forked from activepieces/activepieces
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
132 lines (106 loc) · 4.25 KB
/
Dockerfile
File metadata and controls
132 lines (106 loc) · 4.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
FROM node:24.14.0-bullseye-slim AS base
# Set environment variables early for better layer caching
ENV LANG=en_US.UTF-8 \
LANGUAGE=en_US:en \
LC_ALL=en_US.UTF-8
# Install all system dependencies in a single layer with cache mounts
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update && \
apt-get install -y --no-install-recommends \
openssh-client \
python3 \
g++ \
build-essential \
git \
poppler-utils \
poppler-data \
procps \
locales \
unzip \
curl \
ca-certificates \
iptables \
libcap-dev && \
yarn config set python /usr/bin/python3 && \
sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \
locale-gen en_US.UTF-8
RUN export ARCH=$(uname -m) && \
if [ "$ARCH" = "x86_64" ]; then \
curl -fSL https://github.com/oven-sh/bun/releases/download/bun-v1.3.1/bun-linux-x64-baseline.zip -o bun.zip; \
elif [ "$ARCH" = "aarch64" ]; then \
curl -fSL https://github.com/oven-sh/bun/releases/download/bun-v1.3.1/bun-linux-aarch64.zip -o bun.zip; \
fi
RUN unzip bun.zip \
&& mv bun-*/bun /usr/local/bin/bun \
&& chmod +x /usr/local/bin/bun \
&& rm -rf bun.zip bun-*
RUN bun --version
# Install global npm packages in a single layer
RUN --mount=type=cache,target=/root/.npm \
npm install -g --no-fund --no-audit \
node-gyp \
npm@11.11.0 \
pm2@6.0.10 \
typescript@4.9.4 \
esbuild@0.25.0
# Install isolated-vm globally (needed for sandboxes)
RUN --mount=type=cache,target=/root/.bun/install/cache \
cd /usr/src && bun install isolated-vm@6.0.2
### STAGE 1: Build ###
FROM base AS build
WORKDIR /usr/src/app
# Copy dependency files and workspace package.json files for resolution
COPY .npmrc package.json bun.lock bunfig.toml ./
COPY packages/ ./packages/
# Install all dependencies with frozen lockfile
RUN --mount=type=cache,target=/root/.bun/install/cache \
bun install --frozen-lockfile
# Copy remaining source code (turbo config, etc.)
COPY . .
# Build frontend, engine, server API, and worker
RUN npx turbo run build --filter=web --filter=@activepieces/engine --filter=api --filter=worker
# Generate migration manifest (ordered list of migration names) for image-tag-based rollback
RUN node -e "\
const {getMigrations} = require('./packages/server/api/dist/src/app/database/postgres-connection');\
const names = getMigrations().map(M => new M().name);\
process.stdout.write(JSON.stringify(names));\
" > packages/server/api/dist/src/migration-manifest.json
# Remove piece directories not needed at runtime (keeps only the 4 pieces api imports)
# Then regenerate bun.lock so it matches the trimmed workspace
RUN rm -rf packages/pieces/core packages/pieces/custom && \
find packages/pieces/community -mindepth 1 -maxdepth 1 -type d \
! -name slack \
! -name square \
! -name facebook-leads \
! -name intercom \
-exec rm -rf {} + && \
rm -f bun.lock && bun install
### STAGE 2: Run ###
FROM base AS run
WORKDIR /usr/src/app
# Copy static configuration files first (better layer caching)
COPY --from=build /usr/src/app/packages/server/api/src/assets/default.cf /usr/local/etc/isolate
COPY docker-entrypoint.sh .
# Create all necessary directories in one layer
RUN mkdir -p \
/usr/src/app/dist/packages/engine && \
chmod +x docker-entrypoint.sh
# Copy root config files needed for dependency resolution
COPY --from=build /usr/src/app/package.json ./
COPY --from=build /usr/src/app/.npmrc ./
COPY --from=build /usr/src/app/bun.lock ./
COPY --from=build /usr/src/app/bunfig.toml ./
COPY --from=build /usr/src/app/LICENSE .
# Copy workspace package.json files (needed for bun workspace resolution)
COPY --from=build /usr/src/app/packages ./packages
# Copy built engine
COPY --from=build /usr/src/app/dist/packages/engine/ ./dist/packages/engine/
# Regenerate lockfile and install production dependencies (pieces were trimmed from workspace)
RUN --mount=type=cache,target=/root/.bun/install/cache \
bun install --production
# Copy frontend files
COPY --from=build /usr/src/app/dist/packages/web ./dist/packages/web/
LABEL service=activepieces
ENTRYPOINT ["./docker-entrypoint.sh"]
EXPOSE 80