Add ERPNext Dockerfile + build script for automated security rebuilds

- erpnext/Dockerfile: builds from frappe/erpnext:v15 base with custom apps - erpnext/build.sh: stages custom apps into build context before docker build - Container update script now runs build.sh pre-build + extracts assets post-build - ERPNext will auto-rebuild nightly when base image has security patches Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-06 22:10:49 -05:00 · 2026-05-06 22:10:49 -05:00 · 0085e2b33e
commit 0085e2b33e
parent 941349ccd9
3 changed files with 46 additions and 0 deletions
--- a/erpnext/.gitignore
+++ b/erpnext/.gitignore
@ -0,0 +1,4 @@
+frappe_crypto/
+frappe_adyen/
+frappe_ca_registry/
+performancewest_erpnext/
--- a/erpnext/Dockerfile
+++ b/erpnext/Dockerfile
@ -0,0 +1,28 @@
+# Performance West ERPNext — custom image with PW apps baked in.
+# Base: official Frappe bench image (includes ERPNext).
+# Custom apps: performancewest_erpnext, frappe_ca_registry, frappe_crypto, frappe_adyen
+#
+# Pre-build step copies apps into erpnext/ dir (see erpnext/build.sh).
+# Rebuilt nightly by pw-container-update to pick up base image security patches.
+
+FROM frappe/erpnext:v15
+
+USER frappe
+WORKDIR /home/frappe/frappe-bench
+
+# Copy custom Frappe apps (staged into build context by build.sh)
+COPY --chown=frappe:frappe frappe_crypto/ apps/frappe_crypto/
+COPY --chown=frappe:frappe frappe_adyen/ apps/frappe_adyen/
+COPY --chown=frappe:frappe frappe_ca_registry/ apps/frappe_ca_registry/
+COPY --chown=frappe:frappe performancewest_erpnext/ apps/performancewest_erpnext/
+
+# Install the payments app (not in base image) + all custom apps
+RUN git clone --depth=1 https://github.com/frappe/payments.git apps/payments \
+    && env/bin/pip install --quiet -e apps/payments \
+    && env/bin/pip install --quiet -e apps/frappe_crypto \
+    && env/bin/pip install --quiet -e apps/frappe_adyen \
+    && env/bin/pip install --quiet -e apps/frappe_ca_registry \
+    && env/bin/pip install --quiet -e apps/performancewest_erpnext
+
+# Build JS/CSS assets
+RUN bench build --app payments 2>/dev/null || true
--- a/erpnext/build.sh
+++ b/erpnext/build.sh
@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+# Pre-build step: copy custom Frappe apps into the erpnext/ build context.
+# Called automatically by the container update script before docker compose build.
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+REPO_ROOT="$(dirname "$SCRIPT_DIR")"
+
+echo "Staging custom apps into $SCRIPT_DIR..."
+for app in frappe_crypto frappe_adyen frappe_ca_registry performancewest_erpnext; do
+    rm -rf "$SCRIPT_DIR/$app"
+    cp -a "$REPO_ROOT/$app" "$SCRIPT_DIR/$app"
+done
+echo "Done. Ready for docker compose build erpnext."