From 642b7b2d757236d006655545c8b16d85b31900e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Thu, 9 Dec 2021 18:15:33 +0100 Subject: [PATCH 01/12] Group Gemfile orders in Dockerfile together The blank line between each order made it harder to read this file, and we can use a shortcut to include all gemfiles. --- Dockerfile | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9fc8d5e51..c6514c9c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,11 +28,7 @@ WORKDIR $RAILS_ROOT # Use the Gemfiles as Docker cache markers. Always bundle before copying app src. # (the src likely changed and we don't want to invalidate Docker's cache too early) # http://ilikestuffblog.com/2014/01/06/how-to-skip-bundle-install-when-deploying-a-rails-app-to-docker/ -COPY Gemfile Gemfile - -COPY Gemfile.lock Gemfile.lock - -COPY Gemfile_custom Gemfile_custom +COPY Gemfile* ./ # Finish establishing our Ruby environment RUN bundle install --full-index From e4bc2c99bf40850a6eb0fce48721612aacdfe946 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Thu, 9 Dec 2021 18:18:55 +0100 Subject: [PATCH 02/12] Remove dead link in Dockerfile The referenced URL is no longer available. --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index c6514c9c9..59997202d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,7 +27,6 @@ WORKDIR $RAILS_ROOT # Use the Gemfiles as Docker cache markers. Always bundle before copying app src. # (the src likely changed and we don't want to invalidate Docker's cache too early) -# http://ilikestuffblog.com/2014/01/06/how-to-skip-bundle-install-when-deploying-a-rails-app-to-docker/ COPY Gemfile* ./ # Finish establishing our Ruby environment From 2bf3cb4484877a21d9e62d92ae5766c478d0e829 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Wed, 29 Dec 2021 13:17:14 +0100 Subject: [PATCH 03/12] Install Chromium before running bundle in Docker This way we won't have to reinstall Chromium every time we change the Gemfile. --- Dockerfile | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 59997202d..8367866e4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,6 +5,8 @@ ENV DEBIAN_FRONTEND noninteractive # Install essential Linux packages RUN apt-get update -qq RUN apt-get install -y build-essential libpq-dev postgresql-client nodejs imagemagick sudo libxss1 libappindicator1 libindicator7 unzip memcached cmake pkg-config shared-mime-info +# Install Chromium for E2E integration tests +RUN apt-get update -qq && apt-get install -y chromium # Files created inside the container repect the ownership RUN adduser --shell /bin/bash --disabled-password --gecos "" consul \ @@ -32,9 +34,6 @@ COPY Gemfile* ./ # Finish establishing our Ruby environment RUN bundle install --full-index -# Install Chromium for E2E integration tests -RUN apt-get update -qq && apt-get install -y chromium - # Copy the Rails application into place COPY . . From 1d9d5ef0cb4c4a4e3215456c7aba6abf28f8cbbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Wed, 29 Dec 2021 14:20:51 +0100 Subject: [PATCH 04/12] Don't use the --full-index option in Dockerfile The --full-index option seemed to be causing caching issues on some systems. Since we don't know the reason why this option was added in the first place, it might have some advantages. However, some people have reported problems getting "version can no longer be found" errors for some gems in this step, and documentation for Docker and Rails doesn't mention this option at all. --- Dockerfile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8367866e4..009653a6c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,9 +30,7 @@ WORKDIR $RAILS_ROOT # Use the Gemfiles as Docker cache markers. Always bundle before copying app src. # (the src likely changed and we don't want to invalidate Docker's cache too early) COPY Gemfile* ./ - -# Finish establishing our Ruby environment -RUN bundle install --full-index +RUN bundle install # Copy the Rails application into place COPY . . From 54eb65b81dedcb6501974bbd3b04d8c6c7b61099 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Fri, 10 Dec 2021 18:35:58 +0100 Subject: [PATCH 05/12] Don't use delegated volumes in Docker We aren't sure why this option was added; only that it was added with macos and windows developers in mind. Since we aren't sure about it, we're using the default `consistent` option instead. --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 