build: slim sf-server image runtime

2026-05-17 23:49:55 +02:00 · 2026-05-17 23:49:55 +02:00 · 422541305b
commit 422541305b
parent 7c4f204736
2 changed files with 24 additions and 9 deletions
--- a/.forgejo/workflows/self-deploy.yml
+++ b/.forgejo/workflows/self-deploy.yml
@ -78,6 +78,8 @@ jobs:

      - name: Build server image
        run: |
+          export DOCKER_BUILDKIT=1
+          export BUILDKIT_PROGRESS=plain
          docker build \
            -f docker/Dockerfile.sf-server \
            --build-arg "SF_GIT_SHA=${GITHUB_SHA:-$(git rev-parse HEAD)}" \
@ -161,8 +163,8 @@ jobs:

      - name: Roll test deployment
        run: |
-          kubectl -n "${SF_TEST_NAMESPACE:-sf}" set image "deployment/${SF_TEST_DEPLOYMENT:-sf-server-test}" "sf-server=${{ needs.build.outputs.image }}"
-          kubectl -n "${SF_TEST_NAMESPACE:-sf}" rollout status "deployment/${SF_TEST_DEPLOYMENT:-sf-server-test}" --timeout=180s
+          kubectl -n "${SF_TEST_NAMESPACE:-sf-server}" set image "deployment/${SF_TEST_DEPLOYMENT:-sf-server-test}" "sf-server=${{ needs.build.outputs.image }}"
+          kubectl -n "${SF_TEST_NAMESPACE:-sf-server}" rollout status "deployment/${SF_TEST_DEPLOYMENT:-sf-server-test}" --timeout=600s

      - name: Probe test server
        run: |
@ -185,8 +187,8 @@ jobs:

      - name: Roll prod deployment
        run: |
-          kubectl -n "${SF_PROD_NAMESPACE:-sf}" set image "deployment/${SF_PROD_DEPLOYMENT:-sf-server}" "sf-server=${{ needs.build.outputs.image }}"
-          kubectl -n "${SF_PROD_NAMESPACE:-sf}" rollout status "deployment/${SF_PROD_DEPLOYMENT:-sf-server}" --timeout=180s
+          kubectl -n "${SF_PROD_NAMESPACE:-sf-server}" set image "deployment/${SF_PROD_DEPLOYMENT:-sf-server}" "sf-server=${{ needs.build.outputs.image }}"
+          kubectl -n "${SF_PROD_NAMESPACE:-sf-server}" rollout status "deployment/${SF_PROD_DEPLOYMENT:-sf-server}" --timeout=600s

      - name: Probe prod server
        run: |
--- a/docker/Dockerfile.sf-server
+++ b/docker/Dockerfile.sf-server
@ -28,7 +28,8 @@ COPY package.json package-lock.json ./
 COPY packages ./packages
 COPY scripts ./scripts
 COPY web/package.json web/package-lock.json ./web/
-RUN npm ci && npm --prefix web ci
+RUN --mount=type=cache,id=sf-server-root-npm,target=/root/.npm,sharing=locked \
+    npm ci && npm --prefix web ci

 COPY . .
 ARG SF_GIT_SHA
@ -41,23 +42,35 @@ ENV SF_GIT_REF=${SF_GIT_REF}
 ENV SF_RELEASE_IMAGE=${SF_RELEASE_IMAGE}
 ENV SF_RELEASE_IMAGE_DIGEST=${SF_RELEASE_IMAGE_DIGEST}
 ENV SF_IMAGE_REPOSITORY=${SF_IMAGE_REPOSITORY}
-RUN npm run build:core
-RUN npm run build:web-host
+RUN --mount=type=cache,id=sf-server-root-tsbuild,target=/src/dist/.tsbuildinfo,sharing=locked \
+    npm run build:core
+RUN --mount=type=cache,id=sf-server-next-cache,target=/src/web/.next/cache,sharing=locked \
+    npm run build:web-host
 RUN npm run release:manifest -- --out dist/sf-release-manifest.json
+RUN rm -rf \
+    rust-engine/target \
+    web/.next/cache \
+    web/node_modules \
+    node_modules/.cache \
+    packages/*/tsconfig.tsbuildinfo

 FROM node:26.1-slim AS sf-server

 WORKDIR /opt/sf
 ENV NODE_ENV=production
 ENV SF_RELEASE_MANIFEST=/opt/sf/dist/sf-release-manifest.json
+ENV SF_WEB_PACKAGE_ROOT=/opt/sf
 ENV SF_WEB_PREFER_SOURCE=0
 ENV SF_WEB_HOST=0.0.0.0
 ENV SF_WEB_PORT=4000
+ENV HOSTNAME=0.0.0.0
+ENV PORT=4000

 RUN apt-get update && apt-get install -y --no-install-recommends \
    ca-certificates \
    git \
    libsecret-1-0 \
+    procps \
    tini \
    && rm -rf /var/lib/apt/lists/*

@ -65,5 +78,5 @@ COPY --from=build /src /opt/sf

 WORKDIR /workspace
 EXPOSE 4000
-ENTRYPOINT ["tini", "--", "node", "/opt/sf/dist/loader.js"]
-CMD ["server", "/workspace", "--host", "0.0.0.0", "--port", "4000"]
+ENTRYPOINT ["tini", "--"]
+CMD ["node", "/opt/sf/dist/web/standalone/server.js"]