syntaxbullet/aurorabot
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Introduce Docker socket proxy and install Docker CLI in the app container for secure deployment operations.
Some checks failed
Deploy to Production / test (push) Failing after 24s
Details
Deploy to Production / build (push) Has been skipped
Details
Deploy to Production / deploy (push) Has been skipped
Details

Browse Source
This commit is contained in:
syntaxbullet
2026-01-30 14:46:06 +01:00
parent ebefd8c0df
commit 9ff679ee5c
2 changed files with 29 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Dockerfile.prod
View File

@@ -30,6 +30,17 @@ WORKDIR /app
# Create non-root user for security
RUN groupadd --system appgroup && useradd --system --gid appgroup appuser
# Install runtime dependencies for update/deploy commands
RUN apt-get update && apt-get install -y \
git \
curl \
gnupg \
&& curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian bookworm stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null \
&& apt-get update \
&& apt-get install -y docker-ce-cli \
&& rm -rf /var/lib/apt/lists/*
# Copy only what's needed for production
COPY --from=builder --chown=appuser:appgroup /app/node_modules ./node_modules
COPY --from=builder --chown=appuser:appgroup /app/web/node_modules ./web/node_modules