Improve dockerfile and update packages with security vulns (#32)

* add package-lock for reproducable builds

* update vulnerable packages and engine

* improve dockerfile and allow to build different grunt targets

.dockerignore

@@ -1 +1,6 @@
-**/.git
+.git
+.gitignore
+.dockerignore
+node_modules
+npm-debug.log
+Dockerfile

.gitignore

@@ -11,5 +11,3 @@ config/nodes.js
 .node-xmlhttprequest-*
 ws_secret.json
 stats.json
-package-lock.json
-

Dockerfile

@@ -1,10 +1,15 @@
-FROM node
+FROM node:lts-alpine AS builder
-
+ARG GRUNT_TASK=default
-RUN git clone https://github.com/goerli/netstats-server /netstats-server
+WORKDIR /ethstats-server
-WORKDIR /netstats-server
+COPY ["package.json", "package-lock.json*", "./"]
-RUN npm install
+RUN npm ci --only=production && npm install -g grunt-cli
-RUN npm install -g grunt-cli
+COPY --chown=node:node . .
-RUN grunt
+RUN grunt $GRUNT_TASK
 
+FROM node:lts-alpine
+RUN apk add dumb-init
+WORKDIR /ethstats-server
+COPY --chown=node:node --from=builder /ethstats-server .
+USER node
 EXPOSE  3000
-CMD ["npm", "start"]
+CMD ["dumb-init", "node", "./bin/www"]

package.json

@@ -4,8 +4,8 @@
   "version": "0.2.0",
   "private": true,
   "engines": {
-    "node": "8.11.1",
+    "node": "16.17.0",
-    "npm": "6.4.1"
+    "npm": "8.15.0"
   },
   "scripts": {
     "dist": "grunt",
@@ -27,7 +27,7 @@
     "grunt-contrib-pug": "^3.0.0",
     "grunt-contrib-uglify": "^4.0.0",
     "pug": "^3.0.2",
-    "lodash": "4.17.19",
+    "lodash": "4.17.21",
     "primus": "^7.3.1",
     "primus-emit": "^1.0.0",
     "primus-spark-latency": "^0.1.1",