-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
6aa658f
commit 11fb893
Showing
4 changed files
with
235 additions
and
50 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,122 @@ | ||
FROM ruby:3.0.6 | ||
MAINTAINER [email protected] | ||
FROM ruby:3.0 AS builder | ||
|
||
ARG rails_env=production | ||
ARG secret_key_base= | ||
RUN NODE_MAJOR=16 && \ | ||
apt-get update && apt-get upgrade -y && apt-get install -y ca-certificates curl gnupg && \ | ||
mkdir -p /etc/apt/keyrings && \ | ||
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \ | ||
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \ | ||
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \ | ||
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \ | ||
apt-get update && apt-get install -y nodejs yarn \ | ||
build-essential \ | ||
postgresql-client \ | ||
libpq-dev && \ | ||
apt-get clean | ||
|
||
ENV APP_HOME /code | ||
ENV RAILS_ENV $rails_env | ||
ENV SECRET_KEY_BASE $secret_key_base | ||
# throw errors if Gemfile has been modified since Gemfile.lock | ||
RUN bundle config --global frozen 1 | ||
|
||
RUN apt-get update | ||
WORKDIR /app | ||
|
||
RUN curl -sL https://deb.nodesource.com/setup_8.x | bash && \ | ||
apt-get install -y nodejs | ||
# Copy package dependencies files only to ensure maximum cache hit | ||
COPY ./package-lock.json /app/package-lock.json | ||
COPY ./package.json /app/package.json | ||
COPY ./Gemfile /app/Gemfile | ||
COPY ./Gemfile.lock /app/Gemfile.lock | ||
|
||
ADD Gemfile /tmp/Gemfile | ||
ADD Gemfile.lock /tmp/Gemfile.lock | ||
RUN cd /tmp && bundle install | ||
RUN gem install bundler:$(grep -A 1 'BUNDLED WITH' Gemfile.lock | tail -n 1 | xargs) && \ | ||
bundle config --local without 'development test' && \ | ||
bundle install -j4 --retry 3 && \ | ||
# Remove unneeded gems | ||
bundle clean --force && \ | ||
# Remove unneeded files from installed gems (cache, *.o, *.c) | ||
rm -rf /usr/local/bundle/cache && \ | ||
find /usr/local/bundle/ -name "*.c" -delete && \ | ||
find /usr/local/bundle/ -name "*.o" -delete && \ | ||
find /usr/local/bundle/ -name ".git" -exec rm -rf {} + && \ | ||
find /usr/local/bundle/ -name ".github" -exec rm -rf {} + && \ | ||
# whkhtmltopdf has binaries for all platforms, we don't need them once uncompressed | ||
rm -rf /usr/local/bundle/gems/wkhtmltopdf-binary-*/bin/*.gz && \ | ||
# Remove additional unneded decidim files | ||
find /usr/local/bundle/ -name "decidim_app-design" -exec rm -rf {} + && \ | ||
find /usr/local/bundle/ -name "spec" -exec rm -rf {} + | ||
|
||
RUN mkdir -p $APP_HOME | ||
WORKDIR $APP_HOME | ||
ADD . $APP_HOME | ||
RUN npm ci | ||
|
||
RUN bundle exec rake DATABASE_URL=postgresql://user:[email protected]/dbname assets:precompile | ||
# copy the rest of files | ||
COPY ./app /app/app | ||
COPY ./bin /app/bin | ||
COPY ./config /app/config | ||
COPY ./db /app/db | ||
COPY ./lib /app/lib | ||
COPY ./packages /app/packages | ||
COPY ./public/*.* /app/public/ | ||
COPY ./config.ru /app/config.ru | ||
COPY ./Rakefile /app/Rakefile | ||
COPY ./babel.config.json /app/babel.config.json | ||
COPY ./postcss.config.js /app/postcss.config.js | ||
|
||
CMD ["bundle", "exec", "rails", "s", "-b0.0.0.0"] | ||
