ab-livereload/build/Dockerfile

# node-livereload server supporting SSL/TLS

# allow dynamic building by specifying base image elements as build-args
ARG NODE_VERSION=16
ARG ALPINE_VERSION=3.14
FROM node:${NODE_VERSION}-alpine${ALPINE_VERSION}
ARG NODE_VERSION
ARG ALPINE_VERSION

# create new node user with set UID and GID from build-args and create volume directories
ARG NODE_UID=9999
ARG NODE_GID=9999
RUN deluser --remove-home node \
    && addgroup -g ${NODE_GID} -S node \
    && adduser -G node -S -u ${NODE_UID} node \
    && mkdir /watch /certs \
    && chown root:node /certs \
    && chmod 770 /certs

# create default volumes in-case user forgets, expose default port
VOLUME [ "/watch", "/certs" ]
EXPOSE 35729

# add tini, timezone support and create certificate directories
RUN apk --update --no-cache add \
        tini \
        tzdata \
        openssl \
    && apk --update --no-cache upgrade

# labels
MAINTAINER Asif Bacchus <asif@asifbacchus.dev>
LABEL maintainer="Asif Bacchus <asif@asifbacchus.dev>"
LABEL dev.asifbacchus.docker.internalName="ab-livereload"
LABEL org.opencontainers.image.authors="Asif Bacchus <asif@asifbacchus.dev>"
LABEL org.opencontainers.image.description="Dockerized node-livereload supporting TLS and running under limited user account. Environment variables allow specifying files to watch/exclude and notification delay."
LABEL org.opencontainers.image.documentation="https://git.asifbacchus.dev/ab-docker/ab-livereload/raw/branch/master/README.md"
LABEL org.opencontainers.image.source="https://git.asifbacchus.dev/ab-docker/ab-livereload.git"
LABEL org.opencontainers.image.title="ab-livereload"
LABEL org.opencontainers.image.url="https://git.asifbacchus.dev/ab-docker/ab-livereload"
LABEL org.opencontainers.image.vendor="Asif Bacchus <asif@asifbacchus.dev>"

# default environment variables
ENV NODE_ENV=production
ENV NPM_CONFIG_PREFIX=/home/node/.npm-global
ENV PATH=/home/node/.npm-global/bin:$PATH
ENV TZ="Etc/UTC"
ENV LR_PORT=35729
ENV LR_EXTS="html,xml,css,js,jsx,ts,tsx,php,py"
ENV LR_EXCLUDE=".vscode/,.idea/,.tmp$,.swp$"
ENV LR_DELAY=500
ENV LR_DEBUG=true
ENV LR_HTTPS=true
ENV CERT_HOSTNAME=""

# install node-livereload and express as node user then switch back to root user
USER node
WORKDIR /home/node
COPY --chown=node:node [ "package.json", "package-lock.json", "/home/node/" ]
RUN mkdir -p .npm-global/bin .npm-global/lib \
    && npm config set fund false \
    && npm config set update-notifier false \
    && npm install --save
COPY --chown=node:node [ "ab-livereload.js", "/home/node/"]

# copy scripts and fix-up all permissions
USER root
COPY [ "selfsigned.cnf", "/etc/selfsigned.cnf" ]
COPY [ "entrypoint.sh", "/usr/local/bin/entrypoint.sh" ]
RUN chown node:node /home/node/* \
    && chmod 644 /home/node/package* /home/node/ab-livereload.js \
    && chmod 755 /usr/local/bin/entrypoint.sh \
    && chmod 644 /etc/selfsigned.cnf

HEALTHCHECK \
    --interval=10s \
    --timeout=5s \
    --start-period=60s \
    --retries=3 \
    CMD wget --spider -T 3 -q localhost:3000/api/v1/health || exit 1

# switch to node user, run entrypoint script by default
USER node
WORKDIR /home/node
ENTRYPOINT [ "/sbin/tini", "--", "/usr/local/bin/entrypoint.sh" ]

# set build timestamp and version labels
ARG INTERNAL_VERSION
ARG GIT_COMMIT
ARG BUILD_DATE
LABEL org.opencontainers.image.version="NODE=${NODE_VERSION}, node-livereload=0.9.3"
LABEL dev.asifbacchus.docker.internalVersion=${INTERNAL_VERSION}
LABEL org.opencontainers.image.revision=${GIT_COMMIT}
LABEL org.opencontainers.image.created=${BUILD_DATE}