982d5731a..e34ed5e66 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,8 +34,8 @@ services: - "3000:3000" # map our application source code, in full, to the application root of our container volumes: - - .:/var/www/consul:delegated - - bundle:/usr/local/bundle:delegated + - .:/var/www/consul + - bundle:/usr/local/bundle - "$SSH_AUTH_SOCK:/tmp/agent.sock" environment: - POSTGRES_PASSWORD=$POSTGRES_PASSWORD From 8c5e7121effd70d74eefb4e2aa1b800937544784 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Thu, 9 Dec 2021 18:22:38 +0100 Subject: [PATCH 06/12] Combine apt statements in Dockerfile Quoting the Docker documentation [1]: > Always combine RUN apt-get update with apt-get install in the same RUN > statement. > (...) > Using apt-get update alone in a RUN statement causes caching issues > and subsequent apt-get install instructions fail. > (...) > Docker sees the initial and modified instructions as identical and > reuses the cache from previous steps. As a result the apt-get update > is not executed because the build uses the cached version. Because the > apt-get update is not run, your build can potentially get an outdated > version of the curl and nginx packages. > > Using RUN apt-get update && apt-get install -y ensures your Dockerfile > installs the latest package versions with no further coding or manual > intervention. [1] https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 009653a6c..d36a827b8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,8 +3,7 @@ FROM ruby:2.7.4-buster ENV DEBIAN_FRONTEND noninteractive # Install essential Linux packages -RUN apt-get update -qq -RUN apt-get install -y build-essential libpq-dev postgresql-client nodejs imagemagick sudo libxss1 libappindicator1 libindicator7 unzip memcached cmake pkg-config shared-mime-info +RUN apt-get update -qq && apt-get install -y build-essential libpq-dev postgresql-client nodejs imagemagick sudo libxss1 libappindicator1 libindicator7 unzip memcached cmake pkg-config shared-mime-info # Install Chromium for E2E integration tests RUN apt-get update -qq && apt-get install -y chromium From 6d163eb1bfbb749bb40df4216c506204ccbe7a27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Thu, 9 Dec 2021 18:31:02 +0100 Subject: [PATCH 07/12] Split line installing packages in Dockerfile With one package in line and in alphabetic order, it's easier to see which packages we're installing. We're also applying the same formatting (taking from the Docker documentation [1]) to other lines running multiple instructions. [1] https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run --- Dockerfile | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index d36a827b8..df5c9d1d2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,14 +3,30 @@ FROM ruby:2.7.4-buster ENV DEBIAN_FRONTEND noninteractive # Install essential Linux packages -RUN apt-get update -qq && apt-get install -y build-essential libpq-dev postgresql-client nodejs imagemagick sudo libxss1 libappindicator1 libindicator7 unzip memcached cmake pkg-config shared-mime-info +RUN apt-get update -qq \ + && apt-get install -y \ + build-essential \ + cmake \ + imagemagick \ + libappindicator1 \ + libindicator7 \ + libpq-dev \ + libxss1 \ + memcached \ + nodejs \ + pkg-config \ + postgresql-client \ + shared-mime-info \ + sudo \ + unzip + # Install Chromium for E2E integration tests RUN apt-get update -qq && apt-get install -y chromium # Files created inside the container repect the ownership RUN adduser --shell /bin/bash --disabled-password --gecos "" consul \ - && adduser consul sudo \ - && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers + && adduser consul sudo \ + && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers RUN echo 'Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bundle/bin"' > /etc/sudoers.d/secure_path RUN chmod 0440 /etc/sudoers.d/secure_path From fa56a74ba0ecf5a43fbb39d588b3c20a0f5a1a45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Thu, 9 Dec 2021 19:29:23 +0100 Subject: [PATCH 08/12] Activate sync mode for standard output By default, in order to increase performance during IO operations, Ruby doesn't immediately write to the standard output but uses a buffer internally and writes the output in chunks [1]. It looks like this results in some output being missed when running Docker Compose [2], so we're activating the sync mode, which flushes all output immediately. [1] https://ruby-doc.org/core-2.6.5/IO.html#method-i-sync-3D [2] See issue 1118 in the sinatra/sinatra repository --- config/boot.