drevops · AlexSkrypnyk · Jul 18, 2025 · Jul 18, 2025 · coderabbitai · Jul 18, 2025
diff --git a/.docker/clamav.dockerfile b/.docker/clamav.dockerfile
@@ -21,7 +21,8 @@ RUN apk add --no-cache tzdata
 
 COPY .docker/config/clamav/clamav.conf /tmp/clamav.conf
 
-RUN cat /tmp/clamav.conf >> /etc/clamav/clamd.conf && rm /tmp/clamav.conf && \
+RUN cat /tmp/clamav.conf >> /etc/clamav/clamd.conf && \
+    rm /tmp/clamav.conf && \
     sed -i "s/^LogFile /# LogFile /g" /etc/clamav/clamd.conf && \
     sed -i "s/^#LogSyslog /LogSyslog /g" /etc/clamav/clamd.conf && \
     sed -i "s/^UpdateLogFile /# UpdateLogFile /g" /etc/clamav/freshclam.conf && \

diff --git a/.docker/cli.dockerfile b/.docker/cli.dockerfile
@@ -31,7 +31,7 @@ ENV DRUPAL_PRIVATE_FILES=${DRUPAL_PRIVATE_FILES}
 ARG DRUPAL_TEMPORARY_FILES="${TMP:-/tmp}"
 ENV DRUPAL_TEMPORARY_FILES=${DRUPAL_TEMPORARY_FILES}
 
-ARG DRUPAL_THEME="drevops"
+ARG DRUPAL_THEME=""
 ENV DRUPAL_THEME=${DRUPAL_THEME}
 
 ENV COMPOSER_ALLOW_SUPERUSER=1 \
@@ -47,11 +47,11 @@ ENV COMPOSER_ALLOW_SUPERUSER=1 \
 # earlier in the build process (near the top of this file).
 
 # Add more tools.
-RUN apk add --no-cache ncurses pv tzdata autoconf g++ make \
-  && pecl install pcov \
-  && docker-php-ext-enable pcov \
-  && docker-php-ext-install pcntl \
-  && apk del g++ make autoconf
+RUN apk add --no-cache ncurses pv tzdata autoconf g++ make && \
+    pecl install pcov && \
+    docker-php-ext-enable pcov && \
+    docker-php-ext-install pcntl && \
+    apk del g++ make autoconf
-# Add more tools.
-RUN apk add --no-cache ncurses pv tzdata autoconf g++ make \
-  && pecl install pcov \
-  && docker-php-ext-enable pcov \
-  && docker-php-ext-install pcntl \
-  && apk del g++ make autoconf
-RUN apk add --no-cache ncurses pv tzdata autoconf g++ make && \
-    pecl install pcov && \
-    docker-php-ext-enable pcov && \
-    docker-php-ext-install pcntl && \
-    apk del g++ make autoconf
+# Add more tools.
+RUN apk add --no-cache ncurses pv tzdata --virtual .build-deps g++ make autoconf && \
+    pecl install pcov && \
+    docker-php-ext-enable pcov && \
+    docker-php-ext-install pcntl && \
+    apk del .build-deps
-# Add more tools.
-RUN apk add --no-cache ncurses pv tzdata autoconf g++ make \
-  && pecl install pcov \
-  && docker-php-ext-enable pcov \
-  && docker-php-ext-install pcntl \
-  && apk del g++ make autoconf
-RUN apk add --no-cache ncurses pv tzdata autoconf g++ make && \
-    pecl install pcov && \
-    docker-php-ext-enable pcov && \
-    docker-php-ext-install pcntl && \
-    apk del g++ make autoconf
+# Add more tools.
+RUN apk add --no-cache ncurses pv tzdata --virtual .build-deps g++ make autoconf && \
+    pecl install pcov && \
+    docker-php-ext-enable pcov && \
+    docker-php-ext-install pcntl && \
+    apk del .build-deps
 
 # Add patches and scripts.
 COPY patches /app/patches
@@ -72,33 +72,19 @@ COPY composer.json composer.* .env* auth* /app/
 RUN if [ -n "${GITHUB_TOKEN}" ]; then export COMPOSER_AUTH="{\"github-oauth\": {\"github.com\": \"${GITHUB_TOKEN}\"}}"; fi && \
     COMPOSER_MEMORY_LIMIT=-1 composer install -n --no-dev --ansi --prefer-dist --optimize-autoloader
 
