KollectTools/Docker-Images
18
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
407e72d5cad57d742b1bfd740d762125449a5a08
Docker-Images/ci/frontend-builder/Dockerfile
T
fadhli 407e72d5ca build(frontend-builder): bake Playwright + chromium browser binary 
CI's frontend test-e2e job was running `pnpm exec playwright install
chromium` every time — ~170MB chromium download per run, plus the
fall-through to `actions/cache` for the browser binary which only
hides the cost when the cache backend is healthy.

Bake it into the image instead:
- New ARG PLAYWRIGHT_VERSION=1.59.1 (must match KollectAI-ETL's
  frontend/svelte/package.json @playwright/test pin)
- New ENV PLAYWRIGHT_BROWSERS_PATH=/ms-playwright (constant location
  Playwright respects across pnpm/npm invocations)
- New RUN: `npx --yes "playwright@${PLAYWRIGHT_VERSION}" install chromium`

System libs (libnss3, libgbm1, libasound2, etc.) were already
pre-installed at the top of the file, so we skip --with-deps. Verify
step now also lists $PLAYWRIGHT_BROWSERS_PATH contents to fail-fast
if a future bump leaves the dir empty.

KollectAI-ETL's frontend.yml drops both `Cache Playwright browsers`
and `Install Playwright browsers` steps in the matching commit on
that side. Net: image build adds ~170MB but every CI test-e2e run
saves ~30-60s (download time + cache I/O).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-29 07:17:20 +08:00

111 lines
6.0 KiB
Docker
Raw Blame History

# KollectAI CI - Frontend Builder Image
#
# Pre-baked build environment for SvelteKit frontend CI jobs and
# protobuf TypeScript code generation.
# Contains: Node.js, pnpm, buf CLI, @bufbuild/protoc-gen-es plugin
# (global so buf 'local: protoc-gen-es' resolves via PATH), Playwright
# (chromium browser binary + system deps), ORAS CLI, common build tools.
#
# Build:
# docker build -t 192.168.1.72/kollect-tools/ci/frontend-builder:latest ci/frontend-builder/
#
# Usage in CI:
# container:
# image: 192.168.1.72/kollect-tools/ci/frontend-builder:latest
ARG NODE_MAJOR=24
FROM node:${NODE_MAJOR}-bookworm-slim
ARG PNPM_VERSION=10.15.0
ARG BUF_VERSION=1.55.0
# Pin protoc-gen-es to a known-good version. The KollectAI-ETL CI
# workflow doesn't actually use this global install (it does
# `pnpm install` from proto/ to pick up the lockfile-pinned version)
# but we still bake it for ad-hoc use inside the container.
ARG PROTOC_GEN_ES_VERSION=2.12.0
ARG ORAS_VERSION=1.2.2
# Pin Playwright in lockstep with frontend/svelte/package.json's
# @playwright/test version. If the project uses a different patch level,
# Playwright re-downloads the right browser at runtime; matching here
# means CI hits the prebaked browser cache and skips the download.
ARG PLAYWRIGHT_VERSION=1.59.1
# Install Playwright browsers under a known global path so they survive
# across containers and so `pnpm exec playwright install` reuses them.
ENV PLAYWRIGHT_BROWSERS_PATH=/ms-playwright
# ─────────────────────────────────────────────────────────────────────
# System dependencies (Playwright chromium runtime libs included so the
# browser launches without `playwright install --with-deps`)
# ─────────────────────────────────────────────────────────────────────
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
curl \
git \
jq \
unzip \
# Playwright chromium runtime libs
libasound2 \
libatk1.0-0 \
libatk-bridge2.0-0 \
libcups2 \
libdbus-1-3 \
libdrm2 \
libgbm1 \
libnspr4 \
libnss3 \
libxcomposite1 \
libxdamage1 \
libxfixes3 \
libxkbcommon0 \
libxrandr2 \
&& rm -rf /var/lib/apt/lists/*
# ─────────────────────────────────────────────────────────────────────
# pnpm via corepack (ships with Node.js)
# ─────────────────────────────────────────────────────────────────────
RUN corepack enable \
&& corepack prepare "pnpm@${PNPM_VERSION}" --activate
# ─────────────────────────────────────────────────────────────────────
# buf CLI - single static binary, used for `buf lint` and `buf generate`
# ─────────────────────────────────────────────────────────────────────
RUN curl -fsSL "https://github.com/bufbuild/buf/releases/download/v${BUF_VERSION}/buf-Linux-x86_64" \
-o /usr/local/bin/buf \
&& chmod +x /usr/local/bin/buf
# ─────────────────────────────────────────────────────────────────────
# protoc-gen-es - TypeScript codegen plugin for buf 'local:' references.
# Installed globally so it lands on PATH; buf v2 resolves
# `local: protoc-gen-es` via PATH lookup.
# ─────────────────────────────────────────────────────────────────────
RUN npm install -g "@bufbuild/protoc-gen-es@${PROTOC_GEN_ES_VERSION}"
# ─────────────────────────────────────────────────────────────────────
# ORAS CLI - for uploading artifacts (test reports, audit logs) to Harbor
# ─────────────────────────────────────────────────────────────────────
RUN curl -fsSL "https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz" \
| tar -xz -C /usr/local/bin oras
# ─────────────────────────────────────────────────────────────────────
# Playwright + chromium browser binary
#
# Browsers go to /ms-playwright (PLAYWRIGHT_BROWSERS_PATH set above) so
# CI's `pnpm exec playwright install chromium` finds the prebaked binary
# and skips the ~170MB download. System libs are already installed at
# the top of the file, so we use bare `playwright install chromium`
# (no --with-deps).
# ─────────────────────────────────────────────────────────────────────
RUN npx --yes "playwright@${PLAYWRIGHT_VERSION}" install chromium
WORKDIR /workspace
# Verify installation
RUN node --version \
&& pnpm --version \
&& buf --version \
&& protoc-gen-es --version \
&& oras version \
&& jq --version \
&& ls "${PLAYWRIGHT_BROWSERS_PATH}"
Reference in New Issue View Git Blame Copy Permalink