# Building stage FROM ruby:3.2.5-bookworm AS builder RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache RUN \ --mount=type=cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,target=/var/lib/apt,sharing=locked \ apt-get update -qq && \ apt-get install -y --no-install-recommends \ libssl-dev \ nodejs \ yarnpkg \ postgresql-client ENV APP_HOME /usr/src/app ENV RAILS_ENV=production ENV GEM_HOME=$APP_HOME/vendor/bundle/ruby/3.2.0 ENV PATH=$GEM_HOME/bin:/usr/share/nodejs/yarn/bin:$PATH ENV BUNDLE_APP_CONFIG=.bundle ENV BUNDLE_BUILD__SASSC=--disable-march-tune-native COPY . $APP_HOME RUN rm -f $APP_HOME/config/application.yml $APP_HOME/production.env WORKDIR $APP_HOME RUN \ --mount=target=/usr/src/app/tmp/bundle,type=cache \ bundle config set without 'development test' && \ bundle config set path '/usr/src/app/tmp/bundle' && \ bundle install --jobs `nproc` && \ cp -r tmp/bundle/ vendor && \ rm -rf vendor/bundle/ruby/3.2.0/cache && \ find vendor/bundle/ruby -type d -name '.git' -exec rm -rf {} + && \ bundle config --local path vendor/bundle RUN \ --mount=type=cache,target=/usr/local/share/.cache/yarn/v6,sharing=locked \ --mount=type=cache,target=/usr/src/app/node_modules,sharing=locked \ DATABASE_URL=postgresql://postgres@db/scinote_production \ SECRET_KEY_BASE=dummy \ DEFACE_ENABLED=true \ bash -c "rake assets:precompile && rake deface:precompile && rm -rf ./tmp/cache" # Final stage FROM ruby:3.2.5-bookworm AS runner MAINTAINER SciNote RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache RUN \ --mount=type=cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,target=/var/lib/apt,sharing=locked \ DEBIAN_FRONTEND=noninteractive \ apt-get update -qq && \ apt-get install -y --no-install-recommends \ fonts-droid-fallback \ fonts-noto-mono \ fonts-wqy-microhei \ fonts-wqy-zenhei RUN \ --mount=type=cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,target=/var/lib/apt,sharing=locked \ DEBIAN_FRONTEND=noninteractive \ apt-get update -qq && \ apt-get install -y --no-install-recommends \ default-jre-headless \ ca-certificates-java && \ apt-get install -y --no-install-recommends \ libjemalloc2 \ groff-base \ postgresql-client \ nodejs \ awscli \ netcat-openbsd \ poppler-utils \ librsvg2-2 \ libvips42 \ graphviz \ chromium \ chromium-sandbox \ libfile-mimeinfo-perl \ yarnpkg && \ /usr/share/nodejs/yarn/bin/yarn add puppeteer@npm:puppeteer-core@^22.15.0 && \ apt-get install -y libreoffice && \ ln -s /usr/lib/x86_64-linux-gnu/libvips.so.42 /usr/lib/x86_64-linux-gnu/libvips.so ARG BUILD_TIMESTAMP=1 RUN \ --mount=type=cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,target=/var/lib/apt,sharing=locked \ touch /etc/build-${BUILD_TIMESTAMP} && \ DEBIAN_FRONTEND=noninteractive \ apt-get update -qq && \ apt-get upgrade -y && \ rm -rf /var/lib/apt/lists/* ENV APP_HOME /usr/src/app ENV RAILS_ENV=production ENV GEM_HOME=$APP_HOME/vendor/bundle/ruby/3.2.0 ENV PATH=$GEM_HOME/bin:$PATH ENV BUNDLE_APP_CONFIG=.bundle RUN adduser --uid 1000 scinote USER scinote COPY --from=builder --chown=scinote:scinote $APP_HOME $APP_HOME ENV CHROMIUM_PATH /usr/bin/chromium WORKDIR $APP_HOME CMD rails s -b 0.0.0.0