👷 Distroless image + docker config updater + PR build workflow (#166)

* 👷 distroless image og docker config updater * 👷 bygg pull requester
navikt · Oct 31, 2024 · a519db3 · a519db3
1 parent 747b5ae
commit a519db3
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 9 deletions.
diff --git a/.github/workflows/build-pr.yaml b/.github/workflows/build-pr.yaml
@@ -0,0 +1,18 @@
+name: Build pull request
+
+on:
+  workflow_dispatch:
+  pull_request:
+    paths-ignore:
+      - '**.md'
+
+jobs:
+  buildDev:
+    uses: navikt/aap-workflows/.github/workflows/frontend-next-only-build.yml@main
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+    secrets: inherit
+    with:
+      cluster: dev-gcp
diff --git a/.github/workflows/update-dependabot-config.yml b/.github/workflows/update-dependabot-config.yml
@@ -0,0 +1,15 @@
+name: Update dependabot config
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 7 * * 3'
+
+jobs:
+  checkForConfigUpdate:
+    uses: navikt/aap-workflows/.github/workflows/dependabot-frontend-next-config-updater.yml@main
+    permissions:
+      contents: write
+      id-token: write
+      packages: write
+      pull-requests: write
diff --git a/Dockerfile b/Dockerfile
@@ -1,18 +1,14 @@
-FROM node:20-alpine
+FROM gcr.io/distroless/nodejs20-debian12@sha256:f912a7599e5338df6527a669def29bddc9469fdac9ab22c4cc9282c1b64c868b
 
-ENV NODE_ENV production
-
-RUN addgroup --system --gid 1069 nodejs
-RUN adduser --system --uid 1069 nextjs
 
 WORKDIR /app
-COPY --chown=nextjs:nodejs .next/standalone ./
-COPY --chown=nextjs:nodejs .next/static ./.next/static
+COPY .next/standalone ./
+COPY .next/static ./.next/static
 
-USER nextjs
+ENV NODE_ENV production
 
 EXPOSE 3000
 
 ENV PORT 3000
 
-CMD ["node", "server.js"]
+CMD ["server.js"]