Dockerfileを更新 (#1863)

* update Dockerfile * update webpacker * enable ENTRYPOINT
next-l · Feb 18, 2024 · 60f8de2 · 60f8de2
1 parent dfa0dd0
commit 60f8de2
Show file tree

Hide file tree

Showing 8 changed files with 86 additions and 35 deletions.
diff --git a/.env.template b/.env.template
@@ -22,7 +22,6 @@ ENJU_LEAF_DEFAULT_LOCALE=ja
 ENJU_LEAF_TIME_ZONE=Asia/Tokyo
 # ENJU_LEAF_STORAGE_BUCKET=enju-leaf
 # ENJU_LEAF_STORAGE_ENDPOINT=http://minio:9000
-ENJU_LEAF_ACTION_MAILER_DELIVERY_METHOD=test
 ENJU_LEAF_EXTRACT_TEXT=
 ENJU_LEAF_EXTRACT_FILESIZE_LIMIT=2097152
 # ENJU_LEAF_RESOURCESYNC_BASE_URL=http://localhost:8080

diff --git a/Dockerfile b/Dockerfile
@@ -1,34 +1,80 @@
-FROM ruby:3.2.3 as builder
-LABEL maintainer="nabeta@fastmail.fm"
+# syntax = docker/dockerfile:1
 
-ARG http_proxy
-ARG https_proxy
+# Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile
+ARG RUBY_VERSION=3.2.3
+FROM registry.docker.com/library/ruby:$RUBY_VERSION-slim as base
+
+# Rails app lives here
+WORKDIR /enju
 
-COPY Gemfile /
-COPY Gemfile.lock /
-RUN apt-get update -qq && apt-get install -y libpq-dev && bundle install
+# Set production environment
+ENV RAILS_ENV="production" \
+    BUNDLE_DEPLOYMENT="1" \
+    BUNDLE_PATH="/usr/local/bundle" \
+    BUNDLE_WITHOUT="development"
 
-FROM ruby:3.2.3
-LABEL maintainer="nabeta@fastmail.fm"
 
-ARG http_proxy
-ARG https_proxy
+# Throw-away build stage to reduce size of final image
+FROM base as build
+
+# Install packages needed to build gems
+RUN apt-get update -qq && apt-get install --no-install-recommends -y curl gnupg && \
+  mkdir -p /etc/apt/keyrings && \
+  curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
+  curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor -o /etc/apt/keyrings/yarnkey.gpg && \
+  echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
+  echo "deb [signed-by=/etc/apt/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | tee /etc/apt/sources.list.d/yarn.list && \
+    apt-get update -qq && \
+    apt-get install --no-install-recommends -y build-essential git libpq-dev libvips pkg-config nodejs yarn
+
+# Install application gems
+COPY Gemfile Gemfile.lock ./
+RUN bundle install && \
+    rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git && \
+    bundle exec bootsnap precompile --gemfile && \
+    yarn install
+
+# Copy application code
+COPY . .
+
+# Precompile bootsnap code for faster boot times
+RUN bundle exec bootsnap precompile app/ lib/
+
+# Precompiling assets for production without requiring secret RAILS_MASTER_KEY
+# RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile
+
+
+# Final stage for app image
+FROM base
 ARG UID=1000
 ARG GID=1000
+ARG http_proxy
+ARG https_proxy
 
