From a4a03acb429e30b89f1b023e9e8fe39ced66fb97 Mon Sep 17 00:00:00 2001
From: Nate Kelley <nate@buster.so>
Date: Wed, 8 Jan 2025 13:08:03 -0700
Subject: [PATCH] Pass env to dockerfiles

---
 .env.example          | 44 ++++++++++++++++++++-----------------------
 api/Dockerfile        |  6 ------
 docker-compose.yml    | 44 +++++++++++++++++++++++++++++++++++++++----
 supabase/.env.example | 10 +++++-----
 web/Dockerfile        | 31 ++++++++++++++++++++----------
 5 files changed, 86 insertions(+), 49 deletions(-)

diff --git a/.env.example b/.env.example
index b1c0f9865..3b96fc7bf 100644
--- a/.env.example
+++ b/.env.example
@@ -1,33 +1,29 @@
-# Warehouse ENV Variables
-
-AWS_ACCESS_KEY_ID=AKIA....
-AWS_SECRET_ACCESS_KEY=...
-AWS_REGION=us-east-1
-CATALOG_WAREHOUSE=s3://your-warehouse-bucket/
-
-# Buster API ENV Variables
 ENVIRONMENT="development"
-DATABASE_URL="postgresql://postgres:postgres@127.0.0.1:54322/postgres"
-POOLER_URL="postgresql://postgres:postgres@127.0.0.1:54322/postgres"
+DATABASE_URL="postgresql://postgres:your-super-secret-and-long-postgres-password@db:5432/postgres"
+POOLER_URL="postgresql://postgres:your-super-secret-and-long-postgres-password@db:5432/postgres"
 JWT_SECRET="super-secret-jwt-token-with-at-least-32-characters-long"
-REDIS_URL="redis://localhost:6379"
+REDIS_URL="redis://redis:6379"
 LANGFUSE_API_URL="https://us.cloud.langfuse.com"
-LANGFUSE_PUBLIC_API_KEY="pk..."
-LANGFUSE_PRIVATE_API_KEY="sk..."
-POSTHOG_API_KEY="phc_..."
-OPENAI_API_KEY="sk-..."
-ANTHROPIC_API_KEY="sk-..."
-RESEND_API_KEY="re_..."
-BUSTER_URL="http://localhost:3000"
+LANGFUSE_PUBLIC_API_KEY=""
+LANGFUSE_PRIVATE_API_KEY=""
+OPENAI_API_KEY=""
+EMBED_VEC_LENGTH="1536"
+POSTHOG_API_KEY=""
+RESEND_API_KEY=""
+BUSTER_URL="http://web:3000"
 BUSTER_WH_TOKEN="buster-wh-token"
 EMBEDDING_PROVIDER="ollama"
 EMBEDDING_MODEL="mxbai-embed-large"
-COHERE_API_KEY="..."
+COHERE_API_KEY=""
+
+
 
-# Buster Web ENV Variables
 NEXT_PUBLIC_API_URL="http://127.0.0.1:3001"
 NEXT_PUBLIC_URL="http://localhost:3000"
-NEXT_PUBLIC_SUPABASE_URL="http://127.0.0.1:54321"
-NEXT_PUBLIC_SUPABASE_ANON_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0"
-
-# DB ENV variables are managed in the ./supabase folder.  Please copy .env.example file to .env and fill in the values.
\ No newline at end of file
+NEXT_PUBLIC_SUPABASE_URL="http://kong:8000"
+NEXT_PUBLIC_SUPABASE_ANON_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyAgCiAgICAicm9sZSI6ICJhbm9uIiwKICAgICJpc3MiOiAic3VwYWJhc2UtZGVtbyIsCiAgICAiaWF0IjogMTY0MTc2OTIwMCwKICAgICJleHAiOiAxNzk5NTM1NjAwCn0.dc_X5iR_VP_qT0zsiyj_I_OZ2T9FtRU2BBNWN8Bu4GE"
+NEXT_PRIVATE_SUPABASE_SERVICE_ROLE_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImV4cCI6MTk4MzgxMjk5Nn0.EGIM96RAZx35lJzdJsyH-qQwv8Hdp7fsn3W0YpN81IU"
+NEXT_PRIVATE_SUPABASE_CONNECT_CLIENT_ID=""
+NEXT_PRIVATE_SUPABASE_CONNECT_CLIENT_SECRET=""
+NEXT_PUBLIC_USER="chad@buster.so"
+NEXT_PUBLIC_USER_PASSWORD="password"
\ No newline at end of file
diff --git a/api/Dockerfile b/api/Dockerfile
index 3a8667561..d43683d63 100644
--- a/api/Dockerfile
+++ b/api/Dockerfile
@@ -22,12 +22,6 @@ RUN apt-get update && apt-get install -y \
     && update-ca-certificates \
     && rm -rf /var/lib/apt/lists/*
 
