Commit graph

167 commits

Author SHA1 Message Date
Yamagishi Kazutoshi 5cf056fdb0
Install python3 when building with Docker (#18072) 2022-09-29 16:36:14 +02:00
Daniel Jakots 0c99c6c3df
Update Node to 16.17.1 (#19224)
See
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/
for the details.
2022-09-24 00:11:34 +02:00
zunda 113dd90aa3
Bump Ruby version from 3.0.3 to 3.0.4 (#18028)
https://www.ruby-lang.org/en/news/2022/04/12/ruby-3-0-4-released/
2022-08-15 04:39:58 +02:00
Daniel Jakots 9f61f22a3b
Update node to 16.16.0 (#18790)
See https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
2022-08-15 02:47:33 +02:00
Shlee 602f291da9
Update Dockerfile (#18717) 2022-06-27 09:02:48 +02:00
Daniel Jakots 8ee4fde19b Bump NODE_VER to 16.14.2 (#17825)
See the announcement
https://nodejs.org/en/blog/vulnerability/mar-2022-security-releases/
2022-03-19 09:24:26 +01:00
Yamagishi Kazutoshi 298491a816
Remove protobuf dependencies (#17539) 2022-02-14 16:08:02 +01:00
Daniel Jakots aa45404578
Bump NODE_VER to 16.13.2, to solve security issues (#17399)
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
2022-01-31 00:32:03 +01:00
Jeong Arm fad37dd1bc
Save bundle config as local (#17188)
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
2021-12-25 22:52:24 +01:00
zunda 46e62fc4b3
Upgrade Ruby to 3.0.3 (#17038)
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
2021-11-24 20:29:05 +01:00
Shlee d647f6ad04
Update Dockerfile (#16939) 2021-11-18 22:00:38 +01:00
Shlee c242c1d87a
Ruby 3.0.2 Upgrade (#16982)
* Update .ruby-version

* Update Gemfile

* Update Gemfile.lock

* Update Dockerfile

* Update check-i18n.yml

* Update config.yml

* Update config.yml
2021-11-18 21:59:57 +01:00
Shlee 03338d1297
[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. (#16856)
* [Security] Update NodeJS on docker.

https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/

* Update Dockerfile

* Upgrade npm package

* Update Dockerfile
2021-11-17 07:57:01 +01:00
David Sterry f68772fd6a
add bundle flag to suppress root warning (#16557) 2021-10-14 21:00:38 +02:00
Shlee 12cb6ed461
Update Dockerfile (#16696) 2021-09-13 19:03:14 +02:00
Shlee 229f5d1681
NodeJS 14 support - circleci/docker/.nvmrc (#16163)
* Update config.yml

* Update Dockerfile

* Update .nvmrc

* Update Dockerfile

* NodeJS 10 is EOL.

* Update package.json

* Update README.md

* Update Vagrantfile

* Update Dockerfile

* Update Dockerfile
2021-08-10 22:56:13 +02:00
Daigo 3 Dango 3d5183e99c
Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
Claire d95128c99d
Revert default Ruby version to 2.7.2 (#16154)
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781

Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
2021-05-04 23:06:19 +02:00
Daigo 3 Dango 3f8d0de82e
Upgrade Ruby to 2.7.3 (#16004)
* Upgrade Ruby to 2.7.3

https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows

* Update rexml to 3.2.5

https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-04-09 02:31:36 +02:00
Mashiro e3f1107975
build: install shared-mime-info in Dockerfile (#15978) 2021-03-30 10:10:04 +02:00
Sandro 46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
2021-03-20 21:21:57 +01:00
Shlee f56cf6e9d0
Update Dockerfile (#15869) 2021-03-12 05:33:35 +01:00
Daniel Jakots b4281f5a51
Update to Node.js-12.20.1 (#15558)
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
2021-01-28 22:53:56 +01:00
kaiyou 1817f96578
Fix the Dockerfile in case of Kaniko build (#15510)
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.

