Port dev dockerfiles into stages

06-building-container-images/api-golang/Dockerfile.8

@@ -0,0 +1,72 @@
+# Pin specific version for stability
+# Use separate stage for building image
+# Use debian for easier build utilities
+FROM golang:1.19-bullseye AS base-builder
+
+# Add non root user
+RUN useradd -u 1001 nonroot
+
+WORKDIR /app 
+
+# Copy only files required to install dependencies (better layer caching)
+COPY go.mod go.sum ./
+
+# Use cache mount to speed up install of existing dependencies
+RUN --mount=type=cache,target=/go/pkg/mod \
+  --mount=type=cache,target=/root/.cache/go-build \
+  go mod download
+
+# Dev stage with additional dev dependencies installed
+FROM base-builder AS dev
+
+# Install air for hot reload & delve for debugging
+RUN go install github.com/cosmtrek/air@latest && \
+  go install github.com/go-delve/delve/cmd/dlv@latest
+
+COPY . .
+
+CMD ["air", "-c", ".air.toml"]
+
+# Production builder stage to produce the static binaries
+FROM base-builder AS production-builder
+
+COPY . .
+
+# Compile healthcheck
+RUN go build \
+  -ldflags="-linkmode external -extldflags -static" \
+  -tags netgo \
+  -o healthcheck \
+  ./healthcheck/healthcheck.go
+
+# Compile application during build rather than at runtime
+# Add flags to statically link binary
+RUN go build \
+  -ldflags="-linkmode external -extldflags -static" \
+  -tags netgo \
+  -o api-golang
+
+# Use separate stage for deployable image
+FROM scratch AS production
+
+# Set gin mode
+ENV GIN_MODE=release
+
+WORKDIR /
+
+# Copy the passwd file
+COPY --from=production-builder /etc/passwd /etc/passwd
+
+# Copy the healthcheck binary from the build stage
+COPY --from=production-builder /app/healthcheck/healthcheck healthcheck
+
+# Copy the app binary from the build stage
+COPY --from=production-builder /app/api-golang api-golang
+
+# Use nonroot user
+USER nonroot
+
+# Indicate expected port
+EXPOSE 8080
+
+CMD ["/api-golang"]

06-building-container-images/api-node/Dockerfile.9

@@ -0,0 +1,51 @@
+# Pin specific version for stability
+# Use alpine for reduced image size
+FROM node:19.6-alpine AS base
+
+# Set NODE_ENV
+ENV NODE_ENV production
+
+# Specify working directory other than /
+WORKDIR /usr/src/app
+
+# Copy only files required to install
+# dependencies (better layer caching)
+COPY package*.json ./
+
+# Development stage to include dev + production dependencies
+FROM base AS dev
+
+# Install all dependencies (including development ones)
+# For the dev image
+RUN --mount=type=cache,target=/usr/src/app/.npm \
+  npm set cache /usr/src/app/.npm && \
+  npm install
+
+COPY . .
+
+CMD [ "npm", "run", "dev" ]
+
+# Production stage optimzed for deployment
+FROM base AS production
+
+# Install only production dependencies
+# Use cache mount to speed up install of existing dependencies
+RUN --mount=type=cache,target=/usr/src/app/.npm \
+  npm set cache /usr/src/app/.npm && \
+  npm ci --only=production
+
+# Use non-root user
+# Use --chown on COPY commands to set file permissions
+USER node
+
+# Copy the healthcheck script
+COPY --chown=node:node ./healthcheck/ .
+
+# Copy remaining source code AFTER installing dependencies. 
+# Again, copy only the necessary files
+COPY --chown=node:node ./src/ .
+
+# Indicate expected port
+EXPOSE 3000
+
+CMD [ "node", "index.js" ]