-ARG ENVIRONMENT=local
-RUN if [ "$ENVIRONMENT" != "local" ]; then \
-    COPY cert.pem /usr/local/share/ca-certificates/cert.crt && \
-    update-ca-certificates; \
-    fi
-
 COPY --from=builder /app/target/release/bi_api .
 EXPOSE 3001
 ENTRYPOINT ["./bi_api"]
diff --git a/docker-compose.yml b/docker-compose.yml
index eef45f0ad..01886e19c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,11 +14,38 @@ services:
       retries: 30
 
   api:
-    build: ./api
+    build: 
+      context: ./api
     env_file:
       - .env
+    environment:
+      - DATABASE_URL=${DATABASE_URL}
+      - REDIS_URL=${REDIS_URL}
+      - OPENAI_API_KEY=${OPENAI_API_KEY}
+      - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
+      - JWT_SECRET=${JWT_SECRET}
+      - SUPABASE_URL=${SUPABASE_URL}
+      - SUPABASE_SERVICE_ROLE_KEY=${SUPABASE_SERVICE_ROLE_KEY}
+      - POOLER_URL=${POOLER_URL}
+      - LANGFUSE_API_URL=${LANGFUSE_API_URL}
+      - LANGFUSE_PUBLIC_API_KEY=${LANGFUSE_PUBLIC_API_KEY}
+      - LANGFUSE_PRIVATE_API_KEY=${LANGFUSE_PRIVATE_API_KEY}
+      - EMBED_VEC_LENGTH=${EMBED_VEC_LENGTH}
+      - POSTHOG_API_KEY=${POSTHOG_API_KEY}
+      - RESEND_API_KEY=${RESEND_API_KEY}
+      - BUSTER_URL=${BUSTER_URL}
+      - BUSTER_WH_TOKEN=${BUSTER_WH_TOKEN}
+      - EMBEDDING_PROVIDER=${EMBEDDING_PROVIDER}
+      - EMBEDDING_MODEL=${EMBEDDING_MODEL}
+      - COHERE_API_KEY=${COHERE_API_KEY}
     ports:
       - "3001:3001"
+    deploy:
+      resources:
+        limits:
+          memory: 4G
+        reservations:
+          memory: 2G
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost:3001/health"]
       interval: 30s
@@ -31,13 +58,22 @@ services:
         condition: service_healthy
       
   web:
-    build: ./web
+    build: 
+      context: ./web
+      args:
+        - NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL}
+        - NEXT_PUBLIC_URL=${NEXT_PUBLIC_URL}
+        - NEXT_PUBLIC_SUPABASE_URL=${NEXT_PUBLIC_SUPABASE_URL}
+        - NEXT_PUBLIC_SUPABASE_ANON_KEY=${NEXT_PUBLIC_SUPABASE_ANON_KEY}
+    environment:
+      - NEXT_PRIVATE_SUPABASE_SERVICE_ROLE_KEY=${NEXT_PRIVATE_SUPABASE_SERVICE_ROLE_KEY}
+      - NEXT_PRIVATE_SUPABASE_CONNECT_CLIENT_ID=${NEXT_PRIVATE_SUPABASE_CONNECT_CLIENT_ID}
+      - NEXT_PRIVATE_SUPABASE_CONNECT_CLIENT_SECRET=${NEXT_PRIVATE_SUPABASE_CONNECT_CLIENT_SECRET}
+      - NODE_ENV=production
     env_file:
       - .env
     ports:
       - "3000:3000"
-    environment:
-      - NODE_ENV=production
     depends_on:
       - api
 
diff --git a/supabase/.env.example b/supabase/.env.example
index 4b4003975..1ca0ad92a 100644
--- a/supabase/.env.example
+++ b/supabase/.env.example
@@ -63,13 +63,13 @@ MAILER_URLPATHS_EMAIL_CHANGE="/auth/v1/verify"
 ## Email auth
 ENABLE_EMAIL_SIGNUP=true
 ENABLE_EMAIL_AUTOCONFIRM=false
-SMTP_ADMIN_EMAIL=admin@example.com
+SMTP_ADMIN_EMAIL=admin@buster.so
 SMTP_HOST=supabase-mail
 SMTP_PORT=2500
-SMTP_USER=fake_mail_user
-SMTP_PASS=fake_mail_password
-SMTP_SENDER_NAME=fake_sender
-ENABLE_ANONYMOUS_USERS=false
+SMTP_SENDER_NAME=buster
+SMTP_USER=
+SMTP_PASS=
+ENABLE_ANONYMOUS_USERS=true
 
 ## Phone auth
 ENABLE_PHONE_SIGNUP=true
diff --git a/web/Dockerfile b/web/Dockerfile
index 24bd16662..0565e64ed 100644
--- a/web/Dockerfile
+++ b/web/Dockerfile
@@ -3,22 +3,33 @@ FROM node:20-alpine AS builder
 
 WORKDIR /app
 
-# Copy package files
+# Only keep build-time public env vars as args
+ARG NEXT_PUBLIC_API_URL
+ARG NEXT_PUBLIC_URL
+ARG NEXT_PUBLIC_SUPABASE_URL
+ARG NEXT_PUBLIC_SUPABASE_ANON_KEY
+
+# Set public env vars for build time
+ENV NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL
+ENV NEXT_PUBLIC_URL=$NEXT_PUBLIC_URL
+ENV NEXT_PUBLIC_SUPABASE_URL=$NEXT_PUBLIC_SUPABASE_URL
+ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=$NEXT_PUBLIC_SUPABASE_ANON_KEY
+
+# Copy all necessary files first
 COPY package*.json ./
-
 COPY next.config.mjs ./
-
-# Install dependencies
-RUN npm ci
-
-# Copy source code
+COPY tsconfig*.json ./
+COPY public ./public
 COPY . .
 
-# Build the Next.js application
-RUN npm run build
+# Install dependencies with verbose logging
+RUN npm ci
+
+# Build with verbose output
+RUN npm run build --verbose
 
 # Production stage
-FROM node:20-alpine AS runner
+FROM node:20-alpine
 
 WORKDIR /app