From 83a5595abf3413d625b08be1465947c604ca2386 Mon Sep 17 00:00:00 2001 From: Mehdi Bouaziz Date: Thu, 12 Feb 2026 16:48:47 +0000 Subject: [PATCH 1/2] Add --no-install-recommends to all apt-get install calls Avoid pulling in unnecessary recommended packages, reducing image size. Co-Authored-By: Claude Opus 4.6 --- bin/apt-install.sh | 10 +++++----- skiplang/Dockerfile | 4 ++-- skipruntime-ts/tests/native_addon/Dockerfile | 4 ++-- .../tests/native_addon_unreleased/Dockerfile | 4 ++-- sql/Dockerfile | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/bin/apt-install.sh b/bin/apt-install.sh index 37454c698..d50b79fa4 100755 --- a/bin/apt-install.sh +++ b/bin/apt-install.sh @@ -25,12 +25,12 @@ for step in "${steps[@]}"; do case "$step" in skiplang-build-deps) apt-get update - apt-get install -q -y wget gnupg + apt-get install -q -y --no-install-recommends wget gnupg wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - echo "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-$LLVM_VERSION main" >> /etc/apt/sources.list.d/llvm.list echo "deb-src http://apt.llvm.org/jammy/ llvm-toolchain-jammy-$LLVM_VERSION main" >> /etc/apt/sources.list.d/llvm.list apt-get update - apt-get install -q -y automake clang-$LLVM_VERSION file gawk git lld-$LLVM_VERSION llvm-$LLVM_VERSION make + apt-get install -q -y --no-install-recommends automake clang-$LLVM_VERSION file gawk git lld-$LLVM_VERSION llvm-$LLVM_VERSION make update-alternatives --install /usr/bin/clang clang /usr/bin/clang-$LLVM_VERSION $PRIORITY \ --slave /usr/bin/clang++ clang++ /usr/bin/clang++-$LLVM_VERSION \ @@ -46,18 +46,18 @@ for step in "${steps[@]}"; do wget -O - https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | apt-key add - echo "deb https://deb.nodesource.com/node_22.x nodistro main" >> /etc/apt/sources.list.d/nodejs.list apt-get update - apt-get install -q -y nodejs jq + apt-get install -q -y --no-install-recommends nodejs jq ;; other-CI-tools) # Assumes other steps have been run before - apt-get install -q -y clang-format-$LLVM_VERSION docker.io docker-buildx parallel pip shellcheck + apt-get install -q -y --no-install-recommends clang-format-$LLVM_VERSION docker.io docker-buildx parallel pip shellcheck # Version from requirements-dev.txt (check repo root, then /tmp for docker builds) BLACK_VERSION=$(grep '^black==' requirements-dev.txt /tmp/requirements-dev.txt 2>/dev/null | head -1 | cut -d'=' -f3) pip install black=="${BLACK_VERSION:-26.1.0}" update-alternatives --auto clang ;; other-dev-tools) - apt-get install -q -y rsync + apt-get install -q -y --no-install-recommends rsync ;; *) echo "Unknown step $step" diff --git a/skiplang/Dockerfile b/skiplang/Dockerfile index 7fc4aabae..1ae65be42 100644 --- a/skiplang/Dockerfile +++ b/skiplang/Dockerfile @@ -11,10 +11,10 @@ ARG LLVM_VERSION=20 # Note: [trusted=yes] is needed because apt.llvm.org's GPG key uses SHA1 signatures # which modern Debian rejects since Feb 2026. This is an upstream LLVM issue. RUN apt-get update --quiet && \ - apt-get install --quiet --yes make wget && \ + apt-get install --quiet --yes --no-install-recommends make wget && \ echo "deb [trusted=yes] http://apt.llvm.org/bookworm/ llvm-toolchain-bookworm-${LLVM_VERSION} main" > /etc/apt/sources.list.d/llvm.list && \ apt-get update --quiet && \ - apt-get install --quiet --yes \ + apt-get install --quiet --yes --no-install-recommends \ clang-${LLVM_VERSION} \ llvm-${LLVM_VERSION} \ lld-${LLVM_VERSION} && \ diff --git a/skipruntime-ts/tests/native_addon/Dockerfile b/skipruntime-ts/tests/native_addon/Dockerfile index 0fb3c9299..39caaaf12 100644 --- a/skipruntime-ts/tests/native_addon/Dockerfile +++ b/skipruntime-ts/tests/native_addon/Dockerfile @@ -2,9 +2,9 @@ FROM ubuntu:latest # install dependencies needed to build the node addon RUN apt-get update --quiet \ - && apt-get install --quiet --yes g++ make python3 wget \ + && apt-get install --quiet --yes --no-install-recommends g++ make python3 wget \ && wget --quiet --output-document=- https://deb.nodesource.com/setup_22.x | bash - \ - && apt-get install --quiet --yes nodejs \ + && apt-get install --quiet --yes --no-install-recommends nodejs \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* \ && npm install --global typescript \ diff --git a/skipruntime-ts/tests/native_addon_unreleased/Dockerfile b/skipruntime-ts/tests/native_addon_unreleased/Dockerfile index 7b14ad5ae..486134993 100644 --- a/skipruntime-ts/tests/native_addon_unreleased/Dockerfile +++ b/skipruntime-ts/tests/native_addon_unreleased/Dockerfile @@ -2,9 +2,9 @@ FROM ubuntu:latest # install dependencies needed to build the node addon RUN apt-get update --quiet \ - && apt-get install --quiet --yes g++ make python3 wget \ + && apt-get install --quiet --yes --no-install-recommends g++ make python3 wget \ && wget --quiet --output-document=- https://deb.nodesource.com/setup_22.x | bash - \ - && apt-get install --quiet --yes nodejs \ + && apt-get install --quiet --yes --no-install-recommends nodejs \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* \ && npm install --global typescript \ diff --git a/sql/Dockerfile b/sql/Dockerfile index e798a9e6c..e51b09729 100644 --- a/sql/Dockerfile +++ b/sql/Dockerfile @@ -1,6 +1,6 @@ FROM skiplabs/skip AS base -RUN apt-get update && apt-get install -q -y curl sqlite3 unzip zip && \ +RUN apt-get update && apt-get install -q -y --no-install-recommends curl sqlite3 unzip zip && \ npm install -g bun && \ npx playwright install-deps && \ apt-get clean && rm -rf /var/lib/apt/lists/* && \ From c121058dfea43052ce40998086e57c4737482409 Mon Sep 17 00:00:00 2001 From: Mehdi Bouaziz Date: Thu, 12 Feb 2026 17:19:32 +0000 Subject: [PATCH 2/2] Fix: explicitly install npm alongside nodejs Ubuntu's nodejs package lists npm as a recommended (not required) dependency, so --no-install-recommends skips it. Add npm explicitly. Co-Authored-By: Claude Opus 4.6 --- bin/apt-install.sh | 2 +- skipruntime-ts/tests/native_addon/Dockerfile | 2 +- skipruntime-ts/tests/native_addon_unreleased/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/bin/apt-install.sh b/bin/apt-install.sh index d50b79fa4..60475b700 100755 --- a/bin/apt-install.sh +++ b/bin/apt-install.sh @@ -46,7 +46,7 @@ for step in "${steps[@]}"; do wget -O - https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | apt-key add - echo "deb https://deb.nodesource.com/node_22.x nodistro main" >> /etc/apt/sources.list.d/nodejs.list apt-get update - apt-get install -q -y --no-install-recommends nodejs jq + apt-get install -q -y --no-install-recommends nodejs npm jq ;; other-CI-tools) # Assumes other steps have been run before diff --git a/skipruntime-ts/tests/native_addon/Dockerfile b/skipruntime-ts/tests/native_addon/Dockerfile index 39caaaf12..64b659e2a 100644 --- a/skipruntime-ts/tests/native_addon/Dockerfile +++ b/skipruntime-ts/tests/native_addon/Dockerfile @@ -4,7 +4,7 @@ FROM ubuntu:latest RUN apt-get update --quiet \ && apt-get install --quiet --yes --no-install-recommends g++ make python3 wget \ && wget --quiet --output-document=- https://deb.nodesource.com/setup_22.x | bash - \ - && apt-get install --quiet --yes --no-install-recommends nodejs \ + && apt-get install --quiet --yes --no-install-recommends nodejs npm \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* \ && npm install --global typescript \ diff --git a/skipruntime-ts/tests/native_addon_unreleased/Dockerfile b/skipruntime-ts/tests/native_addon_unreleased/Dockerfile index 486134993..e0a95836f 100644 --- a/skipruntime-ts/tests/native_addon_unreleased/Dockerfile +++ b/skipruntime-ts/tests/native_addon_unreleased/Dockerfile @@ -4,7 +4,7 @@ FROM ubuntu:latest RUN apt-get update --quiet \ && apt-get install --quiet --yes --no-install-recommends g++ make python3 wget \ && wget --quiet --output-document=- https://deb.nodesource.com/setup_22.x | bash - \ - && apt-get install --quiet --yes --no-install-recommends nodejs \ + && apt-get install --quiet --yes --no-install-recommends nodejs npm \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* \ && npm install --global typescript \