ci: use packaged tarball for docker e2e

scripts/e2e/Dockerfile

@@ -1,4 +1,8 @@
 # syntax=docker/dockerfile:1.7
+#
+# Shared Docker E2E image.
+# `bare` is a clean Node/Git runner for install/update lanes. `functional`
+# installs the prepared OpenClaw npm tarball into /app for built-app lanes.
 
 FROM node:24-bookworm-slim@sha256:e8e2e91b1378f83c5b2dd15f0247f34110e2fe895f6ca7719dbb780f929368eb AS e2e-runner
 
@@ -7,12 +11,14 @@ RUN apt-get update \
  && rm -rf /var/lib/apt/lists/*
 
 RUN corepack enable
+RUN npm install -g tsx@4.21.0 --no-fund --no-audit
 
 RUN useradd --create-home --shell /bin/bash appuser \
  && mkdir -p /app \
  && chown appuser:appuser /app
 
 ENV HOME="/home/appuser"
+ENV PATH="/home/appuser/.local/bin:${PATH}"
 ENV NODE_OPTIONS="--disable-warning=ExperimentalWarning"
 # Docker E2E lanes start many loopback gateways concurrently; mDNS advertising
 # is unrelated to those checks and can flap under container CPU/network load.
@@ -21,48 +27,23 @@ ENV OPENCLAW_DISABLE_BONJOUR="1"
 USER appuser
 WORKDIR /app
 
-FROM e2e-runner AS deps
-
-COPY --chown=appuser:appuser package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./
-COPY --chown=appuser:appuser ui/package.json ./ui/package.json
-COPY --chown=appuser:appuser patches ./patches
-COPY --chown=appuser:appuser scripts/postinstall-bundled-plugins.mjs scripts/preinstall-package-manager-warning.mjs scripts/npm-runner.mjs scripts/windows-cmd-helpers.mjs ./scripts/
-RUN --mount=type=bind,source=extensions,target=/tmp/extensions,readonly \
-    find /tmp/extensions -mindepth 2 -maxdepth 2 -name package.json -print | \
-    while IFS= read -r manifest; do \
-      dest="${manifest#/tmp/}"; \
-      mkdir -p "$(dirname "$dest")"; \
-      cp "$manifest" "$dest"; \
-    done
-
-RUN --mount=type=cache,id=openclaw-pnpm-store,target=/home/appuser/.local/share/pnpm/store,sharing=locked \
-    pnpm install --frozen-lockfile
-
-FROM deps AS build
-
-COPY --chown=appuser:appuser .oxlintrc.json tsconfig.json tsconfig.plugin-sdk.dts.json tsconfig.oxlint*.json tsdown.config.ts vitest.config.ts openclaw.mjs ./
-COPY --chown=appuser:appuser src ./src
-COPY --chown=appuser:appuser test ./test
-COPY --chown=appuser:appuser scripts ./scripts
-COPY --chown=appuser:appuser docs ./docs
-COPY --chown=appuser:appuser packages ./packages
-COPY --chown=appuser:appuser skills ./skills
-COPY --chown=appuser:appuser ui ./ui
-COPY --chown=appuser:appuser extensions ./extensions
-COPY --chown=appuser:appuser vendor/a2ui/renderers/lit ./vendor/a2ui/renderers/lit
-COPY --chown=appuser:appuser apps/shared/OpenClawKit/Sources/OpenClawKit/Resources ./apps/shared/OpenClawKit/Sources/OpenClawKit/Resources
-COPY --chown=appuser:appuser apps/shared/OpenClawKit/Tools/CanvasA2UI ./apps/shared/OpenClawKit/Tools/CanvasA2UI
-
-RUN pnpm build
-# Onboard Docker E2E does not exercise the Control UI itself; it only needs the
-# asset-existence check to pass so configure/onboard can continue.
-RUN mkdir -p dist/control-ui \
-  && printf '%s\n' '<!doctype html><title>OpenClaw Control UI</title>' > dist/control-ui/index.html
+FROM e2e-runner AS bare
 
 CMD ["bash"]
 
-FROM build AS functional
-
-RUN node scripts/stage-bundled-plugin-runtime-deps.mjs
+FROM bare AS build
+
+CMD ["bash"]
+
+FROM bare AS functional
+
+# The app under test enters through the named BuildKit context, not by copying
+# checkout sources into the image.
+COPY --from=openclaw_package --chown=appuser:appuser openclaw-current.tgz /tmp/openclaw-current.tgz
+RUN npm install -g --prefix /tmp/openclaw-prefix /tmp/openclaw-current.tgz --no-fund --no-audit \
+ && cp -a /tmp/openclaw-prefix/lib/node_modules/openclaw/. /app/ \
+ && mkdir -p "$HOME/.local/bin" \
+ && ln -sf /app/openclaw.mjs "$HOME/.local/bin/openclaw" \
+ && rm -rf /tmp/openclaw-prefix /tmp/openclaw-current.tgz
 
 CMD ["bash"]