fix: add npm ci retry and install verification for proxy environments (#9 )

npm has a known bug where `npm ci` can crash with "Exit handler never called!" behind corporate proxies yet exit with code 0. This adds a single retry on failure and verifies tsc is actually installed before proceeding to build. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fix: correct BSL 1.1 change date to March 14, 2033
2026-06-08 07:49:24 +00:00 · 2026-04-16 11:21:47 -04:00 · 2026-04-16 11:12:49 -04:00 · 2026-04-16 11:05:47 -04:00 · 2026-04-16 10:52:50 -04:00 · 2026-04-16 10:00:06 -04:00
4 changed files with 9 additions and 10 deletions
@@ -5,11 +5,10 @@ FROM node:20-alpine AS frontend

 WORKDIR /app/web

-COPY web/package.json web/package-lock.json ./
-RUN npm ci
-
 COPY web/ .
-RUN npm run build
+RUN npm ci --include=dev || npm ci --include=dev && \
+    node_modules/.bin/tsc --version && \
+    npm run build

 # Stage 2: Build Go binary
 FROM golang:1.25-alpine AS builder
@@ -36,6 +36,10 @@ gantt
        47 days                :crit, 2020-01-01, 47d
 ```

+> **Actively maintained — shipping weekly.** Found something? [Open a GitHub issue](https://github.com/shankar0123/certctl/issues) — issues get triaged same-day. CI runs the full test suite with race detection, static analysis, and vulnerability scanning on every commit.
+
+**Ready to try it?** Jump to the [Quick Start](#quick-start) — you'll have a running dashboard in under 5 minutes.
+
 ## Documentation

 | Guide | Description |
@@ -145,10 +149,6 @@ All connectors are pluggable — build your own by implementing the [connector i

 **[See all screenshots →](docs/screenshots/)**

-> **Actively maintained — shipping weekly.** Found something? [Open a GitHub issue](https://github.com/shankar0123/certctl/issues) — issues get triaged same-day. CI runs the full test suite with race detection, static analysis, and vulnerability scanning on every commit.
-
-**Ready to try it?** Jump to the [Quick Start](#quick-start) — you'll have a running dashboard in under 5 minutes.
-
 ## Why certctl

 Certificate lifecycle tooling falls into two camps: enterprise platforms (Venafi, Keyfactor) that cost six figures and take months to deploy, or single-purpose tools (certbot, cert-manager) that handle one slice of the problem. certctl fills the gap — full lifecycle automation, self-hosted, free, CA-agnostic, and target-agnostic. If you're running certbot cron jobs, manually renewing certs, or stitching together scripts across mixed infrastructure, certctl replaces all of that.
@@ -458,4 +458,4 @@ For issues, questions, or contributions:
 ## License

 BSL-1.1 (Business Source License)
-Converts to Apache 2.0 on March 28, 2033
+Converts to Apache 2.0 on March 14, 2033
@@ -114,6 +114,6 @@ See the [Quickstart Guide](quickstart.md) for a full walkthrough, or explore the

 ## License

-certctl is source-available under the [Business Source License 1.1](../LICENSE). Free for any use except offering a competing managed service. Converts to Apache 2.0 on March 1, 2033.
+certctl is source-available under the [Business Source License 1.1](../LICENSE). Free for any use except offering a competing managed service. Converts to Apache 2.0 on March 14, 2033.

 You own your data, your keys, and your deployment.
Author	SHA1	Message	Date
shankar0123	1f6cf0eafa	fix: add npm ci retry and install verification for proxy environments (#9 ) npm has a known bug where `npm ci` can crash with "Exit handler never called!" behind corporate proxies yet exit with code 0. This adds a single retry on failure and verifies tsc is actually installed before proceeding to build. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-16 11:21:47 -04:00
shankar0123	a49eae8155	fix: correct BSL 1.1 change date to March 14, 2033 why-certctl.md said March 1, CHART_SUMMARY.md said March 28. The LICENSE file is authoritative: Change Date is March 14, 2033. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-16 11:12:49 -04:00
shankar0123	1c7d085f16	docs: move maintenance notice and quick start link above Documentation section Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-16 11:05:47 -04:00
shankar0123	cc6eec3608	fix: merge npm install + build into single Docker layer (#9 ) The previous fix (--include=dev) was necessary but insufficient. The real issue is that node_modules created by npm ci in one layer can be lost when COPY web/ . creates the next layer — depending on the Docker storage driver (fuse-overlayfs, vfs). Merging install and build into a single RUN eliminates the layer boundary entirely. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-16 10:52:50 -04:00
shankar0123	86fb140414	fix: ensure devDependencies install in Docker build (#9 ) npm ci skips devDependencies when NODE_ENV=production leaks from the host environment into the Docker build. This breaks the frontend stage because typescript and vite are devDependencies. Adding --include=dev makes the install hermetic regardless of host environment. Closes #9 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-16 10:00:06 -04:00