mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity
Files
a1973e64198b23bf54303afeb584db3860f628a7
stack/apps/orchestrator/Dockerfile
Jason Woltje fc87494137
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
fix(orchestrator): resolve all M6 remediation issues (#260-#269) 
Addresses all 10 quality remediation issues for the orchestrator module:

TypeScript & Type Safety:
- #260: Fix TypeScript compilation errors in tests
- #261: Replace explicit 'any' types with proper typed mocks

Error Handling & Reliability:
- #262: Fix silent cleanup failures - return structured results
- #263: Fix silent Valkey event parsing failures with proper error handling
- #266: Improve error context in Docker operations
- #267: Fix secret scanner false negatives on file read errors
- #268: Fix worktree cleanup error swallowing

Testing & Quality:
- #264: Add queue integration tests (coverage 15% → 85%)
- #265: Fix Prettier formatting violations
- #269: Update outdated TODO comments

All tests passing (406/406), TypeScript compiles cleanly, ESLint clean.

Fixes #260, Fixes #261, Fixes #262, Fixes #263, Fixes #264
Fixes #265, Fixes #266, Fixes #267, Fixes #268, Fixes #269

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-03 12:44:04 -06:00

85 lines
2.6 KiB
Docker
Raw Blame History

# ============================================
# Multi-stage build for security and size
# ============================================
# ============================================
# Stage 1: Base Image
# ============================================
FROM node:20-alpine AS base
ENV PNPM_HOME="/pnpm"
ENV PATH="$PNPM_HOME:$PATH"
RUN corepack enable
# ============================================
# Stage 2: Dependencies
# ============================================
FROM base AS dependencies
WORKDIR /app
# Copy dependency files
COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
COPY apps/orchestrator/package.json ./apps/orchestrator/
COPY packages/shared/package.json ./packages/shared/
COPY packages/config/package.json ./packages/config/
# Install production dependencies only
RUN pnpm install --frozen-lockfile --prod
# ============================================
# Stage 3: Builder
# ============================================
FROM base AS builder
WORKDIR /app
# Copy all source code
COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
COPY apps/orchestrator ./apps/orchestrator
COPY packages ./packages
# Install all dependencies (including dev)
RUN pnpm install --frozen-lockfile
# Build the application
RUN pnpm --filter @mosaic/orchestrator build
# ============================================
# Stage 4: Production Runtime
# ============================================
FROM node:20-alpine AS runtime
# Add metadata labels
LABEL maintainer="mosaic-team@mosaicstack.dev"
LABEL version="0.0.6"
LABEL description="Mosaic Orchestrator - Agent orchestration service"
LABEL org.opencontainers.image.source="https://git.mosaicstack.dev/mosaic/stack"
LABEL org.opencontainers.image.vendor="Mosaic Stack"
LABEL org.opencontainers.image.title="Mosaic Orchestrator"
LABEL org.opencontainers.image.description="Agent orchestration service for Mosaic Stack"
# Install wget for health checks (if not present)
RUN apk add --no-cache wget
# Create non-root user and group (node user already exists in alpine)
# UID/GID 1000 is the default node user in alpine images
WORKDIR /app
# Copy built application with proper ownership
COPY --from=builder --chown=node:node /app/apps/orchestrator/dist ./dist
COPY --from=dependencies --chown=node:node /app/node_modules ./node_modules
# Set proper permissions
RUN chown -R node:node /app
# Switch to non-root user
USER node
# Expose port
EXPOSE 3001
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:3001/health || exit 1
# Start the application
CMD ["node", "dist/main.js"]
Reference in New Issue View Git Blame Copy Permalink