Permit Docker use in read-only mode and/or offline env.

[Maxime-J]

Since the pnpm switch, a few users complained about filesystem or download errors using docker image.
Indeed, prisma engines were not included anymore in the image (because of the pnpm lifecycle scripts policy).

It moreover coincided with a change in custom route handling which required to have write permissions.

Now that the custom route logic has been abandoned, this PR adds the needed prisma engines back in the image so that it would be fully working in read-only mode and/or offline environment.

Details:
-Even with the new adapter method, specific engine is still needed for prisma migrate deploy in check-db script.
-chown step was there to handle the prisma engine download at first execution, so not needed anymore.
-Image size will be slightly increased, my local test shows a 25 MB difference.

[vercel]

@Maxime-J is attempting to deploy a commit to the umami-software Team on Vercel.

A member of the Team first needs to authorize it.

[greptile-apps]

Greptile Overview

Greptile Summary

Fixed Docker image compatibility with read-only filesystems and offline environments by enabling Prisma engine installation during build phase.

• Added --allow-build='@prisma/engines' flag to pnpm command to allow Prisma postinstall scripts to run
• Removed unnecessary chown command that was previously needed for runtime engine downloads
• Ensures prisma migrate deploy command works correctly in the check-db script
• Increases image size by approximately 25MB due to bundled native binaries
• Resolves filesystem permission errors reported by users after the pnpm migration

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The change is well-targeted and solves a real issue. The --allow-build flag is the correct pnpm approach for enabling lifecycle scripts selectively, maintaining security while fixing the Prisma engine installation. The removal of the chown command is appropriate since engines are now installed during build rather than runtime. The 25MB image size increase is acceptable for the functionality gained.
• No files require special attention

Important Files Changed

File Analysis

Filename	Score	Overview
Dockerfile	5/5	Added --allow-build='@prisma/engines' flag to enable Prisma engine installation during build, removed unnecessary chown command

Sequence Diagram

sequenceDiagram
    participant Build as Docker Build
    participant PNPM as pnpm
    participant Prisma as @prisma/engines
    participant FS as Filesystem
    
    Note over Build,FS: Runtime Stage (node:22-alpine)
    Build->>PNPM: pnpm --allow-build='@prisma/engines' add [email protected]
    PNPM->>Prisma: Install package
    Prisma->>Prisma: Run postinstall script (allowed)
    Prisma->>FS: Download native engine binaries
    FS-->>Prisma: Binaries stored in node_modules
    Prisma-->>PNPM: Installation complete
    PNPM-->>Build: All dependencies installed
    
    Note over Build,FS: Container Startup
    Build->>Build: Switch to nextjs user (USER nextjs)
    Build->>Build: Start container (pnpm start-docker)
    Build->>Build: Run check-db script
    Build->>Prisma: Execute prisma migrate deploy
    Prisma->>FS: Read pre-installed engines
    Note over Prisma,FS: Works in read-only/offline mode

Loading

[greptile-apps]

_{1 file reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}