Fix package.json, Dockerfile, add CI validation to prevent recurrence

.gitea/workflows/build.yml

@@ -6,15 +6,41 @@ on:
   workflow_dispatch:
 
 jobs:
-  build-backend:
+  validate:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Log in to registry
+      - name: Validate package.json
         run: |
-          echo "${{ secrets.PACKAGE_TOKEN }}" | docker login gitea.jarrett.eu -u ${{ gitea.actor }} --password-stdin
+          # Fail if package.json is invalid JSON
+          python3 -c "import json, sys; json.load(open('frontend/package.json'))" || \
+            { echo "ERROR: frontend/package.json is invalid JSON"; exit 1; }
+
+          # Fail if non-existent packages are present
+          if grep -q "@polyline-codec" frontend/package.json; then
+            echo "ERROR: @polyline-codec/core does not exist on npm - remove it"
+            exit 1
+          fi
+
+          # Fail if npm ci is still in Dockerfile (requires lockfile we don't have)
+          if grep -q "npm ci" frontend/Dockerfile; then
+            echo "ERROR: frontend/Dockerfile uses 'npm ci' but no package-lock.json exists - change to 'npm install'"
+            exit 1
+          fi
+
+          echo "Validation passed"
+
+  build-backend:
+    runs-on: ubuntu-latest
+    needs: validate
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Log in to registry
+        run: echo "${{ secrets.PACKAGE_TOKEN }}" | docker login gitea.jarrett.eu -u ${{ gitea.actor }} --password-stdin
 
       - name: Build and push backend
         uses: docker/build-push-action@v5
@@ -28,13 +54,13 @@ jobs:
 
   build-worker:
     runs-on: ubuntu-latest
+    needs: validate
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - name: Log in to registry
-        run: |
+        run: echo "${{ secrets.PACKAGE_TOKEN }}" | docker login gitea.jarrett.eu -u ${{ gitea.actor }} --password-stdin
-          echo "${{ secrets.PACKAGE_TOKEN }}" | docker login gitea.jarrett.eu -u ${{ gitea.actor }} --password-stdin
 
       - name: Build and push worker
         uses: docker/build-push-action@v5
@@ -48,13 +74,13 @@ jobs:
 
   build-frontend:
     runs-on: ubuntu-latest
+    needs: validate
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - name: Log in to registry
-        run: |
+        run: echo "${{ secrets.PACKAGE_TOKEN }}" | docker login gitea.jarrett.eu -u ${{ gitea.actor }} --password-stdin
-          echo "${{ secrets.PACKAGE_TOKEN }}" | docker login gitea.jarrett.eu -u ${{ gitea.actor }} --password-stdin
 
       - name: Build and push frontend
         uses: docker/build-push-action@v5
@@ -67,4 +93,4 @@ jobs:
             gitea.jarrett.eu/${{ gitea.repository_owner }}/milevault-frontend:${{ gitea.sha }}
           build-args: |
             VITE_API_URL=/api
-            VITE_MAPBOX_TOKEN=
+            VITE_MAPBOX_TOKEN=

frontend/Dockerfile

@@ -1,7 +1,7 @@
 FROM node:20-alpine AS builder
 
 WORKDIR /app
-COPY package*.json ./
+COPY package.json ./
 RUN npm install
 
 COPY . .
@@ -15,4 +15,4 @@ RUN npm run build
 FROM nginx:alpine
 COPY --from=builder /app/dist /usr/share/nginx/html
 COPY nginx-spa.conf /etc/nginx/conf.d/default.conf
-EXPOSE 80
+EXPOSE 80

frontend/package.json

@@ -29,4 +29,4 @@
     "postcss": "^8.4.38",
     "tailwindcss": "^3.4.4"
   }
-}
+}