# Compile assets with Webpacker or Sprockets | ||
# | ||
# Notes: | ||
# 1. Executing "assets:precompile" runs "webpacker:compile", too | ||
# 2. For an app using encrypted credentials, Rails raises a `MissingKeyError` | ||
# if the master key is missing. Because on CI there is no master key, | ||
# we hide the credentials while compiling assets (by renaming them before and after) | ||
# | ||
RUN mv config/credentials.yml.enc config/credentials.yml.enc.bak 2>/dev/null || true | ||
RUN mv config/credentials config/credentials.bak 2>/dev/null || true | ||
|
||
RUN RAILS_ENV=production \ | ||
SECRET_KEY_BASE=dummy \ | ||
RAILS_MASTER_KEY=dummy \ | ||
DB_ADAPTER=nulldb \ | ||
bundle exec rails assets:precompile | ||
|
||
RUN mv config/credentials.yml.enc.bak config/credentials.yml.enc 2>/dev/null || true | ||
RUN mv config/credentials.bak config/credentials 2>/dev/null || true | ||
|
||
RUN rm -rf node_modules tmp/cache vendor/bundle test spec app/packs .git | ||
|
||
# This image is for production env only | ||
FROM ruby:3.0-slim AS final | ||
|
||
RUN apt-get update && \ | ||
apt-get install -y postgresql-client \ | ||
imagemagick \ | ||
curl \ | ||
supervisor && \ | ||
apt-get clean | ||
|
||
EXPOSE 3000 | ||
|
||
ENV RAILS_LOG_TO_STDOUT true | ||
ENV RAILS_SERVE_STATIC_FILES true | ||
ENV RAILS_ENV production | ||
|
||
ARG RUN_RAILS | ||
ARG RUN_SIDEKIQ | ||
ARG COMMIT_SHA | ||
ARG COMMIT_TIME | ||
ARG COMMIT_VERSION | ||
|
||
ENV COMMIT_SHA ${COMMIT_SHA} | ||
ENV COMMIT_TIME ${COMMIT_TIME} | ||
ENV COMMIT_VERSION ${COMMIT_VERSION} | ||
|
||
# Add user | ||
RUN addgroup --system --gid 1000 app && \ | ||
adduser --system --uid 1000 --home /app --group app | ||
|
||
WORKDIR /app | ||
COPY ./entrypoint.sh /app/entrypoint.sh | ||
COPY ./supervisord.conf /etc/supervisord.conf | ||
COPY --from=builder --chown=app:app /usr/local/bundle/ /usr/local/bundle/ | ||
COPY --from=builder --chown=app:app /app /app | ||
|
||
USER app | ||
HEALTHCHECK --interval=1m --timeout=5s --start-period=30s \ | ||
CMD (curl -sSH "Content-Type: application/json" -d '{"query": "{ decidim { version } }"}' http://localhost:3000/api) || exit 1 | ||
|
||
ENTRYPOINT ["/app/entrypoint.sh"] | ||
CMD ["/usr/bin/supervisord"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,47 +1,55 @@ | ||
version: '2' | ||
version: '3' | ||
services: | ||
app: | ||
image: decidim/decidim:0.7.2-dev | ||
build: . | ||
volumes: | ||
- .:/app | ||
- bundle:/usr/local/bundle | ||
- node_modules:/app/node_modules | ||
- ./tmp/pids:/app/tmp/pids | ||
# - ./entrypoint.sh:/app/entrypoint.sh | ||
# - ./db/seeds.rb:/app/db/seeds.rb | ||
# - .:/app | ||
# - bundle:/usr/local/bundle | ||
# - node_modules:/app/node_modules | ||
environment: | ||
- PORT=3000 | ||
- DATABASE_HOST=pg | ||
- DATABASE_USERNAME=postgres | ||
- RAILS_ENV=development | ||
- REDIS_URL=redis://redis:6379 | ||
- DATABASE_URL=postgres://postgres:decidim@db/decidim | ||
- SECRET_KEY_BASE=my-key-secret | ||
- DECIDIM_FORCE_SSL=false | ||
- QUEUE_ADAPTER=sidekiq | ||
- REDIS_URL=redis://redis:6379/1 | ||
ports: | ||
- 3000:3000 | ||
links: | ||
- pg | ||
depends_on: | ||
- db | ||
- redis | ||
command: bundle exec puma | ||
worker: | ||
image: decidim/decidim:0.7.2-dev | ||
sidekiq: | ||
build: . | ||
volumes: | ||
- .:/app | ||
- bundle:/usr/local/bundle | ||
