mirror of
https://github.com/basecamp/once-campfire.git
synced 2026-02-22 04:30:33 +09:00
eecdb29332
* Bump Ruby to 3.4.5
* Update dependencies
* Adjust for Rails 8 and Ruby 3.5 API changes
* Mark params strings as mutable in prepapration for frozen strings in Ruby 3.5
* Update test for HTML5 sanitizer
With Rails 7.1 the HTML5 sanitizer became the default, this breakts this test because the old sanitizer used to delete unpermitted nodes, while the new one returns their content
The final string is safe, but different then it used to be in Rails 7.0
* Remove direct Turbo tesh helpers require & parallelize tests
* Fix Zeitwerk issues with rails extensions
* Update Resque setup for Redis 5+
* Remove unused views
* Remove GID v1 handler
73 lines
2.1 KiB
Docker
73 lines
2.1 KiB
Docker
# syntax = docker/dockerfile:1
|
|
|
|
# Make sure it matches the Ruby version in .ruby-version and Gemfile
|
|
ARG RUBY_VERSION=3.4.5
|
|
FROM docker.io/library/ruby:$RUBY_VERSION-slim AS base
|
|
|
|
# Rails app lives here
|
|
WORKDIR /rails
|
|
|
|
# Install base packages
|
|
RUN apt-get update -qq && \
|
|
apt-get install --no-install-recommends -y curl libsqlite3-0 libvips libjemalloc2 ffmpeg redis && \
|
|
ln -s /usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2 /usr/local/lib/libjemalloc.so && \
|
|
rm -rf /var/lib/apt/lists /var/cache/apt/archive
|
|
|
|
# Set production environment
|
|
ENV RAILS_ENV="production" \
|
|
BUNDLE_DEPLOYMENT="1" \
|
|
BUNDLE_PATH="/usr/local/bundle" \
|
|
BUNDLE_WITHOUT="development" \
|
|
LD_PRELOAD="/usr/local/lib/libjemalloc.so"
|
|
|
|
|
|
# Throw-away build stage to reduce size of final image
|
|
FROM base AS build
|
|
|
|
# Install packages need to build gems
|
|
RUN apt-get update -qq && \
|
|
apt-get install -y build-essential git pkg-config libyaml-dev && \
|
|
rm -rf /var/lib/apt/lists /var/cache/apt/archives
|
|
|
|
# Install application gems
|
|
COPY Gemfile Gemfile.lock vendor ./
|
|
|
|
RUN bundle install && \
|
|
rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git
|
|
|
|
# Copy application code
|
|
COPY . .
|
|
|
|
# Precompiling assets for production without requiring secret RAILS_MASTER_KEY
|
|
RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile
|
|
|
|
|
|
# Final stage for app image
|
|
FROM base
|
|
|
|
# Run and own only the runtime files as a non-root user for security
|
|
RUN groupadd --system --gid 1000 rails && \
|
|
useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash
|
|
USER 1000:1000
|
|
|
|
# Configure environment defaults
|
|
ENV HTTP_IDLE_TIMEOUT=60
|
|
ENV HTTP_READ_TIMEOUT=300
|
|
ENV HTTP_WRITE_TIMEOUT=300
|
|
|
|
# Copy built artifacts: gems, application
|
|
COPY --from=build --chown=rails:rails /usr/local/bundle /usr/local/bundle
|
|
COPY --from=build --chown=rails:rails /rails /rails
|
|
|
|
# Set version and revision
|
|
ARG APP_VERSION
|
|
ENV APP_VERSION=$APP_VERSION
|
|
ARG GIT_REVISION
|
|
ENV GIT_REVISION=$GIT_REVISION
|
|
|
|
# Expose ports for HTTP and HTTPS
|
|
EXPOSE 80 443
|
|
|
|
# Start the server by default, this can be overwritten at runtime
|
|
CMD ["bin/boot"]
|