host.today/ht-docker-node
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(docker): normalize NODE_PATH and harden Dockerfile installs; use curl -fsSL; consolidate Alpine apk installs; update .dockerignore; bump @git.zone/tsdocker devDependency

Browse Source
This commit is contained in:
Jürgen Kunz
2026-02-07 10:54:17 +00:00
parent 9b84e0b72c
commit c4f2c3b9c5
10 changed files with 57 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.dockerignore Normal file
View File

@@ -0,0 +1,14 @@
.git
.nogit
node_modules
dist
dist_*
coverage
public
pages
.yarn
.cache
.rpt2_cache
*.md
!image_support_files/**
test

14
Dockerfile
View File

@@ -20,10 +20,7 @@ RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selectio
ca-certificates \ ca-certificates \
gpg-agent \ gpg-agent \
curl \ curl \
g++ \
gcc \
git \ git \
make \
openssl \ openssl \
python3 \ python3 \
rsync \ rsync \
@@ -32,7 +29,8 @@ RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selectio
unzip \ unzip \
iputils-ping \ iputils-ping \
dnsutils \ dnsutils \
tini tini \
&& apt-get clean
# Layer 2: Chromium + Puppeteer/Playwright browser deps # Layer 2: Chromium + Puppeteer/Playwright browser deps
RUN apt-get install -y -q --no-install-recommends \ RUN apt-get install -y -q --no-install-recommends \
@@ -72,7 +70,9 @@ RUN apt-get install -y -q --no-install-recommends \
libayatana-appindicator3-1 \ libayatana-appindicator3-1 \
libnss3 \ libnss3 \
lsb-release \ lsb-release \
xdg-utils xdg-utils \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Layer 3: MongoDB 8.0 # Layer 3: MongoDB 8.0
RUN curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \ RUN curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \
@@ -85,7 +85,7 @@ RUN curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Install nvm with node and npm # Install nvm with node and npm
RUN mkdir -p $NVM_DIR && curl https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash RUN mkdir -p $NVM_DIR && curl -fsSL https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
# Make nvm available globally in all bash shells (interactive + non-interactive) # Make nvm available globally in all bash shells (interactive + non-interactive)
# IMPORTANT: Prepend to bashrc, before the "[ -z "$PS1" ] && return" line # IMPORTANT: Prepend to bashrc, before the "[ -z "$PS1" ] && return" line
@@ -119,7 +119,7 @@ RUN nvm install $NODE_VERSION_STABLE \
&& pnpm -v \ && pnpm -v \
&& pnpm config set unsafe-perm true && pnpm config set unsafe-perm true
ENV NODE_PATH $NVM_DIR/v$NODE_VERSION_STABLE/lib/node_modules ENV NODE_PATH $NVM_DIR/versions/node/v$NODE_VERSION_STABLE/lib/node_modules
ENV PATH $NVM_DIR/versions/node/v$NODE_VERSION_STABLE/bin:$PATH ENV PATH $NVM_DIR/versions/node/v$NODE_VERSION_STABLE/bin:$PATH
# Install Bun # Install Bun

4
Dockerfile_alpine-bun
View File

@@ -20,7 +20,7 @@ RUN apk add --no-cache \
tini tini
# Install NVM (latest version for better Alpine/musl support) # Install NVM (latest version for better Alpine/musl support)
RUN mkdir -p $NVM_DIR && curl https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash RUN mkdir -p $NVM_DIR && curl -fsSL https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
# Make nvm available globally in all bash shells (interactive + non-interactive) # Make nvm available globally in all bash shells (interactive + non-interactive)
# IMPORTANT: Create /etc/bash.bashrc with nvm initialization # IMPORTANT: Create /etc/bash.bashrc with nvm initialization
@@ -52,7 +52,7 @@ RUN NVM_MUSL_ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "arm64-musl" || echo "x6
&& curl -fsSL https://bun.sh/install | bash && curl -fsSL https://bun.sh/install | bash
ENV PATH="$BUN_INSTALL/bin:$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH" ENV PATH="$BUN_INSTALL/bin:$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH"
ENV NODE_PATH=$NVM_DIR/v$NODE_VERSION_LTS/lib/node_modules ENV NODE_PATH=$NVM_DIR/versions/node/v$NODE_VERSION_LTS/lib/node_modules
# Set entrypoint to make nvm available in all runtime contexts # Set entrypoint to make nvm available in all runtime contexts
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"] ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]

