platform-codebase/features/platform-admin/backend-api/Dockerfile

106 lines
3.5 KiB
Docker

# =============================================================================
# Platform Admin Backend API - Multi-Target Dockerfile
# =============================================================================
#
# Supports both development (with HMR) and production modes:
#
# Development: docker build --target development -t platform-admin-api:dev .
# Production: docker build --target production -t platform-admin-api:prod .
#
# In dev, source is mounted as volume for HMR. In prod, image contains built app.
#
# =============================================================================
# -----------------------------------------------------------------------------
# BASE: Common setup for all stages
# -----------------------------------------------------------------------------
FROM node:22-alpine AS base
WORKDIR /app
# Install pnpm globally
RUN corepack enable && corepack prepare pnpm@latest --activate
# Install build dependencies for native modules
RUN apk add --no-cache libc6-compat python3 make g++
# -----------------------------------------------------------------------------
# DEVELOPMENT: Watch mode with source mounted at runtime
# -----------------------------------------------------------------------------
FROM base AS development
ENV NODE_ENV=development
# Copy package files for dependency installation
COPY package.json pnpm-lock.yaml* ./
# Install all dependencies (including devDependencies)
RUN pnpm install --frozen-lockfile || pnpm install
# Source code is mounted at runtime via volume - don't copy here
# The docker-compose.yml mounts: ./src:/app/src
# Expose Platform Admin API port (from ports.yaml: features.platform-admin.api = 3011)
EXPOSE 3011
# Health check with longer start period for dev (slower cold start)
HEALTHCHECK --interval=10s --timeout=5s --start-period=60s --retries=5 \
CMD wget --no-verbose --tries=1 --spider http://localhost:3011/health || exit 1
# Start in watch mode for HMR
CMD ["pnpm", "start:dev"]
# -----------------------------------------------------------------------------
# BUILDER: Compile TypeScript for production
# -----------------------------------------------------------------------------
FROM base AS builder
ENV NODE_ENV=production
# Copy package files
COPY package.json pnpm-lock.yaml* ./
# Install dependencies (production + build tools)
RUN pnpm install --frozen-lockfile || pnpm install
# Copy source code and config files
COPY src/ ./src/
COPY scripts/ ./scripts/
COPY tsconfig.json nest-cli.json .swcrc ./
# Build the application (includes ESM import fix)
RUN pnpm build
# Prune dev dependencies after build
RUN pnpm prune --prod
# -----------------------------------------------------------------------------
# PRODUCTION: Minimal runtime image
# -----------------------------------------------------------------------------
FROM node:22-alpine AS production
WORKDIR /app
ENV NODE_ENV=production
# Create non-root user for security
RUN addgroup -g 1001 -S nodejs && \
adduser -S nestjs -u 1001
# Copy only necessary files from builder
COPY --from=builder --chown=nestjs:nodejs /app/dist ./dist
COPY --from=builder --chown=nestjs:nodejs /app/node_modules ./node_modules
COPY --from=builder --chown=nestjs:nodejs /app/package.json ./
# Switch to non-root user
USER nestjs
# Expose Platform Admin API port
EXPOSE 3011
# Health check for production (shorter intervals, faster detection)
HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:3011/health || exit 1
# Start the production server
CMD ["node", "dist/main.js"]