Update Dockerfile for Rails 7.1

- Update Dockerfile for Rails 7.1
- Update Nodejs install script
- Add Rails credentials and secret_key_base
- Update Gemfile

.gitignore

@@ -4,3 +4,5 @@ tmp
 vendor/ruby
 .env.rb
 .env
+
+/config/master.key

Dockerfile

@@ -1,20 +1,73 @@
-# syntax=docker/dockerfile:1
-FROM ruby:3.2.3
+# syntax = docker/dockerfile:1
+
+# Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile
+ARG RUBY_VERSION=3.2.3
+FROM registry.docker.com/library/ruby:$RUBY_VERSION-slim as base
+
 LABEL maintainer="[email protected]"
 
+# Rails app lives here
+WORKDIR /rails
+
+# Set production environment
+ENV RAILS_ENV="production" \
+    BUNDLE_DEPLOYMENT="1" \
+    BUNDLE_PATH="/usr/local/bundle" \
+    BUNDLE_WITHOUT="development"
+
 ENV NODE_VERSION=20.x
+
+# Throw-away build stage to reduce size of final image
+FROM base as build
+
+# Install packages needed to build gems
+RUN apt-get update -qq && \
+    apt-get install --no-install-recommends -y build-essential git libpq-dev libvips pkg-config
+
+# Install application gems
+COPY Gemfile Gemfile.lock ./
+RUN bundle install && \
+    rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git && \
+    bundle exec bootsnap precompile --gemfile
+
+# Copy application code
+COPY . .
+
+# Install nodejs for precompilation
+RUN apt-get update -qq && \
+    apt-get install --no-install-recommends -y build-essential curl gpg
+
 COPY script/install_node.sh /tmp
 RUN /tmp/install_node.sh
 
-RUN mkdir /srv/phasers
-WORKDIR /srv/phasers
+ENV EXECJS_RUNTIME=Node
+
+# Precompile bootsnap code for faster boot times
+RUN bundle exec bootsnap precompile app/ lib/
+
+# Precompiling assets for production without requiring secret RAILS_MASTER_KEY
+RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile
+
+
+# Final stage for app image
+FROM base
+
+# Install packages needed for deployment
+RUN apt-get update -qq && \
+    apt-get install --no-install-recommends -y curl libvips postgresql-client && \
+    rm -rf /var/lib/apt/lists /var/cache/apt/archives
+
+# Copy built artifacts: gems, application, nodejs
+COPY --from=build /usr/local/bundle /usr/local/bundle
+COPY --from=build /rails /rails
+COPY --from=build /usr/bin/node /usr/bin/node
+COPY --from=build /usr/include/node /usr/include/node
 
-COPY Gemfile /srv/phasers/Gemfile
-COPY Gemfile.lock /srv/phasers/Gemfile.lock
-COPY vendor/ /srv/phasers/vendor
-RUN gem install bundler
-RUN bundle install --local
-COPY ./ /srv/phasers
+# Run and own only the runtime files as a non-root user for security
+RUN useradd rails --create-home --shell /bin/bash && \
+    chown -R rails:rails db log tmp
+USER rails:rails
 
-EXPOSE 3000/tcp
-ENTRYPOINT ["/usr/local/bundle/bin/bundle", "exec", "rails", "server", "-b", "0.0.0.0"]
+# Start the server by default, this can be overwritten at runtime
+EXPOSE 3000
+CMD ["./bin/rails", "server"]

Gemfile

@@ -6,14 +6,20 @@ gem 'rails'
 gem 'jquery-rails'
 gem 'httparty'
 gem 'colored'
-gem 'nokogiri'
+gem 'nokogiri', '~> 1.16'
 gem 'dynamic_form'
 gem 'bootstrap-sass'
 gem 'sass-rails'
 gem 'coffee-rails'
 gem 'uglifier'
 gem 'activeresource'
 
+# Reduces boot times through caching; required in config/boot.rb
+gem "bootsnap", require: false
+
+# Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails]
+gem "importmap-rails"
+
 group :test, :development do
   gem 'listen'
   gem 'log_buddy'