# - ./entrypoint.sh:/app/entrypoint.sh | ||
# - .:/app | ||
# - bundle:/usr/local/bundle | ||
# - node_modules:/app/node_modules | ||
environment: | ||
- DATABASE_HOST=pg | ||
- DATABASE_USERNAME=postgres | ||
- RAILS_ENV=development | ||
- REDIS_URL=redis://redis:6379 | ||
links: | ||
- pg | ||
- DATABASE_URL=postgres://postgres:decidim@db/decidim | ||
- SECRET_KEY_BASE=my-key-secret | ||
- DECIDIM_FORCE_SSL=false | ||
- QUEUE_ADAPTER=sidekiq | ||
- REDIS_URL=redis://redis:6379/1 | ||
- RUN_SIDEKIQ=true | ||
depends_on: | ||
- redis | ||
command: bundle exec sidekiq | ||
pg: | ||
image: postgres | ||
db: | ||
image: postgres:13 | ||
ports: | ||
- "54321:5432" | ||
environment: | ||
- POSTGRES_PASSWORD=decidim | ||
volumes: | ||
- pg-data:/var/lib/postgresql/data | ||
- pg_data:/var/lib/postgresql/data | ||
redis: | ||
image: redis | ||
volumes: | ||
- redis-data:/data | ||
- redis_data:/data | ||
volumes: | ||
node_modules: {} | ||
bundle: {} | ||
pg-data: {} | ||
redis-data: {} | ||
pg_data: | ||
redis_data: | ||
# bundle: | ||
# node_modules: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
#!/bin/bash | ||
|
||
# Run rails by default if sidekiq is specified | ||
if [ -z "$RUN_RAILS" ] && [ -z "$RUN_SIDEKIQ" ]; then | ||
RUN_RAILS=true | ||
echo "⚠️ RUN_RAILS and RUN_SIDEKIQ are not set, defaulting to RUN_RAILS=true" | ||
fi | ||
|
||
if [ "$QUEUE_ADAPTER" != "sidekiq" ]; then | ||
RUN_SIDEKIQ=false | ||
echo "⚠️ Sidekiq is disabled because QUEUE_ADAPTER is not set to sidekiq" | ||
fi | ||
|
||
# ensure booleans | ||
if [ "$RUN_RAILS" == "true" ] || [ "$RUN_RAILS" == "1" ]; then | ||
RUN_RAILS=true | ||
else | ||
RUN_RAILS=false | ||
fi | ||
if [ "$RUN_SIDEKIQ" == "true" ] || [ "$RUN_SIDEKIQ" == "1" ]; then | ||
RUN_SIDEKIQ=true | ||
else | ||
RUN_SIDEKIQ=false | ||
fi | ||
|
||
if [ "$RUN_RAILS" == "true" ]; then | ||
echo "✅ Running Rails" | ||
fi | ||
|
||
if [ "$RUN_SIDEKIQ" == "true" ]; then | ||
echo "✅ Running Sidekiq" | ||
fi | ||
|
||
export RUN_RAILS | ||
export RUN_SIDEKIQ | ||
|
||
# Check all the gems are installed or fails. | ||
bundle check | ||
if [ $? -ne 0 ]; then | ||
echo "❌ Gems in Gemfile are not installed, aborting..." | ||
exit 1 | ||
else | ||
echo "✅ Gems in Gemfile are installed" | ||
fi | ||
|
||
# Check no migrations are pending migrations | ||
if [ -z "$SKIP_MIGRATIONS" ]; then | ||
bundle exec rails db:migrate | ||
else | ||
echo "⚠️ Skipping migrations" | ||
fi | ||
|
||
echo "✅ Migrations are all up" | ||
|
||
echo "🚀 $@" | ||
exec "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
[supervisord] | ||
nodaemon=true | ||
logfile=/tmp/supervisord.log | ||
pidfile=/tmp/supervisord.pid | ||
|
||
[program:puma] | ||
command=bin/rails server -b 0.0.0.0 | ||
directory=/app | ||
# If RUN_RAILS is not set, defaults to RUN_SIDEKIQ not being defined | ||
autostart=%(ENV_RUN_RAILS)s | ||
stdout_logfile=/dev/stdout | ||
stdout_logfile_maxbytes=0 | ||
stderr_logfile=/dev/stderr | ||
stderr_logfile_maxbytes=0 | ||
|
||
[program:sidekiq] | ||
command=bundle exec sidekiq -C config/sidekiq.yml | ||
directory=/app | ||
autostart=%(ENV_RUN_SIDEKIQ)s | ||
stdout_logfile=/dev/stdout | ||
stdout_logfile_maxbytes=0 | ||
stderr_logfile=/dev/stderr | ||
stderr_logfile_maxbytes=0 | ||
|
||
[supervisorctl] |