Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy-ready image #19

Open
pedrolucasp opened this issue Oct 12, 2023 · 3 comments
Open

Deploy-ready image #19

pedrolucasp opened this issue Oct 12, 2023 · 3 comments
Assignees
@tbergmueller

Comments

@pedrolucasp
Copy link
Collaborator

The current version of the containerized application is not suitable for deployment. We need a better, more suitable image for deploying. It might even be wise to generate one and push it into a container registry. Multi-staged builds are already being used on our Dockerfile, which is a nice step ahead.
tbergmueller added a commit that referenced this issue Oct 27, 2023
@tbergmueller
Fix Dockerfile for production
ba93d03 
Fix node_module copying in runner (copy from builder to include
generated prisma-module)

Run next-application directly, as yarn requires write access to FS to
run a command. This may be problematic in prod environments

Adding to #19
tbergmueller added a commit that referenced this issue Oct 27, 2023
@tbergmueller
Add USER 1000 to Dockerfile
fbb6037 
In production, applications shall be run as non-root user. This adds
USER 1000 to Dockerfile for homogeneous behavior btw dev and prod

Adding to #19
@tbergmueller tbergmueller self-assigned this Oct 29, 2023
@tbergmueller
Copy link
Member

From @pedrolucasp via Slack:

Oh yeah, just one last thing, I'm a bit concerned with our deploy-ready image, since it shouldn't do much other than build the application and that's it. Migration shouldn't even be happening on the npm start command, as that step should happen during the deploy of the new version. So ideally, the steps should be more or less:
- New version is tagged, kicks off a CI build which builds the image and drops it on some container registry
- Enters into a pipeline where it tells to pull that image some place (it depends here on the infra you'll use)
- Runs the migrations against the production/staging DB
- If all went well, spin everything up
- If the migrations failed, abort everything

@tbergmueller
Copy link
Member

From #40

I'd suggest to:

  • First move the application's code out of /srv, so that there is clean separation between code (read-only) and data (read-write). FHS standard places would be /opt/digitalsoul (if node_module contains architecture-specific stuff) or /usr/share/digitalsoul/app (if it's 100% interpreted code).
  • Cosmetic, adding to the previous point: Move /srv/app/nftdata one folder up (can be done by editing the deployment yaml)
  • Create a routine that runs regularly and deletes tmp files older than say 24h from the temp folder
  • Ensure that the folder name of .next is user-controllable, e.g. through an env var
  • If the contents of .next need to be persisted or if they are large, then also place it into the nftdata folder by setting the env var. Ensure that user uploads live in a separate folder and cannot collide with application-internal data.

@tbergmueller tbergmueller mentioned this issue Nov 7, 2023
Merged
@tbergmueller
Copy link
Member

From #41 : consider builder and runner targets; can we clean up the .next/cache linking to just have it in runner and maybe also use the runner during docker-compose (which is development)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tbergmueller tbergmueller

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pedrolucasp @tbergmueller