fix(ui): replace bun with npm in Dockerfile to fix SIGILL crash#1343
fix(ui): replace bun with npm in Dockerfile to fix SIGILL crash#1343opspawn wants to merge 7 commits intokagent-dev:mainfrom
Conversation
…nt-dev#1331) Bun crashes with SIGILL (illegal instruction) during Next.js build in Docker CI. Replace bun with npm/node across the UI Docker build: - Use wolfi apk nodejs/npm packages instead of bun install script - Use npm ci for dependency installation (frozen lockfile) - Use npm run build instead of bun run build - Use node to run server.js in supervisord (runtime stage) - Update ui/Makefile to use npm commands for local dev - Remove TOOLS_BUN_VERSION ARG and bun-related ENV vars Signed-off-by: opspawn <opspawn@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR addresses recurrent bun crashes (SIGILL) during the Next.js Docker build by switching the UI container build and runtime from Bun to Node.js + npm, aligning the Docker build flow with the existing CI ui-tests job.
Changes:
- Update
ui/Dockerfileto install Node.js/npm via wolfiapk, usenpm ci+npm run build, and remove Bun install/env setup. - Update
ui/conf/supervisord.confto run the standalone Next.js server withnodeinstead ofbun. - Update
ui/Makefileto replace Bun commands with npm equivalents for local workflows.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.
| File | Description |
|---|---|
| ui/Dockerfile | Replace Bun-based dependency install/build/runtime with Node.js + npm across all stages. |
| ui/conf/supervisord.conf | Switch Next.js program command from Bun to Node and drop Bun PATH injection. |
| ui/Makefile | Replace Bun build/audit/update commands with npm equivalents. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
ui/Dockerfile
Outdated
| # Build the application | ||
| RUN --mount=type=cache,target=/cache/node_modules,rw \ | ||
| --mount=type=cache,target=/app/ui/.next/cache,rw \ | ||
| export NEXT_TELEMETRY_DEBUG=1 \ | ||
| && bun install --frozen-lockfile \ | ||
| && bun run build \ | ||
| && npm ci \ | ||
| && npm run build \ |
There was a problem hiding this comment.
This stage runs npm ci while NODE_ENV=production is set in the base deps image. With npm, NODE_ENV=production causes devDependencies to be omitted by default, which can break next build (TypeScript projects commonly require the typescript package during build). Consider setting NODE_ENV only in the runtime stage, or overriding it / using npm ci --include=dev for the build stage.
ui/Dockerfile
Outdated
| RUN --mount=type=cache,target=/cache/node_modules,rw \ | ||
| --mount=type=cache,target=/app/ui/.next/cache,rw \ | ||
| export NEXT_TELEMETRY_DEBUG=1 \ | ||
| && bun install --frozen-lockfile \ | ||
| && bun run build \ | ||
| && npm ci \ | ||
| && npm run build \ |
There was a problem hiding this comment.
Dependencies are installed in the deps stage already, but the builder stage runs npm ci again. Since builder is FROM deps, this reinstallation defeats layer reuse and adds build time; either remove the first install (do it only in builder) or reuse the existing node_modules and only run the build here.
ui/Makefile
Outdated
| rm -f bun.lockb | ||
| bun install | ||
| bun run build | ||
| npm install |
There was a problem hiding this comment.
For local builds, npm install can update package-lock.json and produce non-reproducible results. CI uses npm ci for the UI, so using npm ci here will keep local builds consistent and lockfile-stable.
| npm install | |
| npm ci |
ui/Makefile
Outdated
| npm audit | ||
| @echo "Security audit completed." | ||
|
|
||
| .PHONY: build |
There was a problem hiding this comment.
