fix: optimize Dockerfile and package.json for better performance and consistency

schamane · schamane · commit 276b0cdb629e · 2025-11-14T01:02:51.000+01:00
- Fix circular script references in package.json test scripts
- Standardize package manager usage to pnpm throughout
- Update @types/node to correct version ^22.0.0
- Add packageManager field for Corepack support
- Optimize Dockerfile layer caching by reordering COPY operations
- Consolidate USER operations and remove unnecessary corepack/npm config
- Enhance .dockerignore with Jekyll artifacts and OpenSpec exclusions
diff --git a/.dockerignore b/.dockerignore
@@ -40,6 +40,9 @@ Thumbs.db
 # Documentation
 docs/
 .jekyll-cache
+_site/
+Gemfile
+Gemfile.lock
 
 # Logs
 logs
@@ -103,3 +106,6 @@ jspm_packages/
 
 # Stores VSCode versions used for testing VSCode extensions
 .vscode-test
+
+# OpenSpec directories
+openspec/
diff --git a/Dockerfile b/Dockerfile
@@ -1,7 +1,7 @@
 # Multi-stage build for optimized containerized testing using Chainguard Wolfi OS
 FROM cgr.dev/chainguard/node:latest-dev AS base
 
-# Install build dependencies using Wolfi OS package manager
+# Install build dependencies and setup environment in single root block
 USER root
 RUN apk update && apk add --no-cache \
     python3 \
@@ -10,39 +10,31 @@ RUN apk update && apk add --no-cache \
     glibc-dev \
     linux-headers \
     curl \
-    bash
+    bash && \
+    mkdir -p /app/node_modules /app/.npm && \
+    chown -R 65532:65532 /app
 
-# Enable pnpm using corepack (no root permissions needed)
-USER root
-RUN corepack enable pnpm
-USER 65532:65532
-
-# Create app directory with proper permissions (Chainguard uses /app by default)
-USER root
+# Set working directory and switch to non-root user
 WORKDIR /app
-RUN mkdir -p /app/node_modules /app/.npm && chown -R 65532:65532 /app
 USER 65532:65532
 
 # Dependencies stage - optimized for caching
 FROM base AS dependencies
 
-# Copy only package files for optimal layer caching
+# Copy only package files first for optimal layer caching
 COPY --chown=65532:65532 package.json pnpm-lock.yaml ./
+
+# Install dependencies before copying source code
+RUN pnpm install --frozen-lockfile --ignore-scripts --prefer-frozen-lockfile \
+    && pnpm store prune
+
+# Copy source files after dependencies are installed
 COPY --chown=65532:65532 scripts/ ./scripts/
 COPY --chown=65532:65532 binding.gyp ./
 COPY --chown=65532:65532 src/ ./src/
 COPY --chown=65532:65532 test/ ./test/
 COPY --chown=65532:65532 tsconfig.json vitest.config.ts ./
 
-# Configure npm for performance (keep for compatibility)
-USER root
-RUN npm config set cache /app/.npm --global
-USER 65532:65532
-
-# Install dependencies with optimizations
-RUN pnpm install --frozen-lockfile --ignore-scripts --prefer-frozen-lockfile \
-    && pnpm store prune
-
 # Skip native build in container - it's built in CI
 RUN echo "⏭️  Skipping native build in container - built in CI"
 
@@ -51,10 +43,6 @@ FROM cgr.dev/chainguard/node:latest AS runtime
 
 # Copy installed dependencies from dependencies stage
 COPY --from=dependencies --chown=65532:65532 /app/node_modules ./node_modules
-COPY --from=dependencies --chown=65532:65532 /app/.npm ./.npm
-
-# Use npm instead of pnpm in distroless runtime (npm is available)
-# pnpm dependencies are already installed in node_modules
 
 # Note: Native modules are built separately in CI and not included in container
 RUN echo "📝 Container ready for native module compilation"
@@ -64,9 +52,7 @@ USER 65532:65532
 
 # Set environment variables for optimized testing
 ENV NODE_ENV=test \
-    CI=true \
-    npm_config_cache=/app/.npm \
-    PNPM_HOME=/app/.npm
+    CI=true
 
 # Expose debugging port
 EXPOSE 9229
@@ -78,5 +64,5 @@ HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
 # Use dumb-init for proper signal handling in distroless environment
 ENTRYPOINT ["/usr/bin/dumb-init", "--"]
 
-# Default command optimized for speed (use npm for test execution in distroless)
-CMD ["npm", "run", "test"]
+# Default command optimized for speed
+CMD ["pnpm", "test"]
diff --git a/package.json b/package.json
@@ -10,15 +10,15 @@
     "build:native": "node-gyp rebuild",
     "build:native:prebuild": "prebuildify --target 22.0.0 --target 24.0.0 --target 25.0.0 --strip --napi",
     "build:native:package": "prebuildify --target 22.0.0 --target 24.0.0 --target 25.0.0 --strip",
-    "test": "pnpm run test",
-    "test:coverage": "pnpm run test:coverage",
-    "test:watch": "pnpm run test:watch",
+    "test": "vitest run",
+    "test:coverage": "vitest run --coverage",
+    "test:watch": "vitest",
     "test:run": "vitest run",
     "test:run:coverage": "vitest run --coverage",
     "test:run:watch": "vitest",
     "dev": "tsc --watch",
     "lint": "eslint src --ext .ts",
-    "prepublishOnly": "pnpm run build && npm run build:native && npm run build:native:prebuild",
+    "prepublishOnly": "pnpm run build && pnpm run build:native && pnpm run build:native:prebuild",
     "install": "node scripts/install.js",
     "install:native": "node scripts/install.js",
     "docs:build": "typedoc && node scripts/build-docs.js",
@@ -35,6 +35,7 @@
   ],
   "author": "Nazar Kulyk <schamane@myeburg.net>",
   "license": "MIT",
+  "packageManager": "pnpm@10.20.0",
   "engines": {
     "node": ">=22.0.0",
     "pnpm": ">=10.20.0"
@@ -58,7 +59,7 @@
     "@tsconfig/recommended": "^1.0.13",
     "@tsconfig/node22": "^22.0.3",
     "@tsconfig/node-ts": "^23.6.2",
-    "@types/node": "^24.10.1",
+    "@types/node": "^22.0.0",
     "@typescript-eslint/eslint-plugin": "^8.46.4",
     "@typescript-eslint/parser": "^8.46.4",
     "@vitest/coverage-v8": "^4.0.8",
