Skip to content

refactor(lint-pr-title): modernise Dockerfile #1121

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
iainlane merged 1 commit into from
Jul 15, 2025
Merged

refactor(lint-pr-title): modernise Dockerfile #1121

iainlane merged 1 commit into from
Jul 15, 2025

Conversation

@iainlane
Copy link
Member

@iainlane iainlane commented Jul 9, 2025
edited
Loading

Note: this is stacked on #1120

The previous Dockerfile was overly complex and inefficient, a result of adapting an older style to a workspace environment. The multi-stage build was difficult to read and did not use modern Docker features for caching.

To fix these problems, we simplify the build process into a more readable multi-stage build. We introduce Docker cache mounts for dependency installation, which will result in significantly faster builds. The COPY commands are now more specific to avoid copying unnecessary files into the image. Tests continue to be run as a non-root user to ensure file permission tests work correctly, but in a more streamlined way.

@iainlane iainlane marked this pull request as ready for review July 9, 2025 17:14
@iainlane iainlane requested review from a team as code owners July 9, 2025 17:14
zerok
zerok reviewed Jul 10, 2025
View reviewed changes
actions/lint-pr-title/Dockerfile
WORKDIR /home/newuser/app
COPY --from=install /home/newuser/temp/dev/node_modules ./node_modules
COPY --chown=newuser:newuser . .
RUN --mount=type=cache,target=/root/.bun/install/cache \
Copy link
Contributor

@zerok zerok Jul 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it perhaps make sense to have the cache filled only with production dependencies and then another one that is filled with dev dependencies for the test run?

Copy link
Member Author

@iainlane iainlane Jul 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One cache makes sense to me, enables things to be shared, moved around when needed

@iainlane
refactor(lint-pr-title): modernise Dockerfile
dff68fd 
The previous Dockerfile was overly complex and inefficient, a result of
adapting an older style to a workspace environment. The multi-stage
build was difficult to read and did not use modern Docker features for
caching.

To fix these problems, we simplify the build process into a more
readable multi-stage build. We introduce Docker cache mounts for
dependency installation, which will result in significantly faster
builds. The COPY commands are now more specific to avoid copying
unnecessary files into the image. Tests continue to be run as a non-root
user to ensure file permission tests work correctly, but in a more
streamlined way.
@iainlane iainlane force-pushed the iainlane/refactor-lint-pr-title-dockerfile branch from da7e82b to dff68fd Compare July 10, 2025 09:44
@iainlane iainlane requested a review from zerok July 10, 2025 12:54
@iainlane iainlane merged commit 69778b1 into iainlane/fix-lint-pr-title-action Jul 15, 2025
20 checks passed
@iainlane iainlane deleted the iainlane/refactor-lint-pr-title-dockerfile branch July 15, 2025 10:03
github-merge-queue bot pushed a commit that referenced this pull request Jul 17, 2025
@iainlane
fix(lint-pr-title): adapt action and Dockerfile to bun workspaces (#1120
b5b28b5 
)

* fix(lint-pr-title): adapt action and Dockerfile to bun workspaces

The lint-pr-title action was failing to run correctly after the migration
to bun workspaces in 9ffb9ce. This was
due to two issues:

1. The composite action was not checking out the shared-workflows
   repository, so the workspace dependencies could not be installed.
2. The Dockerfile was not adapted to the workspace structure, and the
   tests were failing due to file permission issues.

This commit addresses both issues. The action.yml now checks out the
shared-workflows repository, following the pattern of other actions in
this repository. The Dockerfile is updated to correctly build in a
workspace context and to run the tests as a non-root user to ensure
file permission tests pass.

It sort of kept working because we forgot to remove the bun.lock file in
`actions/lint-pr-title.` This papered over the problem until a Bun
update needed to update the lock file and it stopped working. Here we
remove that.

Now that we use files outside of the action's own directory
(`package.json`, `bun.lock`), we need to check the repository out and
run from the root.

* refactor(lint-pr-title): modernise Dockerfile (#1121)

The previous Dockerfile was overly complex and inefficient, a result of
adapting an older style to a workspace environment. The multi-stage
build was difficult to read and did not use modern Docker features for
caching.

To fix these problems, we simplify the build process into a more
readable multi-stage build. We introduce Docker cache mounts for
dependency installation, which will result in significantly faster
builds. The COPY commands are now more specific to avoid copying
unnecessary files into the image. Tests continue to be run as a non-root
user to ensure file permission tests work correctly, but in a more
streamlined way.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zerok zerok zerok approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@iainlane @zerok