diff --git a/.dockerignore b/.dockerignore index 406bc387c7..373a2f8005 100644 --- a/.dockerignore +++ b/.dockerignore @@ -7,6 +7,7 @@ infrastructure .github .husky +Dockerfile .dockerignore .eslintignore .eslintrc.yml diff --git a/.github/workflows/rafiki/env-setup/action.yml b/.github/workflows/rafiki/env-setup/action.yml index 3715dfb099..a0c2f81e67 100644 --- a/.github/workflows/rafiki/env-setup/action.yml +++ b/.github/workflows/rafiki/env-setup/action.yml @@ -5,8 +5,6 @@ runs: using: "composite" steps: - uses: pnpm/action-setup@v2 - with: - version: 7 - uses: actions/setup-node@v3 with: node-version: '18' diff --git a/localenv/local-http-signatures/Dockerfile b/localenv/local-http-signatures/Dockerfile index 597c2ff5e2..d52dbd6aa6 100644 --- a/localenv/local-http-signatures/Dockerfile +++ b/localenv/local-http-signatures/Dockerfile @@ -1,21 +1,58 @@ -FROM node:18.13.0-slim as builder +FROM node:18-alpine3.18 AS base -WORKDIR /workspace +WORKDIR /home/rafiki -RUN apt update -RUN apt install -y curl xz-utils python3 build-essential +ENV PNPM_HOME="/pnpm" +ENV PATH="$PNPM_HOME:$PATH" -# version in curl is not the version used. Dependent on the last command RUN corepack enable -RUN corepack prepare pnpm@7.25.1 --activate +RUN corepack prepare pnpm@8.7.4 --activate +RUN apk add --no-cache \ + python3 \ + make \ + g++ -# pnpm fetch does require only lockfile COPY pnpm-lock.yaml ./ -RUN pnpm fetch -ADD . ./ -RUN pnpm install -r --offline +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm fetch \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" +FROM base AS prod-deps + +COPY package.json pnpm-workspace.yaml .npmrc ./ +COPY localenv/local-http-signatures/package.json ./localenv/local-http-signatures/package.json + +RUN pnpm clean +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --frozen-lockfile \ + --prod \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" + +FROM base AS builder + +COPY package.json pnpm-workspace.yaml .npmrc tsconfig.json tsconfig.build.json ./ +COPY openapi ./openapi +COPY localenv/local-http-signatures ./localenv/local-http-signatures + +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --prefer-offline \ + --offline \ + --frozen-lockfile RUN pnpm --filter local-http-signatures build -CMD ["node", "./localenv/local-http-signatures/dist/app.js"] +FROM node:18-alpine3.18 AS runner + +WORKDIR /home/rafiki + +COPY --from=prod-deps /home/rafiki/node_modules ./node_modules +COPY --from=prod-deps /home/rafiki/localenv/local-http-signatures/node_modules ./localenv/local-http-signatures/node_modules +COPY --from=prod-deps /home/rafiki/localenv/local-http-signatures/package.json ./localenv/local-http-signatures/package.json + +COPY --from=builder /home/rafiki/localenv/local-http-signatures/dist ./localenv/local-http-signatures/dist + +CMD ["node", "/home/rafiki/localenv/local-http-signatures/dist/app.js"] diff --git a/localenv/mock-account-servicing-entity/Dockerfile b/localenv/mock-account-servicing-entity/Dockerfile index 9af5185219..9556ec2dc8 100644 --- a/localenv/mock-account-servicing-entity/Dockerfile +++ b/localenv/mock-account-servicing-entity/Dockerfile @@ -1,21 +1,62 @@ -FROM node:18.13.0-slim as builder +FROM node:18-alpine3.18 AS base -WORKDIR /workspace +WORKDIR /home/rafiki -RUN apt update -RUN apt install -y curl xz-utils python3 build-essential +ENV PNPM_HOME="/pnpm" +ENV PATH="$PNPM_HOME:$PATH" -# version in curl is not the version used. Dependent on the last command RUN corepack enable -RUN corepack prepare pnpm@7.25.1 --activate +RUN corepack prepare pnpm@8.7.4 --activate +RUN apk add --no-cache \ + python3 \ + make \ + g++ -# pnpm fetch does require only lockfile COPY pnpm-lock.yaml ./ -RUN pnpm fetch -ADD . ./ -RUN pnpm install -r --offline +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm fetch \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" +FROM base AS prod-deps + +COPY package.json pnpm-workspace.yaml .npmrc ./ +COPY localenv/mock-account-servicing-entity/package.json ./localenv/mock-account-servicing-entity/package.json + +RUN pnpm clean +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --prefer-offline \ + --frozen-lockfile \ + --prod \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" + +FROM base AS builder + +COPY package.json pnpm-workspace.yaml .npmrc tsconfig.json tsconfig.build.json ./ +COPY localenv/mock-account-servicing-entity ./localenv/mock-account-servicing-entity + +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --offline \ + --frozen-lockfile RUN pnpm --filter mock-account-servicing-entity build -CMD pnpm --filter mock-account-servicing-entity start +FROM node:18-alpine3.18 AS runner + +WORKDIR /home/rafiki + +COPY localenv/cloud-nine-wallet/seed.yml ./localenv/cloud-nine-wallet/seed.yml +COPY localenv/happy-life-bank/seed.yml ./localenv/happy-life-bank/seed.yml + +COPY --from=prod-deps /home/rafiki/node_modules ./node_modules +COPY --from=prod-deps /home/rafiki/localenv/mock-account-servicing-entity/node_modules ./localenv/mock-account-servicing-entity/node_modules +COPY --from=prod-deps /home/rafiki/localenv/mock-account-servicing-entity/package.json ./localenv/mock-account-servicing-entity/package.json + +COPY --from=builder /home/rafiki/localenv/mock-account-servicing-entity/build ./localenv/mock-account-servicing-entity/build +COPY --from=builder /home/rafiki/localenv/mock-account-servicing-entity/public ./localenv/mock-account-servicing-entity/public + +WORKDIR /home/rafiki/localenv/mock-account-servicing-entity +CMD ["sh", "./node_modules/.bin/remix-serve", "build"] \ No newline at end of file diff --git a/localenv/mock-account-servicing-entity/package.json b/localenv/mock-account-servicing-entity/package.json index 883c90cc72..5529690b7b 100644 --- a/localenv/mock-account-servicing-entity/package.json +++ b/localenv/mock-account-servicing-entity/package.json @@ -8,6 +8,7 @@ }, "dependencies": { "@apollo/client": "^3.8.3", + "@interledger/http-signature-utils": "1.0.4", "@remix-run/node": "^1.19.3", "@remix-run/react": "^1.19.3", "@remix-run/serve": "^1.19.3", @@ -15,7 +16,6 @@ "@types/uuid": "^9.0.3", "axios": "^1.5.0", "graphql": "^16.8.0", - "@interledger/http-signature-utils": "1.0.4", "react": "^18.2.0", "react-dom": "^18.2.0", "uuid": "^9.0.1", diff --git a/package.json b/package.json index 69a0c64952..50a0766ff6 100644 --- a/package.json +++ b/package.json @@ -5,8 +5,10 @@ "license": "Apache-2.0", "repository": "https://github.com/interledger/rafiki", "engines": { + "pnpm": "^8.7.4", "node": "18" }, + "packageManager": "pnpm@8.7.4", "scripts": { "preinstall": "npx only-allow pnpm", "lint": "eslint --max-warnings=0 --fix .", diff --git a/packages/auth/Dockerfile b/packages/auth/Dockerfile index b7b3573ea4..b16590bae1 100644 --- a/packages/auth/Dockerfile +++ b/packages/auth/Dockerfile @@ -1,21 +1,67 @@ -FROM node:18.13.0-slim as builder +FROM node:18-alpine3.18 AS base -WORKDIR /workspace +WORKDIR /home/rafiki -RUN apt update -RUN apt install -y curl xz-utils python3 build-essential +ENV PNPM_HOME="/pnpm" +ENV PATH="$PNPM_HOME:$PATH" -# version in curl is not the version used. Dependent on the last command RUN corepack enable -RUN corepack prepare pnpm@7.25.1 --activate +RUN corepack prepare pnpm@8.7.4 --activate +RUN apk add --no-cache \ + python3 \ + make \ + g++ -# pnpm fetch does require only lockfile COPY pnpm-lock.yaml ./ -RUN pnpm fetch -ADD . ./ -RUN pnpm install -r --offline +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm fetch \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" +FROM base AS prod-deps + +COPY package.json pnpm-workspace.yaml .npmrc ./ +COPY packages/auth/package.json ./packages/auth/package.json +COPY packages/token-introspection/package.json ./packages/token-introspection/package.json + +RUN pnpm clean +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --prefer-offline \ + --frozen-lockfile \ + --prod \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" + +FROM base AS builder + +COPY package.json pnpm-workspace.yaml .npmrc tsconfig.json tsconfig.build.json ./ +COPY openapi ./openapi +COPY packages/auth ./packages/auth +COPY packages/token-introspection ./packages/token-introspection + +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --offline \ + --frozen-lockfile RUN pnpm --filter auth build -CMD ["node", "./packages/auth/dist/index.js"] +FROM node:18-alpine3.18 AS runner + +WORKDIR /home/rafiki + +COPY --from=prod-deps /home/rafiki/node_modules ./node_modules +COPY --from=prod-deps /home/rafiki/packages/auth/node_modules ./packages/auth/node_modules +COPY --from=prod-deps /home/rafiki/packages/auth/package.json ./packages/auth/package.json +COPY --from=prod-deps /home/rafiki/packages/token-introspection/node_modules ./packages/token-introspection/node_modules +COPY --from=prod-deps /home/rafiki/packages/token-introspection/package.json ./packages/token-introspection/package.json + +COPY --from=builder /home/rafiki/openapi ./openapi +COPY --from=builder /home/rafiki/packages/auth/migrations/ ./packages/auth/migrations +COPY --from=builder /home/rafiki/packages/token-introspection/src/openapi/token-introspection.yaml ./packages/token-introspection/src/openapi/token-introspection.yaml +COPY --from=builder /home/rafiki/packages/auth/dist ./packages/auth/dist +COPY --from=builder /home/rafiki/packages/token-introspection/dist ./packages/token-introspection/dist + + +CMD ["node", "/home/rafiki/packages/auth/dist/index.js"] \ No newline at end of file diff --git a/packages/backend/Dockerfile b/packages/backend/Dockerfile index 81722c6785..6f3afae6f2 100644 --- a/packages/backend/Dockerfile +++ b/packages/backend/Dockerfile @@ -1,21 +1,67 @@ -FROM node:18.13.0-slim as builder +FROM node:18-alpine3.18 AS base -WORKDIR /workspace +WORKDIR /home/rafiki -RUN apt update -RUN apt install -y curl xz-utils python3 build-essential +ENV PNPM_HOME="/pnpm" +ENV PATH="$PNPM_HOME:$PATH" -# version in curl is not the version used. Dependent on the last command RUN corepack enable -RUN corepack prepare pnpm@7.25.1 --activate +RUN corepack prepare pnpm@8.7.4 --activate +RUN apk add --no-cache \ + python3 \ + make \ + g++ -# pnpm fetch does require only lockfile COPY pnpm-lock.yaml ./ -RUN pnpm fetch -ADD . ./ -RUN pnpm install -r --offline +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm fetch \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" +FROM base AS prod-deps + +COPY package.json pnpm-workspace.yaml .npmrc ./ +COPY packages/backend/package.json ./packages/backend/package.json +COPY packages/token-introspection/package.json ./packages/token-introspection/package.json + +RUN pnpm clean +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --prefer-offline \ + --frozen-lockfile \ + --prod \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" + +FROM base AS builder + +COPY package.json pnpm-workspace.yaml .npmrc tsconfig.json tsconfig.build.json ./ +COPY openapi ./openapi +COPY packages/backend ./packages/backend +COPY packages/token-introspection ./packages/token-introspection + +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --offline \ + --frozen-lockfile RUN pnpm --filter backend build -CMD ["node", "./packages/backend/dist/index.js"] +FROM node:18-alpine3.18 AS runner + +WORKDIR /home/rafiki + +COPY --from=prod-deps /home/rafiki/node_modules ./node_modules +COPY --from=prod-deps /home/rafiki/packages/backend/node_modules ./packages/backend/node_modules +COPY --from=prod-deps /home/rafiki/packages/backend/package.json ./packages/backend/package.json +COPY --from=prod-deps /home/rafiki/packages/token-introspection/node_modules ./packages/token-introspection/node_modules +COPY --from=prod-deps /home/rafiki/packages/token-introspection/package.json ./packages/token-introspection/package.json + +COPY --from=builder /home/rafiki/openapi ./openapi +COPY --from=builder /home/rafiki/packages/backend/migrations/ ./packages/backend/migrations +COPY --from=builder /home/rafiki/packages/token-introspection/src/openapi/token-introspection.yaml ./packages/token-introspection/src/openapi/token-introspection.yaml +COPY --from=builder /home/rafiki/packages/backend/dist ./packages/backend/dist +COPY --from=builder /home/rafiki/packages/token-introspection/dist ./packages/token-introspection/dist + + +CMD ["node", "/home/rafiki/packages/backend/dist/index.js"] diff --git a/packages/frontend/Dockerfile b/packages/frontend/Dockerfile index 6ca40c6096..6d4612bad3 100644 --- a/packages/frontend/Dockerfile +++ b/packages/frontend/Dockerfile @@ -1,21 +1,59 @@ -FROM node:18.13.0-slim as builder +FROM node:18-alpine3.18 AS base -WORKDIR /workspace +WORKDIR /home/rafiki -RUN apt update -RUN apt install -y curl xz-utils python3 build-essential +ENV PNPM_HOME="/pnpm" +ENV PATH="$PNPM_HOME:$PATH" -# version in curl is not the version used. Dependent on the last command RUN corepack enable -RUN corepack prepare pnpm@7.25.1 --activate +RUN corepack prepare pnpm@8.7.4 --activate +RUN apk add --no-cache \ + python3 \ + make \ + g++ -# pnpm fetch does require only lockfile COPY pnpm-lock.yaml ./ -RUN pnpm fetch -ADD . ./ -RUN pnpm install -r --offline +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm fetch \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" +FROM base AS prod-deps + +COPY package.json pnpm-workspace.yaml .npmrc ./ +COPY packages/frontend/package.json ./packages/frontend/package.json + +RUN pnpm clean +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --prefer-offline \ + --frozen-lockfile \ + --prod \ + | grep -v "cross-device link not permitted\|Falling back to copying packages from store" + +FROM base AS builder + +COPY package.json pnpm-workspace.yaml .npmrc tsconfig.json tsconfig.build.json ./ +COPY packages/frontend ./packages/frontend + +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install \ + --recursive \ + --offline \ + --frozen-lockfile RUN pnpm --filter frontend build -CMD pnpm --filter frontend start +FROM node:18-alpine3.18 AS runner + +WORKDIR /home/rafiki + +COPY --from=prod-deps /home/rafiki/node_modules ./node_modules +COPY --from=prod-deps /home/rafiki/packages/frontend/node_modules ./packages/frontend/node_modules +COPY --from=prod-deps /home/rafiki/packages/frontend/package.json ./packages/frontend/package.json + +COPY --from=builder /home/rafiki/packages/frontend/build ./packages/frontend/build +COPY --from=builder /home/rafiki/packages/frontend/public ./packages/frontend/public + +WORKDIR /home/rafiki/packages/frontend +CMD ["sh", "./node_modules/.bin/remix-serve", "build"] \ No newline at end of file