From 451185005f3910312c824f9693b1d582c958fd06 Mon Sep 17 00:00:00 2001 From: Developer Date: Tue, 2 Dec 2025 07:33:33 -0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E5=A4=9A=E4=B8=AA?= =?UTF-8?q?=E6=9C=8D=E5=8A=A1=E7=9A=84=20Docker=20=E5=81=A5=E5=BA=B7?= =?UTF-8?q?=E6=A3=80=E6=9F=A5=E5=92=8C=E6=9E=84=E5=BB=BA=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit identity-service: - 修复 HEALTHCHECK URL: /health → /api/v1/health wallet-service: - 修复 HEALTHCHECK URL: /health → /api/v1/health leaderboard-service: - 修复端口: 3000 → 3007 - 添加 HEALTHCHECK (/api/health) - 添加非 root 用户 (nestjs) - 添加 NODE_ENV=production mpc-service: - builder 阶段从 alpine 改为 slim (解决 Prisma 兼容性) - 添加 OpenSSL 依赖到 builder 阶段 - 添加 wget 依赖 - HEALTHCHECK 从 node 脚本改为 wget 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- backend/services/identity-service/Dockerfile | 2 +- backend/services/leaderboard-service/Dockerfile | 15 ++++++++++++++- backend/services/mpc-service/Dockerfile | 14 ++++++++++---- backend/services/wallet-service/Dockerfile | 2 +- 4 files changed, 26 insertions(+), 7 deletions(-) diff --git a/backend/services/identity-service/Dockerfile b/backend/services/identity-service/Dockerfile index 8330cd30..391fa06d 100644 --- a/backend/services/identity-service/Dockerfile +++ b/backend/services/identity-service/Dockerfile @@ -66,7 +66,7 @@ EXPOSE 3000 # Health check HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \ - CMD wget -q --spider http://localhost:3000/health || exit 1 + CMD wget -q --spider http://localhost:3000/api/v1/health || exit 1 # Start service CMD ["node", "dist/src/main.js"] diff --git a/backend/services/leaderboard-service/Dockerfile b/backend/services/leaderboard-service/Dockerfile index 484c5ab1..38dc29c4 100644 --- a/backend/services/leaderboard-service/Dockerfile +++ b/backend/services/leaderboard-service/Dockerfile @@ -55,8 +55,21 @@ RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate # Copy built application COPY --from=builder /app/dist ./dist +# Create non-root user +RUN groupadd -g 1001 nodejs && \ + useradd -u 1001 -g nodejs nestjs + +# Switch to non-root user +USER nestjs + +ENV NODE_ENV=production + # Expose port -EXPOSE 3000 +EXPOSE 3007 + +# Health check +HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \ + CMD wget -q --spider http://localhost:3007/api/health || exit 1 # Start the application CMD ["node", "dist/src/main.js"] diff --git a/backend/services/mpc-service/Dockerfile b/backend/services/mpc-service/Dockerfile index 40554715..e4217fbf 100644 --- a/backend/services/mpc-service/Dockerfile +++ b/backend/services/mpc-service/Dockerfile @@ -2,11 +2,16 @@ # MPC Party Service Dockerfile # ============================================================================= -# Build stage -FROM node:20-alpine AS builder +# Build stage - use Debian slim for better Prisma compatibility +FROM node:20-slim AS builder WORKDIR /app +# Install OpenSSL for Prisma +RUN apt-get update && apt-get install -y --no-install-recommends \ + openssl \ + && rm -rf /var/lib/apt/lists/* + # Copy package files COPY package*.json ./ COPY tsconfig.json ./ @@ -33,9 +38,10 @@ FROM node:20-slim WORKDIR /app -# Install OpenSSL +# Install OpenSSL and wget for health checks RUN apt-get update && apt-get install -y --no-install-recommends \ openssl \ + wget \ && rm -rf /var/lib/apt/lists/* # Install production dependencies only @@ -64,7 +70,7 @@ EXPOSE 3006 # Health check HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \ - CMD node -e "require('http').get('http://localhost:3006/api/v1/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})" + CMD wget -q --spider http://localhost:3006/api/v1/health || exit 1 # Start service CMD ["node", "dist/main.js"] diff --git a/backend/services/wallet-service/Dockerfile b/backend/services/wallet-service/Dockerfile index 40cb8d14..a555300e 100644 --- a/backend/services/wallet-service/Dockerfile +++ b/backend/services/wallet-service/Dockerfile @@ -64,7 +64,7 @@ EXPOSE 3001 # Health check HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \ - CMD wget -q --spider http://localhost:3001/health || exit 1 + CMD wget -q --spider http://localhost:3001/api/v1/health || exit 1 # Start service CMD ["node", "dist/main.js"]