forked from PostHog/posthog
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.node
More file actions
137 lines (120 loc) · 6.54 KB
/
Dockerfile.node
File metadata and controls
137 lines (120 loc) · 6.54 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
#
# Dockerfile.node - Plugin-Server Only
#
# This Dockerfile builds only the plugin-server (Node.js app) without Django, frontend, or other PostHog components.
# Use this for running standalone plugin-server instances.
#
#
# Build stage: Compile plugin-server and dependencies
#
FROM ghcr.io/posthog/rust-node-container:bookworm_rust_1.88-node_22.17.1 AS plugin-server-build
# Compile and install system dependencies
# Add Confluent's client repository for librdkafka 2.10.1
RUN apt-get update && \
apt-get install -y --no-install-recommends \
"wget" \
"gnupg" \
&& \
mkdir -p /etc/apt/keyrings && \
wget -qO - https://packages.confluent.io/clients/deb/archive.key | gpg --dearmor -o /etc/apt/keyrings/confluent-clients.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/confluent-clients.gpg] https://packages.confluent.io/clients/deb/ bookworm main" > /etc/apt/sources.list.d/confluent-clients.list && \
apt-get update && \
apt-get install -y --no-install-recommends \
"make" \
"g++" \
"gcc" \
"python3" \
"librdkafka1=2.10.1-1.cflt~deb12" \
"librdkafka++1=2.10.1-1.cflt~deb12" \
"librdkafka-dev=2.10.1-1.cflt~deb12" \
"libssl-dev=3.0.17-1~deb12u2" \
"libssl3=3.0.17-1~deb12u2" \
"zlib1g-dev" \
&& \
rm -rf /var/lib/apt/lists/*
WORKDIR /code
COPY turbo.json package.json pnpm-lock.yaml pnpm-workspace.yaml tsconfig.json ./
COPY ./bin/turbo ./bin/turbo
COPY ./patches ./patches
COPY ./rust ./rust
COPY ./common/esbuilder/ ./common/esbuilder/
COPY ./common/plugin_transpiler/ ./common/plugin_transpiler/
COPY ./common/hogvm/typescript/ ./common/hogvm/typescript/
COPY ./plugin-server/package.json ./plugin-server/tsconfig.json ./plugin-server/
SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
# Use system librdkafka from Confluent (2.10.1) instead of bundled version
ENV BUILD_LIBRDKAFKA=0
# Compile and install Node.js dependencies
RUN --mount=type=cache,id=pnpm,target=/tmp/pnpm-store-v24 \
corepack enable && \
NODE_OPTIONS="--max-old-space-size=16384" CI=1 pnpm --filter=@posthog/plugin-server... install --frozen-lockfile --store-dir /tmp/pnpm-store-v24 && \
NODE_OPTIONS="--max-old-space-size=16384" CI=1 pnpm --filter=@posthog/plugin-transpiler... install --frozen-lockfile --store-dir /tmp/pnpm-store-v24 && \
NODE_OPTIONS="--max-old-space-size=16384" bin/turbo --filter=@posthog/plugin-transpiler build
# Build the plugin server
COPY ./plugin-server/src/ ./plugin-server/src/
COPY ./plugin-server/tests/ ./plugin-server/tests/
COPY ./plugin-server/assets/ ./plugin-server/assets/
COPY ./plugin-server/bin/ ./plugin-server/bin/
# Build cyclotron first
RUN NODE_OPTIONS="--max-old-space-size=16384" bin/turbo --filter=@posthog/cyclotron build
# Then build the plugin server
RUN NODE_OPTIONS="--max-old-space-size=16384" bin/turbo --filter=@posthog/plugin-server build
#
# Runtime stage: Minimal image with only plugin-server runtime dependencies
#
FROM node:22.17.1-bookworm-slim
WORKDIR /code
SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
# Install runtime dependencies
# Add Confluent's client repository for librdkafka runtime
RUN apt-get update && \
apt-get install -y --no-install-recommends \
