forked from PostHog/posthog
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.node
More file actions
138 lines (120 loc) · 6.24 KB
/
Dockerfile.node
File metadata and controls
138 lines (120 loc) · 6.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#
# Dockerfile.node - nodejs Only
#
# This Dockerfile builds only the nodejs (Node.js app) without Django, frontend, or other PostHog components.
# Use this for running standalone nodejs instances.
#
#
# Build stage: Compile nodejs and dependencies
#
FROM ghcr.io/posthog/rust-node-container:bookworm_rust_1.91-node_24.13.0 AS nodejs-build
# Compile and install system dependencies
# Add Confluent's client repository for librdkafka 2.10.1
RUN apt-get update && \
apt-get install -y --no-install-recommends \
"wget" \
"gnupg" \
&& \
mkdir -p /etc/apt/keyrings && \
wget -qO - https://packages.confluent.io/clients/deb/archive.key | gpg --dearmor -o /etc/apt/keyrings/confluent-clients.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/confluent-clients.gpg] https://packages.confluent.io/clients/deb/ bookworm main" > /etc/apt/sources.list.d/confluent-clients.list && \
apt-get update && \
apt-get install -y --no-install-recommends --allow-downgrades \
"make" \
"g++" \
"gcc" \
"python3" \
"librdkafka1=2.10.1-1.cflt~deb12" \
"librdkafka++1=2.10.1-1.cflt~deb12" \
"librdkafka-dev=2.10.1-1.cflt~deb12" \
"libssl-dev=3.0.18-1~deb12u2" \
"libssl3=3.0.18-1~deb12u2" \
"zlib1g-dev" \
&& \
rm -rf /var/lib/apt/lists/*
WORKDIR /code
COPY turbo.json package.json pnpm-lock.yaml pnpm-workspace.yaml tsconfig.json ./
COPY ./bin/turbo ./bin/turbo
COPY ./patches ./patches
COPY ./rust ./rust
COPY ./common/esbuilder/ ./common/esbuilder/
COPY ./common/plugin_transpiler/ ./common/plugin_transpiler/
COPY ./common/hogvm/typescript/ ./common/hogvm/typescript/
COPY ./nodejs/package.json ./nodejs/tsconfig.json ./nodejs/
SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
# Use system librdkafka from Confluent (2.10.1) instead of bundled version
ENV BUILD_LIBRDKAFKA=0
# Compile and install Node.js dependencies
RUN --mount=type=cache,id=pnpm,target=/tmp/pnpm-store-v24 \
corepack enable && \
NODE_OPTIONS="--max-old-space-size=16384" CI=1 pnpm --filter=@posthog/nodejs... install --frozen-lockfile --store-dir /tmp/pnpm-store-v24 && \
NODE_OPTIONS="--max-old-space-size=16384" CI=1 pnpm --filter=@posthog/plugin-transpiler... install --frozen-lockfile --store-dir /tmp/pnpm-store-v24 && \
NODE_OPTIONS="--max-old-space-size=16384" bin/turbo --filter=@posthog/plugin-transpiler build
# Build the nodejs services
COPY ./nodejs/src/ ./nodejs/src/
COPY ./nodejs/tests/ ./nodejs/tests/
COPY ./nodejs/assets/ ./nodejs/assets/
COPY ./nodejs/bin/ ./nodejs/bin/
# Build cyclotron first
RUN NODE_OPTIONS="--max-old-space-size=16384" bin/turbo --filter=@posthog/cyclotron build
# Then build the nodejs services
RUN NODE_OPTIONS="--max-old-space-size=16384" bin/turbo --filter=@posthog/nodejs build
#
# Runtime stage: Minimal image with only nodejs runtime dependencies
#
FROM node:24.13.0-bookworm-slim
WORKDIR /code
SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
# Install runtime dependencies
# Add Confluent's client repository for librdkafka runtime
RUN apt-get update && \
apt-get install -y --no-install-recommends \
"ca-certificates" \
"wget" \
"gnupg" \
&& \
mkdir -p /etc/apt/keyrings && \
wget -qO - https://packages.confluent.io/clients/deb/archive.key | gpg --dearmor -o /etc/apt/keyrings/confluent-clients.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/confluent-clients.gpg] https://packages.confluent.io/clients/deb/ bookworm main" > /etc/apt/sources.list.d/confluent-clients.list && \
apt-get update && \
apt-get install -y --no-install-recommends --allow-downgrades \
"librdkafka1=2.10.1-1.cflt~deb12" \
"librdkafka++1=2.10.1-1.cflt~deb12" \
"libssl3=3.0.18-1~deb12u2" \
"curl" \
"gettext-base" \
&& \
rm -rf /var/lib/apt/lists/*
# curl: Required by bin/nodejs startup script to fetch EC2 metadata when INJECT_EC2_CLIENT_RACK is set
# gettext-base: Provides envsubst command used by bin/nodejs to substitute environment variables in Kafka client IDs
# Install and use a non-root user
RUN groupadd -g 1000 posthog || groupmod -n posthog $(getent group 1000 | cut -d: -f1) && \
useradd -u 1000 -g posthog posthog || usermod -l posthog -d /code -g posthog $(getent passwd 1000 | cut -d: -f1) && \
chown -R posthog:posthog /code
USER posthog
# Add the commit hash
ARG COMMIT_HASH
RUN echo ${COMMIT_HASH:-unknown} > /code/commit.txt
# Add in the compiled nodejs & its runtime dependencies from the build stage
COPY --from=nodejs-build --chown=posthog:posthog /code/rust/cyclotron-node/dist /code/rust/cyclotron-node/dist
COPY --from=nodejs-build --chown=posthog:posthog /code/rust/cyclotron-node/package.json /code/rust/cyclotron-node/package.json
COPY --from=nodejs-build --chown=posthog:posthog /code/rust/cyclotron-node/index.node /code/rust/cyclotron-node/index.node
COPY --from=nodejs-build --chown=posthog:posthog /code/common/plugin_transpiler/dist /code/common/plugin_transpiler/dist
COPY --from=nodejs-build --chown=posthog:posthog /code/common/plugin_transpiler/node_modules /code/common/plugin_transpiler/node_modules
COPY --from=nodejs-build --chown=posthog:posthog /code/common/plugin_transpiler/package.json /code/common/plugin_transpiler/package.json
COPY --from=nodejs-build --chown=posthog:posthog /code/common/hogvm/typescript/dist /code/common/hogvm/typescript/dist
COPY --from=nodejs-build --chown=posthog:posthog /code/common/hogvm/typescript/node_modules /code/common/hogvm/typescript/node_modules
COPY --from=nodejs-build --chown=posthog:posthog /code/common/hogvm/typescript/package.json /code/common/hogvm/typescript/package.json
COPY --from=nodejs-build --chown=posthog:posthog /code/nodejs/dist /code/nodejs/dist
COPY --from=nodejs-build --chown=posthog:posthog /code/node_modules /code/node_modules
COPY --from=nodejs-build --chown=posthog:posthog /code/nodejs/node_modules /code/nodejs/node_modules
COPY --from=nodejs-build --chown=posthog:posthog /code/nodejs/package.json /code/nodejs/package.json
COPY --from=nodejs-build --chown=posthog:posthog /code/nodejs/assets /code/nodejs/assets
COPY --from=nodejs-build --chown=posthog:posthog /code/nodejs/bin /code/nodejs/bin
# Setup ENV
ENV NODE_ENV=production \
BUILD_LIBRDKAFKA=0
# Expose the port from which we serve OpenMetrics data
EXPOSE 8001
# Default command: run the nodejs services
CMD ["node", "nodejs/dist/index.js"]