-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile.production
131 lines (104 loc) · 3.87 KB
/
Dockerfile.production
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# Base image for all other build stages
ARG RUBY_VERSION=3.2.2
FROM ruby:$RUBY_VERSION-slim AS base_image
# Run security updates and install apt-utils curl and locales
RUN bash -c "export DEBIAN_FRONTEND=noninteractive && \
apt-get update -qq && \
echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen && \
apt-get install -y apt-utils curl locales && \
apt-get upgrade -y && apt-get clean && \
rm -rf /var/lib/apt/lists/*"
# Sets an environment variable with the bundle directory
ENV LANG=en_US.UTF-8
# Generates localisation files from templates
RUN locale-gen
# Install NODE_MAJOR
ARG NODE_VERSION=18
RUN bash -c "export DEBIAN_FRONTEND=noninteractive && \
curl -sL https://deb.nodesource.com/setup_$NODE_VERSION.x | bash - && \
apt-get update && apt-get install -y nodejs"
# Install Yarn via Debian package repository
RUN bash -c "export DEBIAN_FRONTEND=noninteractive && \
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
echo 'deb https://dl.yarnpkg.com/debian/ stable main' | tee /etc/apt/sources.list.d/yarn.list && \
apt-get update -qq && apt install yarn"
# Install Bundler
ARG BUNDLER_VERSION=2.4.17
RUN bash -c "gem update --system && gem install bundler -v $BUNDLER_VERSION"
# Base image for building dependencies
FROM base_image AS build_image
# Run security updates, install build-essential git-core
RUN bash -c "export DEBIAN_FRONTEND=noninteractive && \
apt-get update -qq && \
apt-get upgrade -y && \
apt-get install -y build-essential git-core && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*"
# Build image for ruby dependencies
FROM build_image AS gems
# Run security updates and install required system packages libpq-dev
RUN bash -c "export DEBIAN_FRONTEND=noninteractive && \
apt-get update -qq && \
apt-get upgrade -y && \
apt-get install -y libpq-dev && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*"
# Create a directory for our application
# and set it as the working directory
WORKDIR /app
# Add our Gemfile
COPY Gemfile Gemfile.lock .ruby-version /app/
# Install gems
RUN bash -c "bundle config set --local without 'development test' && \
bundle config set --local deployment 'true' && \
bundle install --no-cache && \
bundle clean --force"
# Build image for npm dependencies
FROM gems AS packages
# Create a directory for our application
# and set it as the working directory
WORKDIR /app
# Add Javascript files
COPY package.json yarn.lock /app/
RUN bash -c "bundle exec yarn install"
# Build image for application
FROM packages AS application
# Run security updates, install libpq5
RUN bash -c "export DEBIAN_FRONTEND=noninteractive && \
apt-get update -qq && \
apt-get upgrade -y && \
apt-get install -y libpq5 && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*"
# Create a directory for our application
# and set it as the working directory
WORKDIR /app
RUN groupadd -r app && \
useradd --no-log-init -r -g app -d /app app
# Create various directories
RUN mkdir /app/log && \
mkdir /app/tmp && \
chown -R app:app /app
# Copy neccessary files to app directory
COPY --chown=app:app ./app/ /app/app/
COPY --chown=app:app ./bin/ /app/bin/
COPY --chown=app:app ./config/ /app/config/
COPY --chown=app:app ./db/ /app/db/
COPY --chown=app:app ./lib/ /app/lib/
COPY --chown=app:app ./public/ /app/public/
COPY --chown=app:app ./config.ru /app/config.ru
COPY --chown=app:app ./Rakefile /app/Rakefile
USER app:app
# Provide placeholder environment variables during the build phase
ARG RAILS_ENV=production
ARG NODE_ENV=production
ARG RACK_ENV=production
ARG AWS_REGION=eu-west-2
ARG AWS_ACCESS_KEY_ID=notanaccesskeyid
ARG AWS_SECRET_ACCESS_KEY=notasecretaccesskey
ARG DATABASE_URL=postgres://localhost:5432/paapi_web
ARG RAILS_LOG_TO_STDOUT=true
ARG RAILS_SERVE_STATIC_FILES=true
ARG PORT=80
ARG SECRET_KEY_BASE=notasecretreally
RUN bash -c "bundle exec rake assets:precompile"