Docker

docker build . -t $TAG

# no cache: --no-cache
# build args (like env vars): --build-arg NPM_TOKEN=$NPM_TOKEN

docker build -t $TAG -f $FILE --build-arg NAME=value .

# save image
docker save $NAME -o $OUTPUT_FILE.tar

# login to image and run the following:
# root
du -h -s app/ bin/ dev/ etc/ home/ lib/ lib64/ media/ opt/ run/ sbin/ srv/ sys/ tmp/ usr/ var/

# usr
du -h -s bin/ include/ lib libexec/ local/ sbin/ share/

# app
du -h -s apps/ node_modules/ packages/

# by size
du -h | sort -h

trivy image $TAG --scanners vuln

# --net=host publishes host network to container, use it only for testing!
docker run --name $NAME -p 8080:8080 --net=host -d $TAG

# stop it with
docker stop $NAME

# images
docker images

# running container
docker ps

# logs
docker logs -f --tail 100 $NAME

# watch running instances
watch docker ps

# Removing unused containers
docker ps --filter status=exited --filter status=dead -q
docker rm $(docker ps --filter=status=exited --filter=status=dead -q)

# Removing dangling images
docker images --filter dangling=true -q
docker rmi $(docker images --filter dangling=true -q)

docker run -it $TAG sh

docker stop $(docker ps -a -q)

docker rm $(docker ps -aq)

# https://github.com/Yelp/dumb-init
RUN apk add dumb-init

EXPOSE 8080
CMD ["dumb-init", "node", "dist/index.js"]

FROM node:10-alpine

RUN mkdir -p /home/node/app/node_modules && chown -R node:node /home/node/app

WORKDIR /home/node/app

COPY package*.json ./

USER node

RUN npm install

COPY --chown=node:node . .

EXPOSE 8080

CMD [ "node", "app.js" ]