Created
April 21, 2024 04:58
-
-
Save tciuro/b4ba5bc6fe97ab68525201866632577b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ================================ | |
| # Build image | |
| # ================================ | |
| FROM swift:5.9-jammy as build | |
| # Install OS updates and dependencies | |
| RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ | |
| && apt-get update \ | |
| && apt-get -q install -y \ | |
| sqlite3 libsqlite3-dev \ | |
| openssh-client \ | |
| libssl-dev zlib1g-dev \ | |
| && apt-get -q dist-upgrade -y \ | |
| && rm -rf /var/lib/apt/lists/* \ | |
| && sqlite3 --version || echo "SQLite3 not found!" \ | |
| && find /usr -name "sqlite3.h" | |
| # Set up a build area | |
| WORKDIR /build | |
| COPY ./Package.* ./ | |
| RUN swift package resolve | |
| # Copy entire repo into container | |
| COPY . . | |
| # Copy .env.production file into build container | |
| COPY ./.env ./.env | |
| COPY ./.env.production ./.env.production | |
| # Build everything with optimizations and ensure proper linking to SQLite3 | |
| RUN swift build -c release --static-swift-stdlib \ | |
| -Xlinker -L/usr/lib/x86_64-linux-gnu \ | |
| -Xcc -I/usr/include \ | |
| -Xcc -I/usr/include/sqlite3 \ | |
| -Xlinker -lsqlite3 \ | |
| -Xlinker -rpath -Xlinker /usr/lib/x86_64-linux-gnu \ | |
| -v \ | |
| && ldd /build/.build/aarch64-unknown-linux-gnu/release/App | |
| # Switch to the staging area | |
| WORKDIR /staging | |
| # Copy main executable and resources to staging area | |
| RUN cp "$(swift build --package-path /build -c release --show-bin-path)/App" ./ | |
| RUN find -L "$(swift build --package-path /build -c release --show-bin-path)/" -regex '.*\.resources$' -exec cp -Ra {} ./ \; | |
| # Ensure by default, neither the directory nor any of its contents are writable. | |
| RUN [ -d /build/Public ] && { mv -f /build/Public ./Public && chmod -R a-w ./Public; } || true | |
| RUN [ -d /build/Resources ] && { mv -f /build/Resources ./Resources && chmod -R a-w ./Resources; } || true | |
| RUN [ -d /build/SampleData ] && { mv -f /build/SampleData ./SampleData && chmod -R a-w ./SampleData; } || true | |
| # ================================ | |
| # Run image | |
| # ================================ | |
| FROM ubuntu:jammy | |
| # Setup for runtime | |
| RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ | |
| && apt-get update \ | |
| && apt-get install -y ca-certificates tzdata sqlite3 libsqlite3-dev \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Environment setup | |
| RUN useradd --user-group --create-home --system --skel /dev/null --home-dir /app vapor | |
| WORKDIR /app | |
| COPY --from=build --chown=vapor:vapor /staging /app | |
| COPY --from=build --chown=vapor:vapor /build/.env /app/.env | |
| COPY --from=build --chown=vapor:vapor /build/.env.production /app/.env.production | |
| USER vapor:vapor | |
| EXPOSE 8443 | |
| ENTRYPOINT ["./App"] | |
| CMD ["serve", "--env", "production", "--hostname", "0.0.0.0", "--port", "8443"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment