-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
57 lines (43 loc) · 1.82 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# set the base image to create the image for react app
FROM node:20-alpine
# create a user with permissions to run the app
# -S -> create a system user
# -G -> add the user to a group
# This is done to avoid running the app as root
# If the app is run as root, any vulnerability in the app can be exploited to gain access to the host system
# It's a good practice to run the app as a non-root user
RUN addgroup app && adduser -S -G app app
# set the user to run the app
USER app
# set the working directory to /app
WORKDIR /app
# copy package.json and package-lock.json to the working directory
# This is done before copying the rest of the files to take advantage of Docker’s cache
# If the package.json and package-lock.json files haven’t changed, Docker will use the cached dependencies
COPY package*.json ./
COPY ./prisma prisma
COPY ./dev.db /app/dev.db
# sometimes the ownership of the files in the working directory is changed to root
# and thus the app can't access the files and throws an error -> EACCES: permission denied
# to avoid this, change the ownership of the files to the root user
USER root
# Ensure write permissions for the app directory and its contents
RUN chmod -R u+w .
# change the ownership of the /app directory to the app user
# chown -R <user>:<group> <directory>
# chown command changes the user and/or group ownership of for given file.
RUN chown -R app:app .
# As root, change the ownership of dev.db to app user
RUN chown app:app dev.db
# change the user back to the app user
USER app
# init prisma
RUN npx prisma generate --schema=./prisma/schema.prisma
# install dependencies
RUN npm install
# copy the rest of the files to the working directory
COPY . .
# expose port 3000 to tell Docker that the container listens on the specified network ports at runtime
EXPOSE 3000
# command to run the app
CMD npm run dev