Browse Source

CLDC-2531: Update application dockerfiles (#1804)

* feat: update docker files

* CLDC-2531: update docker compose to enforce amd64 and use new port for db

* feat: add bundle config in Dockerfile for bundle installs

* feat: update bundle install steps in Dockerfile

* feat: add nonroot user, update permissions and remove unrequired files in Dockerfile

* feat: update remove folder path in Dockerfile

* CLDC-2531: update Dockerfile to no longer remove files as it's redundant

* Run npx update-browserslist-db@latest

* feat: define package versions, add test stage to dockerfile and refactor nonroot user permissions

* feat: update docker command for test stage

* feat: remove unrequired directories and permissions

* feat: remove unrequired staging Dockerfile stage

---------

Co-authored-by: Chirag Bhatti <chirag.bhatti@softwire.com>
Co-authored-by: Sam Seed <sam.seed@softwire.com>
pull/1836/head v0.3.47
Chirag Bhatti 1 year ago committed by GitHub
parent
commit
9e5097f0cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 83
      Dockerfile
  2. 41
      Dockerfile_dev
  3. 6
      docker-compose.yml
  4. 6
      yarn.lock

83
Dockerfile

@ -1,7 +1,5 @@
# Build compilation image
FROM ruby:3.1.4-alpine as builder
FROM ruby:3.1.4-alpine3.18 as base
# The application runs from /app
WORKDIR /app
# Add the timezone as it's not configured by default in Alpine
@ -9,63 +7,66 @@ RUN apk add --update --no-cache tzdata && \
cp /usr/share/zoneinfo/Europe/London /etc/localtime && \
echo "Europe/London" > /etc/timezone
# build-base: complication tools for bundle
# build-base: compilation tools for bundle
# yarn: node package manager
# postgresql-dev: postgres driver and libraries
RUN apk add --no-cache build-base yarn postgresql-dev git
RUN apk add --no-cache build-base=0.5-r3 yarn=1.22.19-r0 postgresql13-dev=13.11-r0 git=2.40.1-r0 bash=5.2.15-r5
# Install bundler to run bundle exec
# This should be the same version as the Gemfile.lock
# Bundler version should be the same version as what the Gemfile.lock was bundled with
RUN gem install bundler:2.3.14 --no-document
# Install gems defined in Gemfile
COPY .ruby-version Gemfile Gemfile.lock /app/
RUN bundle config set without "development test"
ARG BUNDLE_FLAGS="--jobs=4 --no-binstubs --no-cache"
RUN bundle install ${BUNDLE_FLAGS}
RUN bundle install --jobs=4 --no-binstubs --no-cache
# Install node packages defined in package.json, including webpack
COPY package.json yarn.lock /app/
RUN yarn install --frozen-lockfile
# Copy all files to /app (except what is defined in .dockerignore)
COPY . /app/
# Compile assets and run webpack. We set a dummy secret key.
RUN RAILS_ENV=production bundle exec rails SECRET_KEY_BASE=pickasecuretoken assets:precompile
RUN bundle exec rake assets:precompile
# Cleanup to save space in the production image
RUN rm -rf node_modules log tmp && \
rm -rf /usr/local/bundle/cache && \
rm -rf .env && \
find /usr/local/bundle/gems -name "*.c" -delete && \
find /usr/local/bundle/gems -name "*.h" -delete && \
find /usr/local/bundle/gems -name "*.o" -delete && \
find /usr/local/bundle/gems -name "*.html" -delete
ENV PORT=8080
EXPOSE ${PORT}
# Build runtime image
FROM ruby:3.1.4-alpine as production
RUN adduser --system --no-create-home nonroot
# The application runs from /app
WORKDIR /app
FROM base as test
# Add postgres driver library
# Add the timezone as it's not configured by default in Alpine
RUN apk add --update --no-cache libpq tzdata && \
cp /usr/share/zoneinfo/Europe/London /etc/localtime && \
echo "Europe/London" > /etc/timezone
RUN bundle config set without ""
RUN bundle install --jobs=4 --no-binstubs --no-cache
# Copy files generated in the builder image
COPY --from=builder /app /app
COPY --from=builder /usr/local/bundle/ /usr/local/bundle/
# Install gecko driver for Capybara tests
RUN apk add firefox
RUN wget https://github.com/mozilla/geckodriver/releases/download/v0.31.0/geckodriver-v0.31.0-linux64.tar.gz \
&& tar -xvzf geckodriver-v0.31.0-linux64.tar.gz \
&& rm geckodriver-v0.31.0-linux64.tar.gz \
&& chmod +x geckodriver \
&& mv geckodriver /usr/local/bin/
ARG GIT_COMMIT_SHA="UNKNOWN"
ENV GIT_COMMIT_SHA=${GIT_COMMIT_SHA}
RUN echo ${GIT_COMMIT_SHA} > ./GIT_COMMIT_SHA
CMD bundle exec rake parallel:setup && bundle exec rake parallel:spec
ENV PORT=8080
FROM base as development
EXPOSE ${PORT}
# We expect the rake assets:precompile command to create these directories, but mkdir -p will create them if they don't already exist
RUN mkdir -p tmp log
RUN chown -R nonroot tmp log
RUN chown nonroot db/schema.rb
RUN bundle config set without "test"
RUN bundle install --jobs=4 --no-binstubs --no-cache
USER nonroot
CMD bundle exec rails s -e ${RAILS_ENV} -p ${PORT} --binding=0.0.0.0
FROM base as production
# We expect the rake assets:precompile command to create these directories, but mkdir -p will create them if they don't already exist
RUN mkdir -p tmp log
RUN chown -R nonroot tmp log
RUN chown nonroot db/schema.rb
USER nonroot
CMD RAILS_ENV=${RAILS_ENV} bundle exec rake db:migrate && bundle exec rails s -e ${RAILS_ENV} -p ${PORT} --binding=0.0.0.0
CMD bundle exec rails s -e ${RAILS_ENV} -p ${PORT} --binding=0.0.0.0

