From c723c68d4d08b7c22c86080233f52e5d5e0da948 Mon Sep 17 00:00:00 2001
From: Alexander Tarasov <git@oioki.me>
Date: Mon, 2 Mar 2026 18:22:25 +0100
Subject: [PATCH] Revert "build(docker): Switch to Docker Hardened Images (DHI)
 (#212)"

This reverts commit 840b7f725e3db6df419f9eef6fd721be9b851295.
---
 Dockerfile | 45 ++++++++++++++++++++-------------------------
 1 file changed, 20 insertions(+), 25 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 3c00a57..8eb26c3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,43 +1,38 @@
-FROM us-docker.pkg.dev/sentryio/dhi/node:24-debian13-dev AS builder
+FROM node:24.14.0 AS builder
 
-WORKDIR /build
-
-COPY package.json yarn.lock ./
+COPY package.json yarn.lock .
 RUN yarn install --frozen-lockfile
 
 COPY tsconfig.json .
 COPY src src
 RUN yarn build
 
-# Drop devDependencies from node_modules for the runtime image
-RUN yarn install --frozen-lockfile --production
+FROM node:24.14.0-slim
 
-# canvas 3.x bundles its graphics libs (libcairo, libpango, etc.) but its
-# bundled librsvg/glib still need a few basic system libs absent from the
-# minimal runtime image. Collect them here to copy in without pulling the
-# entire -dev system into the runtime.
-RUN mkdir -p /canvas-sys-libs && \
-    find /lib /usr/lib -maxdepth 3 \( \
-        -name "libz.so.1*" -o \
-        -name "libexpat.so.1*" -o \
-        -name "libuuid.so.1*" -o \
-        -name "liblzma.so.5*" \
-    \) -exec cp -P --parents {} /canvas-sys-libs/ \;
+ENV NODE_ENV=production
 
+RUN npm install -g npm@latest \
+    && npm cache clean --force
 
-FROM us-docker.pkg.dev/sentryio/dhi/node:24-debian13
-
-ENV NODE_ENV=production
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        build-essential \
+        libcairo2-dev \
+        libpango1.0-dev \
+        libjpeg-dev \
+        libgif-dev \
+        librsvg2-dev \
+    && rm -rf /var/lib/apt/lists/*
 
 WORKDIR /usr/src/app
 
-COPY package.json ./
+COPY package.json yarn.lock ./
+RUN yarn install --frozen-lockfile \
+    && yarn cache clean
+
 COPY fonts fonts
-COPY --from=builder /build/node_modules node_modules
-COPY --from=builder /build/lib lib
-COPY --from=builder /canvas-sys-libs/ /
+COPY --from=builder lib lib
 
-RUN ["node", "lib/index.js", "--help"]
+RUN node lib/index.js --help
 
 EXPOSE 9090/tcp
 CMD ["node", "./lib/index.js", "server", "9090"]