saroar/Buildimage.py

## Buildimage.py
# ================================
# Build image
# ================================
FROM swift:5.9-jammy-slim

RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
    && apt-get -q update \
    && apt-get -q dist-upgrade -y \
    && apt-get install -y libsqlite3-dev nano \
    && rm -rf /var/lib/apt/lists/*

# Set up a build area
WORKDIR /build

# First just resolve dependencies.
# This creates a cached layer that can be reused
# as long as your Package.swift/Package.resolved
# files do not change.
COPY ./Package.* ./
RUN swift package resolve --skip-update \
        $([ -f ./Package.resolved ] && echo "--force-resolved-versions" || true)

# Copy entire repo into container
COPY . .

# Build everything, with optimizations
RUN swift build -c release --static-swift-stdlib \
    # Workaround for https://github.com/apple/swift/pull/68669
    # This can be removed as soon as 5.9.1 is released, but is harmless if left in.
    -Xlinker -u -Xlinker _swift_backtrace_isThunkFunction

# Switch to the staging area
WORKDIR /staging

# Copy main executable to staging area
RUN cp "$(swift build --package-path /build -c release --show-bin-path)/App" ./

# Copy resources bundled by SPM to staging area
RUN find -L "$(swift build --package-path /build -c release --show-bin-path)/" -regex '.*\.resources$' -exec cp -Ra {} ./ \;

# Copy any resources from the public directory and views directory if the directories exist
# Ensure that by default, neither the directory nor any of its contents are writable.
RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } || true
#RUN [ -d /build/Public ] && { mv /build/Cert ./Cert && chmod -R a-w ./Cert; } || true
#RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } || true
RUN [ -d /build/Resources ] && { mv /build/Resources ./Resources && chmod -R a-w ./Resources; } || true

# ================================
# Run image
# ================================
FROM swift:5.9-jammy-slim

# Make sure all system packages are up to date, and install only essential packages.
RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
    && apt-get -q update \
    && apt-get -q dist-upgrade -y \
    && apt-get -q install -y \
		  libcurl4 \
      ca-certificates \
      tzdata \
# If your app or its dependencies import FoundationXML, also install `libxml2`.
      # libxml2 \
    && rm -r /var/lib/apt/lists/*

# Create a vapor user and group with /app as its home directory
RUN useradd --user-group --create-home --system --skel /dev/null --home-dir /app vapor

# Switch to the new home directory
WORKDIR /app

# Copy built executable and any staged resources from builder
COPY --from=build --chown=vapor:vapor /staging /app
COPY --from=build --chown=vapor:vapor /build/.build/release /app
# Uncomment the next line if you need to load resources from the `Public` directory
# COPY --from=build --chown=vapor:vapor /build/Public /app/Public

# Provide configuration needed by the built-in crash reporter and some sensible default behaviors.
ENV SWIFT_ROOT=/usr SWIFT_BACKTRACE=enable=yes,sanitize=yes,threads=all,images=all,interactive=no

# Ensure all further commands run as the vapor user
USER vapor:vapor

# Let Docker bind to port 8080
EXPOSE 3030

# Start the Vapor service when the image is run, default to listening on 8080 in production environment
ENTRYPOINT ["./App"]
CMD ["serve", "--env", "production", "--hostname", "0.0.0.0", "--port", "3030"]
	# ================================
	# Build image
	# ================================
	FROM swift:5.9-jammy-slim

	RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
	&& apt-get -q update \
	&& apt-get -q dist-upgrade -y \
	&& apt-get install -y libsqlite3-dev nano \
	&& rm -rf /var/lib/apt/lists/*

	# Set up a build area
	WORKDIR /build

	# First just resolve dependencies.
	# This creates a cached layer that can be reused
	# as long as your Package.swift/Package.resolved
	# files do not change.
	COPY ./Package.* ./
	RUN swift package resolve --skip-update \
	$([ -f ./Package.resolved ] && echo "--force-resolved-versions" \|\| true)

	# Copy entire repo into container
	COPY . .

	# Build everything, with optimizations
	RUN swift build -c release --static-swift-stdlib \
	# Workaround for https://github.com/apple/swift/pull/68669
	# This can be removed as soon as 5.9.1 is released, but is harmless if left in.
	-Xlinker -u -Xlinker _swift_backtrace_isThunkFunction

	# Switch to the staging area
	WORKDIR /staging

	# Copy main executable to staging area
	RUN cp "$(swift build --package-path /build -c release --show-bin-path)/App" ./

	# Copy resources bundled by SPM to staging area
	RUN find -L "$(swift build --package-path /build -c release --show-bin-path)/" -regex '.*\.resources$' -exec cp -Ra {} ./ \;

	# Copy any resources from the public directory and views directory if the directories exist
	# Ensure that by default, neither the directory nor any of its contents are writable.
	RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } \|\| true
	#RUN [ -d /build/Public ] && { mv /build/Cert ./Cert && chmod -R a-w ./Cert; } \|\| true
	#RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } \|\| true
	RUN [ -d /build/Resources ] && { mv /build/Resources ./Resources && chmod -R a-w ./Resources; } \|\| true

	# ================================
	# Run image
	# ================================
	FROM swift:5.9-jammy-slim

	# Make sure all system packages are up to date, and install only essential packages.
	RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
	&& apt-get -q update \
	&& apt-get -q dist-upgrade -y \
	&& apt-get -q install -y \
	libcurl4 \
	ca-certificates \
	tzdata \
	# If your app or its dependencies import FoundationXML, also install `libxml2`.
	# libxml2 \
	&& rm -r /var/lib/apt/lists/*

	# Create a vapor user and group with /app as its home directory
	RUN useradd --user-group --create-home --system --skel /dev/null --home-dir /app vapor

	# Switch to the new home directory
	WORKDIR /app

	# Copy built executable and any staged resources from builder
	COPY --from=build --chown=vapor:vapor /staging /app
	COPY --from=build --chown=vapor:vapor /build/.build/release /app
	# Uncomment the next line if you need to load resources from the `Public` directory
	# COPY --from=build --chown=vapor:vapor /build/Public /app/Public

	# Provide configuration needed by the built-in crash reporter and some sensible default behaviors.
	ENV SWIFT_ROOT=/usr SWIFT_BACKTRACE=enable=yes,sanitize=yes,threads=all,images=all,interactive=no

	# Ensure all further commands run as the vapor user
	USER vapor:vapor

	# Let Docker bind to port 8080
	EXPOSE 3030

	# Start the Vapor service when the image is run, default to listening on 8080 in production environment
	ENTRYPOINT ["./App"]
	CMD ["serve", "--env", "production", "--hostname", "0.0.0.0", "--port", "3030"]