From ad1b3a6f1b738ab70d8abe544633053d550d2f89 Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Thu, 25 Apr 2024 19:42:32 +0100
Subject: [PATCH 1/2] build(dockerfile): use multi-stage build; reduce size by
 ~28%

---
 Dockerfile | 41 ++++++++++++++++++++++++++---------------
 1 file changed, 26 insertions(+), 15 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 21c3d390..82803b97 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,20 +1,18 @@
-FROM node:20-bullseye-slim
+# ------------------
+# Temp image
+# ------------------
+FROM node:20-bullseye-slim AS tmp
 
 # Workdir
-WORKDIR /usr/app
+WORKDIR /usr/app/tmp
+
+# Copy source
+COPY . /usr/app/tmp
 
 # Create temp folder for files to be stored whilst being converted
 RUN mkdir -p ./dist/temp/
 
-# Install OS dependencies
-# Curl needed for healthcheck command
-RUN apt-get -q update &&\
-    apt-get -y --no-install-recommends install curl poppler-data poppler-utils unrtf && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/*
-
-# Copy and install node dependencies
-COPY package.json package-lock.json ./
+# Install node dependencies
 RUN npm ci --ignore-scripts --omit=dev && \
     npm pkg delete commitlint devDependencies jest nodemonConfig scripts && \
     npm cache clean --force && \
@@ -25,10 +23,23 @@ RUN npm ci --ignore-scripts --omit=dev && \
     rm -rf ./node_modules/htmltidy2/bin/win64 && \
     rm -rf ./node_modules/htmltidy2/bin/darwin
 
-# Copy source
-COPY . .
-# Change ownership of all files and directories
-RUN chown -R node:node .
+# ------------------
+# Final image
+# ------------------
+FROM node:20-bullseye-slim AS main
+
+# Workdir
+WORKDIR /usr/app
+
+# Install OS dependencies
+# Curl needed for healthcheck command
+RUN apt-get -q update &&\
+    apt-get -y --no-install-recommends install curl poppler-data poppler-utils unrtf && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Copy files from tmp image and change ownership
+COPY --from=tmp --chown=node:node /usr/app/tmp /usr/app
 
 # Node images provide 'node' unprivileged user to run apps and prevent
 # privilege escalation attacks

From ad44e77e03db0326f79843040343b4c33f732203 Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Tue, 30 Apr 2024 19:12:02 +0100
Subject: [PATCH 2/2] build(dockerfile): cache dependencies

---
 Dockerfile | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 82803b97..e3821a95 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,13 +6,11 @@ FROM node:20-bullseye-slim AS tmp
 # Workdir
 WORKDIR /usr/app/tmp
 
-# Copy source
-COPY . /usr/app/tmp
-
-# Create temp folder for files to be stored whilst being converted
-RUN mkdir -p ./dist/temp/
-
-# Install node dependencies
+# Copy and install dependencies separately from the app's code
+# to take advantage of Docker's layer caching
+# See: https://docs.docker.com/build/cache/#optimizing-how-you-use-the-build-cache
+COPY package.json .
+COPY package-lock.json .
 RUN npm ci --ignore-scripts --omit=dev && \
     npm pkg delete commitlint devDependencies jest nodemonConfig scripts && \
     npm cache clean --force && \
@@ -23,6 +21,12 @@ RUN npm ci --ignore-scripts --omit=dev && \
     rm -rf ./node_modules/htmltidy2/bin/win64 && \
     rm -rf ./node_modules/htmltidy2/bin/darwin
 
+# Copy source
+COPY . .
+
+# Create temp folder for files to be stored whilst being converted
+RUN mkdir -p ./dist/temp/
+
 # ------------------
 # Final image
 # ------------------