gui.do / barazo-api
Barazo AppView backend barazo.forum
fork atom

feat(docker): add multi-stage Dockerfile for production deployment

Uses pnpm workspace-aware build with tarball approach for @barazo-forum/lexicons
dependency. Three stages: deps, builder (tsc + pnpm pack), runner (node:24-alpine,
non-root user, healthcheck on /api/health).

Guido X Jansen 5f8848c0 ff6ae9da

+98
+14
.dockerignore
··· 1 + node_modules 2 + dist 3 + .git 4 + .gitignore 5 + tests 6 + coverage 7 + .env 8 + .env.* 9 + *.md 10 + LICENSE 11 + vitest.config.ts 12 + vitest.config.integration.ts 13 + eslint.config.js 14 + tsconfig.eslint.json
+84
Dockerfile
··· 1 + # Multi-stage build for barazo-api 2 + # Build context: monorepo root (docker build -f barazo-api/Dockerfile .) 3 + 4 + # --------------------------------------------------------------------------- 5 + # Stage 1: Install dependencies 6 + # --------------------------------------------------------------------------- 7 + FROM node:24-alpine AS deps 8 + RUN apk add --no-cache libc6-compat 9 + WORKDIR /workspace 10 + 11 + # Enable pnpm via corepack 12 + RUN corepack enable && corepack prepare pnpm@10.29.2 --activate 13 + 14 + # Copy workspace root config 15 + COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./ 16 + 17 + # Copy all workspace package.json files (needed for pnpm install) 18 + COPY barazo-lexicons/package.json ./barazo-lexicons/ 19 + COPY barazo-api/package.json ./barazo-api/ 20 + COPY barazo-web/package.json ./barazo-web/ 21 + 22 + # Install all dependencies (including devDeps for tsc build) 23 + RUN pnpm install --frozen-lockfile 24 + 25 + # --------------------------------------------------------------------------- 26 + # Stage 2: Build 27 + # --------------------------------------------------------------------------- 28 + FROM node:24-alpine AS builder 29 + WORKDIR /workspace 30 + 31 + RUN corepack enable && corepack prepare pnpm@10.29.2 --activate 32 + 33 + # Copy installed dependencies 34 + COPY --from=deps /workspace/ ./ 35 + 36 + # Copy lexicons source (workspace dependency) 37 + COPY barazo-lexicons/ ./barazo-lexicons/ 38 + 39 + # Copy API source 40 + COPY barazo-api/ ./barazo-api/ 41 + 42 + # Build lexicons first (workspace dependency), then API 43 + RUN pnpm --filter @barazo-forum/lexicons build && \ 44 + pnpm --filter barazo-api build 45 + 46 + # Create standalone production deployment: 47 + # Pack lexicons as tarball, then install API prod deps with npm 48 + RUN cd /workspace/barazo-lexicons && pnpm pack --pack-destination /tmp && \ 49 + mkdir -p /app/deploy && \ 50 + cp /workspace/barazo-api/package.json /app/deploy/ && \ 51 + cd /app/deploy && \ 52 + npm install --omit=dev --install-links \ 53 + $(ls /tmp/barazo-forum-lexicons-*.tgz) && \ 54 + rm -rf /root/.npm 55 + 56 + # --------------------------------------------------------------------------- 57 + # Stage 3: Production runner 58 + # --------------------------------------------------------------------------- 59 + FROM node:24-alpine AS runner 60 + WORKDIR /app 61 + 62 + ENV NODE_ENV=production 63 + 64 + # Create non-root user 65 + RUN addgroup --system --gid 1001 nodejs && \ 66 + adduser --system --uid 1001 barazo 67 + 68 + # Copy production deployment (node_modules + package.json) 69 + COPY --from=builder /app/deploy/ ./ 70 + 71 + # Copy compiled output 72 + COPY --from=builder /workspace/barazo-api/dist/ ./dist/ 73 + 74 + # Create plugins directory for runtime plugin loading 75 + RUN mkdir -p /app/plugins && chown barazo:nodejs /app/plugins 76 + 77 + USER barazo 78 + 79 + EXPOSE 3000 80 + 81 + HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \ 82 + CMD wget -qO- http://127.0.0.1:3000/api/health || exit 1 83 + 84 + CMD ["node", "dist/server.js"]