From 656b362cca04ae16168c7391043967daeffa88eb Mon Sep 17 00:00:00 2001 From: Pedro Nauck Date: Thu, 2 May 2024 21:03:13 -0300 Subject: [PATCH] fix: readonly docer --- deployment/Dockerfile | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/deployment/Dockerfile b/deployment/Dockerfile index 26f6f3757..546901d8a 100644 --- a/deployment/Dockerfile +++ b/deployment/Dockerfile @@ -2,36 +2,44 @@ # built for the fuel-explorer FROM node:20-slim AS base -# Expose the ENVs to the env of the container +# Setup environment variables ENV PNPM_HOME="/pnpm" ENV PATH="$PNPM_HOME:$PATH" - ENV SERVER_PORT="${SERVER_PORT:-3004}" ENV FUEL_PROVIDER="${FUEL_PROVIDER:-https://beta-5.fuel.network/graphql}" ENV SERVER_BUILD="${SERVER_BUILD}" ENV SYNC_MISSING="${SYNC_MISSING}" ENV DB_MIGRATE="${DB_MIGRATE}" - -# Database config ENV DB_HOST="${DB_HOST}" ENV DB_PORT="${DB_PORT}" ENV DB_USER="${DB_USER}" ENV DB_PASS="${DB_PASS}" ENV DB_NAME="${DB_NAME}" +ENV PM2_HOME=/app-explorer/.pm2 -# Enable pnpm using corepack form node.js +# Enable pnpm using corepack from node.js RUN corepack enable -# Install dependencies for the entire monorepo +# Create a non-privileged user +RUN useradd -m fuel + +# Copy application code COPY . /app-explorer -WORKDIR /app-explorer -ENV PM2_HOME=/app-explorer/.pm2 + +# Change ownership of the app-explorer to the non-privileged user +RUN chown -R fuel:fuel /app-explorer # Install dependencies for the entire monorepo +WORKDIR /app-explorer RUN pnpm install RUN pnpm db:setup # Expose the specified port EXPOSE ${SERVER_PORT} + +# Switch to non-privileged user +USER fuel + WORKDIR /app-explorer CMD ["/app-explorer/scripts/run.sh"] +