-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
41 lines (31 loc) · 956 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Single stage build
FROM node:23.7.0-slim
# Create non-root user with explicit IDs
RUN groupadd -g 1001 nonroot && \
useradd -u 1001 -g nonroot -s /bin/bash -m nonroot
# Install git and other dependencies
RUN apt-get update && \
apt-get install -y \
git \
curl \
build-essential && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Create app directory and set ownership
WORKDIR /app
RUN chown 1001:1001 /app
# Switch to non-root user
USER 1001:1001
# Copy package files
COPY --chown=1001:1001 package.json yarn.lock ./
# Install dependencies
RUN yarn install
# Copy source code (including templates needed for PR review prompts)
COPY --chown=1001:1001 . .
# Create repository directory for cloning with appropriate permissions
RUN mkdir -p /app/repos && chmod 755 /app/repos
# Expose port for webhook server
EXPOSE 3000
# Start the bot using TypeScript directly
# CMD ["node", "src/index.ts"]
CMD ["yarn", "start"]