Dockerize API application with multi-stage build and update utils#49
Dockerize API application with multi-stage build and update utils#49ChristianSanchez25 wants to merge 1 commit intofeat/new-templatefrom
Conversation
…te utils TypeScript library configuration.
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
| COPY --from=prod-deps --chown=nestjs:nodejs /app/node_modules ./node_modules | ||
| COPY --from=installer --chown=nestjs:nodejs /app/packages ./packages | ||
| COPY --from=installer --chown=nestjs:nodejs /app/${APP_PATH}/dist ./${APP_PATH}/dist | ||
| COPY --from=installer --chown=nestjs:nodejs /app/${APP_PATH}/package.json ./${APP_PATH}/package.json | ||
| COPY --from=installer --chown=nestjs:nodejs /app/package.json ./package.json |
There was a problem hiding this comment.
Bug: The COPY --chown command in the Dockerfile references a non-existent group nodejs instead of the created avilatek group, causing file permission errors at runtime.
Severity: CRITICAL
Suggested Fix
In the Dockerfile, change all instances of COPY --chown=nestjs:nodejs to COPY --chown=nestjs:avilatek to correctly assign file ownership to the user and group created within the Docker image.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: apps/api/Dockerfile#L50-L54
Potential issue: The Dockerfile creates a user group named `avilatek` but later attempts
to assign file ownership to a non-existent group `nodejs` using `COPY
--chown=nestjs:nodejs`. Docker silently ignores ownership changes when the specified
group does not exist, causing the files to be owned by `root`. Since the container runs
as the `nestjs` user, the application will not have the necessary permissions to read
its own files, leading to "permission denied" errors and causing the container to crash
upon startup.
Did we get this right? 👍 / 👎 to inform future reviews.
| EXPOSE 3000 | ||
|
|
||
| WORKDIR /app/${APP_PATH} | ||
| CMD ["node", "dist/src/main.js"] No newline at end of file |
There was a problem hiding this comment.
Bug: The Dockerfile CMD instruction points to an incorrect entry point path (dist/src/main.js) that does not match the actual build output location (dist/main.js).
Severity: CRITICAL
Suggested Fix
Update the CMD instruction in the Dockerfile to point to the correct entry point path. Change CMD ["node", "dist/src/main.js"] to CMD ["node", "dist/main.js"].
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: apps/api/Dockerfile#L60
Potential issue: The Dockerfile's `CMD` instruction specifies `dist/src/main.js` as the
application entry point. However, the NestJS build process, configured with `sourceRoot:
"src"`, compiles `src/main.ts` directly to `dist/main.js`, without preserving the `src`
directory in the output. When the container starts, it will attempt to execute a file at
a path that does not exist, resulting in an immediate "Error: Cannot find module" crash.
Did we get this right? 👍 / 👎 to inform future reviews.
1 participant
Dockerfile optimizado para la API
