ci: complete pipeline standardization

Dockerfile

@@ -1,59 +1,60 @@
-# Start from the pre-built Nextjs Base image
+# Stage 1: Builder
 FROM registry.infra.mintel.me/mintel/nextjs:latest AS builder
-
 WORKDIR /app
 
-# Ensure we are in a clean environment and remove any stale files from the base image
-RUN rm -rf packages apps pnpm-workspace.yaml 2>/dev/null || true
+# Clean the workspace in case the base image is dirty
+RUN rm -rf ./*
 
-# Build-time environment variables for Next.js
+# Arguments for build-time configuration
 ARG NEXT_PUBLIC_BASE_URL
-ARG UMAMI_API_ENDPOINT
 ARG NEXT_PUBLIC_TARGET
 ARG DIRECTUS_URL
+ARG UMAMI_API_ENDPOINT
+ARG NPM_TOKEN
 
+# Environment variables for Next.js build
 ENV NEXT_PUBLIC_BASE_URL=$NEXT_PUBLIC_BASE_URL
-ENV UMAMI_API_ENDPOINT=$UMAMI_API_ENDPOINT
 ENV NEXT_PUBLIC_TARGET=$NEXT_PUBLIC_TARGET
 ENV DIRECTUS_URL=$DIRECTUS_URL
+ENV UMAMI_API_ENDPOINT=$UMAMI_API_ENDPOINT
+ENV SKIP_RUNTIME_ENV_VALIDATION=true
 ENV CI=true
-ENV SENTRY_SUPPRESS_TURBOPACK_WARNING=1
 
 # Enable pnpm
 RUN corepack enable
 
-# Set pnpm home and store directory for caching
-ENV PNPM_HOME="/pnpm"
-ENV PATH="$PNPM_HOME:$PATH"
-RUN mkdir -p /pnpm/store
-
-# Copy workspace configuration and manifests for better caching
-COPY pnpm-lock.yaml pnpm-workspace.yaml package.json .npmrc ./
+# Copy workspace files for dependency installation
+COPY pnpm-lock.yaml pnpm-workspace.yaml package.json .npmrc* ./
 COPY apps/web/package.json ./apps/web/package.json
 
-# Install dependencies with cache mount and NPM_TOKEN secret
+# Install dependencies with cache mount
 RUN --mount=type=cache,id=pnpm,target=/pnpm/store \
     --mount=type=secret,id=NPM_TOKEN \
-    export NPM_TOKEN=$(cat /run/secrets/NPM_TOKEN) && \
-    pnpm install --no-frozen-lockfile
+    export NPM_TOKEN=$(cat /run/secrets/NPM_TOKEN 2>/dev/null || echo $NPM_TOKEN) && \
+    pnpm install --frozen-lockfile
 
-# Copy source
+# Copy source code
 COPY . .
 
-# Build the app with cache mount
-RUN --mount=type=cache,target=/app/apps/web/.next/cache \
-    pnpm --filter @mintel/web build
+# Build application (monorepo filter)
+RUN pnpm --filter @mintel/web build
 
-# Production image
+# Stage 2: Runner
 FROM registry.infra.mintel.me/mintel/runtime:latest AS runner
 WORKDIR /app
 
+ENV HOSTNAME="0.0.0.0"
+ENV PORT=3000
+ENV NODE_ENV=production
+
 # Copy standalone output and static files (Monorepo paths)
 COPY --from=builder --chown=nextjs:nodejs /app/apps/web/public ./apps/web/public
 COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/standalone ./
 COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/static ./apps/web/.next/static
+COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/cache ./apps/web/.next/cache
 
 USER nextjs
 
+# Start from the app directory to ensure references solve correctly
 WORKDIR /app/apps/web
 CMD ["node", "server.js"]