KollectTools/Docker-Images
18
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build: Fix pnpm install not generalizing home

Browse Source
This commit is contained in:
Fadhli Azhari
2026-04-30 10:00:07 +08:00
parent 58e25ebd4d
commit ed3dd33149
1 changed files with 27 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ci/frontend-builder/Dockerfile
+27 -23
View File
@@ -13,10 +13,12 @@
# container: # container:
# image: kcr.kollect.biz/kollect-tools/ci/frontend-builder:latest # image: kcr.kollect.biz/kollect-tools/ci/frontend-builder:latest
# #
# RUN order is cache-optimised. Playwright (~170MB chromium download) is # RUN order is cache-optimised. protoc-gen-es runs first after corepack
# the heaviest layer, so it sits high — right after pnpm — to protect it # because pnpm 11's `pnpm add -g` is what initialises PNPM_HOME — `pnpm
# from being invalidated by bumps to ORAS / buf / protoc-gen-es. The # dlx` doesn't, so swapping these two breaks the build with "Run pnpm
# cheap, low-volatility layers trail behind. # setup". Playwright (~170MB chromium download) sits next so a bump to
# the cheap, low-volatility binaries (ORAS, buf) below doesn't force a
# chromium re-download.
ARG NODE_MAJOR=24 ARG NODE_MAJOR=24
FROM node:${NODE_MAJOR}-bookworm-slim FROM node:${NODE_MAJOR}-bookworm-slim
@@ -79,6 +81,20 @@ RUN corepack enable \
ENV PNPM_HOME=/root/.local/share/pnpm ENV PNPM_HOME=/root/.local/share/pnpm
ENV PATH="${PNPM_HOME}:${PATH}" ENV PATH="${PNPM_HOME}:${PATH}"
# ─────────────────────────────────────────────────────────────────────
# protoc-gen-es - TypeScript codegen plugin for buf 'local:' references.
# Installed via pnpm into $PNPM_HOME so the binary lands on PATH; buf v2
# resolves `local: protoc-gen-es` via PATH lookup.
#
# This must run before `pnpm dlx` (Playwright) below: pnpm 11's
# `pnpm add -g` is what creates and initialises PNPM_HOME on first use,
# and `pnpm dlx` does not — running dlx first leaves the global bin
# unconfigured and the next `add -g` errors with "Run pnpm setup".
# ─────────────────────────────────────────────────────────────────────
ARG PROTOC_GEN_ES_VERSION=2.12.0
RUN pnpm add -g "@bufbuild/protoc-gen-es@${PROTOC_GEN_ES_VERSION}"
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
# Playwright + chromium browser binary # Playwright + chromium browser binary
# #
@@ -98,8 +114,8 @@ ENV PATH="${PNPM_HOME}:${PATH}"
# itself persists at PLAYWRIGHT_BROWSERS_PATH, which is the only piece # itself persists at PLAYWRIGHT_BROWSERS_PATH, which is the only piece
# we actually need at runtime. # we actually need at runtime.
# #
# Placed high (right after pnpm) so a bump to any cheap downstream pin # Placed before ORAS / buf so bumps to those (low-volatility static
# (oras, buf, protoc-gen-es) doesn't force a chromium re-download. # binaries) don't force a 170MB chromium re-download.
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
ARG PLAYWRIGHT_VERSION=1.59.1 ARG PLAYWRIGHT_VERSION=1.59.1
ENV PLAYWRIGHT_BROWSERS_PATH=/ms-playwright ENV PLAYWRIGHT_BROWSERS_PATH=/ms-playwright
@@ -108,8 +124,8 @@ RUN pnpm dlx "playwright@${PLAYWRIGHT_VERSION}" install chromium
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
# ORAS CLI - for uploading artifacts (test reports, audit logs) to Harbor. # ORAS CLI - for uploading artifacts (test reports, audit logs) to Harbor.
# Low-volatility static binary; ahead of buf/protoc-gen-es so a bump # Low-volatility static binary; ahead of buf so a bump here (rare)
# here (rare) doesn't cascade into them. # doesn't cascade into buf.
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
ARG ORAS_VERSION=1.3.2 ARG ORAS_VERSION=1.3.2
@@ -117,7 +133,9 @@ RUN curl -fsSL "https://github.com/oras-project/oras/releases/download/v${ORAS_V
| tar -xz -C /usr/local/bin oras | tar -xz -C /usr/local/bin oras
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
# buf CLI - single static binary, used for `buf lint` and `buf generate` # buf CLI - single static binary, used for `buf lint` and `buf generate`.
# Last because BUF_VERSION is the most volatile pin in this image and
# downloading the static binary is cheap (~30MB single-file curl).
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
ARG BUF_VERSION=1.69.0 ARG BUF_VERSION=1.69.0
@@ -125,20 +143,6 @@ RUN curl -fsSL "https://github.com/bufbuild/buf/releases/download/v${BUF_VERSION
-o /usr/local/bin/buf \ -o /usr/local/bin/buf \
&& chmod +x /usr/local/bin/buf && chmod +x /usr/local/bin/buf
# ─────────────────────────────────────────────────────────────────────
# protoc-gen-es - TypeScript codegen plugin for buf 'local:' references.
# Installed via pnpm into $PNPM_HOME so the binary lands on PATH; buf v2
# resolves `local: protoc-gen-es` via PATH lookup.
#
# Last because the KollectAI-ETL CI workflow doesn't actually use this
# global install (it does `pnpm install` from proto/ to pick up the
# lockfile-pinned version) — we only bake it for ad-hoc use inside the
# container, so its volatility doesn't matter for downstream cache.
# ─────────────────────────────────────────────────────────────────────
ARG PROTOC_GEN_ES_VERSION=2.12.0
RUN pnpm add -g "@bufbuild/protoc-gen-es@${PROTOC_GEN_ES_VERSION}"
WORKDIR /workspace WORKDIR /workspace
# Verify installation. Font count guards against silently shipping an image # Verify installation. Font count guards against silently shipping an image