-# Install NodeJS dependencies.
-# Install NodeJS dependencies.
-# Note that package-lock.json is not explicitly copied, allowing to run the
-# stack without existing lock file (this is not advisable, but allows to build
-# using latest versions of packages). package-lock.json should be comitted to
-# the repository.
-# File Gruntfile.js is copied into image as it is required to generate
-# front-end assets.
-COPY ${WEBROOT}/themes/custom/${DRUPAL_THEME}/package.json ${WEBROOT}/themes/custom/${DRUPAL_THEME}/package* /app/${WEBROOT}/themes/custom/${DRUPAL_THEME}/
-COPY ${WEBROOT}/themes/custom/${DRUPAL_THEME}/patches /app/${WEBROOT}/themes/custom/${DRUPAL_THEME}/patches
-
-# Install NodeJS dependencies.
-# Since Drupal does not use NodeJS in production, installing development
-# dependencies here is fine — they are not exposed in any way.
-RUN yarn --cwd="/app/${WEBROOT}/themes/custom/${DRUPAL_THEME}" install --frozen-lockfile --no-progress && yarn cache clean
-
 # Copy all files into the application source directory. Existing files are
 # always overwritten.
 COPY . /app
 
 # Create file directories and set correct permissions.
 RUN mkdir -p "/app/${WEBROOT}/${DRUPAL_PUBLIC_FILES}" "/app/${WEBROOT}/${DRUPAL_PRIVATE_FILES}" "${DRUPAL_TEMPORARY_FILES}" && \
- chmod 0770 "/app/${WEBROOT}/${DRUPAL_PUBLIC_FILES}" "/app/${WEBROOT}/${DRUPAL_PRIVATE_FILES}" "${DRUPAL_TEMPORARY_FILES}"
-
-# Compile front-end assets. This runs after copying all files, as source files
-# are needed for compilation.
-WORKDIR /app/${WEBROOT}/themes/custom/${DRUPAL_THEME}
-RUN yarn run build
+    chmod 0770 "/app/${WEBROOT}/${DRUPAL_PUBLIC_FILES}" "/app/${WEBROOT}/${DRUPAL_PRIVATE_FILES}" "${DRUPAL_TEMPORARY_FILES}"
+
+RUN if [ -n "${DRUPAL_THEME}" ]; then \
+      theme_path="/app/${WEBROOT}/themes/custom/${DRUPAL_THEME}"; \
+      yarn --cwd="${theme_path}" install --frozen-lockfile --no-progress && \
+      yarn --cwd="${theme_path}" run build && \
+      yarn cache clean; \
+    fi
 
 WORKDIR /app
diff --git a/.docker/solr.dockerfile b/.docker/solr.dockerfile
@@ -17,9 +17,9 @@ COPY .docker/config/solr/config-set /solr-conf/conf/
 
 USER root
 
-RUN sed -i -e "s#<dataDir>\${solr.data.dir:}#<dataDir>/var/solr/\${solr.core.name}#g" /solr-conf/conf/solrconfig.xml \
-    && sed -i -e "s#solr.lock.type:native#solr.lock.type:none#g" /solr-conf/conf/solrconfig.xml \
-    && sed -i -e "s#solr.autoSoftCommit.MaxTime=5000#solr.autoSoftCommit.MaxTime=-1#g" /solr-conf/conf/solrcore.properties
+RUN sed -i -e "s#<dataDir>\${solr.data.dir:}#<dataDir>/var/solr/\${solr.core.name}#g" /solr-conf/conf/solrconfig.xml && \
+    sed -i -e "s#solr.lock.type:native#solr.lock.type:none#g" /solr-conf/conf/solrconfig.xml && \
+    sed -i -e "s#solr.autoSoftCommit.MaxTime=5000#solr.autoSoftCommit.MaxTime=-1#g" /solr-conf/conf/solrcore.properties
-RUN sed -i -e "s#<dataDir>\${solr.data.dir:}#<dataDir>/var/solr/\${solr.core.name}#g" /solr-conf/conf/solrconfig.xml && \
-    sed -i -e "s#solr.lock.type:native#solr.lock.type:none#g" /solr-conf/conf/solrconfig.xml && \
-    sed -i -e "s#solr.autoSoftCommit.MaxTime=5000#solr.autoSoftCommit.MaxTime=-1#g" /solr-conf/conf/solrcore.properties
+RUN sed -i \
+    -e "s#<dataDir>\${solr.data.dir:}#<dataDir>/var/solr/\${solr.core.name}#g" \
+    -e "s#solr.lock.type:native#solr.lock.type:none#g" \
+    -e "s#solr.autoSoftCommit.MaxTime=5000#solr.autoSoftCommit.MaxTime=-1#g" \
+    /solr-conf/conf/solrconfig.xml /solr-conf/conf/solrcore.properties
-RUN sed -i -e "s#<dataDir>\${solr.data.dir:}#<dataDir>/var/solr/\${solr.core.name}#g" /solr-conf/conf/solrconfig.xml && \
-    sed -i -e "s#solr.lock.type:native#solr.lock.type:none#g" /solr-conf/conf/solrconfig.xml && \
-    sed -i -e "s#solr.autoSoftCommit.MaxTime=5000#solr.autoSoftCommit.MaxTime=-1#g" /solr-conf/conf/solrcore.properties
+RUN sed -i \
+    -e "s#<dataDir>\${solr.data.dir:}#<dataDir>/var/solr/\${solr.core.name}#g" \
+    -e "s#solr.lock.type:native#solr.lock.type:none#g" \
+    -e "s#solr.autoSoftCommit.MaxTime=5000#solr.autoSoftCommit.MaxTime=-1#g" \
+    /solr-conf/conf/solrconfig.xml /solr-conf/conf/solrcore.properties
 
