From 259c87bfd35ab5d71edf505fdb930bd278e34c85 Mon Sep 17 00:00:00 2001
From: Daniel <daniel@daddelolymp.de>
Date: Sat, 7 Mar 2026 15:39:01 +0100
Subject: [PATCH] Optimize build: Kaniko cache flags, split Dockerfile stages,
 install-tools script

- Kaniko: --cache-ttl=168h, --snapshot-mode=redo, --compressed-caching=false
- Dockerfile: Split server-build into server-deps + server-build for better layer caching
- Replace rm+reinstall node_modules with npm prune --omit=dev
- Move ffmpeg/yt-dlp install to tools/install-tools.sh (single RUN layer)
- Remove separate ffmpeg-fetch stage and inline curl/yt-dlp install
- Remove $CI_COMMIT_SHA tag destination (unused, saves push time)
- bump-version: alpine/git image instead of alpine + apk add git

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .gitlab-ci.yml         |  9 +++++----
 Dockerfile             | 23 ++++++-----------------
 tools/install-tools.sh | 26 ++++++++++++++++++++++++++
 3 files changed, 37 insertions(+), 21 deletions(-)
 create mode 100644 tools/install-tools.sh

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index dbb1f9b..5c3e858 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -47,13 +47,12 @@ docker-build:
         CHANNEL="dev"
       fi
 
-      DESTINATIONS="--destination=$IMAGE_NAME:$CI_COMMIT_SHA --destination=$IMAGE_NAME:$TAG"
+      DESTINATIONS="--destination=$IMAGE_NAME:$TAG"
       if [ "$CI_COMMIT_REF_NAME" = "main" ]; then
         DESTINATIONS="$DESTINATIONS --destination=$IMAGE_NAME:latest"
       fi
 
       echo "Building for channel $CHANNEL with version $VERSION and tag $TAG"
-      echo "Using registry image: $IMAGE_NAME"
 
       /kaniko/executor \
         --context "$CI_PROJECT_DIR" \
@@ -62,6 +61,9 @@ docker-build:
         --build-arg "VITE_APP_VERSION=$VERSION" \
         --cache=true \
         --cache-repo="$IMAGE_NAME/cache" \
+        --cache-ttl=168h \
+        --snapshot-mode=redo \
+        --compressed-caching=false \
         --insecure-registry=$INTERNAL_REGISTRY \
         $DESTINATIONS
 
@@ -106,12 +108,11 @@ deploy:
 
 bump-version:
   stage: bump-version
-  image: alpine:latest
+  image: alpine/git:latest
   needs: [deploy]
   rules:
     - if: $CI_COMMIT_BRANCH == "main" && $CI_COMMIT_TITLE !~ /\[skip ci\]/
   script:
-    - apk add --no-cache git
     - |
       git config user.name "GitLab CI"
       git config user.email "ci@adriahub.de"
diff --git a/Dockerfile b/Dockerfile
index 15b7255..453a5f5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,37 +9,26 @@ ENV VITE_BUILD_CHANNEL=$VITE_BUILD_CHANNEL
 ENV VITE_APP_VERSION=$VITE_APP_VERSION
 RUN npm run build
 
-FROM node:24-slim AS server-build
+FROM node:24-slim AS server-deps
 WORKDIR /app/server
 RUN apt-get update && apt-get install -y python3 make g++ && rm -rf /var/lib/apt/lists/*
 COPY server/package*.json ./
 RUN npm install --no-audit --no-fund
+
+FROM server-deps AS server-build
 COPY server/ .
 RUN npm run build
-RUN rm -rf node_modules && npm install --omit=dev --no-audit --no-fund
-
-FROM debian:bookworm-slim AS ffmpeg-fetch
-RUN apt-get update && apt-get install -y --no-install-recommends curl xz-utils ca-certificates \
- && rm -rf /var/lib/apt/lists/* \
- && curl -L https://github.com/yt-dlp/FFmpeg-Builds/releases/download/latest/ffmpeg-master-latest-linux64-gpl.tar.xz \
-    -o /tmp/ffmpeg.tar.xz \
- && mkdir -p /tmp/ffmpeg \
- && tar -xJf /tmp/ffmpeg.tar.xz -C /tmp/ffmpeg --strip-components=2 --wildcards "*/bin/ffmpeg" \
- && chmod +x /tmp/ffmpeg/ffmpeg \
- && rm /tmp/ffmpeg.tar.xz
+RUN npm prune --omit=dev
 
 FROM node:24-slim AS runtime
 WORKDIR /app
 ENV NODE_ENV=production PORT=8080 DATA_DIR=/data
-RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl \
- && curl -L https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp_linux -o /usr/local/bin/yt-dlp \
- && chmod a+rx /usr/local/bin/yt-dlp \
- && apt-get purge -y curl && apt-get autoremove -y && rm -rf /var/lib/apt/lists/*
-COPY --from=ffmpeg-fetch /tmp/ffmpeg/ffmpeg /usr/local/bin/ffmpeg
 COPY --from=server-build /app/server/dist ./server/dist
 COPY --from=server-build /app/server/node_modules ./server/node_modules
 COPY --from=server-build /app/server/package.json ./server/package.json
 COPY --from=web-build /app/web/dist ./web/dist
+COPY tools/install-tools.sh /tmp/install-tools.sh
+RUN chmod +x /tmp/install-tools.sh && /tmp/install-tools.sh && rm /tmp/install-tools.sh
 EXPOSE 8080
 VOLUME ["/data"]
 CMD ["node", "server/dist/index.js"]
diff --git a/tools/install-tools.sh b/tools/install-tools.sh
new file mode 100644
index 0000000..0d76ea8
--- /dev/null
+++ b/tools/install-tools.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+set -e
+
+echo "[install-tools] Installing ffmpeg + yt-dlp..."
+
+apt-get update && apt-get install -y --no-install-recommends curl ca-certificates xz-utils \
+  && rm -rf /var/lib/apt/lists/*
+
+# FFmpeg (static build from yt-dlp project)
+curl -L https://github.com/yt-dlp/FFmpeg-Builds/releases/download/latest/ffmpeg-master-latest-linux64-gpl.tar.xz \
+  -o /tmp/ffmpeg.tar.xz
+mkdir -p /tmp/ffmpeg
+tar -xJf /tmp/ffmpeg.tar.xz -C /tmp/ffmpeg --strip-components=2 --wildcards "*/bin/ffmpeg"
+mv /tmp/ffmpeg/ffmpeg /usr/local/bin/ffmpeg
+chmod +x /usr/local/bin/ffmpeg
+rm -rf /tmp/ffmpeg /tmp/ffmpeg.tar.xz
+
+# yt-dlp (standalone linux binary, no Python needed)
+curl -L https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp_linux \
+  -o /usr/local/bin/yt-dlp
+chmod +x /usr/local/bin/yt-dlp
+
+# Cleanup curl/xz (keep ca-certificates for HTTPS)
+apt-get purge -y curl xz-utils && apt-get autoremove -y && rm -rf /var/lib/apt/lists/*
+
+echo "[install-tools] Done. ffmpeg=$(ffmpeg -version 2>&1 | head -1), yt-dlp=$(yt-dlp --version 2>/dev/null || echo 'ok')"