Skip to content

Dockerfile: Changes to make Yarn work reliably#86

Open
awilfox wants to merge 1 commit into
mainfrom
awilfox/AP-779-one-way
Open

Dockerfile: Changes to make Yarn work reliably#86
awilfox wants to merge 1 commit into
mainfrom
awilfox/AP-779-one-way

Conversation

@awilfox

@awilfox awilfox commented Jul 10, 2026

Copy link
Copy Markdown
Member
  • Move Yarn-managed packages to a specific directory, the same way we did in Added NODE_PATH to Dockerfile and configure yarn build in prod target UCBEARS#17. This makes it easier to handle.

  • Add Yarn binstubs to the available PATH.

  • Copy the lock file into the app directory, which is required for the cssbundling task to determine we are using Yarn. Otherwise we will have this error:

    cssbundling-rails: No suitable tool found for installing JavaScript dependencies

  • Switch to headless JRE to lower attack surface and use less resources.

Ref: AP-779

* Move Yarn-managed packages to a specific directory, the same way we
  did in BerkeleyLibrary/UCBEARS#17.  This makes it easier to handle.

* Add Yarn binstubs to the available PATH.

* Copy the lock file into the app directory, which is required for the
  cssbundling task to determine we are using Yarn.  Otherwise we will
  have this error:

    cssbundling-rails: No suitable tool found for installing JavaScript dependencies

* Switch to headless JRE to lower attack surface and use less resources.

Ref: AP-779
@awilfox awilfox requested a review from yzhoubk July 10, 2026 23:06
@awilfox awilfox self-assigned this Jul 10, 2026

@anarchivist anarchivist left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

generally r+; one minor question.

Comment thread Dockerfile
# Use Yarn via Corepack to avoids using reops and GPG keys
RUN corepack enable \
&& corepack prepare yarn@stable --activate \
&& corepack prepare yarn@1.22.22 --activate \

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this effectively downgrading yarn from our past images?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It installed a stable yarn that was never used, because the package specified 1.22.22. This just ensures it downloads that version the first time, so it doesn't waste the time of fetching a useless one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants