From 6df183dead48907ca65ff2dbdd0ed8463d13b4a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20R=C3=B6blitz?= Date: Sat, 8 Nov 2025 12:42:10 +0100 Subject: [PATCH] new attempt at pinning npm install inside container build --- containers/Dockerfile.smee-client | 22 +++++++---- containers/package-lock.json | 62 +++++++++++++++++++++++++++++++ containers/package.json | 9 +++++ 3 files changed, 85 insertions(+), 8 deletions(-) create mode 100644 containers/package-lock.json create mode 100644 containers/package.json diff --git a/containers/Dockerfile.smee-client b/containers/Dockerfile.smee-client index 28c5d21a..7b226467 100644 --- a/containers/Dockerfile.smee-client +++ b/containers/Dockerfile.smee-client @@ -1,12 +1,18 @@ -ARG smee_client_version=4.4.1 -# ARG smee_client_version_commit=b837fa85fd05853731160e21356ffd30c8c3e791 # v4.4.1 - -# pinning base image to specific hash (corresponding to lts-alpine) +# pin base image to specific hash (corresponding to lts-alpine) FROM node@sha256:f36fed0b2129a8492535e2853c64fbdbd2d29dc1219ee3217023ca48aebd3787 -ARG smee_client_version -# ARG smee_client_version_commit -# Then install -RUN npm install --global smee-client@${smee_client_version} +# create app dir for locked installation +WORKDIR /app + +# copy lockfile and manifest +COPY containers/package.json containers/package-lock.json ./ + +# install exactly what's in the lockfile (change version in package.json and update +# lockfile via 'npm install --package-lock-only') +RUN npm ci --omit=dev + +# expose CLI by symlinking +RUN ln -sf /app/node_modules/.bin/smee /usr/local/bin/smee + ENTRYPOINT ["smee"] CMD ["--help"] diff --git a/containers/package-lock.json b/containers/package-lock.json new file mode 100644 index 00000000..22aa5a14 --- /dev/null +++ b/containers/package-lock.json @@ -0,0 +1,62 @@ +{ + "name": "smee-wrapper", + "version": "1.0.0", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "name": "smee-wrapper", + "version": "1.0.0", + "license": "GPL-2.0-only", + "dependencies": { + "smee-client": "4.4.1" + } + }, + "node_modules/eventsource": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/eventsource/-/eventsource-4.0.0.tgz", + "integrity": "sha512-fvIkb9qZzdMxgZrEQDyll+9oJsyaVvY92I2Re+qK0qEJ+w5s0X3dtz+M0VAPOjP1gtU3iqWyjQ0G3nvd5CLZ2g==", + "license": "MIT", + "dependencies": { + "eventsource-parser": "^3.0.1" + }, + "engines": { + "node": ">=20.0.0" + } + }, + "node_modules/eventsource-parser": { + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/eventsource-parser/-/eventsource-parser-3.0.6.tgz", + "integrity": "sha512-Vo1ab+QXPzZ4tCa8SwIHJFaSzy4R6SHf7BY79rFBDf0idraZWAkYrDjDj8uWaSm3S2TK+hJ7/t1CEmZ7jXw+pg==", + "license": "MIT", + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/smee-client": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/smee-client/-/smee-client-4.4.1.tgz", + "integrity": "sha512-o2px88YVTmKWpaF3sg0Qpuk5MEVpM7BrImjNy/PYf3ENiD51dnPWtXnYHAM6h5/+06ug7z7BBu3werlIEwVkdw==", + "license": "ISC", + "dependencies": { + "eventsource": "^4.0.0", + "undici": "^7.0.0" + }, + "bin": { + "smee": "bin/smee.js" + }, + "engines": { + "node": "^20.18 || >= 22" + } + }, + "node_modules/undici": { + "version": "7.16.0", + "resolved": "https://registry.npmjs.org/undici/-/undici-7.16.0.tgz", + "integrity": "sha512-QEg3HPMll0o3t2ourKwOeUAZ159Kn9mx5pnzHRQO8+Wixmh88YdZRiIwat0iNzNNXn0yoEtXJqFpyW7eM8BV7g==", + "license": "MIT", + "engines": { + "node": ">=20.18.1" + } + } + } +} diff --git a/containers/package.json b/containers/package.json new file mode 100644 index 00000000..8b33566e --- /dev/null +++ b/containers/package.json @@ -0,0 +1,9 @@ +{ + "name": "smee-wrapper", + "private": true, + "version": "1.0.0", + "license": "GPL-2.0-only", + "dependencies": { + "smee-client": "4.4.1" + } +}