-
-
Save rubys/12c42c67ac3173b11cee4ad7c3fcdc9e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# syntax = docker/dockerfile:1 | |
# Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile | |
ARG RUBY_VERSION=3.2.1 | |
FROM --platform=linux/amd64 ruby:$RUBY_VERSION-slim as base | |
# Rails app lives here | |
WORKDIR /rails | |
# Set production environment | |
ENV RAILS_ENV="production" \ | |
BUNDLE_DEPLOYMENT="1" \ | |
BUNDLE_WITHOUT="development:test" | |
# Update gems and bundler | |
RUN gem update --system --no-document && \ | |
gem install -N bundler | |
# Install packages needed to install nodejs and chrome | |
RUN apt-get update -qq && \ | |
apt-get install --no-install-recommends -y curl gnupg && \ | |
rm -rf /var/lib/apt/lists /var/cache/apt/archives | |
# Install Node.js | |
ARG NODE_VERSION=19.7.0 | |
ENV PATH=/usr/local/node/bin:$PATH | |
RUN curl -sL https://github.com/nodenv/node-build/archive/master.tar.gz | tar xz -C /tmp/ && \ | |
/tmp/node-build-master/bin/node-build "${NODE_VERSION}" /usr/local/node && \ | |
rm -rf /tmp/node-build-master | |
# Throw-away build stage to reduce size of final image | |
FROM base as build | |
# Install packages needed to build gems and node modules | |
RUN apt-get update -qq && \ | |
apt-get install --no-install-recommends -y build-essential node-gyp pkg-config python-is-python3 | |
# Build options | |
ENV PATH="/usr/local/node/bin:$PATH" \ | |
PUPPETEER_SKIP_CHROMIUM_DOWNLOAD="true" | |
# Install application gems | |
COPY Gemfile Gemfile.lock . | |
RUN bundle install | |
# Install node modules | |
COPY package.json package-lock.json . | |
RUN npm install | |
# Copy application code | |
COPY . . | |
# Precompiling assets for production without requiring secret RAILS_MASTER_KEY | |
RUN SECRET_KEY_BASE=DUMMY ./bin/rails assets:precompile | |
# Final stage for app image | |
FROM base | |
# Install packages needed for deployment | |
RUN curl https://dl-ssl.google.com/linux/linux_signing_key.pub | \ | |
gpg --dearmor > /etc/apt/trusted.gpg.d/google-archive.gpg && \ | |
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list && \ | |
apt-get update -qq && \ | |
apt-get install --no-install-recommends -y google-chrome-stable libsqlite3-0 && \ | |
rm -rf /var/lib/apt/lists /var/cache/apt/archives | |
# Run and own the application files as a non-root user for security | |
RUN useradd rails | |
USER rails:rails | |
# Copy built artifacts: gems, application | |
COPY --from=build /usr/local/bundle /usr/local/bundle | |
COPY --from=build --chown=rails:rails /rails /rails | |
# Deployment options | |
ENV RAILS_LOG_TO_STDOUT="1" \ | |
RAILS_SERVE_STATIC_FILES="true" \ | |
GROVER_NO_SANDBOX="true" \ | |
PUPPETEER_EXECUTABLE_PATH="/usr/bin/google-chrome" | |
# Entrypoint prepares the database. | |
ENTRYPOINT ["/rails/bin/docker-entrypoint"] | |
# Start the server by default, this can be overwritten at runtime | |
EXPOSE 3000 | |
CMD ["./bin/rails", "server"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment