Disable corepack integrity check to fix Docker build

[ksuderman]

Fix Docker build failure due to corepack signature verification

Summary

• Fix corepack signature verification failure during Docker image build by disabling integrity checks

Description

Docker builds of the Galaxy container image are failing during the client build stage with a corepack signature verification error. This is caused by pnpm's recent key rotation (see nodejs/corepack#612), where the signing keys used for pnpm packages were changed, but older versions of corepack still have the old public keys embedded.

Node.js 22.13.0 (specified in client/.node_version) ships with a corepack version that has outdated pnpm public keys, causing corepack enable pnpm to fail when it tries to download and verify pnpm.

This PR adds ENV COREPACK_INTEGRITY_KEYS=0 to the client build stage of .k8s_ci.Dockerfile to disable signature verification as a workaround until a proper fix is ready; likely to the ansible-galaxy playbook.

Additional Consideration

There's also a recent change (January 15, 2026) to the ansible-galaxy role (PR #241) that skips nodeenv installation for Galaxy >= 25.1, expecting system Node.js to be available. This could cause issues for Docker builds that use the python:3.12-slim base image (which has no Node.js). However, this appears to be separate from the immediate corepack signature issue.

Test plan

• Verify Docker image builds successfully with docker build -f .k8s_ci.Dockerfile .
• Verify the built image starts correctly and serves the Galaxy API

License

• I agree to license these and all my past contributions to the core galaxy codebase under the MIT license.

[mvdbeek]

There's also a recent change (January 15, 2026) to the ansible-galaxy role (PR #241) that skips nodeenv installation for Galaxy >= 25.1, expecting system Node.js to be available.

galaxyproject/ansible-galaxy#241 uses the node shipped by https://github.com/galaxyproject/galaxy/blob/dev/lib/galaxy/dependencies/pinned-requirements.txt#L165, which should fix https://github.com/galaxyproject/galaxy/actions/runs/21365524632/job/61496112260#step:9:1350.

Fix corepack signature verification failure during Docker image build by disabling integrity checks

where can we see this ? in recent builds for 25.1 and dev I only see exit code 127

[ksuderman]

There's also a recent change (January 15, 2026) to the ansible-galaxy role (PR #241) that skips nodeenv installation for Galaxy >= 25.1, expecting system Node.js to be available.

galaxyproject/ansible-galaxy#241 uses the node shipped by https://github.com/galaxyproject/galaxy/blob/dev/lib/galaxy/dependencies/pinned-requirements.txt#L165, which should fix https://github.com/galaxyproject/galaxy/actions/runs/21365524632/job/61496112260#step:9:1350.

Yeah, that was Claude and I left the comment in just in case.

Fix corepack signature verification failure during Docker image build by disabling integrity checks

where can we see this ? in recent builds for 25.1 and dev I only see exit code 127

I first noticed it at https://github.com/galaxyproject/galaxy/actions/runs/21183348750/job/60931142049#step:9:1483 but it does look like it was replaced with corepack not found errors a couple of PRs later. I'm not sure if the key issue has been resolved, or if this latest error is just masking it.