feat(ci): replace npmci with szci across CI and images; add szci preinstalled images and make tini the PID 1 init in Docker images

2026-02-06 14:00:03 +00:00
parent 61a7c1cc7d
commit 20ef9c9a48
17 changed files with 77 additions and 69 deletions
@@ -6,7 +6,7 @@ on:
      - '**'

 env:
-  IMAGE: registry.gitlab.com/hosttoday/ht-docker-node:npmci
+  IMAGE: registry.gitlab.com/hosttoday/ht-docker-node:szci
  NPMCI_COMPUTED_REPOURL: https://${{gitea.repository_owner}}:${{secrets.GITEA_TOKEN}}@gitea.lossless.digital/${{gitea.repository}}.git
  NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
  NPMCI_TOKEN_NPM2: ${{secrets.NPMCI_TOKEN_NPM2}}
@@ -24,22 +24,22 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: Install pnpm and npmci
+      - name: Install pnpm and szci
        run: |
          pnpm install -g pnpm
-          pnpm install -g @ship.zone/npmci
-          npmci npm prepare
+          pnpm install -g @ship.zone/szci
+          szci npm prepare

      - name: Audit production dependencies
        run: |
-          npmci command npm config set registry https://registry.npmjs.org
-          npmci command pnpm audit --audit-level=high --prod
+          szci command npm config set registry https://registry.npmjs.org
+          szci command pnpm audit --audit-level=high --prod
        continue-on-error: true

      - name: Audit development dependencies
        run: |
-          npmci command npm config set registry https://registry.npmjs.org
-          npmci command pnpm audit --audit-level=high --dev
+          szci command npm config set registry https://registry.npmjs.org
+          szci command pnpm audit --audit-level=high --dev
        continue-on-error: true

  test:
@@ -54,18 +54,18 @@ jobs:
      - name: Prepare
        run: |
          pnpm install -g pnpm
-          pnpm install -g @ship.zone/npmci
-          npmci npm prepare
+          pnpm install -g @ship.zone/szci
+          szci npm prepare

      - name: Test stable
        run: |
-          npmci node install stable
-          npmci npm install
-          npmci npm test
+          szci node install stable
+          szci npm install
+          szci npm test

      - name: Test build
        run: |
-          npmci npm prepare
-          npmci node install stable
-          npmci npm install
-          npmci command npm run build
+          szci npm prepare
+          szci node install stable
+          szci npm install
+          szci command npm run build
@@ -6,7 +6,7 @@ on:
      - '*'

 env:
-  IMAGE: code.foss.global/host.today/ht-docker-node:npmci
+  IMAGE: code.foss.global/host.today/ht-docker-node:szci
  NPMCI_COMPUTED_REPOURL: https://${{gitea.repository_owner}}:${{secrets.GITEA_TOKEN}}@gitea.lossless.digital/${{gitea.repository}}.git
  # NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
  # NPMCI_TOKEN_NPM2: ${{secrets.NPMCI_TOKEN_NPM2}}
@@ -27,19 +27,19 @@ jobs:
      - name: Prepare
        run: |
          pnpm install -g pnpm
-          pnpm install -g @ship.zone/npmci
-          npmci npm prepare
+          pnpm install -g @ship.zone/szci
+          szci npm prepare

      - name: Audit production dependencies
        run: |
-          npmci command npm config set registry https://registry.npmjs.org
-          npmci command pnpm audit --audit-level=high --prod
+          szci command npm config set registry https://registry.npmjs.org
+          szci command pnpm audit --audit-level=high --prod
        continue-on-error: true

      - name: Audit development dependencies
        run: |
-          npmci command npm config set registry https://registry.npmjs.org
-          npmci command pnpm audit --audit-level=high --dev
+          szci command npm config set registry https://registry.npmjs.org
+          szci command pnpm audit --audit-level=high --dev
        continue-on-error: true

  test:
@@ -54,27 +54,27 @@ jobs:
      - name: Prepare
        run: |
          pnpm install -g pnpm
-          pnpm install -g @ship.zone/npmci
-          npmci npm prepare
+          pnpm install -g @ship.zone/szci
+          szci npm prepare

      - name: Test stable
        run: |
-          npmci node install stable
-          npmci npm install
-          npmci npm test
+          szci node install stable
+          szci npm install
+          szci npm test

      - name: Test build
        run: |
-          npmci node install stable
-          npmci npm install
-          npmci command npm run build
+          szci node install stable
+          szci npm install
+          szci command npm run build

  release:
    needs: test
    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
    runs-on: ubuntu-latest
    container:
-      image: code.foss.global/host.today/ht-docker-dbase:npmci
+      image: code.foss.global/host.today/ht-docker-dbase:szci

    steps:
      - uses: actions/checkout@v3
@@ -110,4 +110,4 @@ jobs:
      - uses: actions/checkout@v3

      - name: Trigger
-        run: npmci trigger
+        run: szci trigger
@@ -72,6 +72,8 @@ RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selectio
        # network
        iputils-ping \
        dnsutils \
+        # init
+        tini \
    
    # chromium (multi-arch compatible - works on both amd64 and arm64)
    && apt-get install -y -q --no-install-recommends chromium-browser \
@@ -135,5 +137,5 @@ ENV DENO_INSTALL="/root/.deno"
 ENV PATH="$DENO_INSTALL/bin:$PATH"

 # Set entrypoint to make nvm available in all runtime contexts
-ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+ENTRYPOINT ["/usr/bin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
 CMD ["bash"]
@@ -16,7 +16,8 @@ RUN apk add --no-cache \
    git \
    ca-certificates \
    unzip \
-    libstdc++
+    libstdc++ \
+    tini

 # Install NVM (latest version for better Alpine/musl support)
 RUN mkdir -p $NVM_DIR && curl https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
@@ -54,5 +55,5 @@ ENV PATH="$BUN_INSTALL/bin:$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH"
 ENV NODE_PATH=$NVM_DIR/v$NODE_VERSION_LTS/lib/node_modules

 # Set entrypoint to make nvm available in all runtime contexts
-ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
 CMD ["bash"]
@@ -17,6 +17,7 @@ RUN apk add --no-cache \
    ca-certificates \
    unzip \
    libstdc++ \
+    tini \
    deno

 # Install NVM (latest version for better Alpine/musl support)
@@ -54,5 +55,5 @@ ENV PATH="$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH"
 ENV NODE_PATH=$NVM_DIR/v$NODE_VERSION_LTS/lib/node_modules

 # Set entrypoint to make nvm available in all runtime contexts
-ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
 CMD ["bash"]
@@ -22,7 +22,8 @@ RUN apk add --no-cache \
    unzip \
    iputils \
    bind-tools \
-    libstdc++
+    libstdc++ \
+    tini

 # Install NVM (latest version for better Alpine/musl support)
 RUN mkdir -p $NVM_DIR && curl https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
@@ -69,5 +70,5 @@ ENV NODE_PATH=$NVM_DIR/v$NODE_VERSION_LTS/lib/node_modules
 ENV PATH=$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH

 # Set entrypoint to make nvm available in all runtime contexts
-ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
 CMD ["bash"]
@@ -7,4 +7,4 @@ RUN pip3 install --no-cache --upgrade pip setuptools
 RUN apk add --update alpine-sdk && \
    apk add libffi-dev openssl-dev && \
    apk add python3-dev && \
-    pnpm install -g @ship.zone/npmci node-gyp
+    pnpm install -g @ship.zone/szci node-gyp
@@ -1,4 +1,4 @@
-FROM host.today/ht-docker-node:npmci
+FROM host.today/ht-docker-node:szci
 RUN npm install -g \
  @git.zone/tsrun \
  @git.zone/tstest \
@@ -1,6 +0,0 @@
-FROM host.today/ht-docker-node:latest
-# Add Tini
-ENV TINI_VERSION v0.19.0
-ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
-RUN chmod +x /tini
-ENTRYPOINT ["/tini", "--"]
@@ -1,4 +1,4 @@
 FROM host.today/ht-docker-node:latest
 LABEL author="Task Venture Capital GmbH <hello@task.vc>"

-RUN pnpm install -g @ship.zone/npmci
+RUN pnpm install -g @ship.zone/szci
@@ -1,5 +1,13 @@
 # Changelog

