fix(ci): add Verdaccio to stack and Gate 7 for @esbuild-kit registry

The base-node-deps Docker build failed because .npmrc routes @esbuild-kit packages to localhost:4873 (Verdaccio), which is unreachable inside BuildKit. - Add Verdaccio service to docker-compose.stack.yml with patched tarballs - Start Verdaccio in Gate 7 Tier 1 before base-node-deps build - Configure buildx with network=host so BuildKit can reach localhost:4873 - Update verdaccio.yaml storage path for container volume mount Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-24 22:04:56 +00:00 · 2026-03-11 22:38:17 +00:00
parent ad51d61ee4
commit 45daa18bb1
3 changed files with 84 additions and 4 deletions
--- a/.github/workflows/gated-pipeline.yml
+++ b/.github/workflows/gated-pipeline.yml
@@ -1342,6 +1342,56 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v4
+        with:
+          # host networking lets BuildKit reach Verdaccio on localhost:4873
+          driver-opts: network=host
+
+      - name: Start Verdaccio and publish patched packages
+        if: matrix.image == 'base-node-deps'
+        shell: bash
+        run: |
+          npm install -g verdaccio@6 --silent
+
+          mkdir -p /tmp/verdaccio-storage
+          cat > /tmp/verdaccio-ci.yaml << 'VERDACCIO_EOF'
+          storage: /tmp/verdaccio-storage
+          uplinks:
+            npmjs:
+              url: https://registry.npmjs.org/
+              timeout: 60s
+              max_fails: 3
+          packages:
+            '@esbuild-kit/*':
+              access: $all
+              publish: $all
+              proxy: npmjs
+            '**':
+              access: $all
+              publish: $all
+              proxy: npmjs
+          server:
+            keepAliveTimeout: 60
+          log:
+            type: stdout
+            format: pretty
+            level: warn
+          listen: 0.0.0.0:4873
+          VERDACCIO_EOF
+
+          verdaccio --config /tmp/verdaccio-ci.yaml &
+          timeout 30 bash -c 'until curl -sf http://localhost:4873/-/ping >/dev/null 2>&1; do sleep 1; done'
+          echo "Verdaccio ready"
+
+          # Publish patched tarballs
+          for tarball in deployment/npm-patches/*.tgz; do
+            [ -f "$tarball" ] || continue
+            echo "Publishing $tarball..."
+            npm publish "$tarball" \
+              --registry http://localhost:4873 \
+              --tag patched \
+              2>&1 | grep -v "^npm notice" || true
+          done
+          echo "Patched packages published to Verdaccio"

      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v4