harbor/make/photon/portal/Dockerfile
Dirk Mueller 12adc63a48 Include package.json/package-lock.json in portal image
This allows Trivy and other vulnerability scanners to correctly
determine the embedded dependencies in minified harbor-portal image.

Also simplify build process by reducing the number of layers in the
final stage container image

Signed-off-by: Dirk Mueller <dirk@dmllr.de>
2020-11-11 21:21:28 +01:00

45 lines
1.6 KiB
Docker

ARG harbor_base_image_version
ARG harbor_base_namespace
FROM node:10.15.0 as nodeportal
WORKDIR /build_dir
ARG npm_registry=https://registry.npmjs.org
RUN apt-get update \
&& apt-get install -y --no-install-recommends python-yaml=3.12-1
COPY src/portal/package.json /build_dir
COPY src/portal/package-lock.json /build_dir
COPY src/portal/scripts /build_dir
COPY ./api/v2.0/legacy_swagger.yaml /build_dir/swagger.yaml
COPY ./api/v2.0/swagger.yaml /build_dir/swagger2.yaml
COPY ./api/swagger.yaml /build_dir/swagger3.yaml
COPY src/portal /build_dir
ENV NPM_CONFIG_REGISTRY=${npm_registry}
RUN npm install --unsafe-perm
RUN npm run generate-build-timestamp
RUN node --max_old_space_size=2048 'node_modules/@angular/cli/bin/ng' build --prod
RUN python -c 'import sys, yaml, json; y=yaml.load(sys.stdin.read()); print json.dumps(y)' < swagger.yaml > dist/swagger.json
RUN python -c 'import sys, yaml, json; y=yaml.load(sys.stdin.read()); print json.dumps(y)' < swagger2.yaml > dist/swagger2.json
RUN python -c 'import sys, yaml, json; y=yaml.load(sys.stdin.read()); print json.dumps(y)' < swagger3.yaml > dist/swagger3.json
RUN cp swagger.yaml dist
COPY ./LICENSE /build_dir/dist
FROM ${harbor_base_namespace}/harbor-portal-base:${harbor_base_image_version}
COPY --from=nodeportal /build_dir/dist /usr/share/nginx/html
COPY --from=nodeportal /build_dir/package*.json /usr/share/nginx/
VOLUME /var/cache/nginx /var/log/nginx /run
STOPSIGNAL SIGQUIT
HEALTHCHECK CMD curl --fail -s http://127.0.0.1:8080 || curl -k --fail -s https://127.0.0.1:8443 || exit 1
USER nginx
CMD ["nginx", "-g", "daemon off;"]