Commit graph

178 commits

Author SHA1 Message Date
Nick Schonning e7e189fa44
Use Yarn production install for asset compile (#24232) 2023-03-23 22:49:47 +01:00
Aaron Patterson fb8503e861
Upgrade to Ruby 3.2 (#22928)
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-15 08:30:27 +01:00
Nick Schonning 841263a548
Update Ruby to 3.0.5 (#23544) 2023-02-13 14:39:24 +01:00
Nick Schonning c6b7e04120
Sync Node.js to 16.19 patch release (#23554) 2023-02-13 04:58:37 +01:00
Nick Schonning a1c0573bc6
Yarn cache cleanup right after install in Docker (#23557) 2023-02-13 04:57:51 +01:00
Moritz Heiber a0813806d6
Add hadolint as Dockerfile linter (#20993)
* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile

* Use more specific version of hadolint Action

* Bumpt hadolint Action version to latest version to avoid deprecation notice

* Being _really_ specific now
2022-12-15 15:57:17 +01:00
Nick Schonning 736b4283b0
Update Node 16.18.1 for latest security release (#22019)
* Update Node 16.18.1 for latest security release

* Increase Yarn network timeout for build error
2022-12-11 07:37:00 +01:00
BtbN f343ed42ff
Add missing procps package to Dockerfile (#21028)
The new Debian-Base does not come with this by default, making the ps based health-check in the compose file fail
2022-11-22 05:52:18 +01:00
Effy Elden 231e3ec552
Remove blank line from start of Dockerfile breaking syntax declaration (#20948) 2022-11-17 10:25:07 -05:00
Moritz Heiber 1b5ed32085
Split off Dockerfile components for faster build times (#20933) 2022-11-17 12:56:14 +01:00
Kohei Ota (inductor) 92734e3df1
Use buildx functions for faster build (#20692)
* Use buildx functions for faster build

* move link

* cannot use --link with --chown
2022-11-17 11:01:16 +01:00
Yamagishi Kazutoshi 5cf056fdb0
Install python3 when building with Docker (#18072) 2022-09-29 16:36:14 +02:00
Daniel Jakots 0c99c6c3df
Update Node to 16.17.1 (#19224)
See
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/
for the details.
2022-09-24 00:11:34 +02:00
zunda 113dd90aa3
Bump Ruby version from 3.0.3 to 3.0.4 (#18028)
https://www.ruby-lang.org/en/news/2022/04/12/ruby-3-0-4-released/
2022-08-15 04:39:58 +02:00
Daniel Jakots 9f61f22a3b
Update node to 16.16.0 (#18790)
See https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
2022-08-15 02:47:33 +02:00
Shlee 602f291da9
Update Dockerfile (#18717) 2022-06-27 09:02:48 +02:00
Daniel Jakots 8ee4fde19b Bump NODE_VER to 16.14.2 (#17825)
See the announcement
https://nodejs.org/en/blog/vulnerability/mar-2022-security-releases/
2022-03-19 09:24:26 +01:00
Yamagishi Kazutoshi 298491a816
Remove protobuf dependencies (#17539) 2022-02-14 16:08:02 +01:00
Daniel Jakots aa45404578
Bump NODE_VER to 16.13.2, to solve security issues (#17399)
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
2022-01-31 00:32:03 +01:00
Jeong Arm fad37dd1bc
Save bundle config as local (#17188)
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
2021-12-25 22:52:24 +01:00
zunda 46e62fc4b3
Upgrade Ruby to 3.0.3 (#17038)
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
2021-11-24 20:29:05 +01:00
Shlee d647f6ad04
Update Dockerfile (#16939) 2021-11-18 22:00:38 +01:00
Shlee c242c1d87a
Ruby 3.0.2 Upgrade (#16982)
* Update .ruby-version

* Update Gemfile

* Update Gemfile.lock

* Update Dockerfile

* Update check-i18n.yml

* Update config.yml

* Update config.yml
2021-11-18 21:59:57 +01:00
Shlee 03338d1297
[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. (#16856)
* [Security] Update NodeJS on docker.

https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/

* Update Dockerfile

* Upgrade npm package

* Update Dockerfile
2021-11-17 07:57:01 +01:00
David Sterry f68772fd6a
add bundle flag to suppress root warning (#16557) 2021-10-14 21:00:38 +02:00
Shlee 12cb6ed461
Update Dockerfile (#16696) 2021-09-13 19:03:14 +02:00
Shlee 229f5d1681
NodeJS 14 support - circleci/docker/.nvmrc (#16163)
* Update config.yml

* Update Dockerfile

* Update .nvmrc

* Update Dockerfile

* NodeJS 10 is EOL.

