diff --git a/backend/services/backup-service/Dockerfile b/backend/services/backup-service/Dockerfile index d9ef74d4..a34bbcb4 100644 --- a/backend/services/backup-service/Dockerfile +++ b/backend/services/backup-service/Dockerfile @@ -1,13 +1,8 @@ # Stage 1: Build -FROM node:20-slim AS builder +FROM node:20-alpine AS builder WORKDIR /app -# Install OpenSSL for Prisma -RUN apt-get update && apt-get install -y --no-install-recommends \ - openssl \ - && rm -rf /var/lib/apt/lists/* - # Copy package files COPY package*.json ./ COPY prisma ./prisma/ @@ -18,26 +13,20 @@ RUN npm ci # Copy source code COPY . . -# Generate Prisma client (dummy DATABASE_URL for build time only) -RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate +# Generate Prisma client +RUN npx prisma generate # Build the application RUN npm run build -# Stage 2: Production - use Debian slim for OpenSSL compatibility -FROM node:20-slim AS production +# Stage 2: Production +FROM node:20-alpine AS production WORKDIR /app -# Install OpenSSL and curl for health checks -RUN apt-get update && apt-get install -y --no-install-recommends \ - openssl \ - curl \ - && rm -rf /var/lib/apt/lists/* - # Create non-root user for security -RUN groupadd -g 1001 nodejs && \ - useradd -u 1001 -g nodejs nestjs +RUN addgroup -g 1001 -S nodejs && \ + adduser -S nestjs -u 1001 # Copy package files COPY package*.json ./ @@ -60,8 +49,8 @@ USER nestjs EXPOSE 3002 # Health check -HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \ - CMD curl -f http://localhost:3002/health || exit 1 +HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ + CMD wget --no-verbose --tries=1 --spider http://localhost:3002/health || exit 1 # Start the application -CMD ["node", "dist/src/main.js"] +CMD ["node", "dist/main.js"] diff --git a/backend/services/mpc-service/Dockerfile b/backend/services/mpc-service/Dockerfile index 0bbdb7e3..22aec8a4 100644 --- a/backend/services/mpc-service/Dockerfile +++ b/backend/services/mpc-service/Dockerfile @@ -2,16 +2,11 @@ # MPC Party Service Dockerfile # ============================================================================= -# Build stage - use Debian slim for better Prisma compatibility -FROM node:20-slim AS builder +# Build stage +FROM node:20-alpine AS builder WORKDIR /app -# Install OpenSSL for Prisma -RUN apt-get update && apt-get install -y --no-install-recommends \ - openssl \ - && rm -rf /var/lib/apt/lists/* - # Copy package files COPY package*.json ./ COPY tsconfig.json ./ @@ -21,8 +16,8 @@ COPY prisma ./prisma/ # Install dependencies RUN npm ci -# Generate Prisma client (dummy DATABASE_URL for build time only) -RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate +# Generate Prisma client +RUN npx prisma generate # Copy source code COPY src ./src @@ -30,34 +25,25 @@ COPY src ./src # Build TypeScript RUN npm run build -# Verify build output exists -RUN ls -la dist/ && test -f dist/main.js - -# Production stage - use Debian slim for OpenSSL compatibility -FROM node:20-slim +# Production stage +FROM node:20-alpine WORKDIR /app -# Install OpenSSL and curl for health checks -RUN apt-get update && apt-get install -y --no-install-recommends \ - openssl \ - curl \ - && rm -rf /var/lib/apt/lists/* - # Install production dependencies only COPY package*.json ./ RUN npm ci --only=production -# Copy Prisma schema and generate client (dummy DATABASE_URL for build time only) +# Copy Prisma schema and generate client COPY prisma ./prisma/ -RUN DATABASE_URL="postgresql://user:pass@localhost:5432/db" npx prisma generate +RUN npx prisma generate # Copy built files COPY --from=builder /app/dist ./dist # Create non-root user -RUN groupadd -g 1001 nodejs && \ - useradd -u 1001 -g nodejs nestjs +RUN addgroup -g 1001 -S nodejs && \ + adduser -S nestjs -u 1001 # Create temp directory for TSS RUN mkdir -p /tmp/tss && chown -R nestjs:nodejs /tmp/tss @@ -70,7 +56,7 @@ EXPOSE 3006 # Health check HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \ - CMD curl -f http://localhost:3006/api/v1/health || exit 1 + CMD node -e "require('http').get('http://localhost:3006/api/v1/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})" # Start service CMD ["node", "dist/main.js"]