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/boot.rb b/config/boot.rb index 282011619..023130575 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,3 +1,5 @@ +$stdout.sync = true + ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) require "bundler/setup" # Set up gems listed in the Gemfile. From 0294ceba5647c123f2c218dc437ce51818fdd0bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Thu, 9 Dec 2021 19:42:55 +0100 Subject: [PATCH 09/12] Remove redundant Docker Compose configuration The same values are already defined in the Dockerfile. --- docker-compose.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index e34ed5e66..fdd1c332d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -18,8 +18,6 @@ services: # use the Dockerfile next to this file build: . entrypoint: /usr/local/bin/entrypoint.sh - command: bundle exec rails s -p 3000 -b "0.0.0.0" - working_dir: /var/www/consul # rely on the RAILS_ENV value of the host machine # environment: From d1b45238ba30258e896a32229611641012a18a5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Mon, 20 Dec 2021 19:04:06 +0100 Subject: [PATCH 10/12] Use a better name for the database volume Having "example" in the name is an indicator that we're supposed to change the name :). --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index fdd1c332d..feb1b3b74 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,7 +10,7 @@ services: - POSTGRES_PASSWORD=$POSTGRES_PASSWORD # persist the database between containers by storing it in a volume volumes: - - docker-example-postgres:/var/lib/postgresql/data + - db_data:/var/lib/postgresql/data # service configuration for our dockerized Rails app app: @@ -39,5 +39,5 @@ services: - POSTGRES_PASSWORD=$POSTGRES_PASSWORD - SSH_AUTH_SOCK=/tmp/agent.sock volumes: - docker-example-postgres: {} + db_data: {} bundle: {} From facdfa639e5cabf30efcf9200453f4e01c13be71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Mon, 20 Dec 2021 19:15:18 +0100 Subject: [PATCH 11/12] Remove SSH_AUTH references in docker compose It was added in commit 1db5a00ea, probably due to the Capistrano configuration of the developer who wrote the code. On my machine, docker compose crashed due to these lines. --- docker-compose.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index feb1b3b74..b174b9ebc 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,10 +34,8 @@ services: volumes: - .:/var/www/consul - bundle:/usr/local/bundle - - "$SSH_AUTH_SOCK:/tmp/agent.sock" environment: - POSTGRES_PASSWORD=$POSTGRES_PASSWORD - - SSH_AUTH_SOCK=/tmp/agent.sock volumes: db_data: {} bundle: {} From d0f8a678ba4a2f71e9c80725996c357f29781153 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Wed, 22 Dec 2021 19:01:58 +0100 Subject: [PATCH 12/12] Simplify entrypoint configuration --- Dockerfile | 3 +-- docker-compose.yml | 1 - scripts/entrypoint.sh => docker-entrypoint.sh | 0 3 files changed, 1 insertion(+), 3 deletions(-) rename scripts/entrypoint.sh => docker-entrypoint.sh (100%) diff --git a/Dockerfile b/Dockerfile index df5c9d1d2..4eabfe983 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,8 +31,6 @@ RUN adduser --shell /bin/bash --disabled-password --gecos "" consul \ RUN echo 'Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bundle/bin"' > /etc/sudoers.d/secure_path RUN chmod 0440 /etc/sudoers.d/secure_path -COPY scripts/entrypoint.sh /usr/local/bin/entrypoint.sh - # Define where our application will live inside the image ENV RAILS_ROOT /var/www/consul @@ -50,6 +48,7 @@ RUN bundle install # Copy the Rails application into place COPY . . +ENTRYPOINT ["./docker-entrypoint.sh"] # Define the script we want run once the container boots # Use the "exec" form of CMD so our script shuts down gracefully on SIGTERM (i.e. `docker stop`) # CMD [ "config/containers/app_cmd.sh" ] diff --git a/docker-compose.yml b/docker-compose.yml index b174b9ebc..89b377968 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,7 +17,6 @@ services: # use the Dockerfile next to this file build: . - entrypoint: /usr/local/bin/entrypoint.sh # rely on the RAILS_ENV value of the host machine # environment: diff --git a/scripts/entrypoint.sh b/docker-entrypoint.sh similarity index 100% rename from scripts/entrypoint.sh rename to docker-entrypoint.sh