blob: 27a9f1dcd9d35f6c5b8b670e8c24a9edae3d18e2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
# Production Dockerfile — multi-stage build for the API server only
# Frontend deploys separately (e.g., Cloudflare Pages)
# --- cs (code spelunker) builder ---
# Builds a patched, statically-linked `cs` binary for the search_code tool.
# Pinned to the v3.1.0 commit for reproducibility; the patch adds Luau
# declaration support and corrects fuzzy edit-distance matching (see
# docker/cs/luau-declarations.patch and docker/cs/fuzzy-distance.patch). cs vendors its
# dependencies, so the `go build` step is offline after the clone.
FROM golang:1.25-bookworm AS cs-builder
ARG CS_COMMIT=697e0bf194bbc7a4a877e5170c70618989fc92e7
WORKDIR /build
COPY docker/cs/luau-declarations.patch /tmp/luau-declarations.patch
COPY docker/cs/fuzzy-distance.patch /tmp/fuzzy-distance.patch
RUN git clone https://github.com/boyter/cs.git src \
&& cd src \
&& git checkout "${CS_COMMIT}" \
&& git apply /tmp/luau-declarations.patch \
&& git apply /tmp/fuzzy-distance.patch \
&& CGO_ENABLED=0 go build -mod=vendor -ldflags="-s -w" -o /usr/local/bin/cs . \
&& /usr/local/bin/cs --version
FROM oven/bun:1 AS builder
WORKDIR /app
COPY package.json bun.lock ./
COPY packages/core/package.json packages/core/package.json
COPY packages/api/package.json packages/api/package.json
COPY packages/frontend/package.json packages/frontend/package.json
RUN bun install --frozen-lockfile
COPY . .
# --- Production image ---
FROM oven/bun:1
WORKDIR /app
# Copy only what the API server needs
COPY --from=builder /app/package.json ./
COPY --from=builder /app/node_modules ./node_modules
COPY --from=builder /app/packages/core ./packages/core
COPY --from=builder /app/packages/api ./packages/api
# Bundle the patched `cs` code-search binary for the search_code tool
COPY --from=cs-builder /usr/local/bin/cs /usr/local/bin/cs
# Create workspace directory for file tools
RUN mkdir -p workspace
# Production entrypoint
COPY docker/entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
# Run as non-root
USER bun
EXPOSE 3000
HEALTHCHECK --interval=30s --timeout=10s --retries=3 \
CMD bun -e "const r = await fetch('http://localhost:3000/health'); process.exit(r.ok ? 0 : 1)"
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
CMD ["bun", "packages/api/src/index.ts"]
|
