mirror of
https://github.com/d0zingcat/BroadcastChannel.git
synced 2026-05-13 23:16:46 +00:00
eb0205a7a9
Enhanced security by integrating Docker secrets for Sentry authentication and project tokens, reducing exposure of sensitive information in environment variables.
32 lines
786 B
Docker
32 lines
786 B
Docker
FROM node:lts-alpine AS base
|
|
|
|
ENV PNPM_HOME="/pnpm"
|
|
ENV PATH="$PNPM_HOME:$PATH"
|
|
RUN corepack enable
|
|
|
|
WORKDIR /app
|
|
COPY package.json pnpm-lock.yaml ./
|
|
|
|
# FROM base AS prod-deps
|
|
# RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --prod --frozen-lockfile
|
|
|
|
FROM base AS build-deps
|
|
RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --frozen-lockfile
|
|
|
|
FROM build-deps AS build
|
|
COPY . .
|
|
RUN export $(cat .env.example) && \
|
|
export $(cat /run/secrets/SENTRY_AUTH_TOKEN) && \
|
|
export $(cat /run/secrets/SENTRY_PROJECT) && \
|
|
export DOCKER=true && \
|
|
pnpm run build
|
|
|
|
FROM base AS runtime
|
|
# COPY --from=prod-deps /app/node_modules ./node_modules
|
|
COPY --from=build /app/dist ./dist
|
|
|
|
ENV HOST=0.0.0.0
|
|
ENV PORT=4321
|
|
EXPOSE 4321
|
|
CMD node ./dist/server/entry.mjs
|