Make Node version configurable + verify Node 25 compatibility (Docker + Swarm)#4254
Make Node version configurable + verify Node 25 compatibility (Docker + Swarm)#4254hitendras510 wants to merge 1 commit intoDokploy:canaryfrom
Conversation
dosubot
bot
added
size:S
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| RUN corepack enable || true && \ | ||
| corepack prepare pnpm@10.22.0 --activate || \ | ||
| npm install -g pnpm@10.22.0 |
There was a problem hiding this comment.
corepack enable || true always exits 0, so any genuine failure of corepack enable (e.g. a permissions issue on a node image that does include corepack) is silently ignored. The layer then proceeds to run corepack prepare, which will also fail and fall back to npm — leaving the image in a state where pnpm was installed via a different mechanism than expected, without any build-time warning.
A safer pattern is to check whether corepack is available first, rather than suppressing its errors unconditionally:
| RUN corepack enable || true && \ | |
| corepack prepare pnpm@10.22.0 --activate || \ | |
| npm install -g pnpm@10.22.0 | |
| RUN if command -v corepack > /dev/null 2>&1; then \ | |
| corepack enable && corepack prepare pnpm@10.22.0 --activate; \ | |
| else \ | |
| npm install -g pnpm@10.22.0; \ | |
| fi |
| COPY --from=build /prod/dokploy/package.json ./package.json | ||
| COPY --from=build /prod/dokploy/drizzle ./drizzle | ||
| COPY .env.production ./.env | ||
| #COPY .env.production ./.env (# Env should be provided at runtime (not baked into image)) |
There was a problem hiding this comment.
.env.production no longer copied into image
Commenting out this line silently removes a file that the app may rely on to start. Any existing deployment that depended on .env.production being baked in (database URLs, secret keys, etc.) will now start without those values, causing runtime failures (DB connection errors, missing secrets, etc.) without a clear error message pointing back to the missing copy.
If the intent is to require runtime-supplied env vars going forward, this should be an explicit, documented migration step — not a silent comment-out. Consider keeping the COPY but guarding it conditionally, or at minimum adding a startup check that validates required variables are present.
- Introduced ARG NODE_VERSION for flexibility - Added fallback for pnpm installation when corepack is unavailable - Verified compatibility with Node 25 in Docker environment - No breaking changes to existing Node 24 setup
hitendras510
force-pushed
the
node-25-support
branch
from
3f8db48 to
459f14b
Compare
1 participant
Summary
This PR makes the Node.js version configurable in the Dockerfile and verifies compatibility with Node 25.
Changes
ARG NODE_VERSION(default24.4.0) for flexibilitycorepackis unavailableCMDplacement to ensure correct container startup.envbaked into image)Testing
Tested using
NODE_VERSION=25with a full production-like setup:Results
Notes
corepackby default; fallback ensures PNPM availabilitySuggestion
Consider relaxing
engines.nodefrom"^24.4.0"to">=24.4.0"since Node 25 is compatible.Greptile Summary
This PR makes the Node.js version configurable via
ARG NODE_VERSION(defaulting to24.4.0) and adds a corepack/pnpm fallback for Node images that lack corepack. It also removes the.env.productioncopy step and fixesCMDindentation..env.productionCOPYis a silent breaking change: any deployment that previously relied on it being baked in will start without required env vars, causing runtime failures without a clear error pointing at the missing config.corepack enable || truepattern swallows real corepack errors on images that do include corepack, potentially leaving the image in an unexpected state.Confidence Score: 3/5
Not safe to merge as-is: the silent removal of the
.env.productioncopy step is a breaking change for existing deployments.The
.env.productionremoval is a P1 issue that can cause silent runtime failures (missing DB URLs, secrets, etc.) in any environment that previously relied on that file being baked into the image. The corepack|| truepattern is P2 but masks genuine errors. These issues need to be resolved or explicitly acknowledged with a migration guide before this is merged.Dockerfile — specifically the commented-out
.env.productionCOPY and the corepack error-suppression pattern.Reviews (1): Last reviewed commit: "feat(docker): make node version configur..." | Re-trigger Greptile