#EOF
chore: update and use consistent project name 2021-07-23 18:36:14 -06:00			`# node-livereload server supporting SSL/TLS`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00
			`# allow dynamic building by specifying base image elements as build-args`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00			`ARG NODE_VERSION=16`
			`ARG ALPINE_VERSION=3.14`
			`FROM node:${NODE_VERSION}-alpine${ALPINE_VERSION}`
fix(dockerfile): reorganize and add new labels - add deprecated maintainer tag and label - fix internal label names - add git commit label - reorganize labels 2021-07-28 04:41:28 -06:00			`ARG NODE_VERSION`
			`ARG ALPINE_VERSION`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00
feature(dockerfile): allow setting separate GID 2021-07-24 16:21:07 -06:00			`# create new node user with set UID and GID from build-args and create volume directories`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`ARG NODE_UID=9999`
feature(dockerfile): allow setting separate GID 2021-07-24 16:21:07 -06:00			`ARG NODE_GID=9999`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`RUN deluser --remove-home node \`
feature(dockerfile): allow setting separate GID 2021-07-24 16:21:07 -06:00			`&& addgroup -g ${NODE_GID} -S node \`
feature(entrypoint): generate self-signed certificate - generate via specific invocation - auto-generate if SSL and no mounted certificate found - allow specifying hostname for certificate 2021-07-23 17:19:58 -06:00			`&& adduser -G node -S -u ${NODE_UID} node \`
			`&& mkdir /watch /certs \`
			`&& chown root:node /certs \`
			`&& chmod 770 /certs`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00
struct(entrypoint): skeleton entrypoint script - basic operation flow with placeholder functions - implement server and shell launch - allow commands to pass to shell - update Dockerfile to load entrypoint only - update Dockerfile to set permissions for certs directory 2021-07-22 17:15:31 -06:00			`# create default volumes in-case user forgets, expose default port`
refactor(dockerfile): change order for faster build - move file copy to near end since scripts change often 2021-07-22 18:45:29 -06:00			`VOLUME [ "/watch", "/certs" ]`
struct(entrypoint): skeleton entrypoint script - basic operation flow with placeholder functions - implement server and shell launch - allow commands to pass to shell - update Dockerfile to load entrypoint only - update Dockerfile to set permissions for certs directory 2021-07-22 17:15:31 -06:00			`EXPOSE 35729`

struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`# add tini, timezone support and create certificate directories`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00			`RUN apk --update --no-cache add \`
refactor(dockerfile): update existing packages to latest versions 2021-07-28 03:50:03 -06:00			`tini \`
			`tzdata \`
			`openssl \`
			`&& apk --update --no-cache upgrade`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`# labels`
fix(dockerfile): reorganize and add new labels - add deprecated maintainer tag and label - fix internal label names - add git commit label - reorganize labels 2021-07-28 04:41:28 -06:00			`MAINTAINER Asif Bacchus <asif@asifbacchus.dev>`
			`LABEL maintainer="Asif Bacchus <asif@asifbacchus.dev>"`
refactor: rename repo, image, containers - rename for integration with node-dev environment and production deployment - update image and product name across all files - use generated project file to install node dependencies - bump internal version to 2.6 2021-07-30 11:53:41 -06:00			`LABEL dev.asifbacchus.docker.internalName="ab-livereload"`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`LABEL org.opencontainers.image.authors="Asif Bacchus <asif@asifbacchus.dev>"`
chore: update and use consistent project name 2021-07-23 18:36:14 -06:00			`LABEL org.opencontainers.image.description="Dockerized node-livereload supporting TLS and running under limited user account. Environment variables allow specifying files to watch/exclude and notification delay."`
refactor: rename repo, image, containers - rename for integration with node-dev environment and production deployment - update image and product name across all files - use generated project file to install node dependencies - bump internal version to 2.6 2021-07-30 11:53:41 -06:00			`LABEL org.opencontainers.image.documentation="https://git.asifbacchus.dev/ab-docker/ab-livereload/raw/branch/master/README.md"`
			`LABEL org.opencontainers.image.source="https://git.asifbacchus.dev/ab-docker/ab-livereload.git"`
			`LABEL org.opencontainers.image.title="ab-livereload"`
			`LABEL org.opencontainers.image.url="https://git.asifbacchus.dev/ab-docker/ab-livereload"`
			`LABEL org.opencontainers.image.vendor="Asif Bacchus <asif@asifbacchus.dev>"`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00
			`# default environment variables`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00			`ENV NODE_ENV=production`
			`ENV NPM_CONFIG_PREFIX=/home/node/.npm-global`
			`ENV PATH=/home/node/.npm-global/bin:$PATH`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`ENV TZ="Etc/UTC"`
			`ENV LR_PORT=35729`
			`ENV LR_EXTS="html,xml,css,js,jsx,ts,tsx,php,py"`
fix(livereload): fix exclusions bug - read environment var as array - convert array elements to regex objects - update environment variable defaults 2021-07-28 03:51:56 -06:00			`ENV LR_EXCLUDE=".vscode/,.idea/,.tmp$,.swp$"`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`ENV LR_DELAY=500`
feature(livereload): add debug output as default 2021-07-22 21:21:59 -06:00			`ENV LR_DEBUG=true`
feature: allow non-secure connections - default to secure - parameterize via env var 2021-07-23 13:31:01 -06:00			`ENV LR_HTTPS=true`
feature(entrypoint): generate self-signed certificate - generate via specific invocation - auto-generate if SSL and no mounted certificate found - allow specifying hostname for certificate 2021-07-23 17:19:58 -06:00			`ENV CERT_HOSTNAME=""`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00
feature: add healthcheck - add express npm to allow creation of health endpoint - create health end pt as callback to livereload server listening state - configure healthcheck in container - allows true 'stack' operation since other services can query status 2021-07-24 03:01:01 -06:00			`# install node-livereload and express as node user then switch back to root user`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00			`USER node`
			`WORKDIR /home/node`
perf(dockerfile): moved copy file order - moved node file copy order, allow for package.json usage - invocation js moved after node install, faster builds 2021-07-30 17:07:46 -06:00			`COPY --chown=node:node [ "package.json", "package-lock.json", "/home/node/" ]`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00			`RUN mkdir -p .npm-global/bin .npm-global/lib \`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`&& npm config set fund false \`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00			`&& npm config set update-notifier false \`
refactor: rename repo, image, containers - rename for integration with node-dev environment and production deployment - update image and product name across all files - use generated project file to install node dependencies - bump internal version to 2.6 2021-07-30 11:53:41 -06:00			`&& npm install --save`
perf(dockerfile): moved copy file order - moved node file copy order, allow for package.json usage - invocation js moved after node install, faster builds 2021-07-30 17:07:46 -06:00			`COPY --chown=node:node [ "ab-livereload.js", "/home/node/"]`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00
refactor(dockerfile): change order for faster build - move file copy to near end since scripts change often 2021-07-22 18:45:29 -06:00			`# copy scripts and fix-up all permissions`
			`USER root`
feature(entrypoint): generate self-signed certificate - generate via specific invocation - auto-generate if SSL and no mounted certificate found - allow specifying hostname for certificate 2021-07-23 17:19:58 -06:00			`COPY [ "selfsigned.cnf", "/etc/selfsigned.cnf" ]`
refactor(dockerfile): change order for faster build - move file copy to near end since scripts change often 2021-07-22 18:45:29 -06:00			`COPY [ "entrypoint.sh", "/usr/local/bin/entrypoint.sh" ]`
refactor: rename repo, image, containers - rename for integration with node-dev environment and production deployment - update image and product name across all files - use generated project file to install node dependencies - bump internal version to 2.6 2021-07-30 11:53:41 -06:00			`RUN chown node:node /home/node/* \`
			`&& chmod 644 /home/node/package* /home/node/ab-livereload.js \`
feature(entrypoint): generate self-signed certificate - generate via specific invocation - auto-generate if SSL and no mounted certificate found - allow specifying hostname for certificate 2021-07-23 17:19:58 -06:00			`&& chmod 755 /usr/local/bin/entrypoint.sh \`
			`&& chmod 644 /etc/selfsigned.cnf`
refactor(dockerfile): change order for faster build - move file copy to near end since scripts change often 2021-07-22 18:45:29 -06:00
feature: add healthcheck - add express npm to allow creation of health endpoint - create health end pt as callback to livereload server listening state - configure healthcheck in container - allows true 'stack' operation since other services can query status 2021-07-24 03:01:01 -06:00			`HEALTHCHECK \`
			`--interval=10s \`
			`--timeout=5s \`
			`--start-period=60s \`
			`--retries=3 \`
			`CMD wget --spider -T 3 -q localhost:3000/api/v1/health \|\| exit 1`

