From 07beff8cfeb91c1dd9b50a90b038a25cb0385efc Mon Sep 17 00:00:00 2001 From: Alex Kriuchykhin Date: Tue, 25 Apr 2023 14:49:04 +0200 Subject: [PATCH] Add caching configuration to production Dockerfile [SCI-8089] (#5294) --- Dockerfile.production | 138 +++++++++++++++++++++++++++++------------- Makefile | 7 +-- 2 files changed, 98 insertions(+), 47 deletions(-) diff --git a/Dockerfile.production b/Dockerfile.production index 8c7c256ef..73df78a29 100644 --- a/Dockerfile.production +++ b/Dockerfile.production @@ -1,57 +1,109 @@ -FROM ruby:2.7.6-bullseye -MAINTAINER SciNote +# Building stage +FROM ruby:2.7.6-bullseye AS builder -ARG WKHTMLTOPDF_PACKAGE_URL=https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6-1/wkhtmltox_0.12.6-1.buster_amd64.deb - -# additional dependecies -# libreoffice for file preview generation -RUN apt-get update -qq && \ - apt-get install -y \ - libjemalloc2 \ +RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache +RUN \ + --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + DEBIAN_FRONTEND=noninteractive \ + apt-get update -qq && \ + apt-get install -y --no-install-recommends \ libssl-dev \ nodejs \ npm \ - groff-base \ - awscli \ - postgresql-client \ - netcat \ - default-jre-headless \ - poppler-utils \ - librsvg2-2 \ - libvips42 \ - sudo graphviz --no-install-recommends \ - libreoffice \ - fonts-droid-fallback \ - fonts-noto-mono \ - fonts-wqy-microhei \ - fonts-wqy-zenhei \ - libfile-mimeinfo-perl && \ - wget -q -O /tmp/wkhtmltox_amd64.deb $WKHTMLTOPDF_PACKAGE_URL && \ - apt-get install -y /tmp/wkhtmltox_amd64.deb && \ - rm /tmp/wkhtmltox_amd64.deb && \ - npm install -g yarn && \ - ln -s /usr/lib/x86_64-linux-gnu/libvips.so.42 /usr/lib/x86_64-linux-gnu/libvips.so && \ - rm -rf /var/lib/apt/lists/* + postgresql-client && \ + npm install -g yarn -ENV RAILS_ENV production +ENV APP_HOME /usr/src/app +ENV RAILS_ENV=production +ENV GEM_HOME=$APP_HOME/vendor/bundle/ruby/2.7.0 +ENV PATH=$GEM_HOME/bin:$PATH +ENV BUNDLE_APP_CONFIG=.bundle ENV BUNDLE_BUILD__SASSC=--disable-march-tune-native -# install gems -COPY Gemfile* /usr/src/bundle/ -COPY addons /usr/src/bundle/addons -WORKDIR /usr/src/bundle -RUN bundle install - -# create app directory -ENV APP_HOME /usr/src/app -RUN mkdir $APP_HOME -WORKDIR $APP_HOME -COPY . . +COPY . $APP_HOME RUN rm -f $APP_HOME/config/application.yml $APP_HOME/production.env +WORKDIR $APP_HOME +RUN \ + --mount=target=$APP_HOME/tmp/bundle,type=cache \ + bundle config set without 'development test' && \ + bundle config set deployment 'true' && \ + bundle config set path '/usr/src/app/tmp/bundle' && \ + bundle install --jobs `nproc` && \ + cp -r tmp/bundle/ vendor && \ + rm -rf vendor/bundle/ruby/2.7.0/cache && \ + find vendor/bundle/ruby -type d -name '.git' -exec rm -rf {} + && \ + bundle config --local path vendor/bundle -RUN DATABASE_URL=postgresql://postgres@db/scinote_production \ +RUN \ + --mount=type=cache,target=/usr/local/share/.cache/yarn/v6,sharing=locked \ + --mount=type=cache,target=$APP_HOME/node_modules,sharing=locked \ + DATABASE_URL=postgresql://postgres@db/scinote_production \ SECRET_KEY_BASE=dummy \ DEFACE_ENABLED=true \ bash -c "rake assets:precompile && rake deface:precompile" +# Final stage +FROM ruby:2.7.6-bullseye AS runner +MAINTAINER SciNote + +ARG WKHTMLTOPDF_PACKAGE_URL=https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6-1/wkhtmltox_0.12.6-1.buster_amd64.deb + +RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache +RUN \ + --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + wget -q -O /tmp/wkhtmltox_amd64.deb $WKHTMLTOPDF_PACKAGE_URL && \ + DEBIAN_FRONTEND=noninteractive \ + apt-get update -qq && \ + apt-get install -y --no-install-recommends \ + fonts-droid-fallback \ + fonts-noto-mono \ + fonts-wqy-microhei \ + fonts-wqy-zenhei \ + /tmp/wkhtmltox_amd64.deb && \ + rm /tmp/wkhtmltox_amd64.deb + +RUN \ + --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + DEBIAN_FRONTEND=noninteractive \ + apt-get update -qq && \ + apt-get install -y --no-install-recommends \ + libjemalloc2 \ + groff-base \ + postgresql-client \ + netcat \ + npm \ + default-jre-headless \ + poppler-utils \ + librsvg2-2 \ + libvips42 \ + graphviz \ + libreoffice-calc \ + libreoffice-impress \ + libreoffice-writer \ + libfile-mimeinfo-perl && \ + ln -s /usr/lib/x86_64-linux-gnu/libvips.so.42 /usr/lib/x86_64-linux-gnu/libvips.so + +ARG BUILD_TIMESTAMP=1 +RUN \ + --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + touch /etc/build-${BUILD_TIMESTAMP} && \ + DEBIAN_FRONTEND=noninteractive \ + apt-get update -qq && \ + apt-get upgrade -y && \ + rm -rf /var/lib/apt/lists/* + +ENV APP_HOME /usr/src/app +ENV RAILS_ENV=production +ENV GEM_HOME=$APP_HOME/vendor/bundle/ruby/2.7.0 +ENV PATH=$GEM_HOME/bin:$PATH +ENV BUNDLE_APP_CONFIG=.bundle + +COPY --from=builder $APP_HOME $APP_HOME + +WORKDIR $APP_HOME + CMD rails s -b 0.0.0.0 diff --git a/Makefile b/Makefile index ada03c937..ea90052ec 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,9 @@ APP_HOME="/usr/src/app" DB_IP=$(shell docker inspect scinote_db_development | grep "\"IPAddress\": " | awk '{ match($$0, /"IPAddress": "([0-9\.]*)",/, a); print a[1] }') -PAPERCLIP_HASH_SECRET=$(shell openssl rand -base64 128 | tr -d '\n') +BUILD_TIMESTAMP=$(shell date +%s) define PRODUCTION_CONFIG_BODY SECRET_KEY_BASE=$(shell openssl rand -hex 64) -PAPERCLIP_HASH_SECRET=$(shell openssl rand -base64 128 | tr -d '\n') DATABASE_URL=postgresql://postgres:mysecretpassword@db/scinote_production ACTIVESTORAGE_SERVICE=local ENABLE_RECAPTCHA=false @@ -26,7 +25,7 @@ docker: @docker-compose build docker-production: - @docker-compose -f docker-compose.production.yml build + @docker-compose -f docker-compose.production.yml build --build-arg BUILD_TIMESTAMP=$(BUILD_TIMESTAMP) config-production: ifeq (production.env,$(wildcard production.env)) @@ -85,7 +84,7 @@ tests-ci: @docker-compose run --rm web bash -c "bundle install && yarn install" @docker-compose up -d webpack @docker-compose ps - @docker-compose run -e ENABLE_EMAIL_CONFIRMATIONS=false -e MAIL_FROM=MAIL_FROM -e MAIL_REPLYTO=MAIL_REPLYTO -e RAILS_ENV=test -e PAPERCLIP_HASH_SECRET=PAPERCLIP_HASH_SECRET -e MAIL_SERVER_URL=localhost:3000 -e ENABLE_RECAPTCHA=false -e ENABLE_USER_CONFIRMATION=false -e ENABLE_USER_REGISTRATION=true -e CORE_API_RATE_LIMIT=1000000 --rm web bash -c "rake db:create && rake db:migrate && yarn install && bundle exec rspec" + @docker-compose run -e ENABLE_EMAIL_CONFIRMATIONS=false -e MAIL_FROM=MAIL_FROM -e MAIL_REPLYTO=MAIL_REPLYTO -e RAILS_ENV=test -e MAIL_SERVER_URL=localhost:3000 -e ENABLE_RECAPTCHA=false -e ENABLE_USER_CONFIRMATION=false -e ENABLE_USER_REGISTRATION=true -e CORE_API_RATE_LIMIT=1000000 --rm web bash -c "rake db:create && rake db:migrate && yarn install && bundle exec rspec" console: @$(MAKE) rails cmd="rails console"