-RUN groupadd --gid ${GID} enju && useradd -m --uid ${UID} --gid ${GID} enju
-RUN mkdir -p /etc/apt/keyrings && \
-  apt-get update -qq && apt-get install -y curl ca-certificates gnupg && \
+# Install packages needed for deployment
+RUN apt-get update -qq && apt-get install --no-install-recommends -y curl gnupg && \
+  mkdir -p /etc/apt/keyrings && \
   curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
   curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor -o /etc/apt/keyrings/yarnkey.gpg && \
   echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
   echo "deb [signed-by=/etc/apt/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | tee /etc/apt/sources.list.d/yarn.list && \
-  apt-get update -qq && apt-get install -y nodejs yarn postgresql-client imagemagick poppler-utils ffmpeg libvips42 && \
-  apt-get clean && rm -rf /var/lib/apt/lists/*
-RUN mkdir /enju && chown -R enju:enju /enju
-USER enju
-WORKDIR /enju
-ADD package.json yarn.lock ./
-RUN yarn install --frozen-lockfile
-COPY --from=builder /usr/local/bundle /usr/local/bundle
-COPY . /enju/
+    apt-get update -qq && \
+    apt-get install --no-install-recommends -y libvips postgresql-client nodejs yarn && \
+    rm -rf /var/lib/apt/lists /var/cache/apt/archives
+
+# Copy built artifacts: gems, application
+COPY --from=build /usr/local/bundle /usr/local/bundle
+COPY --from=build /enju /enju
+
+# Run and own only the runtime files as a non-root user for security
+RUN groupadd --gid ${GID} enju && \
+    useradd enju --uid ${UID} --gid ${GID} --create-home --shell /bin/bash && \
+    chown -R enju:enju db log storage tmp
+USER enju:enju
+
+# Entrypoint prepares the database.
+ENTRYPOINT ["/enju/bin/docker-entrypoint"]
+
+# Start the server by default, this can be overwritten at runtime
+EXPOSE 3000
+CMD ["./bin/rails", "server"]
diff --git a/bin/docker-entrypoint b/bin/docker-entrypoint
@@ -0,0 +1,8 @@
+#!/bin/bash -e
+
+# If running the rails server then create or migrate existing database
+if [ "${1}" == "./bin/rails" ] && [ "${2}" == "server" ]; then
+  ./bin/rails db:prepare
+fi
+
+exec "${@}"
diff --git a/config/application.rb b/config/application.rb
@@ -14,7 +14,7 @@
 module EnjuLeaf
   class Application < Rails::Application
     # Initialize configuration defaults for originally generated Rails version.
-    config.load_defaults 6.1
+    config.load_defaults 7.0
 
     # Configuration for the application, engines, and railties goes here.
     #

diff --git a/config/environments/production.rb b/config/environments/production.rb
@@ -90,6 +90,4 @@
 
   # Do not dump schema after migrations.
   config.active_record.dump_schema_after_migration = false
-
-  config.action_mailer.delivery_method = ENV['ENJU_LEAF_ACTION_MAILER_DELIVERY_METHOD'].to_sym
 end
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -33,7 +33,7 @@ x-app: &app
 services:
   web:
     <<: *app
-    command: bash -c "rm -f tmp/pids/server.pid && rails s -b 0.0.0.0"
+    command: bash -c "rm -f tmp/pids/server.pid && bin/rails s -b 0.0.0.0"
     environment:
       - WEBPACKER_DEV_SERVER_HOST=webpacker
     expose:

diff --git a/package.json b/package.json
@@ -5,11 +5,11 @@
     "@rails/actioncable": "~7.0.8",
     "@rails/activestorage": "~7.0.8",
     "@rails/ujs": "~7.0.8",
-    "@rails/webpacker": "5.4.3",
+    "@rails/webpacker": "5.4.4",
+    "jquery": "^2.2.4",
     "mirador": "^3.3.0",
     "webpack": "^4.46.0",
-    "webpack-cli": "^3.3.12",
-    "jquery": "^2.2.4"
+    "webpack-cli": "^3.3.12"
   },
   "devDependencies": {
     "webpack-dev-server": "^3"

diff --git a/yarn.lock b/yarn.lock
@@ -1153,10 +1153,10 @@
   resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-7.0.8.tgz#59853367d0827b3955d2c4bedfd5eba4a79d3422"
   integrity sha512-tOQQBVH8LsUpGXqDnk+kaOGVsgZ8maHAhEiw3Git3p88q+c0Slgu47HuDnL6sVxeCfz24zbq7dOjsVYDiTpDIA==
 
-"@rails/webpacker@5.4.3":
-  version "5.4.3"
-  resolved "https://registry.yarnpkg.com/@rails/webpacker/-/webpacker-5.4.3.tgz#cfe2d8faffe7db5001bad50a1534408b4f2efb2f"
-  integrity sha512-tEM8tpUtfx6FxKwcuQ9+v6pzgqM5LeAdhT6IJ4Te3BPKFO1xrGrXugqeRuZ+gE8ASDZRTOK6yuQkapOpuX5JdA==
+"@rails/webpacker@5.4.4":
+  version "5.4.4"
+  resolved "https://registry.yarnpkg.com/@rails/webpacker/-/webpacker-5.4.4.tgz#971a41b987c096c908ce4088accd57c1a9a7e2f7"
+  integrity sha512-hp9myb2MChYFPfE5Fd/3gF4q2m4wpxC+WWCkxcg6My3HYCptWuqMVXRwrBZ5EJHYiL/WRyMLvVNWwlFV47xhUw==
   dependencies:
     "@babel/core" "^7.15.0"
     "@babel/plugin-proposal-class-properties" "^7.14.5"