Co-authored-by: kaiyou <dev@kaiyou.fr>
2021-01-08 07:13:26 +01:00
Shlee b429d33e46
Update Dockerfile (#15232) 2020-11-29 09:20:02 +01:00
Daigo 3 Dango 541b9f8c1c
Use Ruby 2.7.2 (#15150)
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
Kairui Song | 宋恺睿 03b5f09ffc
Minor fix & improvement for the Dockerfile (#14686)
* Dockerfile: Fix building with multiarch

Tested on amd64 and arm64

* Reduce docker image size by clean up some unneeded source file
2020-08-30 16:45:49 +02:00
Shlee 9ea91bbf59
Update Dockerfile (#13582) 2020-06-25 12:17:53 +02:00
Shlee e4a1ebf721
[Security] Update Dockerfile for Ruby 2.6.6 (#13393) 2020-04-05 12:52:07 +02:00
Shlee 51a1fbaafc
[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile

* Update Dockerfile
2020-03-10 12:00:55 +01:00
Sara Aimée Smiseth 250ca99cb5
Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64

* fix formating
2020-02-16 12:54:57 +01:00
Shlee 71baacb49a Update Dockerfile (#12997) 2020-01-28 20:33:09 +01:00
Shlee e7d3495874 Upgrade Node v12 in Dockerfile (#12703) 2019-12-30 07:41:40 +01:00
Shlee 6c2c2eee46 Updated NodeJS in Dockerfile (#12492) 2019-11-29 17:03:20 +01:00
David Caldwell 3b609da9bd Dockerfile: put back EXPOSE directive (#12279)
[Rkt](https://coreos.com/rkt) doesn't allow ports to be exposed to containers unless they are declared in the container manifest. Re-adding EXPOSE back in (removed in 1dbf993bce) allows the container to be used on rkt based systems.
2019-11-04 12:56:21 +01:00
Shlee f8a0c00920 Update nodejs in Dockerfile (#12052) 2019-10-02 17:28:31 +02:00
Shlee ea8c781ec7 Update Ruby in Dockerfile (#12050) 2019-10-02 15:20:43 +02:00
Yamagishi Kazutoshi d7ed697030 Use prebuilt node.js on Docker image (#11768) 2019-09-07 05:12:20 +02:00
Shlee 59b013df5f Update NodeJS source for Docker Image (#11707)
* Update Ruby/Node/jemalloc source for Docker Image

* Update Dockerfile

* Update Dockerfile
2019-08-31 20:07:29 +02:00
Shlee 33f4b6e1eb Update Dockerfile (#11710) 2019-08-31 20:06:49 +02:00
Eugen Rochko 15c7478c55
Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351) 2019-07-18 20:28:05 +02:00
Sandro Jäckel 1e6a1ea075 Docker: Remove dist-upgrade (#10822) 2019-05-26 22:26:45 +02:00
Sandro Jäckel c90f3b9865 Docker: Keep /var/lib/apt/ to keep apt working (#10830) 2019-05-25 23:20:28 +02:00
Alfie John 0852e643b7 Expand abbreviation to minimise confusion (#10826) 2019-05-25 23:20:18 +02:00
Ben Lubar d36fcb54c4 Re-organize Dockerfile to improve incremental builds. (#10212)
- Always run apt update before any other apt command. (This fixes
  incremental builds failing if a remote package is updated.)
- Only copy dependency lists before installing dependencies. (This means
  editing code doesn't force all dependencies to be re-downloaded.)
- Delete cache in the same layer that it is created. (Otherwise,
  deleting cache *increases* the size of the image on non-squashed
  builds.)
- Move the installation of some static dependencies to *before* Mastodon
  code is imported to Docker.
2019-03-08 16:12:48 +01:00
mohemohe 16fb39cffc Fix fail health check due to missing wget (#10110) 2019-02-25 04:06:24 +01:00
Sir-Boops 1dbf993bce Switch to Ubuntu for docker (#10100) 2019-02-24 16:32:40 +01:00
J0WI 26c1aba658 Do not use apk cache and upgrade (#9966) 2019-02-05 15:13:19 +01:00
J0WI 11d1502853 Replace LibreSSL by OpenSSL (#9975) 2019-02-05 15:12:45 +01:00
ashleyhull-versent 5c873a4ed7 Update Dockerfile (#9965) 2019-02-05 05:11:51 +01:00
ashleyhull-versent 8ec539fef1 Update Dockerfile (#9796) 2019-01-17 16:18:40 +01:00
Yamagishi Kazutoshi ea03faa167 Installing libxml2 and libxslt on Docker (#9680) 2019-01-01 04:03:54 +01:00
Isatis 5f0d3e8bad Dockerfile: Nodejs 8.12 -> 8.14 (#9532) 2018-12-16 05:50:09 +01:00
ashleyhull-versent 51677ff070 Update Dockerfile (#9026) 2018-10-23 05:21:28 +02:00
Isatis 49b182cd51 Dockerfile: update Node to 8.12.0 and put Ruby on Alpine 3.7 for build system memory help (#8842) 2018-10-04 15:37:31 +02:00
ashleyhull-versent 94f9cb0855 Revert "Updated ruby/node images" (#8712)
* Revert "update vagrant configs (#8706)"

This reverts commit 8971bb8cf2.

