ledermann / docker-rails-base Goto Github PK
View Code? Open in Web Editor NEWOptimized Docker image for Rails applications
Home Page: https://ledermann.dev/blog/2020/01/29/building-docker-images-the-performant-way/
License: MIT License
Optimized Docker image for Rails applications
Home Page: https://ledermann.dev/blog/2020/01/29/building-docker-images-the-performant-way/
License: MIT License
Just noticed that the base Dockerfile precompile step has SECRET_KEY_BASE=dummy
. Isn't this a security risk?
There are a few workarounds here: rails/rails#32947 that could make it more secure, such as using SECRET_KEY_BASE=``bin/rake secret`` bin/rake assets:precompile
.
Is there a way to pass ENV vars to the container before bundling?
I (sadly) have the need for imagemagick(-dev, -libs) in my Build Stage in Order to use a certain gem later in Production.
How would that be possible?
I tried copying the whole Builder Dockerfile in place of FROM ledermann/rails-base-builder:3.2.2-alpine AS Builder
but i don't get running Images.
Appreciated!
Asset Precompilation in Builder Stage crashes with
Error loading shared library glib-2.0.so.0: No such file or directory.
if gem "vips"
is added to Bundle.
Builder Stage would need vips-dev
Alpine Package in order to alleviate this.
After I updated ledermann/rails-base-builder:3.0.2-alpine and ledermann/rails-base-final:3.0.2-alpine.
I met the problem when running my image on AWS ECS with errors /home/app
is not writable even I set USER to app on Dockerfile.
Full errors.
Do you have any suggestions?
I tried this way
FROM ledermann/rails-base-builder:3.1.1-alpine AS Builder
FROM ledermann/rails-base-final:3.1.1-alpine
RUN apk add --no-cache sqlite-dev
USER app
CMD ["bundle", "exec", "puma", "-C", "config/puma.rb"]
failed with cmd docker build .
Installing sqlite3 1.4.2 with native extensions
Installing importmap-rails 1.0.3
Installing stimulus-rails 1.0.4
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
current directory: /usr/local/bundle/gems/sqlite3-1.4.2/ext/sqlite3
/usr/local/bin/ruby -I /usr/local/lib/ruby/3.1.0 -r
./siteconf20220313-8-4cuwka.rb extconf.rb
checking for sqlite3.h... no
sqlite3.h is missing. Try 'brew install sqlite3',
'yum install sqlite-devel' or 'apt-get install libsqlite3-dev'
it seems sqlite-dev is not added before onbuild is triggered.
maybe I need build my builder image?
Just noticed this line:
docker-rails-base/Builder/Dockerfile
Line 35 in f9abbbe
It only clears out .gem
caches. If you have a gem that is referencing a git
repo, the cache there will be the entire repo itself. I think it's safe to clear out the entire cache/*
directory instead of looking only for *.gem
files.
I tried using your project for a fresh rails project (thanks for this! this is great) but wasn't able to get it running out of the box.
Using a brand new rails project, and using the basic Dockerfile:
FROM ledermann/rails-base-builder:latest AS Builder
FROM ledermann/rails-base-final:latest
USER app
CMD ["bundle", "exec", "puma", "-C", "config/puma.rb"]
When running a docker build
, I was getting the following error:
/usr/local/lib/ruby/2.6.0/rubygems.rb:283:in `find_spec_for_exe': Could not find 'bundler' (2.1.4) required by your /app/Gemfile.lock. (Gem::GemNotFoundException)
To update to the latest version installed on your system, run `bundle update --bundler`.
To install the missing version, run `gem install bundler:2.1.4`
from /usr/local/lib/ruby/2.6.0/rubygems.rb:302:in `activate_bin_path'
from /usr/local/bin/bundle:23:in `<main>'
It looks like the base containers don't actually have bundler
so I needed to add RUN gem install bundler
before the bundle config
call here: https://github.com/ledermann/docker-rails-base/blob/master/Builder/Dockerfile#L22
Am I missing a setup step for local development / is there a reason why install bundler isn't added? (do you expect CI to add it?)
Dependabot couldn't find a package.json for this project.
Dependabot requires a package.json to evaluate your project's current JavaScript dependencies. It had expected to find one at the path: /package.json
.
If this isn't a JavaScript project, or if it is a library, you may wish to disable updates for it from within Dependabot.
# Dockerfile
FROM ledermann/rails-base-builder:latest AS builder
FROM nginx:alpine
COPY --from=builder /app/public /usr/share/nginx/html/
# build.log
Step 1/5 : FROM ledermann/rails-base-builder:latest AS builder
# Executing 5 build triggers
---> Using cache
---> Using cache
---> Running in e572cd7508c3
rails aborted!
ActiveSupport::EncryptedFile::MissingKeyError: Missing encryption key to decrypt file with. Ask your team for your master key and write it to /app/config/master.key or put it in the ENV['RAILS_MASTER_KEY'].
I tried to use
# Dockerfile
FROM ledermann/rails-base-builder:latest AS builder
ARG CREDENTIALS_KEY=changeme
ENV RAILS_MASTER_KEY=$CREDENTIALS_KEY
FROM nginx:alpine
COPY --from=builder /app/public /usr/share/nginx/html/
to allow usage with docker-compose --build-arg
but it doesn't work that way :(
Any suggested solution?
