Skip to content

Commit 586796b

Browse files
heiskrheiskr
authored
Update Dockerfile to use gh-base-image (#53830)
1 parent 84307e2 commit 586796b

File tree

1 file changed

+21
-13
lines changed

1 file changed

+21
-13
lines changed

Dockerfile

+21-13
Original file line numberDiff line numberDiff line change
@@ -5,22 +5,30 @@
55
# --------------------------------------------------------------------------------
66
# BASE IMAGE
77
# --------------------------------------------------------------------------------
8-
# To update the sha, run `docker pull node:$VERSION-alpine`
9-
# look for something like: `Digest: sha256:0123456789abcdef`
10-
FROM node:22-alpine@sha256:c13b26e7e602ef2f1074aef304ce6e9b7dd284c419b35d89fcf3cc8e44a8def9 AS base
8+
# To update the sha:
9+
# https://github.com/github/gh-base-image/pkgs/container/gh-base-image%2Fgh-base-noble
10+
FROM ghcr.io/github/gh-base-image/gh-base-noble:20250108-185521-gcd4825276 AS base
11+
12+
# Install git for cloning docs-early-access & translations repos
13+
# Install curl for determining the early access branch
14+
RUN apt-get -qq update && apt-get -qq install --no-install-recommends git curl
15+
16+
# Install Node.js latest LTS
17+
# https://github.com/nodejs/release#release-schedule
18+
# Ubuntu's apt-get install nodejs is _very_ outdated
19+
RUN curl -sL https://deb.nodesource.com/setup_22.x | bash -
20+
RUN apt-get install -y nodejs
21+
RUN node --version
1122

1223
# This directory is owned by the node user
24+
RUN useradd -ms /bin/bash node
1325
ARG APP_HOME=/home/node/app
1426
RUN mkdir -p $APP_HOME && chown -R node:node $APP_HOME
1527
WORKDIR $APP_HOME
1628

1729
# Switch to root to ensure we have permissions to copy, chmod, and install
1830
USER root
1931

20-
# Install git for cloning docs-early-access & translations repos
21-
# Install curl for determining the early access branch
22-
RUN apk add --no-cache git curl
23-
2432
# Copy in build scripts
2533
COPY src/deployments/production/build-scripts/*.sh ./build-scripts/
2634

@@ -39,12 +47,12 @@ COPY data ./data
3947
# We use --mount-type=secret to avoid the secret being copied into the image layers for security
4048
# The secret passed via --secret can only be used in this RUN command
4149
RUN --mount=type=secret,id=DOCS_BOT_PAT_READPUBLICKEY \
42-
# We don't cache because Docker can't know if we need to fetch new content from remote repos
43-
echo "Don't cache this step by printing date: $(date)" && \
44-
. ./build-scripts/fetch-repos.sh
50+
# We don't cache because Docker can't know if we need to fetch new content from remote repos
51+
echo "Don't cache this step by printing date: $(date)" && \
52+
. ./build-scripts/fetch-repos.sh
4553

4654
# Give node user access to the copied content since we cloned as root
47-
RUN chown -R node:node $APP_HOME/content
55+
RUN chown -R node:node $APP_HOME/content
4856
RUN chown -R node:node $APP_HOME/assets
4957
RUN chown -R node:node $APP_HOME/data
5058
# Give node user access to translations repos
@@ -105,7 +113,7 @@ RUN npm run precompute-pageinfo -- --max-versions 2
105113
RUN npm prune --production
106114

107115
# --------------------------------------------------------------------------------
108-
# PRODUCTION IMAGE
116+
# PRODUCTION IMAGE
109117
# --------------------------------------------------------------------------------
110118
FROM base AS production
111119

@@ -140,7 +148,7 @@ COPY --chown=node:node --from=builder $APP_HOME/next.config.js ./
140148
COPY --chown=node:node --from=builder $APP_HOME/tsconfig.json ./
141149

142150
# - - -
143-
# Environment variables are set in the Moda
151+
# Environment variables are set in the Moda
144152
# configuration: config/moda/configuration/*/env.yaml
145153
# - - -
146154

0 commit comments

Comments
 (0)