The .PHONY declaration above the update target is still build, so update is not marked phony. This can cause make update to no-op if a file named update exists; change this to .PHONY: update.
| .PHONY: build | |
| .PHONY: update |
ui/Dockerfile
Outdated
| # Copy package files and install dependencies | ||
| COPY package*.json ./ | ||
| RUN --mount=type=cache,target=/cache/node_modules,rw \ | ||
| bun install --frozen-lockfile \ | ||
| && bun pm ls --all \ | ||
| && bun pm hash | ||
| npm ci |
There was a problem hiding this comment.
npm ci installs into /app/ui/node_modules, but the BuildKit cache mount here targets /cache/node_modules, which npm does not use. This makes the cache mount ineffective and can slow Docker builds; mount the npm cache directory (e.g. /root/.npm) or mount /app/ui/node_modules if you intend to cache installs.
Wolfi (cgr.dev/chainguard/wolfi-base) uses versioned package names for Node.js (e.g. nodejs-22) rather than a generic 'nodejs' package. The previous 'apk add nodejs' failed with package-not-found on CI. Signed-off-by: opspawn <opspawn@users.noreply.github.com>
The BuildKit cache mount at /var/cache/apk retains stale APKINDEX files from previous CI runs that didn't include nodejs-22/npm. This causes 'apk update' to fail with 'No such file or directory' when the cached index can't resolve the new packages. Remove stale index files before update to force a fresh download. Signed-off-by: opspawn <opspawn@users.noreply.github.com>
Remove rm -f of APKINDEX files that caused stale cache errors in CI buildx. Use separate cache id for final stage to avoid contention with deps stage during parallel builds. Signed-off-by: opspawn <sean@opspawn.com> Signed-off-by: opspawn <opspawn@users.noreply.github.com>
- Move NODE_ENV=production from deps stage to runtime stage so devDependencies are available during `npm ci` / `next build` - Remove redundant `npm ci` from deps stage (builder inherits from deps and already runs `npm ci`) - Change BuildKit cache mount from /cache/node_modules to /root/.npm (npm cache directory) - Fix Makefile .PHONY declaration: build → update for the update target - Change Makefile update target from `npm install --production` to `npm ci` Signed-off-by: opspawn <opspawn@users.noreply.github.com>
npm ci ensures reproducible builds from the lockfile, matching the Docker build stage and CI pipeline behavior. Signed-off-by: opspawn <opspawn@users.noreply.github.com>
Signed-off-by: opspawn <opspawn@users.noreply.github.com>
|
All CI checks are now passing, including test-e2e (15m53s). This fix addresses the SIGILL crash from bun on older CPUs (#1331) that has been causing intermittent e2e failures across multiple PRs. Would appreciate a maintainer review when available — this is a high-value fix that unblocks e2e reliability for the whole project. |
1 similar comment
|
All CI checks are now passing, including test-e2e (15m53s). This fix addresses the SIGILL crash from bun on older CPUs (#1331) that has been causing intermittent e2e failures across multiple PRs. Would appreciate a maintainer review when available — this is a high-value fix that unblocks e2e reliability for the whole project. |
|
All CI checks passing including e2e. This bun->npm fix unblocks e2e reliability. Review appreciated. |
|
All CI checks passing including e2e (15m53s). This bun→npm fix addresses #1331 and unblocks e2e reliability across all PRs. Would appreciate a maintainer review when available. |
|
All CI checks passing including e2e (15m53s). This bun to npm fix addresses #1331 and unblocks e2e reliability across all PRs. Would appreciate a maintainer review when available. |
2 participants
Fixes #1331
Bun crashes with
SIGILL(illegal instruction) during Next.js build in Docker CI. The bun version update in #1330 did not resolve the issue.This PR replaces bun with npm/node for the UI Docker build:
nodejsandnpmvia wolfi apk instead of bun. Usenpm cifor dependency installation.npm ci && npm run buildinstead ofbun install && bun run build.nodejsvia wolfi apk instead of bun. No npm needed at runtime.node server.jsinstead ofbun server.jsto run the Next.js standalone server.TOOLS_BUN_VERSIONARG/ENV from Dockerfile since bun is no longer needed.npm is already used for UI testing in CI (
ui-testsjob), so this change aligns the Docker build with existing CI patterns.Signed-off-by: opspawn opspawn@users.noreply.github.com