* Update package.json

* Update README.md

* Update Vagrantfile

* Update Dockerfile

* Update Dockerfile
2021-08-10 22:56:13 +02:00
Daigo 3 Dango 3d5183e99c
Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
Claire d95128c99d
Revert default Ruby version to 2.7.2 (#16154)
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781

Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
2021-05-04 23:06:19 +02:00
Daigo 3 Dango 3f8d0de82e
Upgrade Ruby to 2.7.3 (#16004)
* Upgrade Ruby to 2.7.3

https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows

* Update rexml to 3.2.5

https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-04-09 02:31:36 +02:00
Mashiro e3f1107975
build: install shared-mime-info in Dockerfile (#15978) 2021-03-30 10:10:04 +02:00
Sandro 46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
2021-03-20 21:21:57 +01:00
Shlee f56cf6e9d0
Update Dockerfile (#15869) 2021-03-12 05:33:35 +01:00
Daniel Jakots b4281f5a51
Update to Node.js-12.20.1 (#15558)
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
2021-01-28 22:53:56 +01:00
kaiyou 1817f96578
Fix the Dockerfile in case of Kaniko build (#15510)
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.

Co-authored-by: kaiyou <dev@kaiyou.fr>
2021-01-08 07:13:26 +01:00
Shlee b429d33e46
Update Dockerfile (#15232) 2020-11-29 09:20:02 +01:00
Daigo 3 Dango 541b9f8c1c
Use Ruby 2.7.2 (#15150)
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
Kairui Song | 宋恺睿 03b5f09ffc
Minor fix & improvement for the Dockerfile (#14686)
* Dockerfile: Fix building with multiarch

Tested on amd64 and arm64

* Reduce docker image size by clean up some unneeded source file
2020-08-30 16:45:49 +02:00
Shlee 9ea91bbf59
Update Dockerfile (#13582) 2020-06-25 12:17:53 +02:00
Shlee e4a1ebf721
[Security] Update Dockerfile for Ruby 2.6.6 (#13393) 2020-04-05 12:52:07 +02:00
Shlee 51a1fbaafc
[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile

* Update Dockerfile
2020-03-10 12:00:55 +01:00
Sara Aimée Smiseth 250ca99cb5
Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64

* fix formating
2020-02-16 12:54:57 +01:00
Shlee 71baacb49a Update Dockerfile (#12997) 2020-01-28 20:33:09 +01:00
Shlee e7d3495874 Upgrade Node v12 in Dockerfile (#12703) 2019-12-30 07:41:40 +01:00
Shlee 6c2c2eee46 Updated NodeJS in Dockerfile (#12492) 2019-11-29 17:03:20 +01:00
David Caldwell 3b609da9bd Dockerfile: put back EXPOSE directive (#12279)
[Rkt](https://coreos.com/rkt) doesn't allow ports to be exposed to containers unless they are declared in the container manifest. Re-adding EXPOSE back in (removed in 1dbf993bce) allows the container to be used on rkt based systems.
2019-11-04 12:56:21 +01:00
Shlee f8a0c00920 Update nodejs in Dockerfile (#12052) 2019-10-02 17:28:31 +02:00
Shlee ea8c781ec7 Update Ruby in Dockerfile (#12050) 2019-10-02 15:20:43 +02:00
Yamagishi Kazutoshi d7ed697030 Use prebuilt node.js on Docker image (#11768) 2019-09-07 05:12:20 +02:00
Shlee 59b013df5f Update NodeJS source for Docker Image (#11707)
* Update Ruby/Node/jemalloc source for Docker Image