Gemfile.lock

@@ -88,6 +88,8 @@ GEM
     awesome_print (1.9.2)
     base64 (0.2.0)
     bigdecimal (3.1.7)
+    bootsnap (1.18.3)
+      msgpack (~> 1.2)
     bootstrap-sass (3.4.1)
       autoprefixer-rails (>= 5.2.1)
       sassc (>= 2.0.0)
@@ -103,6 +105,7 @@ GEM
     concurrent-ruby (1.2.3)
     connection_pool (2.4.1)
     crass (1.0.6)
+    csv (3.3.0)
     date (3.3.4)
     drb (2.2.1)
     dynamic_form (1.3.1)
@@ -113,11 +116,16 @@ GEM
     ffi (1.16.3)
     globalid (1.2.1)
       activesupport (>= 6.1)
-    httparty (0.21.0)
+    httparty (0.22.0)
+      csv
       mini_mime (>= 1.0.0)
       multi_xml (>= 0.5.2)
     i18n (1.14.4)
       concurrent-ruby (~> 1.0)
+    importmap-rails (2.0.1)
+      actionpack (>= 6.0.0)
+      activesupport (>= 6.0.0)
+      railties (>= 6.0.0)
     io-console (0.7.2)
     irb (1.12.0)
       rdoc
@@ -142,6 +150,7 @@ GEM
     mini_mime (1.1.5)
     mini_portile2 (2.8.6)
     minitest (5.22.3)
+    msgpack (1.7.2)
     multi_xml (0.6.0)
     mutex_m (0.2.0)
     net-imap (0.4.10)
@@ -157,6 +166,10 @@ GEM
     nokogiri (1.16.4)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
+    nokogiri (1.16.4-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.4-x86_64-linux)
+      racc (~> 1.4)
     psych (5.1.2)
       stringio
     racc (1.7.3)
@@ -203,7 +216,7 @@ GEM
       ffi (~> 1.0)
     rdoc (6.6.3.1)
       psych (>= 4.0.0)
-    reline (0.5.3)
+    reline (0.5.4)
       io-console (~> 0.5)
     sass-rails (6.0.0)
       sassc-rails (~> 2.1, >= 2.1.1)
@@ -238,19 +251,23 @@ GEM
 
 PLATFORMS
   ruby
+  x86_64-darwin
+  x86_64-linux
 
 DEPENDENCIES
   activeresource
   awesome_print
+  bootsnap
   bootstrap-sass
   coffee-rails
   colored
   dynamic_form
   httparty
+  importmap-rails
   jquery-rails
   listen
   log_buddy
-  nokogiri
+  nokogiri (~> 1.16)
   rails
   sass-rails
   uglifier
@@ -259,4 +276,4 @@ RUBY VERSION
    ruby 3.2.3p146
 
 BUNDLED WITH
-   2.4.21
+   2.5.9

config/application.rb

@@ -23,7 +23,7 @@
 module PhasersSample
   class Application < Rails::Application
     # Initialize configuration defaults for originally generated Rails version.
-    config.load_defaults 6.0
+    config.load_defaults 7.1
 
     config.encoding = "utf-8"
     config.autoload_paths += %W(#{config.root}/lib)

config/credentials.yml.enc

@@ -0,0 +1 @@
+ByZ6u2+hw01DPQr15rPfSniOwDGW3HttkjvcdTMoLOJ9itOhRUTK51vUuqkOY58v1V47nU/0LxPlUgPwYrkXSZaCUpD3myj7GbGMWRB09Ce6j2trwpoUJzEoSeUnSNuSDs7ktHQEheSFURPj+qIy0kHOK7nTTLeCMDjTZap+NoWFXzbLecpG3xIbNJ4UXx3QucTfGW4TsivP26nvG+qFaNTk9nSlZJ+wB37OfVqnHrGVycRVTVkNf6hsaS8QUiSG5CqkmOtCUzGYPrfMqLYojMLpZfCfnVCkqzPqh1bq5GGjtI242AgymYDqEcuQktcd5YAydJ3qyCYUFu1HOcK9V90HI/elj/kNmtViaJLD0nOnfngUy72ozoWrjCnl7o0jxg+TllBo3xKslU1y+WR063sX3GRF--smhrP6N+XzCPnSMl--Dg8np93VVJrWnVoOav8GJQ==

config/database.yml

@@ -16,3 +16,12 @@ test:
   encoding: <%= ENV["DATABASE_ENCODING"] %>
   min_messages: warning
   host: <%= ENV["DATABASE_HOST"] %>
+
+production:
+  adapter: <%= ENV["DATABASE_ADAPTER"] %>
+  database: <%= ENV["DATABASE_NAME"] %>
+  username: <%= ENV["DATABASE_USER"] %>
+  password: <%= ENV["DATABASE_PASSWORD"] %>
+  pool: 5
+  encoding: <%= ENV["DATABASE_ENCODING"] %>
+  host: <%= ENV["DATABASE_HOST"] %>

script/install_node.sh

@@ -2,14 +2,15 @@
 set -xe
 
 # Node.js repo
-curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - 
-echo "deb https://deb.nodesource.com/node_${NODE_VERSION} jessie main" | tee /etc/apt/sources.list.d/nodesource.list
-echo "deb-src https://deb.nodesource.com/node_${NODE_VERSION} jessie main" | tee -a /etc/apt/sources.list.d/nodesource.list
+curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION} | bash - &&\
+apt-get install -y nodejs
 
 # yarn repo
-wget -qO - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
-echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
+curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | tee /etc/apt/trusted.gpg.d/yarn.gpg
+echo "deb [signed-by=/etc/apt/trusted.gpg.d/yarn.gpg] https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
 apt-get update >/dev/null
-apt-get -y --no-install-recommends install nodejs yarn
+apt-get -y --no-install-recommends install yarn
 apt-get clean
 rm -rf /var/lib/apt/lists/*
+
+