-
Notifications
You must be signed in to change notification settings - Fork 8
/
Dockerfile
76 lines (52 loc) · 1.99 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
ARG ALPINE_VERSION=3.19
ARG RUBY_VERSION=3.3.4
ARG DOCKER_IMAGE_DIGEST=sha256:37f4c0f791aa3c791dc2bcf052201ffd6a644fcc545aaf5ceac8231c702c7e9d
FROM ruby:${RUBY_VERSION}-alpine${ALPINE_VERSION}@${DOCKER_IMAGE_DIGEST} AS base
ARG NODEJS_VERSION=20
ENV NODEJS_VERSION=${NODEJS_VERSION}
FROM base AS build
WORKDIR /app
RUN apk update
RUN apk upgrade --available
RUN apk add libc6-compat openssl-dev build-base libpq-dev nodejs=~${NODEJS_VERSION} npm git python3
RUN adduser -D ruby
RUN mkdir /node_modules && chown ruby:ruby -R /node_modules /app
USER ruby
COPY --chown=ruby:ruby .ruby-version ./
COPY --chown=ruby:ruby Gemfile* ./
ARG BUNDLE_WITHOUT=development:test
RUN [ -z "$BUNDLE_WITHOUT" ] || bundle config set --local without "$BUNDLE_WITHOUT"
RUN bundle config set --local jobs "$(nproc)"
RUN bundle install
COPY --chown=ruby:ruby package.json package-lock.json ./
RUN npm ci --ignore-scripts
ARG RAILS_ENV
ENV RAILS_ENV="${RAILS_ENV:-production}" \
NODE_ENV="${NODE_ENV:-production}" \
PATH="${PATH}:/home/ruby/.local/bin:/node_modules/.bin" \
USER="ruby" \
REDIS_URL="${REDIS_URL:-redis://notset/}" \
GOVUK_APP_DOMAIN="${GOVUK_APP_DOMAIN:-https://not-set}"
COPY --chown=ruby:ruby . .
# you can't run rails commands like assets:precompile without a secret key set
# even though the command doesn't use the value itself
RUN SECRET_KEY_BASE=dummyvalue rails vite:build_all
# Remove devDependencies once assets have been built
RUN npm ci --ignore-scripts --only=production
FROM base AS app
ENV RAILS_ENV="${RAILS_ENV:-production}" \
PATH="${PATH}:/home/ruby/.local/bin" \
USER="ruby"
WORKDIR /app
RUN apk update
RUN apk upgrade --available
RUN apk add libc6-compat openssl-dev libpq
RUN adduser -D ruby
RUN chown ruby:ruby -R /app
USER ruby
COPY --chown=ruby:ruby bin/ ./bin
RUN chmod 0755 bin/*
COPY --chown=ruby:ruby --from=build /usr/local/bundle /usr/local/bundle
COPY --chown=ruby:ruby --from=build /app /app
EXPOSE 3000
CMD ["/bin/sh", "-o", "xtrace", "-c", "rails s -b 0.0.0.0"]