From 090063bd43ed8420d8c5384292eee6b427e3d8d6 Mon Sep 17 00:00:00 2001 From: Peter Steinberger Date: Mon, 27 Apr 2026 07:57:56 +0100 Subject: [PATCH] fix(ci): harden cron and Docker validation --- Dockerfile | 16 +++++++++++++--- src/dockerfile.test.ts | 4 ++++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index fa44b115df8..8e32e6f8cce 100644 --- a/Dockerfile +++ b/Dockerfile @@ -72,10 +72,20 @@ RUN --mount=type=cache,id=openclaw-pnpm-store,target=/root/.local/share/pnpm/sto NODE_OPTIONS=--max-old-space-size=2048 pnpm install --frozen-lockfile # pnpm v10+ may append peer-resolution hashes to virtual-store folder names; do not hardcode `.pnpm/...` -# paths. Fail fast here if the Matrix native binding did not materialize after install. -RUN echo "==> Verifying critical native addons..." && \ +# paths. Matrix's native downloader can hit transient release CDN errors while +# still exiting successfully, so retry the package downloader before failing. +RUN set -eux; \ + echo "==> Verifying critical native addons..."; \ + for attempt in 1 2 3 4 5; do \ + if find /app/node_modules -name "matrix-sdk-crypto*.node" 2>/dev/null | grep -q .; then \ + exit 0; \ + fi; \ + echo "matrix-sdk-crypto native addon missing; retrying download (${attempt}/5)"; \ + node /app/node_modules/@matrix-org/matrix-sdk-crypto-nodejs/download-lib.js || true; \ + sleep $((attempt * 2)); \ + done; \ find /app/node_modules -name "matrix-sdk-crypto*.node" 2>/dev/null | grep -q . || \ - (echo "ERROR: matrix-sdk-crypto native addon missing (pnpm install may have silently failed on this arch)" >&2 && exit 1) + (echo "ERROR: matrix-sdk-crypto native addon missing after retries" >&2 && exit 1) COPY . . diff --git a/src/dockerfile.test.ts b/src/dockerfile.test.ts index c140f2128a1..f21cbbe6323 100644 --- a/src/dockerfile.test.ts +++ b/src/dockerfile.test.ts @@ -48,6 +48,10 @@ describe("Dockerfile", () => { const dockerfile = await readFile(dockerfilePath, "utf8"); expect(dockerfile).toContain("Verifying critical native addons"); expect(dockerfile).toContain('find /app/node_modules -name "matrix-sdk-crypto*.node"'); + expect(dockerfile).toContain( + "node /app/node_modules/@matrix-org/matrix-sdk-crypto-nodejs/download-lib.js", + ); + expect(dockerfile).toContain("matrix-sdk-crypto native addon missing after retries"); expect(dockerfile).not.toMatch( /ADDON_DIR=.*node_modules\/\.pnpm\/@matrix-org\+matrix-sdk-crypto-nodejs@/, );