-
Notifications
You must be signed in to change notification settings - Fork 18
Expand file tree
/
Copy pathDockerfile.worker.javascript
More file actions
98 lines (78 loc) · 4.88 KB
/
Dockerfile.worker.javascript
File metadata and controls
98 lines (78 loc) · 4.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# syntax=docker/dockerfile:1.9.0
ARG NODE_VERSION=20.19.5
ARG EMSDK_VERSION=3.1.65
FROM ghcr.io/superblocksteam/node:${NODE_VERSION} AS builder
ARG DEASYNC_VERSION=0.1.29
ARG EMSDK_VERSION
WORKDIR /app
# Install build dependencies
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
apt-get update && \
apt-get install -y --no-install-recommends python3 make g++ git xz-utils
# Copy root workspace files for cache-friendly pnpm fetch
COPY pnpm-workspace.yaml package.json .npmrc pnpm-lock.yaml ./
# NPM_TOKEN is used by .npmrc for GitHub Packages auth (interpolated by pnpm)
ARG NPM_TOKEN
# native packages (lz4, cpu-features, node-expat) call node-gyp during fetch
ARG PNPM_VERSION=10.29.2
RUN --mount=type=cache,target=/root/.local/share/pnpm/store \
wget -qO- https://get.pnpm.io/install.sh | PNPM_VERSION=${PNPM_VERSION} ENV="$HOME/.bashrc" SHELL="$(which bash)" bash - && \
. $HOME/.bashrc && \
pnpm add -g node-gyp && \
pnpm fetch
ENV PNPM_HOME="/root/.local/share/pnpm"
ENV PATH="$PNPM_HOME:$PATH"
# Copy workspace sources (clients/typescript/package.json needed for workspace graph consistency)
COPY ./workers/javascript/ ./workers/javascript/
COPY ./workers/ephemeral/javascript-plugins-sandbox/ ./workers/ephemeral/javascript-plugins-sandbox/
COPY ./types/gen/js/ ./types/gen/js/
COPY ./mocks/ ./mocks/
COPY ./clients/typescript/package.json ./clients/typescript/package.json
# Install Java (for closure compiler) and emscripten after pnpm fetch
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
apt-get update && \
apt-get install -y --no-install-recommends default-jre-headless
RUN git clone https://github.com/emscripten-core/emsdk.git /emsdk && \
cd /emsdk && \
./emsdk install ${EMSDK_VERSION} && \
./emsdk activate ${EMSDK_VERSION}
ENV PATH="/emsdk:/emsdk/upstream/emscripten:${PATH}"
ENV EMSDK=/emsdk
# Install, build, and deploy fleet.all (superset of all fleets)
RUN --mount=type=cache,target=/root/.local/share/pnpm/store \
. $HOME/.bashrc && \
pnpm install -r --offline --frozen-lockfile && \
pnpm --filter @superblocks/fleet.all... --filter @superblocks/fleet.javascript --filter @superblocks/fleet.javascriptsdkapi --filter @superblocks/fleet.non-lang build && \
pnpm install -r --offline --frozen-lockfile && \
pnpm --filter @superblocks/fleet.all deploy --prod /deploy && \
npx clean-modules --directory /deploy/node_modules -y '!**/googleapis/**/docs/' '!**/@superblocks/**/datasource/'
# Arrange fleet entry points: fleet.all's dist + other fleets' dists side by side,
# sharing a single node_modules (fleet.all is a superset of all fleet dependencies)
RUN mkdir -p /deploy/fleets/all /deploy/fleets/javascript /deploy/fleets/javascriptsdkapi /deploy/fleets/non-lang && \
mv /deploy/dist /deploy/fleets/all/dist && \
cp -r /app/workers/javascript/packages/fleets/javascript/dist /deploy/fleets/javascript/dist && \
cp -r /app/workers/javascript/packages/fleets/javascriptsdkapi/dist /deploy/fleets/javascriptsdkapi/dist && \
cp -r /app/workers/javascript/packages/fleets/non-lang/dist /deploy/fleets/non-lang/dist
# Build the deasync binding for this architecture (node-gyp installed globally above)
RUN --mount=type=cache,target=/root/.npm \
git clone --depth 1 --branch v${DEASYNC_VERSION} https://github.com/superblocksteam/deasync.git && \
cd deasync && \
npm install && \
node-gyp configure && \
node-gyp build && \
mkdir -p /deploy/node_modules/.pnpm/deasync@${DEASYNC_VERSION}/node_modules/deasync/build && \
cp build/Release/deasync.node /deploy/node_modules/.pnpm/deasync@${DEASYNC_VERSION}/node_modules/deasync/build/deasync.node
FROM ghcr.io/superblocksteam/node:${NODE_VERSION}-bookworm-slim
WORKDIR /workers/javascript
COPY --from=builder /deploy/node_modules ./node_modules
COPY --from=builder /deploy/fleets ./fleets
COPY --from=builder /deploy/package.json ./package.json
RUN id -u node &>/dev/null || useradd node && \
groupadd --force --gid 1000 node && \
usermod --uid 1000 --gid node --shell /bin/bash --move-home --home /home/node node
ENV SUPERBLOCKS_TUNNEL_PRIVATE_KEY_RSA=dev-private-rsa
ENV SUPERBLOCKS_TUNNEL_PRIVATE_KEY_ED25519=dev-private-ed25519
ENV FLEET=all
CMD node /workers/javascript/fleets/$FLEET/dist/src/index.js