Draft
Conversation
Key optimizations: 1. Switch from GHA cache to registry cache (saves ~5min) - GHA cache mode=max uploads every layer via a slow separate API - Registry cache uses the standard registry push protocol, much faster - Added GHCR login to docker.yml for cache storage - PR preview also uses previous PR image as cache source 2. Eliminate expensive recursive chown -R (saves ~35s) - Replace final 'chown -R nao:nao /app' with COPY --chown=nao:nao - All COPY instructions in the runtime stage now set ownership inline - Only chown the empty top-level directories, not the full tree 3. Copy Node.js/Bun from base stage instead of apt-get install (saves ~30s) - Avoids slow nodesource.com setup script + npm install -g bun - Copies binaries directly from the node:24-slim base stage 4. Consolidate two bun install stages into one shared deps stage - Frontend and backend were doing redundant bun installs - Single deps stage with --ignore-scripts + ripgrep postinstall - Frontend builder inherits from deps, backend copies node_modules 5. Use pre-built uv binary instead of pip install (saves ~12s) - COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv - Applied to both python-builder and runtime stages 6. Add BuildKit cache mounts for bun and uv package caches - Speeds up local development rebuilds Co-authored-by: Christophe Blefari <christophe.blefari@gmail.com>
Contributor
🚀 Preview Deployment
Preview will be automatically removed when this PR is closed. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Optimizes the Docker build pipeline across
pr-preview.yml,docker.yml, and theDockerfileto reduce build times from ~10 minutes to ~2 minutes.Bottleneck analysis (from CI logs)
mode=max)chown -R nao:nao /appCOPY --chown=nao:naobun install(2 stages)pip install uv(×2 stages)uvbinary via COPYChanges
Dockerfiledepsstage. Frontend builder inherits from it; runtime copiesnode_modulesfrom it. Eliminates a redundant ~25sbun install.COPY --chown=nao:nao: all COPY instructions in the runtime stage now set ownership inline, replacing the expensive recursivechown -R nao:nao /app /var/log/supervisor(35s → 0s).npm install -g bunin the runtime stage (~36s), copies the binaries from the already-builtnode:24-slimbase stage and creates symlinks.uvbinary:COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uvreplacespip install uvin both the python-builder and runtime stages (saves ~6s each).--mount=type=cachefor bun and uv package caches (speeds up local development rebuilds).pr-preview.ymltype=gha,mode=maxtotype=registrycache stored in GHCR alongside the preview image.docker.ymltype=gha,mode=maxtotype=registrycache stored in GHCR (ghcr.io/<repo>/build-cache), with per-platform cache tags.packages: writepermission for cache push access.Testing
nao:nao) on all app filesnpm run lintpasses