kunthawat/consentos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

feat: combine Admin UI into single container with nginx proxy
Some checks failed
CI / Scanner Lint (push) Has been cancelled
Details
CI / Scanner Tests (push) Has been cancelled
Details
CI / Banner Lint & Typecheck (push) Has been cancelled
Details
CI / Banner Tests (push) Has been cancelled
Details
CI / Banner Build (push) Has been cancelled
Details
CI / Admin UI Typecheck (push) Has been cancelled
Details
CI / Admin UI Tests (push) Has been cancelled
Details
CI / Detect changes (push) Has been cancelled
Details
CI / API Lint (push) Has been cancelled
Details
CI / API Tests (push) Has been cancelled
Details
CI / Admin UI Build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Ami
2026-04-21 11:30:56 +07:00
parent f195a44707
commit f8cdbf8d74
3 changed files with 74 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
Dockerfile
View File

@@ -1,4 +1,4 @@
# ── Build stage ──────────────────────────────────────────────────────
# ── Build stage: Python deps ────────────────────────────────────────────
FROM python:3.12-slim AS builder
WORKDIR /build
@@ -7,48 +7,61 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
gcc libpq-dev curl \
&& rm -rf /var/lib/apt/lists/*
# Copy pyproject.toml for both api and scanner
COPY apps/api/pyproject.toml ./api/pyproject.toml
COPY apps/scanner/pyproject.toml ./scanner/pyproject.toml
# Install API dependencies
RUN pip install --no-cache-dir --prefix=/install api/.
# Install Scanner dependencies (Playwright + Chromium)
# PYTHONPATH needed because --prefix=/install doesn't auto-set site-packages path
RUN pip install --no-cache-dir --prefix=/install scanner/. \
&& PYTHONPATH=/install/lib/python3.12/site-packages \
/install/bin/playwright install chromium --with-deps
# ── Runtime stage ────────────────────────────────────────────────────
# ── Build stage: banner bundle ─────────────────────────────────────────
FROM node:20-slim AS banner-builder
WORKDIR /build/banner
COPY apps/banner/package.json apps/banner/package-lock.json ./
RUN npm ci
COPY apps/banner/ .
RUN npm run build
# ── Build stage: admin UI ──────────────────────────────────────────────
FROM node:20-slim AS admin-builder
WORKDIR /build/admin
COPY apps/admin-ui/package.json apps/admin-ui/package-lock.json ./
RUN npm ci
COPY apps/admin-ui/ .
COPY --from=banner-builder /build/banner/dist/ ./public/
RUN npx vite build
# ── Runtime stage ──────────────────────────────────────────────────────
FROM python:3.12-slim
WORKDIR /app
RUN apt-get update && apt-get install -y --no-install-recommends \
libpq5 curl tini supervisor \
libpq5 curl tini supervisor nginx \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get clean
# Copy installed dependencies from builder
# Copy Python deps from builder
COPY --from=builder /install /usr/local
# Copy application code
COPY apps/api/src ./src
COPY apps/scanner/src ./src_scanner
COPY supervisord.conf /etc/supervisord.conf
# Move scanner source into api structure
RUN if [ -d src_scanner ]; then \
cp -r src_scanner/* src/ 2>/dev/null || true; \
fi
# Healthcheck for API
HEALTHCHECK --interval=30s --timeout=5s --start-period=30s --retries=3 \
CMD curl -f http://localhost:8000/health || exit 1
# Copy built Admin UI static files
COPY --from=admin-builder /build/admin/dist /var/www/html
# Copy configs
COPY apps/admin-ui/nginx.conf /etc/nginx/conf.d/default.conf
COPY supervisord.conf /etc/supervisord.conf
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
CMD curl -f http://localhost/health || exit 1
# Use tini as init system for proper signal handling
ENTRYPOINT ["/usr/bin/tini", "--"]
# supervisord manages multiple processes
CMD ["supervisord", "-c", "/etc/supervisord.conf"]