf container.tar mkdir ../new-process && cd ../new-process docker pull unleashorg/unleash-server:sha-ccac902-18-alpine docker export $(docker create unleashorg/unleash-server:sha-ccac902-18-alpine) > container.tar && tar xvf container.tar meld ./unleash ../main/unleash ```
2023-06-12 09:15:09 +02:00
RUN yarn install --frozen-lockfile --ignore-scripts && yarn prepare:backend && yarn local:package
# frontend/build should already exist (it needs to be built in the local filesystem but in case of a fresh build we'll build it here)
RUN yarn build:frontend:if-needed
chore: Optimize docker build oss (#3951) ## About the changes Reduce the build time of OSS docker image from [~30m](https://github.com/Unleash/unleash/actions/workflows/docker_publish.yaml) to [under 15m](https://github.com/Unleash/unleash/actions/runs/5222180536/jobs/9427342758) 1. Build frontend outside docker multiplatform. 2. Allow `frontend/build` to be copied to the image by removing this from `.dockerignore` 3. Run with `--ignore-scripts` to avoid building the frontend on the `prepare` script, but this requires us to run all the prepare scripts manually (except the frontend build). **Note:** we need to build frontend in the `prepare` script to be able to have source code dependencies ## Manual Testing Manually downloaded from https://hub.docker.com/r/unleashorg/unleash-server/tags?page=1 and compared both `unleash` folders from main and the version built with the new process https://github.com/Unleash/unleash/actions/runs/5223078089/jobs/9429430190#step:5:48 ![Screenshot from 2023-06-10 21-11-33](https://github.com/Unleash/unleash/assets/455064/60a41739-904d-480d-8d80-bf17b7a70432) No major difference was spotted (only expected changes due to development done in main) **Command used to extract the contents:** ``` cd /tmp mkdir main && cd main docker pull unleashorg/unleash-server:main-edge-18-alpine docker export $(docker create unleashorg/unleash-server:main-edge-18-alpine) > container.tar && tar xvf container.tar mkdir ../new-process && cd ../new-process docker pull unleashorg/unleash-server:sha-ccac902-18-alpine docker export $(docker create unleashorg/unleash-server:sha-ccac902-18-alpine) > container.tar && tar xvf container.tar meld ./unleash ../main/unleash ```
2023-06-12 09:15:09 +02:00
RUN mkdir -p /unleash/build/frontend && mv /unleash/frontend/build /unleash/build/frontend/build
WORKDIR /unleash/docker
RUN yarn install --frozen-lockfile --production=true
FROM node:$NODE_VERSION
ENV NODE_ENV production
2023-05-03 09:25:56 +02:00
ENV TZ UTC
WORKDIR /unleash
COPY --from=builder /unleash/docker /unleash
RUN rm -rf /usr/local/lib/node_modules/npm/
EXPOSE 4242
USER node
CMD ["node", "index.js"]