41
Dockerfile_dev

@ -1,41 +0,0 @@
# Build compilation image
FROM ruby:3.1.4-alpine
# The application runs from /app
WORKDIR /app
# Add the timezone as it's not configured by default in Alpine
RUN apk add --update --no-cache tzdata && cp /usr/share/zoneinfo/Europe/London /etc/localtime && echo "Europe/London" > /etc/timezone
RUN apk add --no-cache build-base yarn postgresql-dev git bash
# Install bundler to run bundle exec
# This should be the same version as the Gemfile.lock
RUN gem install bundler:2.3.14 --no-document
# Install gems defined in Gemfile
COPY .ruby-version Gemfile Gemfile.lock /app/
ARG BUNDLE_FLAGS="--jobs=4 --no-binstubs --no-cache"
RUN bundle install ${BUNDLE_FLAGS}
# Install node packages defined in package.json, including webpack
COPY package.json yarn.lock /app/
RUN yarn install --frozen-lockfile
# Install gecko driver for Capybara tests
RUN apk add firefox
RUN wget https://github.com/mozilla/geckodriver/releases/download/v0.31.0/geckodriver-v0.31.0-linux64.tar.gz \
&& tar -xvzf geckodriver-v0.31.0-linux64.tar.gz \
&& rm geckodriver-v0.31.0-linux64.tar.gz \
&& chmod +x geckodriver \
&& mv geckodriver /usr/local/bin/
# Copy all files to /app (except what is defined in .dockerignore)
COPY . /app/
ENV PORT=8080
EXPOSE ${PORT}
CMD RAILS_ENV=${RAILS_ENV} bundle exec rake db:migrate && bundle exec rails s -e ${RAILS_ENV} -p ${PORT} --binding=0.0.0.0

6
docker-compose.yml

@ -11,7 +11,7 @@ services:
volumes:
- dbdata:/var/lib/postgresql/data
ports:
- 5433:5432 # Mapped to 5433 in case Postgres is already running locally on 5432
- 8081:5432 # Mapped to 8081 in case Postgres is already running locally on 5432
environment:
- POSTGRES_PASSWORD=password
- POSTGRES_USER=postgres
@ -20,7 +20,9 @@ services:
app:
build:
context: .
dockerfile: ./Dockerfile_dev
dockerfile: ./Dockerfile
target: development
platform: linux/amd64
ports:
- 8080:8080
depends_on:

6
yarn.lock

@ -1843,9 +1843,9 @@ camelcase@^6.3.0:
integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==
caniuse-lite@^1.0.30001400:
version "1.0.30001410"
resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001410.tgz#b5a86366fbbf439d75dd3db1d21137a73e829f44"
integrity sha512-QoblBnuE+rG0lc3Ur9ltP5q47lbguipa/ncNMyyGuqPk44FxbScWAeEO+k5fSQ8WekdAK4mWqNs1rADDAiN5xQ==
version "1.0.30001519"
resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001519.tgz"
integrity sha512-0QHgqR+Jv4bxHMp8kZ1Kn8CH55OikjKJ6JmKkZYP1F3D7w+lnFXF70nG5eNfsZS89jadi5Ywy5UCSKLAglIRkg==
caseless@^0.12.0, caseless@~0.12.0:
version "0.12.0"

Loading…
Cancel
Save