-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor: run build in container (#826)
## Description Currently the build process for pepr builds the code outside of the container and then copies the transpiled code in. This PR changes the build process to run the build step inside of a container. This ensures that builds are fully reproducible and not dependent on external tooling. It also streamlines building pepr locally. ## Related Issue ## Type of change - [x] Other (security config, docs update, etc) ## Checklist before merging - [ ] Test, docs, adr added or updated as needed - [ ] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/contributor-guide/#submitting-a-pull-request) followed Signed-off-by: Eddie Zaneski <eddiezane@gmail.com> Co-authored-by: Case Wylie <cmwylie19@defenseunicorns.com>
- Loading branch information
Showing
2 changed files
with
29 additions
and
24 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,35 +1,44 @@ | ||
### BUILD ### | ||
|
||
FROM docker.io/library/node:22-alpine@sha256:94567107148ac59f1eb2ad9b7c1db03f1a1a12d28717b29eda0535aa3bd2f71e as with-git | ||
ARG PEPR_BUILD_VERSION=0.0.0-development | ||
|
||
WORKDIR /app | ||
# crane digest cgr.dev/chainguard/node-lts:latest-dev | ||
FROM cgr.dev/chainguard/node-lts@sha256:49163a9f8b52f3ad9e842a16ccf0d7fa673571a272762f6483e38b90ba83985f AS build | ||
|
||
# install git | ||
RUN apk --no-cache add git | ||
WORKDIR /app | ||
|
||
# Copy the node config files | ||
COPY --chown=node:node ./package*.json ./ | ||
|
||
# Load only direct dependencies for Production use | ||
RUN npm ci --omit=dev --omit=peer && \ | ||
# Clean up npm cache | ||
RUN npm --no-git-tag-version version ${PEPR_BUILD_VERSION} | ||
|
||
# Install deps | ||
RUN npm ci | ||
|
||
COPY --chown=node:node ./hack/ ./hack/ | ||
|
||
COPY --chown=node:node ./tsconfig.json ./build.mjs ./ | ||
|
||
COPY --chown=node:node ./src/ ./src/ | ||
|
||
RUN npm run build && \ | ||
npm ci --omit=dev --omit=peer && \ | ||
npm cache clean --force && \ | ||
# Remove @types | ||
rm -fr node_modules/@types && \ | ||
rm -rf node_modules/@types && \ | ||
# Remove Ramda unused Ramda files | ||
rm -fr node_modules/ramda/dist && \ | ||
rm -fr node_modules/ramda/es && \ | ||
# Remove all typescript files | ||
find . -name "*.ts" -type f -delete | ||
|
||
# Sync the pepr dist files | ||
COPY --chown=node:node ./dist/ ./node_modules/pepr/dist/ | ||
COPY --chown=node:node ./package.json ./node_modules/pepr/package.json | ||
rm -rf node_modules/ramda/dist && \ | ||
rm -rf node_modules/ramda/es && \ | ||
find . -name "*.ts" -type f -delete && \ | ||
mkdir node_modules/pepr && \ | ||
cp -r dist node_modules/pepr/dist && \ | ||
cp package.json node_modules/pepr | ||
|
||
##### DELIVER ##### | ||
|
||
# crane digest cgr.dev/chainguard/node-lts:latest | ||
FROM cgr.dev/chainguard/node-lts@sha256:64578d895b168f20737413ac56a14cefd63663691611f8af5020e8bc8de53f82 | ||
|
||
WORKDIR /app | ||
|
||
COPY --from=with-git --chown=node:node /app/ /app/ | ||
COPY --from=build --chown=node:node /app/node_modules/ ./node_modules/ |