From fb01e7c0c2e263e845c0f1d61730e15cb351915f Mon Sep 17 00:00:00 2001
From: Steve Larson <9larsons@gmail.com>
Date: Fri, 22 May 2026 20:31:43 -0500
Subject: [PATCH] Improved production Docker build caching

The production image copied the full app and set the per-commit build version before installing production dependencies, so ordinary source changes could invalidate the expensive pnpm install layer. Copying dependency metadata first and setting the build version later makes cache hits easier to diagnose and reuse.
---
 .github/workflows/ci.yml |  4 ++++
 Dockerfile.production    | 17 +++++++++++------
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 6a885602918..cc0337ce0c2 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -951,6 +951,8 @@ jobs:
 
       - name: Build & push core image
         uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7
+        env:
+          BUILDKIT_PROGRESS: plain
         with:
           context: /tmp/ghost-production
           file: Dockerfile.production
@@ -967,6 +969,8 @@ jobs:
 
       - name: Build & push full image
         uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7
+        env:
+          BUILDKIT_PROGRESS: plain
         with:
           context: /tmp/ghost-production
           file: Dockerfile.production
diff --git a/Dockerfile.production b/Dockerfile.production
index 629b8020fa4..eed15976467 100644
--- a/Dockerfile.production
+++ b/Dockerfile.production
@@ -12,9 +12,7 @@ ARG NODE_VERSION=22.18.0
 # ---- Core: server + production deps ----
 FROM node:$NODE_VERSION-bookworm-slim AS core
 
-ARG GHOST_BUILD_VERSION=""
 ENV NODE_ENV=production
-ENV GHOST_BUILD_VERSION=${GHOST_BUILD_VERSION}
 
 RUN apt-get update && \
     apt-get install -y --no-install-recommends libjemalloc2 fontconfig && \
@@ -25,10 +23,11 @@ RUN apt-get update && \
 
 WORKDIR /home/ghost
 
-COPY --exclude=core/built/admin . .
-
 RUN corepack enable
 
+COPY package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./
+COPY components ./components
+
 RUN --mount=type=cache,target=/root/.local/share/pnpm/store,id=pnpm-store \
     apt-get update && \
     apt-get install -y --no-install-recommends build-essential python3 && \
@@ -36,8 +35,11 @@ RUN --mount=type=cache,target=/root/.local/share/pnpm/store,id=pnpm-store \
     (cd node_modules/sqlite3 && npm run install) && \
     apt-get purge -y build-essential python3 && \
     apt-get autoremove -y && \
-    rm -rf /var/lib/apt/lists/* && \
-    mkdir -p default log && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY --exclude=core/built/admin . .
+
+RUN mkdir -p default log && \
     cp -R content base_content && \
     cp -R content/themes/casper default/casper && \
     ([ -d content/themes/source ] && cp -R content/themes/source default/source || true) && \
@@ -45,6 +47,9 @@ RUN --mount=type=cache,target=/root/.local/share/pnpm/store,id=pnpm-store \
     chown -R nobody:nogroup /home/ghost/* && \
     chown -R ghost:ghost /home/ghost/content /home/ghost/log
 
+ARG GHOST_BUILD_VERSION=""
+ENV GHOST_BUILD_VERSION=${GHOST_BUILD_VERSION}
+
 USER ghost
 ENV LD_PRELOAD=libjemalloc.so.2