Spaces:
Runtime error
Runtime error
| # ---- Stage 1: The "Builder" ---- | |
| # We use the full (not slim) Node.js image because it includes the build tools | |
| # (like Python, make, g++) needed to compile native dependencies. | |
| FROM node:20-bullseye AS builder | |
| # Install system dependencies needed for the build | |
| RUN apt-get update && apt-get install -y --no-install-recommends git ca-certificates && \ | |
| apt-get clean && rm -rf /var/lib/apt/lists/* | |
| WORKDIR /app | |
| # Enable pnpm | |
| RUN corepack enable | |
| # Copy dependency files | |
| COPY package.json pnpm-lock.yaml* ./ | |
| # Install ALL dependencies and run build scripts. | |
| # The --unsafe-perm flag is often needed in Docker to allow build scripts to run correctly. | |
| RUN pnpm install --unsafe-perm | |
| # Copy the rest of your source code | |
| COPY . . | |
| # Run the build script ("tsc") to compile your TypeScript into JavaScript | |
| RUN pnpm build | |
| # Remove development dependencies to create a clean, production-only node_modules folder | |
| RUN pnpm prune --prod | |
| # ---- Stage 2: The Final "Production" Image ---- | |
| # We start from a slim image to keep the final size small. | |
| FROM node:20-bullseye-slim | |
| # Install ONLY the necessary RUNTIME system dependencies. | |
| # - ffmpeg: For processing audio/video sent to the bot. | |
| # - libvips-dev: Required by the 'sharp' package for image manipulation. | |
| RUN apt-get update && apt-get install -y --no-install-recommends ffmpeg libvips-dev && \ | |
| apt-get clean && rm -rf /var/lib/apt/lists/* | |
| WORKDIR /app | |
| # Enable pnpm | |
| RUN corepack enable | |
| # Create the directory for session data AS THE ROOT USER | |
| RUN mkdir ./sessions | |
| # Change ownership of the entire app directory to the 'node' user. | |
| # This must be done BEFORE switching to the node user. | |
| RUN chown -R node:node /app | |
| # NOW, switch to the built-in, non-root 'node' user for security | |
| USER node | |
| # Copy over the essential files from the builder stage | |
| # These files will now be correctly owned by 'node' because of the chown command above. | |
| COPY --from=builder /app/package.json ./package.json | |
| COPY --from=builder /app/pnpm-lock.yaml* ./ | |
| COPY --from=builder /app/node_modules ./node_modules | |
| COPY --from=builder /app/dist ./dist | |
| # Set the command to run your application using the "start" script. | |
| CMD [ "pnpm", "start" ] | |