76 lines
1.7 KiB
Docker
76 lines
1.7 KiB
Docker
FROM node:22-slim AS builder
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy package files
|
|
COPY package*.json ./
|
|
COPY tsconfig.json ./
|
|
|
|
# Install dependencies
|
|
RUN npm install
|
|
|
|
# Copy protobuf definitions
|
|
COPY protobuf ../protobuf/
|
|
|
|
# Copy source
|
|
COPY src ./src
|
|
|
|
# Build (includes protobuf generation)
|
|
RUN npm run build
|
|
|
|
# Production image
|
|
FROM node:22-slim
|
|
|
|
WORKDIR /app
|
|
|
|
# Install dependencies for Ollama (early in the build for caching)
|
|
RUN apt-get update && apt-get install -y curl bash zstd ca-certificates && rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install Ollama (before npm dependencies for better caching)
|
|
RUN curl -fsSL https://ollama.com/install.sh | sh
|
|
|
|
# Create non-root user early (before pulling model)
|
|
RUN groupadd --gid 1001 nodejs && \
|
|
useradd --uid 1001 --gid nodejs --shell /bin/bash --create-home nodejs && \
|
|
chown -R nodejs:nodejs /app
|
|
|
|
# Pull embedding model (all-minilm: 90MB, CPU-friendly) as nodejs user
|
|
# This is the most expensive operation, so do it early
|
|
USER nodejs
|
|
RUN ollama serve & \
|
|
OLLAMA_PID=$! && \
|
|
sleep 10 && \
|
|
ollama pull all-minilm && \
|
|
kill $OLLAMA_PID && \
|
|
wait $OLLAMA_PID || true
|
|
|
|
# Switch back to root for remaining setup
|
|
USER root
|
|
|
|
# Copy package files
|
|
COPY package*.json ./
|
|
|
|
# Install production dependencies only
|
|
RUN npm install --omit=dev
|
|
|
|
# Copy built application
|
|
COPY --from=builder /app/dist ./dist
|
|
|
|
# Copy protobuf definitions for runtime loading
|
|
COPY protobuf ./protobuf
|
|
|
|
# Copy k8s templates (not included in TypeScript build)
|
|
COPY src/k8s/templates ./dist/k8s/templates
|
|
|
|
# Copy entrypoint script
|
|
COPY entrypoint.sh ./
|
|
RUN chmod +x entrypoint.sh
|
|
|
|
# Ensure nodejs user owns everything
|
|
RUN chown -R nodejs:nodejs /app
|
|
|
|
USER nodejs
|
|
|
|
EXPOSE 3000
|
|
|
|
ENTRYPOINT ["./entrypoint.sh"] |