feat: switch to alpine linux

Dockerfile

@@ -1,21 +1,15 @@
-FROM docker.io/library/ruby:3.4.1-slim-bookworm AS builder
-
-RUN apt update && apt install -y \
-      g++ \
-      gcc \
-      make \
-      libstdc++-12-dev \
-      libffi-dev \
-      libc-dev \
-      libxml2-dev \
-      libxslt-dev \
-      libgcrypt-dev \
-      libsqlite3-dev \
-      sqlite3 \
-      # not needed for gems, but for runtime
-      git \
-      tzdata \
-      && rm -rf /var/lib/apt/lists/*
+FROM docker.io/library/ruby:3.4.1-alpine3.21 AS builder
+
+RUN apk update \
+    && apk upgrade \
+    && apk add --no-cache --update \
+        git \
+        sqlite \
+        alpine-sdk \
+        libxml2-dev \
+        libxslt-dev \
+        tzdata \
+        bash
 
 ENV APP_HOME=/hdm
 WORKDIR $APP_HOME
@@ -27,7 +21,15 @@ RUN bundle check || (bundle config set --local without 'development test release
 
 ###############################################################################
 
-FROM docker.io/library/ruby:3.4.1-slim-bookworm
+FROM docker.io/library/ruby:3.4.1-alpine3.21 AS final
+
+RUN apk update \
+    && apk upgrade \
+    && apk add --no-cache --update \
+        git \
+        sqlite \
+        tzdata \
+        bash
 
 ENV APP_HOME=/hdm
 ENV RAILS_ENV=production

Gemfile

@@ -80,4 +80,13 @@ gem 'git'
 gem 'gitable', require: "gitable/uri"
 
 # dependencies & sec fixes
-gem 'mini_racer' # minimal Google V8 JS engine for execjs
+gem 'mini_racer', '~> 0.16.0'    # minimal Google V8 JS engine for execjs
+gem 'libv8-node', '~> 18.19.0.0' # V8 JS engine
+
+# Alpine specific
+#
+# There is an issue with rails -> sass-embedded -> libv8-node -> protobuf
+#
+# We have to force bundler to compile protobuf on the current platform
+# and do not download precompile binary-gems, otherwise the usage of relying gems will segfault
+gem 'google-protobuf', force_ruby_platform: true

Gemfile.lock

@@ -244,9 +244,10 @@ GEM
     json (2.10.1)
     language_server-protocol (3.17.0.4)
     libv8-node (18.19.0.0)
-    libv8-node (18.19.0.0-arm64-darwin)
-    libv8-node (18.19.0.0-x86_64-darwin)
+    libv8-node (18.19.0.0-aarch64-linux)
+    libv8-node (18.19.0.0-aarch64-linux-musl)
     libv8-node (18.19.0.0-x86_64-linux)
+    libv8-node (18.19.0.0-x86_64-linux-musl)
     listen (3.9.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
@@ -335,18 +336,6 @@ GEM
       puppet-resource_api (~> 1.5)
       scanf (~> 1.0)
       semantic_puppet (~> 1.0)
-    puppet (8.10.0-universal-darwin)
-      CFPropertyList (>= 3.0.6, < 4)
-      concurrent-ruby (~> 1.0)
-      deep_merge (~> 1.0)
-      facter (>= 4.3.0, < 5)
-      fast_gettext (>= 2.1, < 4)
-      getoptlong (~> 0.2.0)
-      locale (~> 2.1)
-      multi_json (~> 1.13)
-      puppet-resource_api (~> 1.5)
-      scanf (~> 1.0)
-      semantic_puppet (~> 1.0)
     puppet-resource_api (1.9.0)
       hocon (>= 1.0)
     puppetdb-ruby (1.2.0)
@@ -512,10 +501,21 @@ GEM
     zeitwerk (2.7.1)
 
 PLATFORMS
-  arm64-darwin
+  aarch64-linux
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux
+  arm-linux-gnu
+  arm-linux-gnueabihf
+  arm-linux-musl
+  arm-linux-musleabihf
   ruby
-  x86_64-darwin
+  x86-linux
+  x86-linux-gnu
+  x86-linux-musl
   x86_64-linux
+  x86_64-linux-gnu
+  x86_64-linux-musl
 
 DEPENDENCIES
   bcrypt (~> 3.1.20)
@@ -536,10 +536,12 @@ DEPENDENCIES
   git
   gitable
   github_changelog_generator (>= 1.16.1)
+  google-protobuf
   hiera-eyaml
   importmap-rails
+  libv8-node (~> 18.19.0.0)
   listen (~> 3.9)
-  mini_racer
+  mini_racer (~> 0.16.0)
   net-ldap
   ostruct (~> 0.6.1)
   puma (~> 6.4)