From 04d189bc0d8cf3d0bf995f74be0395397333db54 Mon Sep 17 00:00:00 2001
From: Mark Henderson <mark@getacquired.com>
Date: Fri, 1 May 2026 11:57:44 -0700
Subject: [PATCH] build(sentry): accept Sentry build args in Dockerfile

NEXT_PUBLIC_SENTRY_DSN must be present at build time so Next.js
inlines it into the client bundle. SENTRY_AUTH_TOKEN must be
present at build time so withSentryConfig can upload source maps
to Sentry. Coolify already passes both as --build-arg; this
declares the matching ARG lines so the builder stage actually
consumes them.

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 Dockerfile | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index d4d6b310..38913424 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -20,6 +20,18 @@ ENV NODE_ENV=production
 # Force Prisma to generate linux-musl-openssl-3.0.x binary (Alpine 3.21 uses OpenSSL 3.x)
 ENV PRISMA_CLI_BINARY_TARGETS=linux-musl-openssl-3.0.x
 
+# Sentry: NEXT_PUBLIC_SENTRY_DSN gets inlined into the client bundle
+# during `npm run build` (any NEXT_PUBLIC_* var must be present at
+# build time, not just runtime). SENTRY_AUTH_TOKEN is consumed by
+# withSentryConfig to upload source maps to Sentry as part of the
+# build. Coolify already marks both as is_buildtime:true and passes
+# them via --build-arg; these ARG lines accept them and re-export
+# as ENV so `next build` and the Sentry wrapper see them.
+ARG NEXT_PUBLIC_SENTRY_DSN
+ARG SENTRY_AUTH_TOKEN
+ENV NEXT_PUBLIC_SENTRY_DSN=$NEXT_PUBLIC_SENTRY_DSN
+ENV SENTRY_AUTH_TOKEN=$SENTRY_AUTH_TOKEN
+
 RUN npx prisma generate
 RUN npm run build