53 lines
1.5 KiB
Docker
53 lines
1.5 KiB
Docker
FROM hhvm/hhvm:latest
|
|
|
|
# Create a non-root user for security
|
|
RUN useradd -m -u 1000 -s /bin/bash hhuser
|
|
|
|
# Set working directory
|
|
WORKDIR /var/www/html
|
|
|
|
# Install system dependencies
|
|
RUN apt-get update && apt-get install -y \
|
|
git \
|
|
curl \
|
|
libpng-dev \
|
|
libonig-dev \
|
|
libxml2-dev \
|
|
zip \
|
|
unzip \
|
|
supervisor \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install Composer
|
|
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
|
|
|
|
# Copy application files
|
|
COPY . /var/www/html
|
|
|
|
# Install PHP dependencies, ignoring platform requirements for build
|
|
RUN composer install --no-dev --optimize-autoloader --ignore-platform-reqs
|
|
|
|
# Change ownership to the non-root user
|
|
RUN chown -R hhuser:hhuser /var/www/html
|
|
|
|
# Make sure scripts are executable (if we have any)
|
|
RUN chmod +x /var/www/html/deploy.sh 2>/dev/null || true
|
|
|
|
# Expose port 18000 as specified in AGENTS.md for qwen/hack
|
|
EXPOSE 18000
|
|
|
|
# Use dumb-init to handle signals properly for k8s
|
|
RUN set -eux; \
|
|
wget -O /usr/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64; \
|
|
chmod +x /usr/bin/dumb-init
|
|
|
|
# Switch to the non-root user
|
|
USER hhuser
|
|
|
|
# Start the application
|
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
|
CMD ["hhvm", "-m", "server", "-p", "18000", "-v", "Server.Type=proxygen", "-v", "Server.SourceRoot=/var/www/html/public"]
|
|
|
|
# Health check
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD curl -f http://localhost:18000/ || exit 1 |