object-lease-controller/object-lease-console-plugin/Dockerfile at 0351aeee4c93ab3b988f989eb0f36277ebf5e549 · ullbergm/object-lease-controller · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Build stage
FROM node:24-alpine AS builder
WORKDIR /opt/app
COPY package.json tsconfig.json webpack.config.js ./
COPY src ./src
COPY public ./public
RUN yarn install --frozen-lockfile || yarn install \
 && yarn build

# Runtime stage: serve plugin assets over HTTPS with service certs
FROM registry.access.redhat.com/ubi9/nginx-120:latest
# Copy build
COPY --from=builder /opt/app/dist/ /opt/app-root/src/
COPY run.sh /usr/local/bin/run.sh
# Configure NGINX to serve static files over HTTPS
USER 0
RUN mkdir -p /opt/app-root/etc/nginx.d/ \
    && printf '%s\n' \
       'server {' \
       '  listen 8443 ssl;' \
       '  server_name _;' \
       '  ssl_certificate /var/serving-cert/tls.crt;' \
       '  ssl_certificate_key /var/serving-cert/tls.key;' \
       '  ssl_protocols TLSv1.2 TLSv1.3;' \
       '  root /opt/app-root/src;' \
       '  add_header X-Content-Type-Options nosniff always;' \
       '  location / {' \
       '    try_files $uri $uri/ /index.html;' \
       '  }' \
       '}' > /opt/app-root/etc/nginx.d/default.conf
# Service CA volume mount path
ENV PORT=8443
RUN chmod +x /usr/local/bin/run.sh
EXPOSE 8443
USER 1001
ENTRYPOINT ["/usr/local/bin/run.sh"]
CMD [""]