github-starred/actual
2
0
Fork 0
mirror of https://github.com/actualbudget/actual.git synced 2026-03-11 12:43:09 -05:00
Code Issues 250 Packages Projects Releases 53 Wiki Activity
Files
8201085ccb19479b502ffbfb02449fddaf754a32
actual/docker/edge-ubuntu.Dockerfile
Harrison Kiang d8c7a0a358 non-root users for Dockerfiles (#300) 
* Optional non-root users for Dockerfiles
2024-01-18 09:26:51 -08:00

37 lines
1.4 KiB
Docker
Raw Blame History

FROM node:18-bullseye as base
RUN apt-get update && apt-get install -y openssl jq
WORKDIR /app
ADD .yarn ./.yarn
ADD yarn.lock package.json .yarnrc.yml ./
RUN if [ "$(uname -m)" = "armv7l" ]; then yarn config set taskPoolConcurrency 2; yarn config set networkConcurrency 5; fi
RUN yarn workspaces focus --all --production
RUN mkdir /public
ADD artifacts.json /tmp/artifacts.json
RUN jq -r '[.artifacts[] | select(.workflow_run.head_branch == "master" and .workflow_run.head_repository_id == .workflow_run.repository_id)][0]' /tmp/artifacts.json > /tmp/latest-build.json
ARG GITHUB_TOKEN
RUN curl -L -o /tmp/desktop-client.zip --header "Authorization: Bearer ${GITHUB_TOKEN}" $(jq -r '.archive_download_url' /tmp/latest-build.json)
RUN unzip /tmp/desktop-client.zip -d /public
FROM node:18-bullseye-slim as prod
RUN apt-get update && apt-get install tini && apt-get clean -y && rm -rf /var/lib/apt/lists/*
ARG USERNAME=actual
ARG USER_UID=1001
ARG USER_GID=$USER_UID
RUN groupadd --gid $USER_GID $USERNAME \
&& useradd --uid $USER_UID --gid $USER_GID -m $USERNAME
RUN mkdir /data && chown -R ${USERNAME}:${USERNAME} /data
WORKDIR /app
COPY --from=base /app/node_modules /app/node_modules
COPY --from=base /public /public
ADD package.json app.js ./
ADD src ./src
ADD migrations ./migrations
ENTRYPOINT ["/usr/bin/tini","-g", "--"]
ENV ACTUAL_WEB_ROOT=/public
EXPOSE 5006
CMD ["node", "app.js"]
Reference in New Issue View Git Blame Copy Permalink