From c088b08e773918daa75afd3ff542a5156ad82ed9 Mon Sep 17 00:00:00 2001 From: Domagoj Date: Tue, 29 Jul 2025 15:04:40 +0200 Subject: [PATCH] Refactor for improved podman support --- Dockerfile | 44 +++++++++++++++++++++++++++++++++----------- package.json | 1 + 2 files changed, 34 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 74d8e8ca9a1..bfba5cabcdf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,31 +1,53 @@ # syntax=docker/dockerfile:1 -ARG NODE_VERSION=${NODE_VERSION:-22.14} -ARG OS=${OS:-alpine} +ARG NODE_VERSION=22.14 +ARG OS=alpine FROM node:${NODE_VERSION}-${OS} +# Create non-root user for rootless operation +RUN addgroup -S appgroup && adduser -S appuser -G appgroup + +# Install git (already present, but ensure it’s available) +RUN apk add --no-cache git + +# Set environment variables ENV VITE_BYPASS_LOGIN=1 \ VITE_BYPASS_TUTORIAL=0 \ NEXT_TELEMETRY_DISABLED=1 \ - PNP_HOME=/root/.shrc \ + PNP_HOME=/home/appuser/.shrc \ NODE_ENV=production \ PORT=8000 -RUN apk add --no-cache git - +# Set working directory WORKDIR /app +# Enable and prepare pnpm RUN corepack enable && corepack prepare pnpm@10 --activate +# Copy package files first for caching +COPY package.json pnpm-lock.yaml ./ + +# Initialize Git repository and copy .git (for submodules and lefthook) +COPY .git ./.git +COPY .gitmodules ./.gitmodules + +# Install dependencies and initialize submodules +RUN --mount=type=cache,target=/home/appuser/.pnpm-store \ + git config --global --add safe.directory /app && \ + git submodule update --init --recursive && \ + pnpm install --frozen-lockfile + +# Copy remaining files COPY . . -RUN --mount=type=bind,source=package.json,target=package.json \ - --mount=type=bind,source=package-lock.json,target=package-lock.json \ - --mount=type=cache,target=/root/.npm \ - npm ci +# Change ownership for rootless compatibility +RUN chown -R appuser:appgroup /app -RUN pnpm install +# Switch to non-root user +USER appuser +# Expose port EXPOSE $PORT -CMD pnpm start:dev -- --host --port $PORT \ No newline at end of file +# Start the app +CMD ["pnpm", "start:podman", "--", "--host", "--port", "$PORT"] \ No newline at end of file diff --git a/package.json b/package.json index 64f2f9786db..41dc6b04f90 100644 --- a/package.json +++ b/package.json @@ -6,6 +6,7 @@ "scripts": { "start": "vite", "start:dev": "vite --mode development", + "start:podman": "vite --mode development --host 0.0.0.0 --port $PORT", "build": "vite build", "build:beta": "vite build --mode beta", "preview": "vite preview",