 USER solr
 

diff --git a/.github/workflows/build-test-deploy.yml b/.github/workflows/build-test-deploy.yml
@@ -96,6 +96,8 @@ jobs:
         if: github.event_name == 'schedule'
         run: |
           echo "VORTEX_CI_DB_CACHE_FALLBACK=no" >> "$GITHUB_ENV"
+          # Do not build the Drupal front-end.
+          echo "DRUPAL_THEME=" >> "$GITHUB_ENV"
 
       - name: Create cache keys files for database caching
         run: |
@@ -217,6 +219,7 @@ jobs:
         run: ./scripts/vortex/login-container-registry.sh
 
       - name: Lint Dockerfiles with Hadolint
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: |
           find .docker -name 'Dockerfile' -o -name '*.dockerfile' | while read -r file; do
             echo "Linting ${file}" && cat "${file}" | docker run --rm -i hadolint/hadolint
@@ -241,38 +244,47 @@ jobs:
           docker compose exec $(env | cut -f1 -d= | sed 's/^/-e /') -T cli bash -c "yarn install --frozen-lockfile"
 
       - name: Validate Composer configuration is normalized
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: docker compose exec -T cli composer normalize --dry-run
         continue-on-error: ${{ vars.VORTEX_CI_COMPOSER_NORMALIZE_IGNORE_FAILURE == '1' }}
 
       - name: Lint code with PHPCS
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: docker compose exec -T cli vendor/bin/phpcs
         continue-on-error: ${{ vars.VORTEX_CI_PHPCS_IGNORE_FAILURE == '1' }}
 
       - name: Lint code with PHPStan
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: docker compose exec -T cli vendor/bin/phpstan
         continue-on-error: ${{ vars.VORTEX_CI_PHPSTAN_IGNORE_FAILURE == '1' }}
 
       - name: Lint code with Rector
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: docker compose exec -T cli vendor/bin/rector --clear-cache --dry-run
         continue-on-error: ${{ vars.VORTEX_CI_RECTOR_IGNORE_FAILURE == '1' }}
 
       - name: Lint code with PHPMD
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: docker compose exec -T cli vendor/bin/phpmd . text phpmd.xml
         continue-on-error: ${{ vars.VORTEX_CI_PHPMD_IGNORE_FAILURE == '1' }}
 
       - name: Lint code with Twig CS Fixer
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: docker compose exec -T cli vendor/bin/twig-cs-fixer
         continue-on-error: ${{ vars.VORTEX_CI_TWIG_CS_FIXER_IGNORE_FAILURE == '1' }}
 
       - name: Lint code with Gherkin Lint
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: docker compose exec -T cli vendor/bin/gherkinlint lint tests/behat/features
         continue-on-error: ${{ vars.VORTEX_CI_GHERKIN_LINT_IGNORE_FAILURE == '1' }}
 
       - name: Lint module code with NodeJS linters
+        if: ${{ matrix.instance == 0 || strategy.job-total == 1 }}
         run: docker compose exec -T cli bash -c "yarn run lint"
         continue-on-error: ${{ vars.VORTEX_CI_NODEJS_LINT_IGNORE_FAILURE == '1' }}
 
       - name: Lint theme code with NodeJS linters
+        if: ${{ (matrix.instance == 0 || strategy.job-total == 1) && env.DRUPAL_THEME != '' }}
         run: docker compose exec -T cli bash -c "yarn --cwd=\${WEBROOT}/themes/custom/\${DRUPAL_THEME} run lint"
         continue-on-error: ${{ vars.VORTEX_CI_NODEJS_LINT_IGNORE_FAILURE == '1' }}
 

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -86,6 +86,7 @@ services:
         DRUPAL_PUBLIC_FILES: ${DRUPAL_PUBLIC_FILES:-sites/default/files}
         DRUPAL_PRIVATE_FILES: ${DRUPAL_PRIVATE_FILES:-sites/default/files/private}
         DRUPAL_TEMPORARY_FILES: ${DRUPAL_TEMPORARY_FILES:-/tmp}
+        DRUPAL_THEME: ${DRUPAL_THEME:-}
     image: &cli-image ${COMPOSE_PROJECT_NAME:-example_site}
     user: root
     <<: *default-volumes