-
Notifications
You must be signed in to change notification settings - Fork 299
Expand file tree
/
Copy pathDockerfile
More file actions
144 lines (108 loc) · 4.69 KB
/
Dockerfile
File metadata and controls
144 lines (108 loc) · 4.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
ARG BASE_IMAGE=public.ecr.aws/docker/library/ruby:4.0.1-slim-bookworm@sha256:ec6d9a346d1ecdf9d27f76dc6d706d7a603a73bdfea84b94e7a4ce82294a79a8
ARG NODE_IMAGE=public.ecr.aws/docker/library/node:24-bookworm-slim@sha256:e8e2e91b1378f83c5b2dd15f0247f34110e2fe895f6ca7719dbb780f929368eb
FROM $BASE_IMAGE AS builder
WORKDIR /app
RUN echo "--- :package: Installing system deps" \
# Cache apt
rm -f /etc/apt/apt.conf.d/docker-clean \
&& echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache \
# Install a few pre-reqs
&& apt-get update \
&& apt-get install -y curl gnupg libyaml-dev \
# Setup apt for GH cli
&& curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \
&& chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
# Install all the things
&& apt-get update \
&& apt-get install -y gh jq build-essential python3 \
## Pull down security updates
&& apt-get upgrade -y \
# Upgrade rubygems and bundler
&& gem update --system \
&& gem install bundler \
# clean up
&& rm -rf /tmp/*
# ------------------------------------------------------------------
FROM builder AS bundle
COPY Gemfile Gemfile.lock .ruby-version ./
ARG RAILS_ENV
RUN echo "--- :bundler: Installing ruby gems" \
&& bundle config set --local without "$([ "$RAILS_ENV" = "production" ] && echo 'development test')" \
&& bundle config set force_ruby_platform false \
&& bundle install --jobs $(nproc) --retry 3
# ------------------------------------------------------------------
FROM $NODE_IMAGE AS node-deps
COPY package.json yarn.lock ./
RUN echo "--- :yarn: Installing node packages" && yarn
# ------------------------------------------------------------------
FROM public.ecr.aws/docker/library/golang:1.26-bookworm AS gobuild
# This was previously installed from gobinaries.com within
# the deploy-preview step, but gobinaries.com keeps being unavailable :(
RUN go install github.com/tj/staticgen/cmd/staticgen@v1.1.0
# ------------------------------------------------------------------
FROM builder AS assets
COPY . /app/
COPY --from=node-deps /usr/local/bin /usr/local/bin
COPY --from=node-deps /node_modules /app/node_modules
COPY --from=bundle /usr/local/bundle/ /usr/local/bundle/
ARG RAILS_ENV
RUN if [ "$RAILS_ENV" = "production" ]; then \
echo "--- :vite: Compiling assets" \
&& RAILS_ENV=production RAILS_GROUPS=assets SECRET_KEY_BASE=xxx bundle exec rake assets:precompile \
&& cp -r /app/public/docs/assets /app/public/assets; \
fi
# ------------------------------------------------------------------
FROM $BASE_IMAGE AS runtime
WORKDIR /app
ARG RAILS_ENV
ARG DD_RUM_VERSION="unknown"
ARG DD_RUM_ENV="unknown"
# Config. Don't love this.
ENV RAILS_ENV=$RAILS_ENV
ENV DD_RUM_ENV=${DD_RUM_ENV}
ENV DD_RUM_VERSION=${DD_RUM_VERSION}
ENV DD_RUM_ENABLED=true
ENV RAILS_SERVE_STATIC_FILES=true
ENV SEGMENT_TRACKING_ID=q0LtPl49tgnyHHY8PGBsPsshHk9AVNKm
ENV SECRET_KEY_BASE=xxx
COPY . /app
COPY --from=node-deps /usr/local/bin /usr/local/bin
COPY --from=node-deps /node_modules /app/node_modules
COPY --from=bundle /usr/local/bundle/ /usr/local/bundle/
COPY --from=assets /app/public/ /app/public/
RUN bundle exec rake sitemap:create
EXPOSE 3000
CMD ["bundle", "exec", "puma", "-C", "./config/puma.rb"]
# ------------------------------------------------------------------
#
# We use this image to deploy previews to Netlify.
#
# It needs npm packages installed by Yarn in node-deps, as well as jq, curl and
# staticgen for our orchestration machinery.
#
FROM runtime AS deploy-preview
# bin/deploy-preview has a couple of dependencies
RUN apt-get update && \
apt-get install -y curl jq && \
apt purge --assume-yes linux-libc-dev
COPY --from=gobuild /go/bin/staticgen /usr/local/bin/staticgen
# ------------------------------------------------------------------
#
# We use this image to run Muffet, a link checking tool.
#
# We use a Ruby wrapper script to process the results in ways that
# make sense to us.
#
FROM raviqqe/muffet:2.11.2 AS muffet-scratch
FROM ${BASE_IMAGE} AS muffet
RUN apt-get update && \
apt-get install -y curl jq wget && \
apt purge --assume-yes linux-libc-dev
COPY --from=muffet-scratch /muffet /muffet
# ------------------------------------------------------------------
#
# Here, we ensure that the `runtime` image is the final result if this
# Dockerfile is invoked without specifying a target.
#
FROM runtime