bustikiller/wedding-planner
1
0
Fork 0
Code Issues Pull Requests 14 Actions Packages Projects Releases Wiki Activity

Build production Dockerfile with alpine linux images

Browse Source
This commit is contained in:
Manuel Bustillo 2025-09-28 18:06:03 +02:00
parent db5b0809fa
commit 3abc6bb5a8
No known key found for this signature in database
GPG Key ID: A74BD9E346A80DDC
1 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
Dockerfile
View File

@ -2,7 +2,8 @@
# Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile # Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile
ARG RUBY_VERSION=3.4.3 ARG RUBY_VERSION=3.4.3
FROM registry.docker.com/library/ruby:$RUBY_VERSION-slim AS base FROM ghcr.io/surnet/alpine-wkhtmltopdf:3.22.0-024b2b2-full as wkhtmltopdf
FROM ruby:${RUBY_VERSION}-alpine3.21 AS base
# Rails app lives here # Rails app lives here
WORKDIR /rails WORKDIR /rails
@ -13,14 +14,24 @@ ENV RAILS_ENV="production" \
BUNDLE_PATH="/usr/local/bundle" \ BUNDLE_PATH="/usr/local/bundle" \
BUNDLE_WITHOUT="development" BUNDLE_WITHOUT="development"
RUN apt-get update && apt-get install -y nodejs wkhtmltopdf # Install runtime dependencies
RUN apk update && \
apk add --no-cache nodejs
COPY --from=wkhtmltopdf /bin/wkhtmltopdf /bin/
# Throw-away build stage to reduce size of final image # Throw-away build stage to reduce size of final image
FROM base AS build FROM base AS build
# Install packages needed to build gems # Install packages needed to build gems
RUN apt-get update -qq && \ RUN apk update && \
apt-get install --no-install-recommends -y build-essential git libpq-dev libvips pkg-config libyaml-dev apk add --no-cache \
build-base \
git \
postgresql-dev \
vips-dev \
pkgconfig \
yaml-dev
# Install application gems # Install application gems
COPY Gemfile Gemfile.lock ./ COPY Gemfile Gemfile.lock ./
@ -37,23 +48,24 @@ RUN bundle exec bootsnap precompile app/ lib/
# Precompiling assets for production without requiring secret RAILS_MASTER_KEY # Precompiling assets for production without requiring secret RAILS_MASTER_KEY
RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile
# Final stage for app image # Final stage for app image
FROM base FROM base
# Install packages needed for deployment # Install packages needed for deployment
RUN apt-get update -qq && \ RUN apk update && \
apt-get install --no-install-recommends -y curl libvips postgresql-client && \ apk add --no-cache \
rm -rf /var/lib/apt/lists /var/cache/apt/archives curl \
vips \
postgresql-client
# Copy built artifacts: gems, application # Copy built artifacts: gems, application
COPY --from=build /usr/local/bundle /usr/local/bundle COPY --from=build /usr/local/bundle /usr/local/bundle
COPY --from=build /rails /rails COPY --from=build /rails /rails
# Run and own only the runtime files as a non-root user for security # Run and own only the runtime files as a non-root user for security
RUN useradd rails --create-home --shell /bin/bash && \ RUN adduser -D -h /home/rails rails && \
chown -R rails:rails db log storage tmp chown -R rails:rails db log storage tmp || true
USER rails:rails USER rails
# Entrypoint prepares the database. # Entrypoint prepares the database.
ENTRYPOINT ["/rails/bin/docker-entrypoint"] ENTRYPOINT ["/rails/bin/docker-entrypoint"]