* Revert "Updated ruby/node images (#8700)"

This reverts commit 5aae71cf60.
2018-09-17 14:55:48 +02:00
ashleyhull-versent 5aae71cf60 Updated ruby/node images (#8700) 2018-09-15 22:30:02 +02:00
Kevin Liu 68cccb00ef Dockerfile: run asset precompilation as a build step (#7780)
* Dockerfile: run asset precompilation as a build step

* Replace OTP_SECRET and SECRET_KEY_BASE with placeholders
2018-07-15 01:19:09 +02:00
Yamagishi Kazutoshi 0eacf2b419 Upgrade Node.js to v8.x on Docker image (#8019) 2018-07-14 15:12:27 +02:00
Yamagishi Kazutoshi e9b322d0a6 Upgrade webpack to version v4.x (#6655) 2018-07-14 03:56:41 +02:00
Yamagishi Kazutoshi 523d8f20e3 Add symbolic link for yarnpkg (#7894) 2018-06-26 20:34:01 +02:00
Yamagishi Kazutoshi 097fd44978 Add /mastodon/bin to $PATH (#7889) 2018-06-25 13:30:25 +02:00
Yamagishi Kazutoshi f464f98fd3 Update Ruby to version 2.4.4 (#6964)
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems
2018-04-01 23:43:08 +02:00
Eugen Rochko 844616e950
Re-add git and nodejs-npm to Dockerfile (#6810)
Fix #6809

I don't know why, either
2018-03-17 15:28:09 +01:00
Eugen Rochko 0074cad44f
Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)
Fix 6734
2018-03-17 14:06:25 +01:00
Akihiko Odaki 36579bac88 Use Alpine Linux yarn package in Docker (#6725)
Yarn was manually installed to meet the Yarn version requirement of
webpacker. Today, Alpine Linux 3.7 provides Yarn new enough.
2018-03-10 11:49:04 +01:00
Akihiko Odaki 58a4633707 Remove su-exec from Docker image (#6722)
It is no longer necessary since commit
be9bab171d.
2018-03-10 11:42:42 +01:00
Akihiko Odaki 494969d394 Remove git from Docker image (#6724) 2018-03-10 11:42:28 +01:00
Yamagishi Kazutoshi ed902581d3 Update Yarn to version 1.5.1 (#6689) 2018-03-08 07:09:10 +01:00
Eugen Rochko d7573fe584
Separate chown command in Dockerfile. Use tootsuite/mastodon image (#6662)
Fix #6605
2018-03-07 01:57:31 +01:00
Akihiko Odaki 81cefc1913 Do not use npm (#6656)
Both of yarn and npm are used in Mastodon, but the combined usage requires
a redundant dependency and may lead to data inconsistency.

Considering that yarn has autoclean feature which npm does not have,
this change replaces all npm usage with yarn.

This change requires documentation update. Most notably, the following
command must be executed before assets precompilation if any system
dependency of node-sass has changed:

yarn install --force --pure-lockfile
2018-03-06 21:36:46 +01:00
haosbvnker 3d4e788ea9 Fix permissions for volumes (#6637)
When volumes are declared, but the corresponding directories don't exist, permissions for those directories will be root:root instead of mastodon:mastodon..
This changes makes sure the permissions of the volume directories are as expected.
2018-03-05 16:45:09 +01:00
Moritz Heiber a4fd4ad1d5 Fix build error for missing variable interpolation in chown instruction (#6519) 2018-02-20 19:11:36 +01:00
Eugen Rochko be9bab171d
Set Docker permissions during the build process (#6514)
* Set Docker permissions during the build process

* Remove docker_entrypoint.sh and use COPY with chown
2018-02-20 17:25:01 +01:00
Yamagishi Kazutoshi 7233ac07d2 Add support Ruby v2.5.0 (#6097) 2018-01-19 20:53:30 +01:00
Pierre Ozoux 7be53a10b0 Fix "tzinfo-data is not present" docker error (#6300)
when starting the container.
2018-01-19 19:11:19 +01:00
Yamagishi Kazutoshi 34e2a06de0 Update Yarn to version 1.3.2 (#5900) 2017-12-06 11:42:51 +01:00
Alex Coto ae6dd08121 Change libinconv download URL to HTTPS (#5738) 2017-11-17 18:21:05 +01:00
Hinaloe 1e1d788757 Reduce container size with clean yarn (#3506)
* Reduce container size with clean yarn

* Merge trouble
2017-09-30 22:05:24 +02:00
Yamagishi Kazutoshi b9f59ebcc6 Update Yarn to version 1.1.0 (#5125)
* Update Yarn to version 1.1.0

* remove hard-coding
2017-09-28 04:51:36 +02:00
Daigo 3 Dango 66be6475b6 Bump ruby version to 2.4.2 (#4958)
* Bump ruby version to 2.4.2

https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-4-2-released/

Gemfile.lock is also updated.

