search

goldbergyoni / nodebestpractices

:white_check_mark: The Node.js best practices list (July 2024)
https://twitter.com/nodepractices/
Creative Commons Attribution Share Alike 4.0 International
100.6k stars 10.2k forks source link

Need clarifications to full multi-stage Dockerfile example #1146

Open lodinis opened 2 years ago

lodinis commented 2 years ago

https://github.com/lodinis/nodebestpractices/blob/b8bd67ec16734d60ac208b7309bde995abc097e5/sections/docker/multi_stage_builds.md?plain=1#L79-L121

It seems some permission issues with WORKDIR when using classic (non-buildkit) docker build. WORKDIR directive creates a new folder with root ownership what causes permission errors on node modules installation:

error Could not write file "/home/node/app/yarn-error.log": "EACCES: permission denied, open '/home/node/app/yarn-error.log'"
error An unexpected error occurred: "EACCES: permission denied, mkdir '/home/node/app/node_modules'".

Detailed WORKDIR permission issue here: https://github.com/moby/moby/issues/36677

I think it's necessary to specify in this paragraph always enabling BuildKit for this multistage Dockerfile build or change Dockerfile example code with:

...
USER node

RUN mkdir -p /home/node/app

WORKDIR /home/node/app
...
goldbergyoni commented 2 years ago

@lodinis Welcome 🌻. Great insight. Would you mind PRing this small and important clarification?