+## 2026-02-06 - 5.4.0 - feat(ci)
+replace npmci with szci across CI and images; add szci preinstalled images and make tini the PID 1 init in Docker images
+
+- Replace @ship.zone/npmci with @ship.zone/szci in Gitea CI workflows (.gitea/workflows/docker_nottags.yaml, docker_tags.yaml) and update commands to use szci
+- Add szci-specific Dockerfiles (Dockerfile_szci, Dockerfile_alpine-szci) and tests (test/test_szci.sh); remove npmci-specific files
+- Install and use tini as PID 1 in multiple Dockerfiles and switch ENTRYPOINT to run tini for proper signal forwarding and zombie reaping
+- Update metadata/manifest files (package.json, npmextra.json, readme.*, Dockerfile base tags) to reference szci and document the inclusion of tini
+
 ## 2026-02-06 - 5.3.0 - feat(docker)
 add Chromium support for Puppeteer/Playwright and npm build/release scripts

@@ -16,13 +16,13 @@
        "CI",
        "git",
        "ssh",
-        "npmci",
+        "szci",
        "node version management",
        "typescript"
      ]
    }
  },
-  "npmci": {
+  "szci": {
    "dockerRegistries": [
      "docker.io",
      "registry.gitlab.com"
@@ -30,7 +30,7 @@
    "CI",
    "git",
    "ssh",
-    "npmci",
+    "szci",
    "node version management",
    "typescript"
  ]
@@ -68,7 +68,7 @@ RUN node --version      # Now shows v18.x.x
 - ✅ Dockerfile RUN: `nvm install`, `nvm use`, version switching
 - ✅ Runtime bash -c: All nvm commands work
 - ✅ CI/CD workflows: Tested in .gitea/workflows context
- ✅ Backward compat: pnpm, npmci, ENV PATH fallback
+- ✅ Backward compat: pnpm, szci, ENV PATH fallback
 - ✅ Multi-stage builds: nvm available in all stages
 - ✅ Interactive shells: Full nvm access

@@ -27,8 +27,9 @@ Perfect for complex builds requiring native dependencies and maximum compatibili
 |-----|-------------|----------|
 | `:latest` | Node.js LTS with NVM (Ubuntu 24.04) | General purpose, production builds |
 | `:lts` | Based on latest | Explicit LTS naming |
-| `:npmci` | With npmci preinstalled | CI/CD pipelines |
-| `:stableinit` | Stable initialization base | Init scripts |
+| `:szci` | With szci preinstalled | CI/CD pipelines |
+
+> **All images include [tini](https://github.com/krallin/tini) as PID 1 init**, ensuring proper signal forwarding and zombie process reaping out of the box.

 ### Alpine-Based Images (Lightweight & Multi-Arch) ⚡

@@ -39,7 +40,7 @@ Perfect for complex builds requiring native dependencies and maximum compatibili
 | `:alpine-node` | Node.js LTS + NVM + pnpm | ~200MB | amd64, arm64 |
 | `:alpine-deno` | Node.js LTS + NVM + Deno | ~180MB | amd64, arm64 |
 | `:alpine-bun` | Node.js LTS + NVM + Bun | ~150MB | amd64, arm64 |
-| `:alpine-npmci` | Alpine Node + npmci + build tools | ~250MB | amd64, arm64 |
+| `:alpine-szci` | Alpine Node + szci + build tools | ~250MB | amd64, arm64 |

 **✨ Multi-architecture magic:** Docker automatically selects the right image for your platform. Build on Mac, deploy on Linux servers—same Dockerfile, native speed everywhere.

@@ -1,13 +0,0 @@
-#!/bin/bash
-set -e
-
-# check if npmci is available
-npm init -y
-npmci -v
-
-# TODO update npmci to not require package.json
-npmci node install stable
-
-# check if npm picks it up
-npmci command pnpm install -g @gitzone/tsrun
-npmci command tsrun -v
@@ -0,0 +1,13 @@
+#!/bin/bash
+set -e
+
+# check if szci is available
+npm init -y
+szci -v
+
+# TODO update szci to not require package.json
+szci node install stable
+
+# check if npm picks it up
+szci command pnpm install -g @gitzone/tsrun
+szci command tsrun -v