TODO
- [ ] Update Dockerfile with Alpine release of ruby-2.4.2

* Revert jwt version

It seems that jwt 2.0.0 fails in some environment.
ref. https://github.com/zaru/webpush/issues/42

* Bump Ruby version on docker image
2017-09-18 04:55:57 +02:00
Wonderfall cecf204bbb Update to Alpine 3.6 (#4747) 2017-08-30 23:52:19 +02:00
Thomas Leister 5d408fd9aa [Docker] Add multicore support to "make" and "bundler" (#4544)
* Let make and bundler use multiple cores

* Adds -j option to bundle install instead of bundle config
2017-08-07 18:55:07 +02:00
Yamagishi Kazutoshi ab60aa2266 Use GNU libiconv in Nokogiri (#4494)
System default libiconv of Alpine Linux only supports some charset (e.g. UTF-8).
Therefore, the preview card of the page which is not UTF-8 will be broken in the Docker environment.

Using GNU libiconv!
2017-08-03 18:04:36 +02:00
Yamagishi Kazutoshi c0c7af2194 Download npm and yarn from Alpine packages repository (#4242) 2017-07-18 15:21:30 +02:00
Yamagishi Kazutoshi 407073d7a2 Move icu-dev to build-dependencies (#4240) 2017-07-18 15:19:49 +02:00
Yamagishi Kazutoshi 35b868eeca Install libidn with Docker (#4219) 2017-07-16 04:40:56 +02:00
nullkal 007ab330e6 Use charlock_holmes instead of nkf at FetchLinkCardService (#4080)
* Specs for language detection

* Use CharlockHolmes instead of NKF

* Correct mistakes

* Correct style

* Set hint_enc instead of falling back and strip_tags

* Improve specs

* Add dependencies
2017-07-08 22:44:31 +02:00
Wonderfall ae78d012ac Some Dockerfile improvements (#3182)
- improve docker_entrypoint.sh
- serve static files with puma by default
- sort packages list
- use virtual package for build deps
- show how to assign UID/GID
2017-05-20 20:01:05 +02:00
Wonderfall d972845ff6 Fix #2680 - Run processes in Docker as non-root user (#3159) 2017-05-20 15:12:29 +02:00
Akihiko Odaki d5cabfe5c6 Use CLD3 (#2949)
Compact Language Detector v3 (CLD3) is the successor of CLD2, which was
used in the previous implementation. CLD3 includes improvements since CLD2,
and supports newer compilers. On the other hand, it has additional
requirements and cld3-ruby, the FFI of CLD3 for Ruby, is still new and may
be still inmature.

Though CLD3 is named after CLD2, it is implemented with a neural network
model, different from the old implementation, which is based on a Naïve
Bayesian classifier.

CLD3 supports newer compilers, such as GCC 6. CLD2 is not compatible with
GCC 6 because it assigns negative values to varibales typed unsigned.
(see internal/cld_generated_cjk_uni_prop_80.cc) The support for GCC 6 and
newer compilers are essential today, when some server operating system
such as Ubuntu Server 16.10 has GCC 6 by default.

On the one hand, CLD3 requires C++11 support. Environments with old
compilers such as Ubuntu Server 14.04 needs to update the system or install
a newer compiler.

CLD3 needs protocol buffers as a new dependency. However,it is not
considered problematic because major server operating systems, CentOS and
Ubuntu Server provide them.

