-
Notifications
You must be signed in to change notification settings - Fork 17
Expand file tree
/
Copy pathDockerfile.staging
More file actions
133 lines (112 loc) · 3.98 KB
/
Dockerfile.staging
File metadata and controls
133 lines (112 loc) · 3.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile
ARG RUBY_VERSION=3.0.3
FROM registry.docker.com/library/ruby:$RUBY_VERSION-slim AS base
# Rails app lives here
WORKDIR /opt/webapps/app
# Set staging environment
ENV RAILS_ENV="staging" \
RAILS_LOG_TO_STDOUT=true \
BUNDLE_DEPLOYMENT="1" \
BUNDLE_PATH="/usr/local/bundle"
# Throw-away build stage to reduce size of final image
FROM base AS build
# Install packages needed to build gems and node modules
RUN apt-get update -qq && \
apt-get install --no-install-recommends -y \
build-essential \
imagemagick=* \
shared-mime-info \
zip \
unzip \
curl \
git \
gnupg2 \
libpq-dev \
libxslt1-dev \
libxml2-dev \
libzip-dev \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Install JavaScript dependencies
ARG NODE_VERSION=14.21.3
ENV PATH=/usr/local/node/bin:$PATH
RUN curl -sL https://github.com/nodenv/node-build/archive/master.tar.gz | tar xz -C /tmp/ && \
/tmp/node-build-master/bin/node-build "${NODE_VERSION}" /usr/local/node && \
rm -rf /tmp/node-build-master
# Set up locale
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y locales
RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
RUN sed -i -e 's/# et_EE.UTF-8 UTF-8/et_EE.UTF-8 UTF-8/' /etc/locale.gen && \
dpkg-reconfigure --frontend=noninteractive locales && \
update-locale LANG=et_EE.UTF-8
ENV LANG=et_EE.UTF-8
# Install application gems
COPY Gemfile Gemfile.lock ./
RUN gem install bundler && \
bundle config set --local without 'development test' && \
bundle install && \
bundle clean --force
# Copy application code
COPY . .
# Copy sample config for asset precompilation (real values come from env at runtime)
RUN cp config/application.yml.sample config/application.yml && \
cp config/database.yml.sample config/database.yml
# Precompile assets
RUN RAILS_ENV=staging SECRET_KEY_BASE=dummy_for_assets \
ACTION_MAILER_DEFAULT_HOST=dummy.host \
ACTION_MAILER_DEFAULT_FROM=dummy@example.com \
bundle exec rails assets:precompile && \
echo "Assets precompiled successfully for staging" && \
ls -la public/assets/ | head -20
# Final stage for app image
FROM base
# Install packages needed for deployment (incl. wkhtmltopdf runtime deps)
RUN apt-get update -qq && \
apt-get install --no-install-recommends -y \
curl \
git \
postgresql-client \
imagemagick=* \
shared-mime-info \
libpq-dev \
locales \
zip \
unzip \
libzip-dev \
nodejs \
libxrender1 \
libxext6 \
libx11-6 \
libfontconfig1 \
libfreetype6 \
libjpeg62-turbo \
xfonts-base \
xfonts-75dpi \
dnsutils \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Set up locale
RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
RUN sed -i -e 's/# et_EE.UTF-8 UTF-8/et_EE.UTF-8 UTF-8/' /etc/locale.gen && \
dpkg-reconfigure --frontend=noninteractive locales && \
update-locale LANG=et_EE.UTF-8
ENV LANG=et_EE.UTF-8
# Copy built artifacts: gems, application
COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
COPY --from=build /opt/webapps/app /opt/webapps/app
# Run and own only the runtime files as a non-root user for security
RUN groupadd --system --gid 1000 rails && \
useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \
mkdir -p db log tmp && \
chown -R rails:rails db log tmp
# Fix permissions for wkhtmltopdf-binary gem (run as root before switching user)
RUN chmod +x /usr/local/bundle/ruby/*/gems/wkhtmltopdf-binary-*/bin/wkhtmltopdf* 2>/dev/null || true && \
chown -R 1000:1000 /usr/local/bundle/ruby/*/gems/wkhtmltopdf-binary-*/bin/ 2>/dev/null || true
USER 1000:1000
# Entrypoint prepares the database.
# ENTRYPOINT ["/opt/webapps/app/bin/docker-entrypoint"]
COPY config/application.yml.sample config/application.yml
# Expose port
EXPOSE 3000
# Start the application
CMD ["bundle", "exec", "rails", "server", "-b", "0.0.0.0"]