ci: take package-lock into account in devcontainer (#5278)

Consider package-lock.json when building the dev-container so we can
enforce a known-working dependency chain. This caused issues in the past
when commitlint and release-please had bugs in new versions  that
impacted our build pipeline.
This commit is contained in:
Marco Ferrari 2024-02-13 11:53:48 +01:00 committed by GitHub
parent 9b0427ea6c
commit 7a6ab115a6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 18 additions and 7 deletions

View file

@ -9,6 +9,7 @@ updates:
directory: "/" directory: "/"
schedule: schedule:
interval: weekly interval: weekly
open-pull-requests-limit: 100
- package-ecosystem: github-actions - package-ecosystem: github-actions
commit-message: commit-message:
@ -16,6 +17,7 @@ updates:
directory: "/" directory: "/"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "npm" - package-ecosystem: "npm"
commit-message: commit-message:
@ -23,6 +25,7 @@ updates:
directory: "/dependencies" directory: "/dependencies"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "bundler" - package-ecosystem: "bundler"
commit-message: commit-message:
@ -30,6 +33,7 @@ updates:
directory: "/dependencies" directory: "/dependencies"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "docker" - package-ecosystem: "docker"
commit-message: commit-message:
@ -37,6 +41,7 @@ updates:
directory: "/" directory: "/"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "pip" - package-ecosystem: "pip"
commit-message: commit-message:
@ -44,6 +49,7 @@ updates:
directory: "/dependencies/python/" directory: "/dependencies/python/"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "gradle" - package-ecosystem: "gradle"
commit-message: commit-message:
@ -51,6 +57,7 @@ updates:
directory: "/dependencies/checkstyle" directory: "/dependencies/checkstyle"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "gradle" - package-ecosystem: "gradle"
commit-message: commit-message:
@ -58,6 +65,7 @@ updates:
directory: "/dependencies/google-java-format" directory: "/dependencies/google-java-format"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "gradle" - package-ecosystem: "gradle"
commit-message: commit-message:
@ -65,6 +73,7 @@ updates:
directory: "/dependencies/ktlint" directory: "/dependencies/ktlint"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "docker" - package-ecosystem: "docker"
commit-message: commit-message:
@ -72,6 +81,7 @@ updates:
directory: "/dev-dependencies" directory: "/dev-dependencies"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100
- package-ecosystem: "npm" - package-ecosystem: "npm"
commit-message: commit-message:
@ -79,3 +89,4 @@ updates:
directory: "/dev-dependencies" directory: "/dev-dependencies"
schedule: schedule:
interval: "weekly" interval: "weekly"
open-pull-requests-limit: 100

View file

@ -7,16 +7,16 @@ RUN apt-get update \
jq \ jq \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
WORKDIR /app ENV APP_DIR=/app
WORKDIR "${APP_DIR}"
COPY package.json ./ COPY package.json package-lock.json ./
ENV NPM_PACKAGES_FILE_PATH="npm-packages.txt" RUN npm ci \
&& rm -rf ~/.npm
RUN jq '.dependencies | to_entries[] | select(.key | startswith("@commitlint/")) | .key + "@" + .value' package.json >> "${NPM_PACKAGES_FILE_PATH}" \ ENV NODE_PATH="${APP_DIR}/node_modules"
&& jq '.dependencies | to_entries[] | select(.key | startswith("release-please")) | .key + "@" + .value' package.json >> "${NPM_PACKAGES_FILE_PATH}" \ ENV PATH="${NODE_PATH}/.bin:${PATH}"
&& xargs npm install -g < "${NPM_PACKAGES_FILE_PATH}" \
&& rm package.json "${NPM_PACKAGES_FILE_PATH}"
# Split this from the previous RUN instruction so we can cache the costly installation step # Split this from the previous RUN instruction so we can cache the costly installation step
# hadolint ignore=DL3059 # hadolint ignore=DL3059