Improve dockerfile and update packages with security vulns (#32)

* add package-lock for reproducable builds * update vulnerable packages and engine * improve dockerfile and allow to build different grunt targets
2 years ago · db740f832b
parent be5b8668bd
commit db740f832b
5 changed files with 4947 additions and 14 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1 +1,6 @@
-**/.git
+.git
+.gitignore
+.dockerignore
+node_modules
+npm-debug.log
+Dockerfile
--- a/.gitignore
+++ b/.gitignore
@ -11,5 +11,3 @@ config/nodes.js
 .node-xmlhttprequest-*
 ws_secret.json
 stats.json
-package-lock.json
-
--- a/21
+++ b/21
@ -1,10 +1,15 @@
-FROM node
-
-RUN git clone https://github.com/goerli/netstats-server /netstats-server
-WORKDIR /netstats-server
-RUN npm install
-RUN npm install -g grunt-cli
-RUN grunt
+FROM node:lts-alpine AS builder
+ARG GRUNT_TASK=default
+WORKDIR /ethstats-server
+COPY ["package.json", "package-lock.json*", "./"]
+RUN npm ci --only=production && npm install -g grunt-cli
+COPY --chown=node:node . .
+RUN grunt $GRUNT_TASK

+FROM node:lts-alpine
+RUN apk add dumb-init
+WORKDIR /ethstats-server
+COPY --chown=node:node --from=builder /ethstats-server .
+USER node
 EXPOSE  3000
-CMD ["npm", "start"]
+CMD ["dumb-init", "node", "./bin/www"]
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -4,8 +4,8 @@
  "version": "0.2.0",
  "private": true,
  "engines": {
-    "node": "8.11.1",
-    "npm": "6.4.1"
+    "node": "16.17.0",
+    "npm": "8.15.0"
  },
  "scripts": {
    "dist": "grunt",
@ -27,7 +27,7 @@
    "grunt-contrib-pug": "^3.0.0",
    "grunt-contrib-uglify": "^4.0.0",
    "pug": "^3.0.2",
-    "lodash": "4.17.19",
+    "lodash": "4.17.21",
    "primus": "^7.3.1",
    "primus-emit": "^1.0.0",
    "primus-spark-latency": "^0.1.1",