knee-cola/evidencija-rezija
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'feature/going-distroless' into develop

Browse Source
This commit is contained in:
Knee Cola
2025-11-17 14:06:54 +01:00
parent c005f4ca78 dedc030384
commit 38974c47fb
1 changed files with 4 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
Dockerfile
View File

@@ -27,30 +27,22 @@ RUN npm run build
#-----------------------------------------
# STAGE 3: Run the Next.js server
#-----------------------------------------
FROM base AS production
FROM gcr.io/distroless/nodejs20-debian12:nonroot AS production
WORKDIR /app
ENV NODE_ENV=production
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs
COPY --from=builder /app/public/* /app/public/
# this file is required for the pdfjs-dist package
COPY --from=builder /app/node_modules/pdfjs-dist/build/pdf.worker.min.mjs /app/public/pdf.worker.min.mjs
# Set the correct permission for prerender cache
RUN mkdir .next
RUN chown nextjs:nodejs .next
# Automatically leverage output traces to reduce image size
# https://nextjs.org/docs/advanced-features/output-file-tracing
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
COPY --from=builder --chown=nonroot:nonroot /app/.next/standalone ./
COPY --from=builder --chown=nonroot:nonroot /app/.next/static ./.next/static
USER nextjs
USER nonroot
EXPOSE 3000