The FFI cld3-ruby was written by me (Akihiko Odaki) for use in Mastodon.
It is still new and may be inmature, but confirmed to pass existing tests.
2017-05-09 19:58:03 +02:00
Eugen Rochko f5bf5ebb82 Replace sprockets/browserify with Webpack (#2617)
* Replace browserify with webpack

* Add react-intl-translations-manager

* Do not minify in development, add offline-plugin for ServiceWorker background cache updates

* Adjust tests and dependencies

* Fix production deployments

* Fix tests

* More optimizations

* Improve travis cache for npm stuff

* Re-run travis

* Add back support for custom.scss as before

* Remove offline-plugin and babili

* Fix issue with Immutable.List().unshift(...values) not working as expected

* Make travis load schema instead of running all migrations in sequence

* Fix missing React import in WarningContainer. Optimize rendering performance by using ImmutablePureComponent instead of
React.PureComponent. ImmutablePureComponent uses Immutable.is() to compare props. Replace dynamic callback bindings in
<UI />

* Add react definitions to places that use JSX

* Add Procfile.dev for running rails, webpack and streaming API at the same time
2017-05-03 02:04:16 +02:00
Yamagishi Kazutoshi 83e3538181 Update CA certificates in Dockerfile (#2339) 2017-04-23 04:59:56 +02:00
Christoph Witzany 556f68ab15 Make Docker image buildable on ARM (#2065)
* after yarn upgrade

* after manually removing node-gyp as top level dependency
2017-04-20 13:29:38 +02:00
Wonderfall 0cbcc5e297 Update node.js and imagemagick (#1951)
* update Dockerfile: latest nodejs LTS

* also update imagemagick
2017-04-16 20:28:25 +02:00
Zac Anger f4045ba3d9 Add eslint-plugin-jsx-a11y (#1651)
* Add eslint-plugin-jsx-a11y.

* Fix npm script.

* Adjust npm scripts so test also runs lint.

* Fix existing lint errors.

* Don't break on a11y issues.

* Add role and tabIndex.

* Add vim and Mac files to .gitignore and .dockerignore.

* Handle htmlFor (partially), a that's actually a button.

* Fix missing tabIndex.

* Add cursor:pointer to load-more

* Revert change to load_more.

* Fixes based on review.

* Update yarn.lock.

* Don't try to install fsevents on Linux (hides warning noise).
2017-04-15 13:27:27 +02:00
Matt Jankowski 64dbde0dbf Version bumps for ruby and misc gems (#1159)
* Update rspec-rails to version 3.5.2

* Update addressable to version 2.5.1

* Update autoprefixer-rails to version 6.7.7.1

* Update bullet to version 5.5.1

* Update domain_name to version 0.5.20170404

* Update letter_opener_web to version 1.3.1

* Upate redis-rails to version 5.0.2

* Update active_record_query_trace to version 1.5.4

* Update capistrano-rails to version 1.2.3

* Update dotenv-rails to version 2.2.0

* Update pg to version 0.20.0

* Update tilt to version 2.0.7

* Update warden to version 1.2.7

* Update tins to version 1.13.2

* Update terminal-table to version 1.7.3

* Update oj to version 2.18.5

* Update simplecov to version 0.14.1

* Update uglifier to version 3.1.13

* Update hashdiff to version 0.3.2

* Update webmock to version 2.3.2

* Update devise to version 4.2.1

* Use ruby version 2.4.1

* Update sass to version 3.4.23

* Update puma to version 3.8.2

* Update will_paginate to version 3.1.5

* Update font-awesome-rails to version 4.7.0.1

* Update fuubar to version 2.2.0

* Update pry-rails to version 0.3.6

* Update simple-navigation to version 4.0.5

* Update rubocop to version 0.48.1

* Update doorkeeper to version 4.2.5

* Update faker to version 1.7.3

* Update aws-sdk to version 2.9.5

* Update fabrication to version 2.16.1

* Update hamlit-rails to version 0.2.0

* Update http to version 2.2.1

* Update httplog to version 0.99.2

* Update sidekiq to version 4.2.10

* Update rspec-sidekiq to version 3.0.0

* Update pghero to version 1.6.4

* Update rack-cors to version 0.4.1

* Update i18n-tasks to version 0.9.13

* Update ruby-oembed to version 0.12.0

* Update jquery-rails to version 4.3.1

* Update simple_form to version 3.4.0

* Update react-rails to version 1.11.0

* Update aws-sdk to version 2.9.6

* Update sidekiq-unique-jobs to version 5.0.0

* Update uglifier to version 3.2.0
2017-04-10 22:47:41 +02:00
Florian Maunier 12f1cdeed1
Fix npm/yarn cache cleaning 2017-04-07 22:51:52 +02:00
Wonderfall a3318814e1
add metadata to Dockerfile 2017-04-06 20:57:16 +02:00
Ryan Wade a2637c1720 Optimize Dockerfile
Optimize Dockerfile, reduce build time.
2017-04-06 15:42:16 +08:00