update dockerfile

Dockerfile

@@ -2,39 +2,43 @@ FROM node:20-bookworm-slim
 
 WORKDIR /metrics
 
-# Install Google Chrome stable and runtime deps + fonts
+# Install Chromium from Debian and runtime deps + fonts
 RUN set -eux; \
   apt-get update; \
   apt-get install -y --no-install-recommends \
-    wget gnupg ca-certificates curl unzip \
+    # runtime deps used by chromium headless
+    chromium \
     libnss3 libxss1 libx11-xcb1 libxcomposite1 libxdamage1 libxext6 libxfixes3 \
     libxkbcommon0 libxrandr2 libatk1.0-0 libatk-bridge2.0-0 libgtk-3-0 \
     libgbm1 libasound2 fonts-liberation \
-    fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf; \
+    # optional fonts for broader charset support
-  wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /usr/share/keyrings/google-linux.gpg; \
+    fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf \
-  echo "deb [arch=amd64 signed-by=/usr/share/keyrings/google-linux.gpg] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list; \
+    # helpers
-  apt-get update; \
+    curl unzip ca-certificates; \
-  apt-get install -y --no-install-recommends google-chrome-stable; \
   rm -rf /var/lib/apt/lists/*
 
 # Prevent Puppeteer from downloading Chromium
 ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
 
-# Force flags via a wrapper so Chrome cannot try X11 or sandbox
+# Force flags via a wrapper so no X/Wayland or sandbox is used
-RUN printf '%s\n' \
+# We call Debian's chromium executable (usually /usr/bin/chromium or chromium-browser)
+RUN set -eux; \
+  CHROME_BIN="$(command -v chromium || command -v chromium-browser)"; \
+  printf '%s\n' \
 '#!/usr/bin/env bash' \
-'exec /usr/bin/google-chrome-stable \' \
+"exec ${CHROME_BIN} \\" \
-'  --no-sandbox --disable-setuid-sandbox \' \
+'  --no-sandbox --disable-setuid-sandbox \\' \
-'  --headless=new --disable-gpu --disable-dev-shm-usage \' \
+'  --headless=new --disable-gpu --disable-dev-shm-usage \\' \
-'  --no-zygote --no-first-run \' \
+'  --no-zygote --no-first-run \\' \
-'  --ozone-platform=none --disable-features=UseOzonePlatform \' \
+'  --ozone-platform=none --disable-features=UseOzonePlatform \\' \
 '  "$@"' \
-> /usr/local/bin/chrome-wrapper && chmod +x /usr/local/bin/chrome-wrapper
+> /usr/local/bin/chrome-wrapper; \
+  chmod +x /usr/local/bin/chrome-wrapper
 
-# Point puppeteer to the wrapper
+# Point puppeteer to the wrapper (guarantees the flags are applied)
 ENV PUPPETEER_EXECUTABLE_PATH=/usr/local/bin/chrome-wrapper
 
-# Optional envs used by metrics (kept for completeness)
+# Optional envs the app may read
 ENV METRICS_BROWSER=chromium
 ENV METRICS_BROWSER_HEADLESS=true
 ENV METRICS_BROWSER_ARGS=""
@@ -48,14 +52,10 @@ RUN npm ci
 COPY . .
 RUN npm run build
 
-# Entry
+# Entrypoint that just runs the app; flags are injected by chrome-wrapper
 RUN printf '%s\n' \
 '#!/usr/bin/env bash' \
 'set -euo pipefail' \
-# Ensure METRICS_BROWSER_ARGS has flags if the app reads it (not strictly needed with wrapper)
-'if [ -z "${METRICS_BROWSER_ARGS:-}" ]; then' \
-'  export METRICS_BROWSER_ARGS="--no-sandbox --disable-setuid-sandbox --headless=new --disable-gpu --disable-dev-shm-usage --no-zygote --no-first-run --ozone-platform=none --disable-features=UseOzonePlatform --enable-features=NetworkService,NetworkServiceInProcess"' \
-'fi' \
 'exec npm start' \
 > /usr/local/bin/metrics-entrypoint && chmod +x /usr/local/bin/metrics-entrypoint