* Update Dockerfile

* Update Dockerfile
2019-08-31 20:07:29 +02:00
Shlee 33f4b6e1eb Update Dockerfile (#11710) 2019-08-31 20:06:49 +02:00
Eugen Rochko 15c7478c55
Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351) 2019-07-18 20:28:05 +02:00
Sandro Jäckel 1e6a1ea075 Docker: Remove dist-upgrade (#10822) 2019-05-26 22:26:45 +02:00
Sandro Jäckel c90f3b9865 Docker: Keep /var/lib/apt/ to keep apt working (#10830) 2019-05-25 23:20:28 +02:00
Alfie John 0852e643b7 Expand abbreviation to minimise confusion (#10826) 2019-05-25 23:20:18 +02:00
Ben Lubar d36fcb54c4 Re-organize Dockerfile to improve incremental builds. (#10212)
- Always run apt update before any other apt command. (This fixes
  incremental builds failing if a remote package is updated.)
- Only copy dependency lists before installing dependencies. (This means
  editing code doesn't force all dependencies to be re-downloaded.)
- Delete cache in the same layer that it is created. (Otherwise,
  deleting cache *increases* the size of the image on non-squashed
  builds.)
- Move the installation of some static dependencies to *before* Mastodon
  code is imported to Docker.
2019-03-08 16:12:48 +01:00
mohemohe 16fb39cffc Fix fail health check due to missing wget (#10110) 2019-02-25 04:06:24 +01:00
Sir-Boops 1dbf993bce Switch to Ubuntu for docker (#10100) 2019-02-24 16:32:40 +01:00
J0WI 26c1aba658 Do not use apk cache and upgrade (#9966) 2019-02-05 15:13:19 +01:00
J0WI 11d1502853 Replace LibreSSL by OpenSSL (#9975) 2019-02-05 15:12:45 +01:00
ashleyhull-versent 5c873a4ed7 Update Dockerfile (#9965) 2019-02-05 05:11:51 +01:00
ashleyhull-versent 8ec539fef1 Update Dockerfile (#9796) 2019-01-17 16:18:40 +01:00
Yamagishi Kazutoshi ea03faa167 Installing libxml2 and libxslt on Docker (#9680) 2019-01-01 04:03:54 +01:00
Isatis 5f0d3e8bad Dockerfile: Nodejs 8.12 -> 8.14 (#9532) 2018-12-16 05:50:09 +01:00
ashleyhull-versent 51677ff070 Update Dockerfile (#9026) 2018-10-23 05:21:28 +02:00
Isatis 49b182cd51 Dockerfile: update Node to 8.12.0 and put Ruby on Alpine 3.7 for build system memory help (#8842) 2018-10-04 15:37:31 +02:00
ashleyhull-versent 94f9cb0855 Revert "Updated ruby/node images" (#8712)
* Revert "update vagrant configs (#8706)"

This reverts commit 8971bb8cf2.

* Revert "Updated ruby/node images (#8700)"

This reverts commit 5aae71cf60.
2018-09-17 14:55:48 +02:00
ashleyhull-versent 5aae71cf60 Updated ruby/node images (#8700) 2018-09-15 22:30:02 +02:00
Kevin Liu 68cccb00ef Dockerfile: run asset precompilation as a build step (#7780)
* Dockerfile: run asset precompilation as a build step

* Replace OTP_SECRET and SECRET_KEY_BASE with placeholders
2018-07-15 01:19:09 +02:00
Yamagishi Kazutoshi 0eacf2b419 Upgrade Node.js to v8.x on Docker image (#8019) 2018-07-14 15:12:27 +02:00
Yamagishi Kazutoshi e9b322d0a6 Upgrade webpack to version v4.x (#6655) 2018-07-14 03:56:41 +02:00
Yamagishi Kazutoshi 523d8f20e3 Add symbolic link for yarnpkg (#7894) 2018-06-26 20:34:01 +02:00
Yamagishi Kazutoshi 097fd44978 Add /mastodon/bin to $PATH (#7889) 2018-06-25 13:30:25 +02:00
Yamagishi Kazutoshi f464f98fd3 Update Ruby to version 2.4.4 (#6964)
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems
2018-04-01 23:43:08 +02:00
Eugen Rochko 844616e950
Re-add git and nodejs-npm to Dockerfile (#6810)
Fix #6809

I don't know why, either
2018-03-17 15:28:09 +01:00
Eugen Rochko 0074cad44f
Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)
Fix 6734
2018-03-17 14:06:25 +01:00
Akihiko Odaki 36579bac88 Use Alpine Linux yarn package in Docker (#6725)
Yarn was manually installed to meet the Yarn version requirement of
webpacker. Today, Alpine Linux 3.7 provides Yarn new enough.
2018-03-10 11:49:04 +01:00
Akihiko Odaki 58a4633707 Remove su-exec from Docker image (#6722)
It is no longer necessary since commit
be9bab171d.
2018-03-10 11:42:42 +01:00
Akihiko Odaki 494969d394 Remove git from Docker image (#6724) 2018-03-10 11:42:28 +01:00
Yamagishi Kazutoshi ed902581d3 Update Yarn to version 1.5.1 (#6689) 2018-03-08 07:09:10 +01:00
Eugen Rochko d7573fe584
Separate chown command in Dockerfile. Use tootsuite/mastodon image (#6662)
Fix #6605
2018-03-07 01:57:31 +01:00
Akihiko Odaki 81cefc1913 Do not use npm (#6656)
Both of yarn and npm are used in Mastodon, but the combined usage requires
a redundant dependency and may lead to data inconsistency.

