FROM node:20-bookworm-slim WORKDIR /metrics # Install Google Chrome stable and runtime deps + fonts RUN set -eux; \ apt-get update; \ apt-get install -y --no-install-recommends \ wget gnupg ca-certificates curl unzip \ libnss3 libxss1 libx11-xcb1 libxcomposite1 libxdamage1 libxext6 libxfixes3 \ libxkbcommon0 libxrandr2 libatk1.0-0 libatk-bridge2.0-0 libgtk-3-0 \ libgbm1 libasound2 fonts-liberation \ fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf; \ wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /usr/share/keyrings/google-linux.gpg; \ echo "deb [arch=amd64 signed-by=/usr/share/keyrings/google-linux.gpg] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list; \ apt-get update; \ apt-get install -y --no-install-recommends google-chrome-stable; \ rm -rf /var/lib/apt/lists/* # Prevent Puppeteer from downloading Chromium ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true # Force flags via a wrapper so Chrome cannot try X11 or sandbox RUN printf '%s\n' \ '#!/usr/bin/env bash' \ 'exec /usr/bin/google-chrome-stable \' \ ' --no-sandbox --disable-setuid-sandbox \' \ ' --headless=new --disable-gpu --disable-dev-shm-usage \' \ ' --no-zygote --no-first-run \' \ ' --ozone-platform=none --disable-features=UseOzonePlatform \' \ ' "$@"' \ > /usr/local/bin/chrome-wrapper && chmod +x /usr/local/bin/chrome-wrapper # Point puppeteer to the wrapper ENV PUPPETEER_EXECUTABLE_PATH=/usr/local/bin/chrome-wrapper # Optional envs used by metrics (kept for completeness) ENV METRICS_BROWSER=chromium ENV METRICS_BROWSER_HEADLESS=true ENV METRICS_BROWSER_ARGS="" ENV METRICS_TRUST_PROXY=1 # Install JS deps COPY package.json package-lock.json* ./ RUN npm ci # Copy source and build COPY . . RUN npm run build # Entry RUN printf '%s\n' \ '#!/usr/bin/env bash' \ 'set -euo pipefail' \ # Ensure METRICS_BROWSER_ARGS has flags if the app reads it (not strictly needed with wrapper) 'if [ -z "${METRICS_BROWSER_ARGS:-}" ]; then' \ ' export METRICS_BROWSER_ARGS="--no-sandbox --disable-setuid-sandbox --headless=new --disable-gpu --disable-dev-shm-usage --no-zygote --no-first-run --ozone-platform=none --disable-features=UseOzonePlatform --enable-features=NetworkService,NetworkServiceInProcess"' \ 'fi' \ 'exec npm start' \ > /usr/local/bin/metrics-entrypoint && chmod +x /usr/local/bin/metrics-entrypoint ENTRYPOINT ["/usr/local/bin/metrics-entrypoint"]