wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 6 Packages Projects Releases Wiki Activity
Files
5cd67d372f2e2cbfa4e6855ed7df1d3eb859c96b
awoooi/apps/web/Dockerfile
OG T 4762ad924d ci(cd): 首席架構師 Review Phase 25 全批修正 (C1-C4 / S1-S4 / I1-I4) 
修正項目:
  C1: DOCKER_BUILDKIT=1 + ARG BUILDKIT_INLINE_CACHE + syntax directive (兩個 Dockerfile)
  C2: Alert Chain Smoke Test 修正 pass/fail 輸出邏輯 (不再無條件 pass)
  C3: API Dockerfile builder stage 先 pip install 後 COPY src/ (deps cache 正確失效)
  C4: Deploy step 自行管理 SSH key + ssh-keyscan 取代 StrictHostKeyChecking=no
  S1/S2: 統一 SSH 連線方式,移除 StrictHostKeyChecking=no
  S3: API Dockerfile HEALTHCHECK 改用 curl 取代 httpx (確保 image 有該工具)
  S4: type-sync-check.yaml python → python3
  I1: 建立 .dockerignore 防止無關檔案污染 build context
  I2: 加入 Setup Python Tools 共用步驟
  I3: deploy-alerts job 移至獨立 deploy-alerts.yaml workflow (paths trigger)
  I4: E2E Smoke Test 加入 pnpm install + PLAYWRIGHT_BASE_URL 公網域名

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-05 12:42:37 +08:00

73 lines
2.0 KiB
Docker
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# AWOOOI Web - Production Dockerfile
# syntax=docker/dockerfile:1
# 首席架構師 Review C1 (2026-04-05 Claude Code): BuildKit inline cache 需要 ARG 宣告
ARG BUILDKIT_INLINE_CACHE=0
FROM node:20-alpine AS base
# Install pnpm
RUN corepack enable && corepack prepare pnpm@9.0.0 --activate
FROM base AS deps
WORKDIR /app
# Copy package files
COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
COPY apps/web/package.json ./apps/web/
COPY packages/tsconfig/package.json ./packages/tsconfig/
COPY packages/eslint-config/package.json ./packages/eslint-config/
COPY packages/lewooogo-core/package.json ./packages/lewooogo-core/
# Install dependencies
RUN pnpm install --frozen-lockfile
FROM base AS builder
WORKDIR /app
# Copy deps
COPY --from=deps /app/node_modules ./node_modules
COPY --from=deps /app/apps/web/node_modules ./apps/web/node_modules
COPY --from=deps /app/packages ./packages
# 2026-04-01 ogt: CACHE_BUST 強制讓 source 層失效(每次 commit 不同)
# deps 層 (pnpm install) 仍可 cache只有 COPY . . 以下強制重建
# 解決原本 --no-cache 連 deps 也清掉的問題
ARG CACHE_BUST=dev
RUN echo "$CACHE_BUST" > /dev/null
# Copy source
COPY . .
# Build-time environment variables (NEXT_PUBLIC_* 會被打包進 JS)
ARG NEXT_PUBLIC_API_URL=http://localhost:8000
ARG NEXT_PUBLIC_SENTRY_DSN=
ENV NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL}
ENV NEXT_PUBLIC_SENTRY_DSN=${NEXT_PUBLIC_SENTRY_DSN}
ENV NEXT_TELEMETRY_DISABLED=1
RUN pnpm turbo build --filter=@awoooi/web
FROM base AS runner
WORKDIR /app
ENV NODE_ENV production
ENV NEXT_TELEMETRY_DISABLED 1
# Create non-root user
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs
# Copy built files
COPY --from=builder /app/apps/web/public ./apps/web/public
COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/standalone ./
COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/static ./apps/web/.next/static
USER nextjs
EXPOSE 3000
ENV PORT 3000
ENV HOSTNAME "0.0.0.0"
CMD ["node", "apps/web/server.js"]
Reference in New Issue View Git Blame Copy Permalink