Since the update to engine 20.10, I can no longer use :
FROM ledermann/rails-base-builder:2.7.2-alpine AS Builder
FROM ledermann/rails-base-final:2.7.2-alpine
It seems to me that rails-base-builder is never executed.
My builds have started returning filesystem layer verification failed for digest sha256
. Even rebuilding old images and trying to pull them is failing. Is it possible the lastest commit is breaking ?
Dependabot couldn't find a Gemfile for this project.
Dependabot requires a Gemfile to evaluate your project's current Ruby dependencies. It had expected to find one at the path: /Gemfile
.
If this isn't a Ruby project, or if it is a library, you may wish to disable updates for it from within Dependabot.
tailwindcss-rails or rather tailwindcss-cli requires build-base
and gcompat
in order to compile Tailwind.
Related Issue here
I'm aware that the Builder Dockerfile is meant for Rails 6 currently,
but would it be possible for you to include gcompat
aswell?
Appreciated!
PS:
had 4m50s builds with your base images on Rails 6.1
after switching to Rails 7 i got 2m30s on the Build Stage
Hello, Georg. Thanks for putting together the builder and the final docker images. I've recently started using this instead of rolling my own, and the images they produce are nice and lean.
Do you have any plans to add tags to the docker images you push? I had CI start failing on me today because I'm still using Ruby 2.7.1.
With the update of this image to 2.7.2, my docker build step began to fail in CI with Your Ruby version is 2.7.2, but your Gemfile specified 2.7.1
since my Gemfile.lock still has 2.7.1.
Tagging these images (perhaps consistent with the base ruby tag e.g. 2.7.2-alpine
) would be a welcome way to avoid getting caught by surprise.
I'm happy to help with a PR if you've got a direction in mind for how you'd like to see the tagging implemented.
First up I have to say a thank you for making a great Rails 7 template! What a gentleman for open sourcing all your hard work!
In my project, I install some gems from local path, e.g.:
gem 'awesome_client', path: './vendor/gems/awesome_client'
I was wondering what is the best practice for handling this, so that issues are not raised when trying to docker-compose up
.
2.085 Fetching gem metadata from https://rubygems.org/......
32.84 The path `/app/vendor/gems/awesome_client ` does not exist.
------
failed to solve: process "/bin/sh -c bundle config --local without 'development test' && bundle install -j4 --retry 3 && bundle exec bootsnap precompile --gemfile || true && bundle clean --force && rm -rf /usr/local/bundle/cache && find /usr/local/bundle/gems/ -name \"*.c\" -delete && find /usr/local/bundle/gems/ -name \"*.o\" -delete" did not complete successfully: exit code: 13
I saw that only the app
directory was copied, so I thought that might be the issue. I tried adding this to the Dockerfile
with no success:
RUN mkdir -p /app/vendor/gems
# Copy each gem individually
COPY ./vendor/gems/awesome_client /app/vendor/gems/awesome_client
As knowledgeable as you are, I am sure you can give some guidance on best practices for handing this case with your template/framework. Thank you!
I'm actively trying to get rid of sprockets since we already have Webpack in Rails applications but calling assets:compile
is tied to Sprockets which makes my build fail with
rails aborted!
LoadError: cannot load such file -- uglifier
As far as I am concerned you can call webpacker:compile
to get packs compiled.
Would you consider supporting NOT calling assets:precompile
?
Dependabot can't resolve your Ruby dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
Bundler::VersionConflict with message: Bundler could not find compatible versions for gem "mimemagic":
In Gemfile:
rails (~> 6.1.3) was resolved to 6.1.3, which depends on
activestorage (= 6.1.3) was resolved to 6.1.3, which depends on
mimemagic (~> 0.3.2)
Could not find gem 'mimemagic (~> 0.3.2)', which is required by gem 'activestorage (= 6.1.3)', in any of the sources.
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
When I try running a built image, I run into this error.
Puma starting in single mode...
* Version 4.3.5 (ruby 2.7.1-p83), codename: Mysterious Traveller
* Min threads: 5, max threads: 5
* Environment: development
sh: yarn: not found
========================================
Your Yarn packages are out of date!
Please run `yarn install --check-files` to update.
========================================
To disable this check, please change `check_yarn_integrity`
to `false` in your webpacker config file (config/webpacker.yml).
! Unable to load application: SystemExit: exit
It would be great to make every environment as consistent as possible and create a test and development image based on the production image.
Dependabot can't resolve your Ruby dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
Bundler::GemNotFound with message: Could not find aws-sdk-s3-1.68.0 in any of the sources
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
https://github.com/ledermann/docker-rails-base/blob/main/Builder/Dockerfile#L67
when app/javascript
is removed, the Container will throw a JS Error :
Uncaught TypeError: Failed to resolve module specifier "controllers". Relative references must start with either "/", "./", or "../".
i can't claim to fully grasp what is going on, but my guess is the importmap will pin to the actual uncompressed stimulus .js file located in app/javascript/controllers/hello_controller.js
instead of the minified one in /public/assets/controllers/hello_controller.js
Would it be too much to ask to not purge app/javascript
?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.