ohare93-mcp-ssh-sre/Dockerfile.http at main · iflow-mcp/ohare93-mcp-ssh-sre · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# Multi-stage build for optimal image size
FROM node:20-alpine AS builder

WORKDIR /app

# Copy package files
COPY package*.json ./

# Install all dependencies (including devDependencies for building)
RUN npm ci

# Copy source code and config
COPY tsconfig.json ./
COPY src ./src

# Build TypeScript
RUN npm run build

# Production stage
FROM node:20-alpine

WORKDIR /app

# Create non-root user for security
RUN addgroup -g 1001 -S mcp && \
    adduser -u 1001 -S mcp -G mcp

# Copy package files
COPY package*.json ./

# Install only production dependencies
RUN npm ci --only=production && \
    npm cache clean --force

# Copy built application from builder
COPY --from=builder /app/dist ./dist

# Create directory for SSH keys
RUN mkdir -p /home/mcp/.ssh && \
    chown -R mcp:mcp /home/mcp/.ssh && \
    chmod 700 /home/mcp/.ssh

# Switch to non-root user
USER mcp

# Set environment for production
ENV NODE_ENV=production

# Expose HTTP port
EXPOSE 3000

# Health check using the built-in HTTP endpoint
HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \
  CMD wget --no-verbose --tries=1 --spider http://localhost:${HTTP_PORT:-3000}/health || exit 1

# Run the HTTP MCP server
CMD ["node", "dist/http-server.js"]