-
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Dockerfile
64 lines (53 loc) · 1.96 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
FROM node:20-bookworm-slim AS runner
# Node.js 20 (curently LTS)
# Debian bookwork
# fetch latest security updates
RUN set -ex; \
apt-get update; \
apt-get upgrade -y; \
# curl is required to fetch our webhook from github
# unzip is required for unzipping payloads in development
apt-get install curl unzip jq -y; \
rm -rf /var/lib/apt/lists/*
# add a non-root user to run our code as
RUN adduser --disabled-password --gecos "" appuser
# install our test runner to /opt
WORKDIR /opt/test-runner
COPY . .
# Install yarn so it will be available read-only
# https://github.com/nodejs/corepack/issues/183#issue-1379672431
# https://github.com/nodejs/corepack/blob/bc13d40037d0b1bfd386e260ae741f55505b5c7c/tests/main.test.ts#L483
RUN mkdir -p /idk/corepack
ENV COREPACK_HOME=/idk/corepack
RUN set -ex; \
corepack enable yarn;
# corepack pack -o ./corepack.tgz; \
# COREPACK_ENABLE_NETWORK=0 corepack install -g ./corepack.tgz;
# https://github.com/nodejs/corepack/pull/446#issue-2218976611
RUN corepack install
RUN corepack yarn --version
# https://github.com/nodejs/corepack/issues/414#issuecomment-2096218732
# https://github.com/nodejs/corepack/blob/bc13d40037d0b1bfd386e260ae741f55505b5c7c/sources/folderUtils.ts#L26-L31
RUN chmod 444 /idk/corepack/lastKnownGood.json
RUN chmod 555 /idk/corepack
# Build the test runner
RUN set -ex; \
# install all the development modules (used for building)
corepack yarn cache clean; \
corepack yarn install; \
corepack yarn build;
# corepack yarn cache clean; \
#
# install only the node_modules we need for production
# I don't know how to get this to work with zero-installs enabled
#
# TODO: corepack yarn workspaces focus --production;
# Disable network for corepack
ENV COREPACK_ENABLE_NETWORK=0
ENV COREPACK_ENABLE_STRICT=0
# Prefer offline mode for yarn
ENV YARN_ENABLE_OFFLINE_MODE=1
ENV YARN_ENABLE_HARDENED_MODE=0
# Let's check to be certain
RUN corepack yarn --version
ENTRYPOINT [ "/opt/test-runner/bin/run.sh" ]