Skip to content

Commit ee26f4d

Browse files
authored
fix(docker): copy pnpm patches into image build context (#450)
The js-yaml security fix added pnpm patchedDependencies (gray-matter, read-yaml-file) referenced by pnpm-workspace.yaml. The image builds run pnpm install --frozen-lockfile from the repo-root context but never copied the patches/ directory, so the install failed with ENOENT on the patch files (breaking the release Docker build). Add COPY patches ./patches/ before each frozen install in testplanit/Dockerfile (base + deps stages) and docs/Dockerfile. Verified by building the deps stage locally: the previously failing pnpm install --frozen-lockfile now completes.
1 parent 72b340a commit ee26f4d

2 files changed

Lines changed: 11 additions & 0 deletions

File tree

docs/Dockerfile

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,10 @@ COPY docs/package.json ./docs/
1515
COPY package.json ./
1616
COPY pnpm-workspace.yaml ./
1717

18+
# Dependency patches referenced by pnpm-workspace.yaml#patchedDependencies; the
19+
# frozen install reads these, so they must be present before it runs.
20+
COPY patches ./patches/
21+
1822
# Copy the source code for the docs workspace
1923
COPY ./docs/ ./docs/
2024

testplanit/Dockerfile

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,10 @@ COPY packages/api/package.json ./packages/api/
2626
COPY packages/mcp-server/package.json ./packages/mcp-server/
2727
COPY packages/wdio-testplanit-reporter/package.json ./packages/wdio-testplanit-reporter/
2828

29+
# Dependency patches referenced by pnpm-workspace.yaml#patchedDependencies; the
30+
# frozen install reads these, so they must be present before it runs.
31+
COPY patches ./patches/
32+
2933
# Install only the testplanit project's dependencies (it has no workspace deps).
3034
RUN pnpm install --frozen-lockfile --filter testplanit --ignore-scripts
3135

@@ -68,6 +72,9 @@ COPY cli/package.json ./cli/
6872
COPY packages/api/package.json ./packages/api/
6973
COPY packages/mcp-server/package.json ./packages/mcp-server/
7074
COPY packages/wdio-testplanit-reporter/package.json ./packages/wdio-testplanit-reporter/
75+
# Dependency patches referenced by pnpm-workspace.yaml#patchedDependencies; the
76+
# frozen install reads these, so they must be present before it runs.
77+
COPY patches ./patches/
7178
RUN pnpm install --frozen-lockfile --filter testplanit --ignore-scripts
7279
# Produce a self-contained production node_modules for testplanit (no symlinks
7380
# pointing outside the deploy dir), suitable for copying into the final images.

0 commit comments

Comments
 (0)