"ca-certificates" \
"wget" \
"gnupg" \
&& \
mkdir -p /etc/apt/keyrings && \
wget -qO - https://packages.confluent.io/clients/deb/archive.key | gpg --dearmor -o /etc/apt/keyrings/confluent-clients.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/confluent-clients.gpg] https://packages.confluent.io/clients/deb/ bookworm main" > /etc/apt/sources.list.d/confluent-clients.list && \
apt-get update && \
apt-get install -y --no-install-recommends --allow-downgrades \
"librdkafka1=2.10.1-1.cflt~deb12" \
"librdkafka++1=2.10.1-1.cflt~deb12" \
"libssl3=3.0.17-1~deb12u2" \
"curl" \
"gettext-base" \
&& \
rm -rf /var/lib/apt/lists/*
# curl: Required by bin/plugin-server startup script to fetch EC2 metadata when INJECT_EC2_CLIENT_RACK is set
# gettext-base: Provides envsubst command used by bin/plugin-server to substitute environment variables in Kafka client IDs
# Install and use a non-root user
RUN groupadd -g 1000 posthog || groupmod -n posthog $(getent group 1000 | cut -d: -f1) && \
useradd -u 1000 -g posthog posthog || usermod -l posthog -d /code -g posthog $(getent passwd 1000 | cut -d: -f1) && \
chown -R posthog:posthog /code
USER posthog
# Add the commit hash
ARG COMMIT_HASH
RUN echo ${COMMIT_HASH:-unknown} > /code/commit.txt
# Add in the compiled plugin-server & its runtime dependencies from the build stage
COPY --from=plugin-server-build --chown=posthog:posthog /code/rust/cyclotron-node/dist /code/rust/cyclotron-node/dist
COPY --from=plugin-server-build --chown=posthog:posthog /code/rust/cyclotron-node/package.json /code/rust/cyclotron-node/package.json
COPY --from=plugin-server-build --chown=posthog:posthog /code/rust/cyclotron-node/index.node /code/rust/cyclotron-node/index.node
COPY --from=plugin-server-build --chown=posthog:posthog /code/common/plugin_transpiler/dist /code/common/plugin_transpiler/dist
COPY --from=plugin-server-build --chown=posthog:posthog /code/common/plugin_transpiler/node_modules /code/common/plugin_transpiler/node_modules
COPY --from=plugin-server-build --chown=posthog:posthog /code/common/plugin_transpiler/package.json /code/common/plugin_transpiler/package.json
COPY --from=plugin-server-build --chown=posthog:posthog /code/common/hogvm/typescript/dist /code/common/hogvm/typescript/dist
COPY --from=plugin-server-build --chown=posthog:posthog /code/common/hogvm/typescript/node_modules /code/common/hogvm/typescript/node_modules
COPY --from=plugin-server-build --chown=posthog:posthog /code/common/hogvm/typescript/package.json /code/common/hogvm/typescript/package.json
COPY --from=plugin-server-build --chown=posthog:posthog /code/plugin-server/dist /code/plugin-server/dist
COPY --from=plugin-server-build --chown=posthog:posthog /code/node_modules /code/node_modules
COPY --from=plugin-server-build --chown=posthog:posthog /code/plugin-server/node_modules /code/plugin-server/node_modules
COPY --from=plugin-server-build --chown=posthog:posthog /code/plugin-server/package.json /code/plugin-server/package.json
COPY --from=plugin-server-build --chown=posthog:posthog /code/plugin-server/assets /code/plugin-server/assets
COPY --from=plugin-server-build --chown=posthog:posthog /code/plugin-server/bin /code/plugin-server/bin
# Setup ENV
ENV NODE_ENV=production \
BUILD_LIBRDKAFKA=0
# Expose the port from which we serve OpenMetrics data
EXPOSE 8001
# Default command: run the plugin server
CMD ["node", "plugin-server/dist/index.js"]