|
1 | | -# ======================================== |
2 | | -# Stage 1: Build Stage |
3 | | -# ======================================== |
4 | | -# Use official Node.js LTS image (alpine for small size) |
| 1 | +#stage 1 |
5 | 2 | FROM node:20-alpine AS builder |
6 | 3 |
|
7 | 4 | # Set working directory inside container |
8 | 5 | WORKDIR /app |
9 | | -# Explanation: All commands will run inside /app. Keeps container filesystem organized. |
10 | 6 |
|
11 | | -# Install pnpm globally for package management |
12 | 7 | RUN npm install -g pnpm |
13 | | -# Explanation: pnpm is faster and deterministic for managing Node dependencies. |
14 | 8 |
|
15 | | -# Copy package files first (for caching) |
| 9 | +# Copy package files |
16 | 10 | COPY package.json pnpm-lock.yaml ./ |
17 | | -# Explanation: By copying only package files, Docker caches npm install layer. |
18 | | -# If dependencies don't change, this layer is reused → faster builds. |
19 | | - |
20 | 11 | # Install all dependencies including devDependencies |
21 | 12 | ENV NODE_ENV=development |
22 | 13 | RUN pnpm install --frozen-lockfile |
23 | | -# Explanation: DevDependencies include TypeScript, Husky, etc., needed to build the app. |
24 | 14 |
|
25 | | -# Copy the rest of the source code |
26 | 15 | COPY . . |
27 | | -# Explanation: Copying after dependencies allows Docker to use cached layers for faster rebuilds. |
28 | 16 |
|
| 17 | +# Generate Prisma client |
| 18 | +RUN npx prisma generate |
29 | 19 | # Compile TypeScript into JavaScript |
30 | | - |
31 | 20 | RUN pnpm run build |
32 | | -# Explanation: `pnpm dlx tsc` ensures TypeScript compiler runs even if local bin links are missing. |
33 | 21 |
|
34 | | -# ======================================== |
35 | | -# Stage 2: Production Stage |
36 | | -# ======================================== |
| 22 | +# stage 2 |
37 | 23 | FROM node:20-alpine |
38 | 24 |
|
39 | 25 | # Set working directory |
40 | 26 | WORKDIR /app |
41 | 27 |
|
42 | 28 | # Install pnpm in runtime container |
43 | 29 | RUN npm install -g pnpm |
44 | | -# Explanation: Needed to install production dependencies. |
45 | 30 |
|
46 | 31 | # Copy package files for production dependency install |
47 | 32 | COPY package.json pnpm-lock.yaml ./ |
48 | 33 |
|
49 | 34 | # Install only production dependencies |
50 | 35 | ENV NODE_ENV=production |
51 | 36 | RUN pnpm install --prod --frozen-lockfile |
52 | | -# Explanation: Production image only needs runtime dependencies → smaller, faster, more secure. |
53 | 37 |
|
54 | 38 | # Disable Husky and other prepare scripts |
55 | 39 | ENV HUSKY=0 |
56 | 40 | ENV SKIP_PREPARE=true |
57 | | -# Explanation: Prevents hooks and scripts from running in production. |
58 | 41 |
|
59 | 42 | # Copy compiled JavaScript from builder stage |
60 | 43 | COPY --from=builder /app/dist ./dist |
61 | | -# Explanation: Only compiled JS is needed in production. DevDependencies are not copied → smaller image. |
62 | 44 |
|
63 | | -# Optional: non-root user for security |
| 45 | +# non-root user for security |
| 46 | +# Avoids running Node as root → improves security. |
64 | 47 | RUN addgroup roshan && adduser -S -G roshan roshan |
65 | 48 | USER roshan |
66 | | -# Explanation: Avoids running Node as root → improves security. |
67 | | - |
68 | 49 | # Expose port your API runs on |
69 | 50 | EXPOSE 3000 |
70 | | -# Explanation: Tells Docker which port the container listens on. |
71 | | - |
72 | 51 | # Start the application |
73 | 52 | CMD ["node", "dist/server.js"] |
74 | | -# Explanation: Runs compiled JavaScript for production. |
0 commit comments