feat: adiciona Dockerfile e integração com CI/CD

- Adiciona Dockerfile multi-stage usando Oracle Linux 9
- Instala Oracle Instant Client via RPM
- Adiciona .dockerignore para otimizar builds
- Integra build Docker no GitHub Actions CI
- Configura push automático para GitHub Container Registry

.dockerignore

@@ -0,0 +1,33 @@
+node_modules
+npm-debug.log
+dist
+.git
+.gitignore
+.env
+.env.*
+!.env.example
+coverage
+.nyc_output
+*.log
+*.md
+.vscode
+.idea
+*.swp
+*.swo
+*~
+.DS_Store
+test
+*.spec.ts
+*.spec.js
+__tests__
+jest.config.js
+jest.setup.js
+.eslintrc.js
+eslint.config.js
+.prettierrc
+.prettierignore
+tsconfig*.json
+nest-cli.json
+monitoring
+docs
+

.github/workflows/ci.yml

@@ -121,3 +121,51 @@ jobs:
           NODE_ENV: test
         continue-on-error: true
 
+  docker-build:
+    name: Docker Build
+    runs-on: ubuntu-latest
+    needs: build
+    if: github.event_name == 'push'
+    permissions:
+      contents: read
+      packages: write
+
+    env:
+      REGISTRY: ghcr.io
+      IMAGE_NAME: ${{ github.repository }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=sha,prefix={{branch}}-
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

Dockerfile

@@ -0,0 +1,61 @@
+FROM oraclelinux:9 AS base
+
+WORKDIR /app
+
+RUN dnf install -y \
+    curl \
+    libaio \
+    && curl -fsSL https://rpm.nodesource.com/setup_20.x | bash - \
+    && dnf install -y nodejs \
+    && dnf clean all
+
+FROM base AS dependencies
+
+COPY package*.json ./
+
+RUN npm ci --only=production && npm cache clean --force
+
+FROM base AS build
+
+COPY package*.json ./
+
+RUN npm ci
+
+COPY . .
+
+RUN npm run build
+
+FROM base AS production
+
+RUN dnf install -y \
+    curl \
+    libaio \
+    && dnf clean all
+
+ENV ORACLE_CLIENT_LIB_DIR=/usr/lib/oracle/21/client64/lib
+
+RUN curl -fSL --cookie-jar /tmp/cookies.txt --retry 3 \
+    "https://download.oracle.com/otn_software/linux/instantclient/2112000/el9/oracle-instantclient-basiclite-21.12.0.0.0-1.el9.x86_64.rpm" \
+    --output /tmp/oracle-instantclient-basiclite.rpm && \
+    dnf install -y /tmp/oracle-instantclient-basiclite.rpm && \
+    rm -f /tmp/oracle-instantclient-basiclite.rpm /tmp/cookies.txt && \
+    dnf clean all
+
+ENV LD_LIBRARY_PATH=/usr/lib/oracle/21/client64/lib:$LD_LIBRARY_PATH
+ENV TZ=America/Sao_Paulo
+
+RUN groupadd -r node && useradd -r -g node node
+
+COPY --from=dependencies /app/node_modules ./node_modules
+COPY --from=build /app/dist ./dist
+COPY --from=build /app/package*.json ./
+COPY --from=build /app/cert ./cert
+
+RUN chown -R node:node /app
+
+EXPOSE 8066
+
+USER node
+
+CMD ["node", "dist/main"]
+