From e7cc1c8ca552bf3bc64c4d6e7dc9f911f1007cee Mon Sep 17 00:00:00 2001 From: Marc Mintel Date: Wed, 4 Feb 2026 18:13:54 +0100 Subject: [PATCH] fix: stabilize Docker builds by standardizing on ARM64 and explicit stage naming (klz-2026 pattern) --- .gitea/workflows/pipeline.yml | 12 ++++++++---- packages/infra/docker/Dockerfile.gatekeeper | 10 +++++----- packages/infra/docker/Dockerfile.nextjs | 4 ++-- packages/infra/gitea/deploy-action.yml | 2 ++ 4 files changed, 17 insertions(+), 11 deletions(-) diff --git a/.gitea/workflows/pipeline.yml b/.gitea/workflows/pipeline.yml index cd4946c..d384aad 100644 --- a/.gitea/workflows/pipeline.yml +++ b/.gitea/workflows/pipeline.yml @@ -104,7 +104,8 @@ jobs: with: context: . file: packages/infra/docker/Dockerfile.nextjs - platforms: linux/amd64,linux/arm64 + platforms: linux/arm64 + pull: true push: true secrets: | NPM_TOKEN=${{ secrets.NPM_TOKEN }} @@ -117,7 +118,8 @@ jobs: with: context: . file: packages/infra/docker/Dockerfile.runtime - platforms: linux/amd64,linux/arm64 + platforms: linux/arm64 + pull: true push: true secrets: | NPM_TOKEN=${{ secrets.NPM_TOKEN }} @@ -130,7 +132,8 @@ jobs: with: context: . file: packages/infra/docker/Dockerfile.gatekeeper - platforms: linux/amd64,linux/arm64 + platforms: linux/arm64 + pull: true push: true secrets: | NPM_TOKEN=${{ secrets.NPM_TOKEN }} @@ -143,7 +146,8 @@ jobs: with: context: . file: packages/infra/docker/Dockerfile.directus - platforms: linux/amd64,linux/arm64 + platforms: linux/arm64 + pull: true push: true secrets: | NPM_TOKEN=${{ secrets.NPM_TOKEN }} diff --git a/packages/infra/docker/Dockerfile.gatekeeper b/packages/infra/docker/Dockerfile.gatekeeper index b559cb2..124a80c 100644 --- a/packages/infra/docker/Dockerfile.gatekeeper +++ b/packages/infra/docker/Dockerfile.gatekeeper @@ -1,10 +1,9 @@ -FROM node:20-alpine AS base +# Step 1: Builder stage +FROM node:20-alpine AS builder RUN apk add --no-cache libc6-compat curl WORKDIR /app RUN corepack enable pnpm -# Step 2: Builder stage -FROM base AS builder # Copy source (honoring .dockerignore) COPY . . @@ -17,8 +16,9 @@ RUN --mount=type=cache,target=/root/.local/share/pnpm/store/v3 \ # Build Gatekeeper RUN pnpm --filter @mintel/gatekeeper build -# Step 3: Runner stage -FROM base AS runner +# Step 2: Runner stage +FROM node:20-alpine AS runner +RUN apk add --no-cache libc6-compat curl WORKDIR /app ENV NODE_ENV=production RUN addgroup --system --gid 1001 nodejs diff --git a/packages/infra/docker/Dockerfile.nextjs b/packages/infra/docker/Dockerfile.nextjs index bb22b9d..b7dcc93 100644 --- a/packages/infra/docker/Dockerfile.nextjs +++ b/packages/infra/docker/Dockerfile.nextjs @@ -1,5 +1,5 @@ -# Step 1: Base image -FROM node:20-alpine AS base +# Step 1: Builder image +FROM node:20-alpine AS builder RUN apk add --no-cache libc6-compat curl WORKDIR /app RUN corepack enable pnpm diff --git a/packages/infra/gitea/deploy-action.yml b/packages/infra/gitea/deploy-action.yml index 1701f14..db6be91 100644 --- a/packages/infra/gitea/deploy-action.yml +++ b/packages/infra/gitea/deploy-action.yml @@ -194,7 +194,9 @@ jobs: uses: docker/build-push-action@v5 with: context: . + file: packages/infra/docker/Dockerfile.nextjs platforms: linux/arm64 + pull: true build-args: | NEXT_PUBLIC_BASE_URL=${{ needs.prepare.outputs.next_public_base_url }} NEXT_PUBLIC_TARGET=${{ needs.prepare.outputs.target }}