bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(docker): harden dashboard container builds

Browse Source
This commit is contained in:
saravanakumardb1 2026-03-23 16:16:47 -07:00
parent fa1adf829c
commit 618ba6a86d
2 changed files with 58 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
dashboards/admin-web/Dockerfile
View File

@ -1,40 +1,50 @@
FROM node:20-alpine AS base FROM node:22-alpine AS builder
# Build
FROM base AS builder
WORKDIR /app WORKDIR /app
COPY package.json package-lock.json* ./
# Copy pre-built @bytelyst/* packages (run scripts/docker-prep-dashboards.sh first) ENV HTTP_PROXY=http://cso.proxy.att.com:8080/
# file: refs point to ../../learning_ai_common_plat/packages/* relative to /app ENV HTTPS_PROXY=http://cso.proxy.att.com:8080/
COPY .docker-deps/@bytelyst/ /learning_ai_common_plat/packages/ ENV NO_PROXY=localhost,127.0.0.1
ENV NODE_TLS_REJECT_UNAUTHORIZED=0
ENV NPM_CONFIG_STRICT_SSL=false
ENV HUSKY=0
RUN npm config set strict-ssl false \
&& npm config set registry https://jfrog-pkg-proxy.it.att.com/artifactory/api/npm/att-npm-proxy-group/ \
&& npm install -g pnpm@10.6.5
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml tsconfig.base.json ./
COPY packages/ packages/
COPY dashboards/admin-web/package.json dashboards/admin-web/
RUN pnpm install --frozen-lockfile --ignore-scripts
COPY dashboards/admin-web/ dashboards/admin-web/
RUN npm ci
COPY . .
# Dummy env vars for Next.js build (page data collection requires these at build time)
ENV COSMOS_ENDPOINT=https://placeholder.documents.azure.com:443/ ENV COSMOS_ENDPOINT=https://placeholder.documents.azure.com:443/
ENV COSMOS_KEY=placeholder== ENV COSMOS_KEY=placeholder==
ENV COSMOS_DATABASE=lysnrai ENV COSMOS_DATABASE=lysnrai
ENV JWT_SECRET=build-time-placeholder ENV JWT_SECRET=build-time-placeholder
RUN npm run build ENV NEXT_TELEMETRY_DISABLED=1
# Production RUN pnpm -r --filter @bytelyst/admin-web... build
FROM base AS runner RUN pnpm --filter @bytelyst/admin-web deploy --legacy --ignore-scripts /app/deploy
FROM node:22-alpine
WORKDIR /app WORKDIR /app
ENV NODE_ENV=production ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1 ENV NEXT_TELEMETRY_DISABLED=1
ENV PORT=3001
ENV HOSTNAME=0.0.0.0
ENV HUSKY=0
RUN addgroup --system --gid 1001 nodejs RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs RUN adduser --system --uid 1001 nextjs
COPY --from=builder /app/public ./public COPY --from=builder --chown=nextjs:nodejs /app/deploy ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ COPY --from=builder --chown=nextjs:nodejs /app/dashboards/admin-web/public ./public
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
USER nextjs USER nextjs
EXPOSE 3001 EXPOSE 3001
ENV PORT=3001
ENV HOSTNAME="0.0.0.0"
CMD ["node", "server.js"] CMD ["node", "server.js"]

47
dashboards/tracker-web/Dockerfile
View File

@ -1,35 +1,46 @@
FROM node:20-alpine AS base FROM node:22-alpine AS builder
# Build
FROM base AS builder
WORKDIR /app WORKDIR /app
COPY package.json package-lock.json* ./
# Copy pre-built @bytelyst/* packages (run scripts/docker-prep-dashboards.sh first) ENV HTTP_PROXY=http://cso.proxy.att.com:8080/
# file: refs point to ../../learning_ai_common_plat/packages/* relative to /app ENV HTTPS_PROXY=http://cso.proxy.att.com:8080/
COPY .docker-deps/@bytelyst/ /learning_ai_common_plat/packages/ ENV NO_PROXY=localhost,127.0.0.1
ENV NODE_TLS_REJECT_UNAUTHORIZED=0
ENV NPM_CONFIG_STRICT_SSL=false
ENV HUSKY=0
RUN npm ci RUN npm config set strict-ssl false \
COPY . . && npm config set registry https://jfrog-pkg-proxy.it.att.com/artifactory/api/npm/att-npm-proxy-group/ \
RUN npm run build && npm install -g pnpm@10.6.5
# Production COPY package.json pnpm-workspace.yaml pnpm-lock.yaml tsconfig.base.json ./
FROM base AS runner COPY packages/ packages/
COPY dashboards/tracker-web/package.json dashboards/tracker-web/
RUN pnpm install --frozen-lockfile --ignore-scripts
COPY dashboards/tracker-web/ dashboards/tracker-web/
ENV NEXT_TELEMETRY_DISABLED=1
RUN pnpm -r --filter @bytelyst/tracker-web... build
RUN pnpm --filter @bytelyst/tracker-web deploy --legacy --ignore-scripts /app/deploy
FROM node:22-alpine
WORKDIR /app WORKDIR /app
ENV NODE_ENV=production ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1 ENV NEXT_TELEMETRY_DISABLED=1
ENV PORT=3003
ENV HOSTNAME=0.0.0.0
ENV HUSKY=0
RUN addgroup --system --gid 1001 nodejs RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs RUN adduser --system --uid 1001 nextjs
COPY --from=builder /app/public ./public COPY --from=builder --chown=nextjs:nodejs /app/deploy ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ COPY --from=builder --chown=nextjs:nodejs /app/dashboards/tracker-web/public ./public
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
USER nextjs USER nextjs
EXPOSE 3003 EXPOSE 3003
ENV PORT=3003
ENV HOSTNAME="0.0.0.0"
CMD ["node", "server.js"] CMD ["node", "server.js"]