refactor(dockerfile): change order for faster build - move file copy to near end since scripts change often 2021-07-22 18:45:29 -06:00			`# switch to node user, run entrypoint script by default`
			`USER node`
			`WORKDIR /home/node`
struct(entrypoint): skeleton entrypoint script - basic operation flow with placeholder functions - implement server and shell launch - allow commands to pass to shell - update Dockerfile to load entrypoint only - update Dockerfile to set permissions for certs directory 2021-07-22 17:15:31 -06:00			`ENTRYPOINT [ "/sbin/tini", "--", "/usr/local/bin/entrypoint.sh" ]`
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00			`# set build timestamp and version labels`
chore(dockerfile): re-enable extra labels 2021-07-23 18:22:40 -06:00			`ARG INTERNAL_VERSION`
fix(dockerfile): reorganize and add new labels - add deprecated maintainer tag and label - fix internal label names - add git commit label - reorganize labels 2021-07-28 04:41:28 -06:00			`ARG GIT_COMMIT`
chore(dockerfile): re-enable extra labels 2021-07-23 18:22:40 -06:00			`ARG BUILD_DATE`
fix(dockerfile): reorganize and add new labels - add deprecated maintainer tag and label - fix internal label names - add git commit label - reorganize labels 2021-07-28 04:41:28 -06:00			`LABEL org.opencontainers.image.version="NODE=${NODE_VERSION}, node-livereload=0.9.3"`
			`LABEL dev.asifbacchus.docker.internalVersion=${INTERNAL_VERSION}`
			`LABEL org.opencontainers.image.revision=${GIT_COMMIT}`
chore(dockerfile): re-enable extra labels 2021-07-23 18:22:40 -06:00			`LABEL org.opencontainers.image.created=${BUILD_DATE}`
struct(Dockerfile): align with previous customizations 2021-07-22 16:36:36 -06:00
struct(dockerfile): initial build skeleton 2021-07-22 16:22:40 -06:00			`#EOF`