4
Dockerfile_alpine-deno
View File

@@ -21,7 +21,7 @@ RUN apk add --no-cache \
deno deno
# Install NVM (latest version for better Alpine/musl support) # Install NVM (latest version for better Alpine/musl support)
RUN mkdir -p $NVM_DIR && curl https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash RUN mkdir -p $NVM_DIR && curl -fsSL https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
# Make nvm available globally in all bash shells (interactive + non-interactive) # Make nvm available globally in all bash shells (interactive + non-interactive)
# IMPORTANT: Create /etc/bash.bashrc with nvm initialization # IMPORTANT: Create /etc/bash.bashrc with nvm initialization
@@ -52,7 +52,7 @@ RUN NVM_MUSL_ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "arm64-musl" || echo "x6
&& nvm use default && nvm use default
ENV PATH="$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH" ENV PATH="$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH"
ENV NODE_PATH=$NVM_DIR/v$NODE_VERSION_LTS/lib/node_modules ENV NODE_PATH=$NVM_DIR/versions/node/v$NODE_VERSION_LTS/lib/node_modules
# Set entrypoint to make nvm available in all runtime contexts # Set entrypoint to make nvm available in all runtime contexts
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"] ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]

4
Dockerfile_alpine-node
View File

@@ -26,7 +26,7 @@ RUN apk add --no-cache \
tini tini
# Install NVM (latest version for better Alpine/musl support) # Install NVM (latest version for better Alpine/musl support)
RUN mkdir -p $NVM_DIR && curl https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash RUN mkdir -p $NVM_DIR && curl -fsSL https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash
# Make nvm available globally in all bash shells (interactive + non-interactive) # Make nvm available globally in all bash shells (interactive + non-interactive)
# IMPORTANT: Create /etc/bash.bashrc with nvm initialization # IMPORTANT: Create /etc/bash.bashrc with nvm initialization
@@ -66,7 +66,7 @@ RUN NVM_MUSL_ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "arm64-musl" || echo "x6
&& pnpm -v \ && pnpm -v \
&& pnpm config set unsafe-perm true && pnpm config set unsafe-perm true
ENV NODE_PATH=$NVM_DIR/v$NODE_VERSION_LTS/lib/node_modules ENV NODE_PATH=$NVM_DIR/versions/node/v$NODE_VERSION_LTS/lib/node_modules
ENV PATH=$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH ENV PATH=$NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH
# Set entrypoint to make nvm available in all runtime contexts # Set entrypoint to make nvm available in all runtime contexts

15
Dockerfile_alpine-szci
View File

@@ -1,8 +1,11 @@
FROM host.today/ht-docker-node:alpine-node FROM host.today/ht-docker-node:alpine-node
RUN apk update && apk add bash libc6-compat alpine-sdk
ENV PYTHONUNBUFFERED=1 ENV PYTHONUNBUFFERED=1
RUN apk add --update --no-cache python3 py3-pip && ln -sf python3 /usr/bin/python RUN apk add --no-cache \
RUN apk add --update alpine-sdk && \ libc6-compat \
apk add libffi-dev openssl-dev && \ alpine-sdk \
apk add python3-dev && \ python3-dev \
pnpm install -g @ship.zone/szci node-gyp py3-pip \
libffi-dev \
openssl-dev \
&& ln -sf python3 /usr/bin/python \
&& pnpm install -g @ship.zone/szci node-gyp

2
Dockerfile_lts
View File

@@ -4,5 +4,5 @@ LABEL author="Task Venture Capital GmbH <hello@task.vc>"
RUN bash -c "source $NVM_DIR/nvm.sh \ RUN bash -c "source $NVM_DIR/nvm.sh \
&& nvm install $NODE_VERSION_LTS" && nvm install $NODE_VERSION_LTS"
ENV NODE_PATH $NVM_DIR/v$NODE_VERSION_LTS/lib/node_modules ENV NODE_PATH $NVM_DIR/versions/node/v$NODE_VERSION_LTS/lib/node_modules
ENV PATH $NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH ENV PATH $NVM_DIR/versions/node/v$NODE_VERSION_LTS/bin:$PATH

10
changelog.md
View File

@@ -1,5 +1,15 @@
# Changelog # Changelog
## 2026-02-07 - 5.5.1 - fix(docker)
normalize NODE_PATH and harden Dockerfile installs; use curl -fsSL; consolidate Alpine apk installs; update .dockerignore; bump @git.zone/tsdocker devDependency
- Change NODE_PATH to $NVM_DIR/versions/node/v... across Dockerfiles to match nvm layout
- Use curl -fsSL for non-interactive installs
- Run apt-get clean and remove /var/lib/apt/lists to reduce image size and ensure clean state
- Consolidate apk add commands and ensure python3 symlink and pnpm global installs in Alpine image
- Add .dockerignore entries to exclude build artifacts and include image_support_files
- Bump devDependency @git.zone/tsdocker from ^1.15.1 to ^1.16.0
## 2026-02-07 - 5.5.0 - feat(docker) ## 2026-02-07 - 5.5.0 - feat(docker)
Rework Dockerfile into layered installs and add tooling (tini, chromium, MongoDB); simplify Alpine CI image Python/pip setup; add tsdocker devDependency; remove npmextra push flag; update README and registry links Rework Dockerfile into layered installs and add tooling (tini, chromium, MongoDB); simplify Alpine CI image Python/pip setup; add tsdocker devDependency; remove npmextra push flag; update README and registry links