Considering that yarn has autoclean feature which npm does not have,
this change replaces all npm usage with yarn.

This change requires documentation update. Most notably, the following
command must be executed before assets precompilation if any system
dependency of node-sass has changed:

yarn install --force --pure-lockfile
2018-03-06 21:36:46 +01:00
haosbvnker 3d4e788ea9 Fix permissions for volumes (#6637)
When volumes are declared, but the corresponding directories don't exist, permissions for those directories will be root:root instead of mastodon:mastodon..
This changes makes sure the permissions of the volume directories are as expected.
2018-03-05 16:45:09 +01:00
Moritz Heiber a4fd4ad1d5 Fix build error for missing variable interpolation in chown instruction (#6519) 2018-02-20 19:11:36 +01:00
Eugen Rochko be9bab171d
Set Docker permissions during the build process (#6514)
* Set Docker permissions during the build process

* Remove docker_entrypoint.sh and use COPY with chown
2018-02-20 17:25:01 +01:00
Yamagishi Kazutoshi 7233ac07d2 Add support Ruby v2.5.0 (#6097) 2018-01-19 20:53:30 +01:00
Pierre Ozoux 7be53a10b0 Fix "tzinfo-data is not present" docker error (#6300)
when starting the container.
2018-01-19 19:11:19 +01:00
Yamagishi Kazutoshi 34e2a06de0 Update Yarn to version 1.3.2 (#5900) 2017-12-06 11:42:51 +01:00
Alex Coto ae6dd08121 Change libinconv download URL to HTTPS (#5738) 2017-11-17 18:21:05 +01:00
Hinaloe 1e1d788757 Reduce container size with clean yarn (#3506)
* Reduce container size with clean yarn

* Merge trouble
2017-09-30 22:05:24 +02:00
Yamagishi Kazutoshi b9f59ebcc6 Update Yarn to version 1.1.0 (#5125)
* Update Yarn to version 1.1.0

* remove hard-coding
2017-09-28 04:51:36 +02:00
Daigo 3 Dango 66be6475b6 Bump ruby version to 2.4.2 (#4958)
* Bump ruby version to 2.4.2

https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-4-2-released/

Gemfile.lock is also updated.

TODO
- [ ] Update Dockerfile with Alpine release of ruby-2.4.2

* Revert jwt version

It seems that jwt 2.0.0 fails in some environment.
ref. https://github.com/zaru/webpush/issues/42

* Bump Ruby version on docker image
2017-09-18 04:55:57 +02:00
Wonderfall cecf204bbb Update to Alpine 3.6 (#4747) 2017-08-30 23:52:19 +02:00
Thomas Leister 5d408fd9aa [Docker] Add multicore support to "make" and "bundler" (#4544)
* Let make and bundler use multiple cores

* Adds -j option to bundle install instead of bundle config
2017-08-07 18:55:07 +02:00
Yamagishi Kazutoshi ab60aa2266 Use GNU libiconv in Nokogiri (#4494)
System default libiconv of Alpine Linux only supports some charset (e.g. UTF-8).
Therefore, the preview card of the page which is not UTF-8 will be broken in the Docker environment.

Using GNU libiconv!
2017-08-03 18:04:36 +02:00
Yamagishi Kazutoshi c0c7af2194 Download npm and yarn from Alpine packages repository (#4242) 2017-07-18 15:21:30 +02:00
Yamagishi Kazutoshi 407073d7a2 Move icu-dev to build-dependencies (#4240) 2017-07-18 15:19:49 +02:00
Yamagishi Kazutoshi 35b868eeca Install libidn with Docker (#4219) 2017-07-16 04:40:56 +02:00
nullkal 007ab330e6 Use charlock_holmes instead of nkf at FetchLinkCardService (#4080)
* Specs for language detection

* Use CharlockHolmes instead of NKF

* Correct mistakes

* Correct style

* Set hint_enc instead of falling back and strip_tags

* Improve specs

* Add dependencies
2017-07-08 22:44:31 +02:00
Wonderfall ae78d012ac Some Dockerfile improvements (#3182)
- improve docker_entrypoint.sh
- serve static files with puma by default
- sort packages list
- use virtual package for build deps
- show how to assign UID/GID
2017-05-20 20:01:05 +02:00