sto/puzzle-scoreboard
1
0
Fork 0
Code Issues 19 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Merge 658c989d8b
All checks were successful
CI / scan_ruby (push) Successful in 17s
Details
CI / scan_js (push) Successful in 14s
Details
CI / lint (push) Successful in 14s
Details
CI / test (push) Successful in 38s
Details

Browse Source
This commit is contained in:
sto
2026-01-17 09:49:02 +01:00
parent ab3409ccaa
commit 5a49f14e04
1 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Dockerfile
View File

@@ -51,19 +51,18 @@ RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile
# Final stage for app image # Final stage for app image
FROM base FROM base
# Run and own only the runtime files as a non-root user for security
RUN groupadd --system --gid 1000 rails && \
useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash
USER 1000:1000
# Copy built artifacts: gems, application # Copy built artifacts: gems, application
COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}" COPY --chown=rails:rails --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
COPY --from=build /rails /rails COPY --chown=rails:rails --from=build /rails /rails
# TODO: find how not to depend on this hack to include the compiled SCSS. # TODO: find how not to depend on this hack to include the compiled SCSS.
RUN cp app/assets/builds/application.css `ls public/assets/application-*.css` RUN cp app/assets/builds/application.css `ls public/assets/application-*.css`
# Run and own only the runtime files as a non-root user for security
RUN groupadd --system --gid 1000 rails && \
useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \
chown -R rails:rails db log storage tmp
USER 1000:1000
# Entrypoint prepares the database. # Entrypoint prepares the database.
ENTRYPOINT ["/rails/bin/docker-entrypoint"] ENTRYPOINT ["/rails/bin/docker-entrypoint"]