Shrink Docker image size by ~1/3 by removing unnecessary ops (#642)

* Remove duplicate copy, chown on copy * Add Dockerfile syntax * Revert entrypoint changes to avoid errors in some non-root cases
2025-12-11 20:05:25 +00:00 · 2025-11-29 20:43:12 +00:00 · 2025-11-29 20:43:12 +00:00 · 41a6eb48a0
commit 41a6eb48a0
parent 92ae76168c
1 changed files with 14 additions and 15 deletions
--- a/29
+++ b/29
@ -1,3 +1,4 @@
 # syntax=docker/dockerfile:1
 # ------ Global scope variables ------
 # Set of global build arguments.
@ -148,7 +149,7 @@ fi
 ENV SKIP_ENV_VALIDATION=0
 # ------------------------------
-        
+
 # ------ Runner ------
 FROM node-alpine AS runner
 # -----------
@ -220,22 +221,23 @@ COPY --from=zoekt-builder \
 /cmd/zoekt-index \
 /usr/local/bin/
 RUN chown -R sourcebot:sourcebot /app
 # Copy zoekt proto files (needed for gRPC client at runtime)
-COPY vendor/zoekt/grpc/protos /app/vendor/zoekt/grpc/protos
+COPY --chown=sourcebot:sourcebot vendor/zoekt/grpc/protos /app/vendor/zoekt/grpc/protos
 # Copy all of the things
-COPY --from=web-builder /app/packages/web/public ./packages/web/public
+COPY --chown=sourcebot:sourcebot --from=web-builder /app/packages/web/public ./packages/web/public
-COPY --from=web-builder /app/packages/web/.next/standalone ./
+COPY --chown=sourcebot:sourcebot --from=web-builder /app/packages/web/.next/standalone ./
-COPY --from=web-builder /app/packages/web/.next/static ./packages/web/.next/static
+COPY --chown=sourcebot:sourcebot --from=web-builder /app/packages/web/.next/static ./packages/web/.next/static
-COPY --from=backend-builder /app/node_modules ./node_modules
+COPY --chown=sourcebot:sourcebot --from=backend-builder /app/node_modules ./node_modules
-COPY --from=backend-builder /app/packages/backend ./packages/backend
+COPY --chown=sourcebot:sourcebot --from=backend-builder /app/packages/backend ./packages/backend
-COPY --from=shared-libs-builder /app/node_modules ./node_modules
+COPY --chown=sourcebot:sourcebot --from=shared-libs-builder /app/packages/db ./packages/db
-COPY --from=shared-libs-builder /app/packages/db ./packages/db
+COPY --chown=sourcebot:sourcebot --from=shared-libs-builder /app/packages/schemas ./packages/schemas
-COPY --from=shared-libs-builder /app/packages/schemas ./packages/schemas
+COPY --chown=sourcebot:sourcebot --from=shared-libs-builder /app/packages/shared ./packages/shared
-COPY --from=shared-libs-builder /app/packages/shared ./packages/shared
+COPY --chown=sourcebot:sourcebot --from=shared-libs-builder /app/packages/queryLanguage ./packages/queryLanguage
 COPY --from=shared-libs-builder /app/packages/queryLanguage ./packages/queryLanguage
 # Fixes git "dubious ownership" issues when the volume is mounted with different permissions to the container.
 RUN git config --global safe.directory "*"
@ -245,9 +247,6 @@ RUN mkdir -p /run/postgresql && \
    chown -R postgres:postgres /run/postgresql && \
    chmod 775 /run/postgresql
 # Make app directory accessible to both root and sourcebot user
 RUN chown -R sourcebot:sourcebot /app
 # Make data directory accessible to both root and sourcebot user
 RUN chown -R sourcebot:sourcebot /data
 COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf