90 lines
2.4 KiB
Docker
90 lines
2.4 KiB
Docker
FROM node:22-slim AS builder
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy package files
|
|
COPY package*.json ./
|
|
COPY tsconfig.json ./
|
|
|
|
# Install dependencies
|
|
RUN npm install
|
|
|
|
# Copy protobuf definitions
|
|
COPY protobuf ../protobuf/
|
|
|
|
# Copy source
|
|
COPY src ./src
|
|
|
|
# Build (includes protobuf generation)
|
|
RUN npm run build
|
|
|
|
# Note: Python API files for research subagent are copied by bin/build script
|
|
# to src/harness/subagents/research/api-source/ before docker build
|
|
|
|
# Production image
|
|
FROM node:22-slim
|
|
|
|
WORKDIR /app
|
|
|
|
# Install dependencies for Ollama (early in the build for caching)
|
|
RUN apt-get update && apt-get install -y curl bash zstd ca-certificates && rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install Ollama (before npm dependencies for better caching)
|
|
RUN curl -fsSL https://ollama.com/install.sh | sh
|
|
|
|
# Create non-root user early (before pulling model)
|
|
RUN groupadd --gid 1001 nodejs && \
|
|
useradd --uid 1001 --gid nodejs --shell /bin/bash --create-home nodejs && \
|
|
chown -R nodejs:nodejs /app
|
|
|
|
# Pull embedding model (all-minilm: 90MB, CPU-friendly) as nodejs user
|
|
# This is the most expensive operation, so do it early
|
|
USER nodejs
|
|
RUN ollama serve & \
|
|
OLLAMA_PID=$! && \
|
|
sleep 10 && \
|
|
ollama pull all-minilm && \
|
|
kill $OLLAMA_PID && \
|
|
wait $OLLAMA_PID || true
|
|
|
|
# Switch back to root for remaining setup
|
|
USER root
|
|
|
|
# Copy package files
|
|
COPY package*.json ./
|
|
|
|
# Install production dependencies only
|
|
RUN npm install --omit=dev
|
|
|
|
# Copy built application
|
|
COPY --from=builder /app/dist ./dist
|
|
|
|
# Copy protobuf definitions for runtime loading
|
|
COPY protobuf ./protobuf
|
|
|
|
# Copy k8s templates (not included in TypeScript build)
|
|
COPY src/k8s/templates ./dist/k8s/templates
|
|
|
|
# Copy harness prompts (not included in TypeScript build)
|
|
COPY src/harness/prompts ./dist/harness/prompts
|
|
|
|
# Copy all subagent directories (config.yaml, system-prompt.md, memory/, etc.)
|
|
# TypeScript build already compiled .ts files to .js in dist, so we copy the entire
|
|
# source directory to get all non-TypeScript assets, then remove .ts duplicates
|
|
COPY src/harness/subagents ./dist/harness/subagents
|
|
# Remove source .ts files (we only need the compiled .js from builder stage)
|
|
# Keep .yaml, .md files and memory/ directories
|
|
RUN find ./dist/harness/subagents -name "*.ts" -type f -delete
|
|
|
|
# Copy entrypoint script
|
|
COPY entrypoint.sh ./
|
|
RUN chmod +x entrypoint.sh
|
|
|
|
# Ensure nodejs user owns everything
|
|
RUN chown -R nodejs:nodejs /app
|
|
|
|
USER nodejs
|
|
|
|
EXPOSE 3000
|
|
|
|
ENTRYPOINT ["./entrypoint.sh"] |