diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 6080811e25..d133406b0c 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,2 +1,2 @@ -FROM mcr.microsoft.com/devcontainers/ruby:dev-3.3-bookworm +FROM mcr.microsoft.com/devcontainers/ruby:dev-4.0-bookworm RUN apt-get update && apt-get install -y vim curl gpg postgresql postgresql-contrib tzdata imagemagick diff --git a/Dockerfile b/Dockerfile index ade5d92371..583b0121de 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,9 @@ -ARG ROOT=/usr/src/app/ - # available alpine packages: https://pkgs.alpinelinux.org/packages FROM node:24-alpine AS node-source FROM ruby:4.0.2-alpine AS build - ARG ROOT + ARG ROOT=/usr/src/app/ WORKDIR $ROOT RUN apk update && apk upgrade && apk add --update --no-cache \ @@ -15,7 +13,8 @@ FROM ruby:4.0.2-alpine AS build yaml-dev \ linux-headers \ postgresql-dev \ - tzdata + tzdata \ + && rm -rf /var/cache/apk/* RUN bundle config set force_ruby_platform true @@ -23,7 +22,7 @@ FROM ruby:4.0.2-alpine AS build RUN bundle install FROM ruby:4.0.2-alpine - ARG ROOT + ARG ROOT=/usr/src/app/ WORKDIR $ROOT RUN apk update && apk upgrade && apk add --update --no-cache \ @@ -33,15 +32,20 @@ FROM ruby:4.0.2-alpine imagemagick \ postgresql-client \ tzdata \ - vim \ && rm -rf /var/cache/apk/* - COPY . . + RUN addgroup -S app && adduser -S app -G app && chown app:app $ROOT + COPY --from=node-source /usr/local/bin/node /usr/local/bin/node COPY --from=node-source /usr/local/lib/node_modules /usr/local/lib/node_modules RUN ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm + + USER app + + COPY --chown=app:app package*.json ./ RUN npm ci + COPY --chown=app:app . . COPY --from=build /usr/local/bundle/ /usr/local/bundle/ EXPOSE 3000 diff --git a/Gemfile.lock b/Gemfile.lock index 612fffe621..469ef93e83 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -804,4 +804,4 @@ RUBY VERSION ruby 4.0.2 BUNDLED WITH - 4.0.9 + 4.0.10