2
package.json
View File

@@ -35,6 +35,6 @@
"typescript" "typescript"
], ],
"devDependencies": { "devDependencies": {
"@git.zone/tsdocker": "^1.15.1" "@git.zone/tsdocker": "^1.16.0"
} }
} }

18
pnpm-lock.yaml generated
View File

@@ -9,8 +9,8 @@ importers:
.: .:
devDependencies: devDependencies:
'@git.zone/tsdocker': '@git.zone/tsdocker':
specifier: ^1.15.1 specifier: ^1.16.0
version: 1.15.1 version: 1.16.0
packages: packages:
@@ -45,8 +45,8 @@ packages:
'@design.estate/dees-element@2.1.6': '@design.estate/dees-element@2.1.6':
resolution: {integrity: sha512-7zyHkUjB8UEQgT9VbB2IJtc/yuPt9CI5JGel3b6BxA1kecY64ceIjFvof1uIkc0QP8q2fMLLY45r1c+9zDTjzg==} resolution: {integrity: sha512-7zyHkUjB8UEQgT9VbB2IJtc/yuPt9CI5JGel3b6BxA1kecY64ceIjFvof1uIkc0QP8q2fMLLY45r1c+9zDTjzg==}
'@git.zone/tsdocker@1.15.1': '@git.zone/tsdocker@1.16.0':
resolution: {integrity: sha512-oncpIyNUxE5nyPB0SqZGeknA8cd7rfOARYNtkFmiBt0yqVXHJ84uZ8VtAYRoDQQMCcRVNRNfRy72imz+YLM7qA==} resolution: {integrity: sha512-e4rYrCS5oPG3bvbmCA6PvSuZFtDBnQYJMA9o2hr/Myq4PkO1l+uHy8APaciQV0qC9cEcJZmd6fb4QUND3fBDEw==}
hasBin: true hasBin: true
'@inquirer/checkbox@3.0.1': '@inquirer/checkbox@3.0.1':
@@ -813,8 +813,8 @@ packages:
jackspeak@3.4.3: jackspeak@3.4.3:
resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==} resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==}
jackspeak@4.2.1: jackspeak@4.2.3:
resolution: {integrity: sha512-GPBXyfcZSGujjddPeA+V34bW70ZJT7jzCEbloVasSH4yjiqWqXHX8iZQtZdVbOhc5esSeAIuiSmMutRZQB/olg==} resolution: {integrity: sha512-ykkVRwrYvFm1nb2AJfKKYPr0emF6IiXDYUaFx4Zn9ZuIH7MrzEZ3sD5RlqGXNRpHtvUHJyOnCEFxOlNDtGo7wg==}
engines: {node: 20 || >=22} engines: {node: 20 || >=22}
js-yaml@3.14.2: js-yaml@3.14.2:
@@ -1412,7 +1412,7 @@ snapshots:
- supports-color - supports-color
- vue - vue
'@git.zone/tsdocker@1.15.1': '@git.zone/tsdocker@1.16.0':
dependencies: dependencies:
'@push.rocks/lik': 6.2.2 '@push.rocks/lik': 6.2.2
'@push.rocks/npmextra': 5.3.3 '@push.rocks/npmextra': 5.3.3
@@ -2329,7 +2329,7 @@ snapshots:
glob@11.1.0: glob@11.1.0:
dependencies: dependencies:
foreground-child: 3.3.1 foreground-child: 3.3.1
jackspeak: 4.2.1 jackspeak: 4.2.3
minimatch: 10.1.2 minimatch: 10.1.2
minipass: 7.1.2 minipass: 7.1.2
package-json-from-dist: 1.0.1 package-json-from-dist: 1.0.1
@@ -2437,7 +2437,7 @@ snapshots:
optionalDependencies: optionalDependencies:
'@pkgjs/parseargs': 0.11.0 '@pkgjs/parseargs': 0.11.0
jackspeak@4.2.1: jackspeak@4.2.3:
dependencies: dependencies:
'@isaacs/cliui': 9.0.0 '@isaacs/cliui': 9.0.0