Adds a production ready docker environment

.env.example

@@ -12,6 +12,14 @@
 DATABASE_USER=postgres
 DATABASE_NAME=timeoverflow_development
 
+#RAILS CONFIG
+RAILS_SERVE_STATIC_FILES=true
+RAILS_LOG_TO_STDOUT=true
+RAILS_LOG_LEVEL=debug
+QUEUE_ADAPTER=sidekiq
+STORAGE_PROVIDER=amazon
+FORCE_SSL=true
+
 # Host part of the url for mail links:
 MAIL_LINK_HOST=localhost:3000
 MAIL_LINK_PROTO=http
@@ -26,7 +34,7 @@ SMTP_PORT=587
 # List of emails for superadmin users
 ADMINS="[email protected]"
 
-# AWS settings
+# AWS settings (if STORAGE_PROVIDER=amazon)
 AWS_ACCESS_KEY_ID=XXXXXXXX
 AWS_SECRET_ACCESS_KEY=XXXXXXXX
 AWS_BUCKET=timeoverflow_development

.github/workflows/docker_build.yml

@@ -0,0 +1,16 @@
+name: Docker Build
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Build docker
+        run: docker build .
+      - name: Test docker compose
+        run: docker-compose up -d
+      - run: sleep 15 # wait for the server to start
+      - name: Check server is up
+        run: curl -s http://localhost:3000

.gitignore

@@ -26,6 +26,7 @@ tags
 .sass-cache
 capybara-*.html
 /vendor/bundle
+/public/assets
 /storage/
 /coverage/
 /spec/tmp/*

Dockerfile

@@ -0,0 +1,102 @@
+FROM ruby:3.2 AS builder
+
+RUN apt-get update && apt-get upgrade -y && apt-get install -y ca-certificates curl gnupg && \
+    curl -fsSL https://deb.nodesource.com/setup_21.x | bash - && \
+    apt-get install -y \
+    build-essential \
+    nodejs \
+    postgresql-client \
+    libpq-dev && \
+    apt-get clean
+
+# throw errors if Gemfile has been modified since Gemfile.lock
+RUN bundle config --global frozen 1
+
+WORKDIR /app
+
+# Copy package dependencies files only to ensure maximum cache hit
+COPY ./Gemfile /app/Gemfile
+COPY ./Gemfile.lock /app/Gemfile.lock
+
+RUN gem install bundler:$(grep -A 1 'BUNDLED WITH' Gemfile.lock | tail -n 1 | xargs) && \
+    bundle config --local without 'development test' && \
+    bundle install -j4 --retry 3 && \
+    # Remove unneeded gems
+    bundle clean --force && \
+    # Remove unneeded files from installed gems (cache, *.o, *.c)
+    rm -rf /usr/local/bundle/cache && \
+    find /usr/local/bundle/ -name "*.c" -delete && \
+    find /usr/local/bundle/ -name "*.o" -delete && \
+    find /usr/local/bundle/ -name ".git" -exec rm -rf {} + && \
+    find /usr/local/bundle/ -name ".github" -exec rm -rf {} + && \
+    find /usr/local/bundle/ -name "spec" -exec rm -rf {} +
+
+# copy the rest of files
+COPY ./app /app/app
+COPY ./bin /app/bin
+COPY ./config /app/config
+COPY ./db /app/db
+COPY ./lib /app/lib
+COPY ./public/*.* /app/public/
+COPY ./config.ru /app/config.ru
+COPY ./Rakefile /app/Rakefile
+
+# Compile assets with Webpacker or Sprockets
+#
+# Notes:
+#   1. Executing "assets:precompile" runs "webpacker:compile", too
+#   2. For an app using encrypted credentials, Rails raises a `MissingKeyError`
+#      if the master key is missing. Because on CI there is no master key,
+#      we hide the credentials while compiling assets (by renaming them before and after)
+#
+RUN mv config/credentials.yml.enc config/credentials.yml.enc.bak 2>/dev/null || true
+RUN mv config/credentials config/credentials.bak 2>/dev/null || true
+
+RUN RAILS_ENV=production \
+    SECRET_KEY_BASE=dummy \
+    RAILS_MASTER_KEY=dummy \
+    DB_ADAPTER=nulldb \
+    bundle exec rails assets:precompile
+
+RUN mv config/credentials.yml.enc.bak config/credentials.yml.enc 2>/dev/null || true
+RUN mv config/credentials.bak config/credentials 2>/dev/null || true
+
+RUN rm -rf tmp/cache vendor/bundle test spec .git
+
+# This image is for production env only
+FROM ruby:3.2-slim AS final
+
+RUN apt-get update && \
+    apt-get install -y postgresql-client \
+    imagemagick \
+    libvips \
+    curl \
+    supervisor && \
+    apt-get clean
+
+EXPOSE 3000
+
+ENV RAILS_LOG_TO_STDOUT true
+ENV RAILS_SERVE_STATIC_FILES true
+ENV RAILS_ENV production
+
+ARG RUN_RAILS
+ARG RUN_SIDEKIQ
+
+# Add user
+RUN addgroup --system --gid 1000 app && \
+    adduser --system --uid 1000 --home /app --group app
+
+WORKDIR /app
+COPY ./entrypoint.sh /app/entrypoint.sh
+COPY ./supervisord.conf /etc/supervisord.conf 
+COPY --from=builder --chown=app:app /usr/local/bundle/ /usr/local/bundle/
+COPY --from=builder --chown=app:app /app /app
+
+USER app
+HEALTHCHECK --interval=1m --timeout=5s --start-period=10s \
+    CMD (curl -IfSs http://localhost:3000/ -A "HealthCheck: Docker/1.0") || exit 1
+
+
+ENTRYPOINT ["/app/entrypoint.sh"]
+CMD ["/usr/bin/supervisord"]

