Created
January 12, 2024 10:18
-
-
Save saroar/02919189d5e6433bab458d01d2e86767 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ================================ | |
# Build image | |
# ================================ | |
FROM swift:5.9-jammy-slim | |
RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ | |
&& apt-get -q update \ | |
&& apt-get -q dist-upgrade -y \ | |
&& apt-get install -y libsqlite3-dev nano \ | |
&& rm -rf /var/lib/apt/lists/* | |
# Set up a build area | |
WORKDIR /build | |
# First just resolve dependencies. | |
# This creates a cached layer that can be reused | |
# as long as your Package.swift/Package.resolved | |
# files do not change. | |
COPY ./Package.* ./ | |
RUN swift package resolve --skip-update \ | |
$([ -f ./Package.resolved ] && echo "--force-resolved-versions" || true) | |
# Copy entire repo into container | |
COPY . . | |
# Build everything, with optimizations | |
RUN swift build -c release --static-swift-stdlib \ | |
# Workaround for https://github.com/apple/swift/pull/68669 | |
# This can be removed as soon as 5.9.1 is released, but is harmless if left in. | |
-Xlinker -u -Xlinker _swift_backtrace_isThunkFunction | |
# Switch to the staging area | |
WORKDIR /staging | |
# Copy main executable to staging area | |
RUN cp "$(swift build --package-path /build -c release --show-bin-path)/App" ./ | |
# Copy resources bundled by SPM to staging area | |
RUN find -L "$(swift build --package-path /build -c release --show-bin-path)/" -regex '.*\.resources$' -exec cp -Ra {} ./ \; | |
# Copy any resources from the public directory and views directory if the directories exist | |
# Ensure that by default, neither the directory nor any of its contents are writable. | |
RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } || true | |
#RUN [ -d /build/Public ] && { mv /build/Cert ./Cert && chmod -R a-w ./Cert; } || true | |
#RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } || true | |
RUN [ -d /build/Resources ] && { mv /build/Resources ./Resources && chmod -R a-w ./Resources; } || true | |
# ================================ | |
# Run image | |
# ================================ | |
FROM swift:5.9-jammy-slim | |
# Make sure all system packages are up to date, and install only essential packages. | |
RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ | |
&& apt-get -q update \ | |
&& apt-get -q dist-upgrade -y \ | |
&& apt-get -q install -y \ | |
libcurl4 \ | |
ca-certificates \ | |
tzdata \ | |
# If your app or its dependencies import FoundationXML, also install `libxml2`. | |
# libxml2 \ | |
&& rm -r /var/lib/apt/lists/* | |
# Create a vapor user and group with /app as its home directory | |
RUN useradd --user-group --create-home --system --skel /dev/null --home-dir /app vapor | |
# Switch to the new home directory | |
WORKDIR /app | |
# Copy built executable and any staged resources from builder | |
COPY --from=build --chown=vapor:vapor /staging /app | |
COPY --from=build --chown=vapor:vapor /build/.build/release /app | |
# Uncomment the next line if you need to load resources from the `Public` directory | |
# COPY --from=build --chown=vapor:vapor /build/Public /app/Public | |
# Provide configuration needed by the built-in crash reporter and some sensible default behaviors. | |
ENV SWIFT_ROOT=/usr SWIFT_BACKTRACE=enable=yes,sanitize=yes,threads=all,images=all,interactive=no | |
# Ensure all further commands run as the vapor user | |
USER vapor:vapor | |
# Let Docker bind to port 8080 | |
EXPOSE 3030 | |
# Start the Vapor service when the image is run, default to listening on 8080 in production environment | |
ENTRYPOINT ["./App"] | |
CMD ["serve", "--env", "production", "--hostname", "0.0.0.0", "--port", "3030"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment