-
Notifications
You must be signed in to change notification settings - Fork 53
Expand file tree
/
Copy pathDockerfile
More file actions
104 lines (84 loc) · 3.01 KB
/
Copy pathDockerfile
File metadata and controls
104 lines (84 loc) · 3.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
############################################
# 🏗 Stage 1 – build gems + assets
############################################
FROM ruby:3.4.9-slim AS builder
# Essential OS packages (compile + JS pipeline)
# RUN apt-get update
RUN apt-get update && \
apt-get install -y --no-install-recommends \
curl \
build-essential libpq-dev git \
nodejs npm tzdata \
libyaml-dev pkg-config
# App directory & non-root user
ENV APP_HOME=/app
RUN groupadd -g 1001 app && useradd -u 1001 -g app -m -d $APP_HOME app
WORKDIR $APP_HOME
# Ruby deps first (enables layer caching)
COPY Gemfile Gemfile.lock ./
RUN bundle config set --local frozen true \
&& bundle config set --local without 'development test production' \
&& bundle install --jobs 4 --retry 3
COPY . .
COPY docker_entrypoint.sh /usr/local/bin/docker_entrypoint.sh
RUN chmod +x /usr/local/bin/docker_entrypoint.sh
RUN RAILS_ENV=production DISABLE_DB=true SECRET_KEY_BASE=precompile_only bundle exec rake assets:precompile
################################################
# 🏃♂️ Stage 2 – production image
################################################
FROM ruby:3.4.9-slim AS prod
# ➜ install only the shared lib, not the dev headers
RUN --mount=type=cache,target=/var/cache/apt \
apt-get update -qq && \
apt-get install -y --no-install-recommends \
libcurl4 \
# updates necessary to address cves
openssl libssl3 libc6 libc-bin \
tzdata procps
# nodejs
# Copy the built app & cached gems from the builder
ENV APP_HOME=/app
RUN groupadd -g 1001 app && useradd -u 1001 -g app -m -d $APP_HOME app
WORKDIR $APP_HOME
COPY --from=builder --chown=app:app ${APP_HOME} ${APP_HOME}
COPY --from=builder --chown=app:app /usr/local/bin/docker_entrypoint.sh /usr/local/bin/docker_entrypoint.sh
COPY --from=builder /usr/local/bundle /usr/local/bundle
RUN mkdir -p /app/tmp/bundles && chown -R app:app /app
# Environment hints for Rails & Bundler
ENV RAILS_ENV=production \
RAILS_SERVE_STATIC_FILES=true \
BUNDLE_WITHOUT='development test production'
# Run as non-root
USER app
# Puma listens on 0.0.0.0:3000
EXPOSE 3000
CMD ["/usr/local/bin/docker_entrypoint.sh"]
############################################
# 🏗 Stage 3 – development environment
############################################
FROM ruby:3.4.9-slim AS dev
# Essential OS packages (compile + JS pipeline)
RUN apt-get update && \
apt-get install -y --no-install-recommends \
curl \
build-essential libpq-dev git \
nodejs npm tzdata \
libyaml-dev pkg-config procps
# Copy only Gemfiles to install dependencies early
WORKDIR /app
COPY Gemfile Gemfile.lock ./
RUN bundle install --jobs 4 --retry 3
# Environment setup for development
ENV RAILS_ENV=development \
BUNDLE_WITHOUT='test' \
PORT=3000
# App working directory
WORKDIR /app
# Mount source files for hot reloading
COPY . .
# Install foreman for managing processes
RUN gem install foreman
# Expose port for development
EXPOSE 3000
# Command to start the application with foreman
CMD ["foreman", "start"]