Gemfile

@@ -13,7 +13,6 @@ gem 'json_translate', '~> 4.0.0'
 gem 'devise', '~> 4.9.1'
 gem 'devise-i18n', '~> 1.11.0'
 gem 'http_accept_language', '~> 2.1.1'
-gem 'unicorn', '~> 6.1.0'
 gem 'kaminari', '~> 1.2.1'
 gem 'simple_form', '~> 5.0.2'
 gem 'rollbar', '~> 3.4'
@@ -26,21 +25,24 @@ gem 'sidekiq-cron', '~> 1.9.1'
 gem 'aws-sdk-s3', '~> 1.94', require: false
 gem 'image_processing', '~> 1.12'
 gem 'active_storage_validations', '~> 1.1.3'
+gem "puma", ">= 5.0.0"
+gem 'matrix', '~> 0.4.1'
 
 # Assets
 gem 'jquery-rails', '~> 4.4.0'
 gem 'bootstrap-sass', '~> 3.4'
 gem 'sassc-rails', '~> 2.1.2'
-gem 'uglifier', '~> 4.2.0'
 gem 'select2-rails', '~> 4.0.13'
 
+group :production do
+  # we are using an ExecJS runtime only on the precompilation phase
+  gem "uglifier", "~> 4.2.0", require: false
+end
+
 group :development do
   gem 'localeapp', '~> 3.3', require: false
   gem 'letter_opener', '~> 1.7.0'
   gem 'web-console', '~> 4.1.0'
-  gem 'capistrano', '~> 3.15.0'
-  gem 'capistrano-rails', '~> 1.1'
-  gem 'capistrano-rbenv', '~> 2.1'
 end
 
 group :development, :test do
@@ -60,5 +62,4 @@ group :test do
   gem 'capybara', '~> 3.29'
   gem 'selenium-webdriver', '~> 4.16'
   gem 'simplecov', '~> 0.22', require: false
-  gem 'webrick'
 end