Skip to content

Fix build image #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Trung-DV wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Fix build image #37

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
80a4547
Fix build image
Trung-DV Jul 24, 2025
738855b
Pin version
Trung-DV Jul 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM oven/bun:1.1.42 AS build-stage
FROM oven/bun:1.2 AS build-stage
Copy link
Contributor

@coderabbitai coderabbitai bot Jul 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Pin the Bun image to an explicit version/digest for deterministic builds

Moving from oven/bun:1.1.42 to the floating tag 1.2 improves currency but sacrifices reproducibility—1.2 will resolve to different patch versions over time. Consider parametrising or digest-pinning the image so both stages always use the same, immutable base.

- FROM oven/bun:1.2 AS build-stage
+ARG BUN_VERSION=1.2.0          # or a SHA-256 digest
+FROM oven/bun:${BUN_VERSION} AS build-stage- FROM oven/bun:1.2 AS serve-stage
+FROM oven/bun:${BUN_VERSION} AS serve-stage

This keeps the convenience of a single version declaration while guaranteeing identical builds and easing future upgrades (just bump BUN_VERSION).

Also applies to: 13-13

🏁 Script executed:

#!/bin/bash
# Search for all uses of the oven/bun image in the Dockerfile
rg "FROM oven/bun" -n Dockerfile

Length of output: 105

Pin the Bun base image for reproducible builds

Using the floating tag 1.2 risks pulling different patch releases over time. Pin to an exact version or digest so both stages remain immutable:

• Dockerfile, lines 1 & 13

Suggested diff:

+ ARG BUN_VERSION=1.2.0               # or a SHA256 digest
  FROM oven/bun:1.2 AS build-stage
- FROM oven/bun:1.2 AS build-stage
+ FROM oven/bun:${BUN_VERSION} AS build-stage- FROM oven/bun:1.2 AS serve-stage
+ FROM oven/bun:${BUN_VERSION} AS serve-stage

This centralizes the version declaration and guarantees identical builds—and future upgrades only require bumping BUN_VERSION.

🤖 Prompt for AI Agents 
In Dockerfile lines 1 and 13, the Bun base image is referenced with a floating
tag "1.2", which can lead to inconsistent builds. To fix this, define a build
argument or environment variable for the exact Bun version or digest at the top
of the Dockerfile, then use this variable in both FROM statements to pin the
image version. This ensures reproducible builds and simplifies future version
upgrades by changing the version in a single place.


WORKDIR /app

Expand All @@ -10,7 +10,7 @@ COPY . .

RUN bun run build

FROM oven/bun:1.1.42 AS serve-stage
FROM oven/bun:1.2 AS serve-stage

WORKDIR /app

Expand Down