36 lines
845 B
Docker
36 lines
845 B
Docker
# syntax=docker/dockerfile:1
|
||
|
||
# 1) 构建阶段:安装仅生产依赖
|
||
FROM node:22-bookworm-slim AS builder
|
||
WORKDIR /app
|
||
ENV NODE_ENV=production
|
||
|
||
# 仅复制依赖清单,提升缓存命中率
|
||
COPY package.json package-lock.json* ./
|
||
|
||
# 无锁文件时回退 npm install;并关闭审计/基金提示
|
||
RUN if [ -f package-lock.json ]; then \
|
||
npm ci --omit=dev --no-audit --no-fund; \
|
||
else \
|
||
npm install --omit=dev --no-audit --no-fund; \
|
||
fi
|
||
|
||
# 复制应用源码
|
||
COPY index.js ./index.js
|
||
COPY src ./src
|
||
COPY public ./public
|
||
|
||
# 2) 运行阶段:Debian 12 distroless(极简、无 Shell)
|
||
FROM gcr.io/distroless/nodejs22-debian12
|
||
WORKDIR /app
|
||
ENV NODE_ENV=production
|
||
COPY --from=builder /app /app
|
||
|
||
EXPOSE 8080
|
||
USER nonroot:nonroot
|
||
|
||
# distroless nodejs 以 node 为入口,传入脚本路径即可
|
||
CMD ["/app/index.js"]
|
||
|
||
|