forked from shivamxverma/CodeSM
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
38 lines (29 loc) · 1.27 KB
/
Dockerfile
File metadata and controls
38 lines (29 loc) · 1.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Bull worker (Node) + Docker CLI for spawning cpp-runner sandboxes.
# Build: docker build -t codesm-worker:latest -f Dockerfile .
#
# The sandbox image is built separately:
# docker build -f docker/cpp-runner/Dockerfile -t codesm-cpp-runner:latest docker/cpp-runner
FROM node:22-bookworm-slim AS runner
WORKDIR /app
ENV NODE_ENV=production
RUN apt-get update && \
apt-get install -y --no-install-recommends \
ca-certificates \
curl \
dumb-init \
&& ARCH="$(uname -m)" && \
case "$ARCH" in aarch64|arm64) D_ARCH=aarch64 ;; x86_64|amd64) D_ARCH=x86_64 ;; *) echo "unsupported arch: $ARCH"; exit 1 ;; esac && \
curl -fsSL "https://download.docker.com/linux/static/stable/${D_ARCH}/docker-27.4.1.tgz" \
| tar -xz --strip-components=1 -C /usr/local/bin docker/docker \
&& apt-get purge -y --auto-remove curl \
&& rm -rf /var/lib/apt/lists/*
COPY package.json package-lock.json ./
RUN npm ci --omit=dev && npm cache clean --force && rm -rf /root/.npm /tmp/*
COPY src ./src
COPY models ./models
COPY services ./services
# docker.sock is mounted at runtime; container user must be root for default socket perms,
# or run rootless Docker / socket group alignment in production.
USER root
ENTRYPOINT ["dumb-init", "--"]
CMD ["node", "src/worker.js"]