fadhli
407e72d5ca
CI's frontend test-e2e job was running `pnpm exec playwright install
chromium` every time — ~170MB chromium download per run, plus the
fall-through to `actions/cache` for the browser binary which only
hides the cost when the cache backend is healthy.
Bake it into the image instead:
- New ARG PLAYWRIGHT_VERSION=1.59.1 (must match KollectAI-ETL's
frontend/svelte/package.json @playwright/test pin)
- New ENV PLAYWRIGHT_BROWSERS_PATH=/ms-playwright (constant location
Playwright respects across pnpm/npm invocations)
- New RUN: `npx --yes "playwright@${PLAYWRIGHT_VERSION}" install chromium`
System libs (libnss3, libgbm1, libasound2, etc.) were already
pre-installed at the top of the file, so we skip --with-deps. Verify
step now also lists $PLAYWRIGHT_BROWSERS_PATH contents to fail-fast
if a future bump leaves the dir empty.
KollectAI-ETL's frontend.yml drops both `Cache Playwright browsers`
and `Install Playwright browsers` steps in the matching commit on
that side. Net: image build adds ~170MB but every CI test-e2e run
saves ~30-60s (download time + cache I/O).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Frontend Builder — CI Image
Pre-baked build environment for KollectAI-ETL frontend (SvelteKit) CI jobs and protobuf TypeScript code generation.
What's included
- Node.js 24 (
node:24-bookworm-slim) - pnpm 10 (via corepack)
- buf CLI — for
buf lintandbuf generate @bufbuild/protoc-gen-es— installed globally sobufv2local: protoc-gen-esresolves via PATH (no BSR remote-plugin calls)- Playwright chromium runtime libraries pre-installed (
libnss3,libgbm1,libasound2, etc.) - Playwright + chromium browser binary prebaked at
/ms-playwright(PLAYWRIGHT_BROWSERS_PATH=/ms-playwright) — CI'spnpm exec playwright install chromiumfinds the prebaked binary and skips the ~170MB download every run. Pin must matchfrontend/svelte/package.json's@playwright/testversion - ORAS CLI — for uploading test reports / audit artifacts to Harbor
git,jq,curl,unzip
Build
docker build -t 192.168.1.72/kollect-tools/ci/frontend-builder:latest ci/frontend-builder/
docker push 192.168.1.72/kollect-tools/ci/frontend-builder:latest
Build args
| Arg | Default | Description |
|---|---|---|
NODE_MAJOR |
24 |
Node.js major version (matches Node base image) |
PNPM_VERSION |
10.15.0 |
pnpm version (corepack-activated) |
BUF_VERSION |
1.55.0 |
buf CLI version |
PROTOC_GEN_ES_VERSION |
2.12.0 |
@bufbuild/protoc-gen-es version (ad-hoc use only — KollectAI-ETL CI uses the version pinned in proto/pnpm-lock.yaml) |
PLAYWRIGHT_VERSION |
1.59.1 |
Playwright version. Must match frontend/svelte/package.json @playwright/test; mismatch causes runtime browser re-download |
ORAS_VERSION |
1.2.2 |
ORAS CLI version |
Usage in CI
jobs:
test-unit:
runs-on: ubuntu-latest
container:
image: 192.168.1.72/kollect-tools/ci/frontend-builder:latest
steps:
- uses: actions/checkout@v6
- run: pnpm install --frozen-lockfile
working-directory: frontend/svelte
- run: pnpm test
working-directory: frontend/svelte
For protobuf TS codegen (buf.gen.yaml declares local: protoc-gen-es):
- name: Generate proto TS bindings
working-directory: proto
run: buf generate
For Playwright E2E — the chromium binary is prebaked, so CI doesn't need to install it. Just run the tests directly:
- name: E2E tests
working-directory: frontend/svelte
run: pnpm test:e2e
If a CI step does run pnpm exec playwright install chromium, it'll detect the prebaked binary at $PLAYWRIGHT_BROWSERS_PATH and exit immediately (no download). System libs are pre-installed, so --with-deps is also unnecessary.
Maintenance
Rebuild on dependency bumps:
- New Node major → bump
NODE_MAJOR, push image - pnpm bump → bump
PNPM_VERSION, push image - buf protocol changes → bump
BUF_VERSIONandPROTOC_GEN_ES_VERSION, push image
The CI workflow's weekly schedule rebuilds the image to keep base layers patched.