generated from ministryofjustice/template-repository
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathDockerfile
72 lines (57 loc) · 1.86 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
FROM ruby:3.3.6-alpine3.19
ARG UID=1001
ARG GROUP=app
ARG USER=app
ARG HOME=/home/$USER
ARG APPDIR=$HOME/staff-device-dns-dhcp-admin
ARG CERTDIR=$HOME/cert
ARG RACK_ENV=development
ARG DB_HOST=admin-db
ARG DB_USER=root
ARG DB_PASS=root
ARG SECRET_KEY_BASE="fakekeybase"
ARG DB_NAME=root
ARG BUNDLE_WITHOUT=""
ARG BUNDLE_INSTALL_FLAGS=""
ARG RUN_PRECOMPILATION=true
ARG BUILD_DEV
# required for certain linting tools that read files, such as erb-lint
ENV LANG='C.UTF-8' \
RACK_ENV=${RACK_ENV} \
DB_HOST=${DB_HOST} \
DB_USER=${DB_USER} \
DB_PASS=${DB_PASS} \
SECRET_KEY_BASE=${SECRET_KEY_BASE} \
KEA_CONFIG_BUCKET='testbucket' \
BIND_CONFIG_BUCKET='testbuckettwo' \
AWS_DEFAULT_REGION='eu-west-2' \
DB_NAME=${DB_NAME}
RUN apk add --no-cache --virtual .build-deps build-base && \
apk add --no-cache nodejs yarn mysql-dev mysql-client bash make bind shadow
RUN if [ "${BUILD_DEV}" = "true" ] ; then \
apk add --no-cache alpine-sdk ruby-dev; \
fi
RUN groupadd -g $UID -o $GROUP && \
useradd -m -u $UID -g $UID -o -s /bin/false $USER && \
mkdir -p $APPDIR && \
mkdir -p $CERTDIR && \
chown -R $USER:$GROUP $HOME
USER $USER
WORKDIR $APPDIR
COPY --chown=$USER:$GROUP Gemfile Gemfile.lock .ruby-version ./
RUN bundle config set no-cache 'true' && \
bundle install ${BUNDLE_INSTALL_FLAGS}
COPY --chown=$USER:$GROUP package.json yarn.lock ./
RUN yarn && yarn cache clean
COPY --chown=$USER:$GROUP . $APPDIR
RUN curl -o $CERTDIR/eu-west-2-bundle.pem https://truststore.pki.rds.amazonaws.com/eu-west-2/eu-west-2-bundle.pem
USER root
RUN chown -R $USER:$GROUP $CERTDIR &&\
chown -R $USER:$GROUP /var/bind &&\
apk del .build-deps
USER $USER
RUN if [ ${RUN_PRECOMPILATION} = 'true' ]; then \
ASSET_PRECOMPILATION_ONLY=true RAILS_ENV=production bundle exec rails assets:precompile; \
fi
EXPOSE 3000
CMD ["bundle", "exec", "rails", "server", "-b", "0.0.0.0"]