Commit graph

175 commits

Author SHA1 Message Date
Nick Schonning
c6b7e04120
Sync Node.js to 16.19 patch release (#23554) 2023-02-13 04:58:37 +01:00
Nick Schonning
a1c0573bc6
Yarn cache cleanup right after install in Docker (#23557) 2023-02-13 04:57:51 +01:00
Moritz Heiber
a0813806d6
Add hadolint as Dockerfile linter (#20993)
* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile

* Use more specific version of hadolint Action

* Bumpt hadolint Action version to latest version to avoid deprecation notice

* Being _really_ specific now
2022-12-15 15:57:17 +01:00
Nick Schonning
736b4283b0
Update Node 16.18.1 for latest security release (#22019)
* Update Node 16.18.1 for latest security release

* Increase Yarn network timeout for build error
2022-12-11 07:37:00 +01:00
BtbN
f343ed42ff
Add missing procps package to Dockerfile (#21028)
The new Debian-Base does not come with this by default, making the ps based health-check in the compose file fail
2022-11-22 05:52:18 +01:00
Effy Elden
231e3ec552
Remove blank line from start of Dockerfile breaking syntax declaration (#20948) 2022-11-17 10:25:07 -05:00
Moritz Heiber
1b5ed32085
Split off Dockerfile components for faster build times (#20933) 2022-11-17 12:56:14 +01:00
Kohei Ota (inductor)
92734e3df1
Use buildx functions for faster build (#20692)
* Use buildx functions for faster build

* move link

* cannot use --link with --chown
2022-11-17 11:01:16 +01:00
Yamagishi Kazutoshi
5cf056fdb0
Install python3 when building with Docker (#18072) 2022-09-29 16:36:14 +02:00
Daniel Jakots
0c99c6c3df
Update Node to 16.17.1 (#19224)
See
https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/
for the details.
2022-09-24 00:11:34 +02:00
zunda
113dd90aa3
Bump Ruby version from 3.0.3 to 3.0.4 (#18028)
https://www.ruby-lang.org/en/news/2022/04/12/ruby-3-0-4-released/
2022-08-15 04:39:58 +02:00
Daniel Jakots
9f61f22a3b
Update node to 16.16.0 (#18790)
See https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
2022-08-15 02:47:33 +02:00
Shlee
602f291da9
Update Dockerfile (#18717) 2022-06-27 09:02:48 +02:00
Daniel Jakots
8ee4fde19b Bump NODE_VER to 16.14.2 (#17825)
See the announcement
https://nodejs.org/en/blog/vulnerability/mar-2022-security-releases/
2022-03-19 09:24:26 +01:00
Yamagishi Kazutoshi
298491a816
Remove protobuf dependencies (#17539) 2022-02-14 16:08:02 +01:00
Daniel Jakots
aa45404578
Bump NODE_VER to 16.13.2, to solve security issues (#17399)
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
2022-01-31 00:32:03 +01:00
Jeong Arm
fad37dd1bc
Save bundle config as local (#17188)
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
2021-12-25 22:52:24 +01:00
zunda
46e62fc4b3
Upgrade Ruby to 3.0.3 (#17038)
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
2021-11-24 20:29:05 +01:00
Shlee
d647f6ad04
Update Dockerfile (#16939) 2021-11-18 22:00:38 +01:00
Shlee
c242c1d87a
Ruby 3.0.2 Upgrade (#16982)
* Update .ruby-version

* Update Gemfile

* Update Gemfile.lock

* Update Dockerfile

* Update check-i18n.yml

* Update config.yml

* Update config.yml
2021-11-18 21:59:57 +01:00
Shlee
03338d1297
[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. (#16856)
* [Security] Update NodeJS on docker.

https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/

* Update Dockerfile

* Upgrade npm package

* Update Dockerfile
2021-11-17 07:57:01 +01:00
David Sterry
f68772fd6a
add bundle flag to suppress root warning (#16557) 2021-10-14 21:00:38 +02:00
Shlee
12cb6ed461
Update Dockerfile (#16696) 2021-09-13 19:03:14 +02:00
Shlee
229f5d1681
NodeJS 14 support - circleci/docker/.nvmrc (#16163)
* Update config.yml

* Update Dockerfile

* Update .nvmrc

* Update Dockerfile

* NodeJS 10 is EOL.

* Update package.json

* Update README.md

* Update Vagrantfile

* Update Dockerfile

* Update Dockerfile
2021-08-10 22:56:13 +02:00
Daigo 3 Dango
3d5183e99c
Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
Claire
d95128c99d
Revert default Ruby version to 2.7.2 (#16154)
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781

Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
2021-05-04 23:06:19 +02:00
Daigo 3 Dango
3f8d0de82e
Upgrade Ruby to 2.7.3 (#16004)
* Upgrade Ruby to 2.7.3

https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows

* Update rexml to 3.2.5

https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-04-09 02:31:36 +02:00
Mashiro
e3f1107975
build: install shared-mime-info in Dockerfile (#15978) 2021-03-30 10:10:04 +02:00
Sandro
46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
2021-03-20 21:21:57 +01:00
Shlee
f56cf6e9d0
Update Dockerfile (#15869) 2021-03-12 05:33:35 +01:00
Daniel Jakots
b4281f5a51
Update to Node.js-12.20.1 (#15558)
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
2021-01-28 22:53:56 +01:00
kaiyou
1817f96578
Fix the Dockerfile in case of Kaniko build (#15510)
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.

Co-authored-by: kaiyou <dev@kaiyou.fr>
2021-01-08 07:13:26 +01:00
Shlee
b429d33e46
Update Dockerfile (#15232) 2020-11-29 09:20:02 +01:00
Daigo 3 Dango
541b9f8c1c
Use Ruby 2.7.2 (#15150)
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
Kairui Song | 宋恺睿
03b5f09ffc
Minor fix & improvement for the Dockerfile (#14686)
* Dockerfile: Fix building with multiarch

Tested on amd64 and arm64

* Reduce docker image size by clean up some unneeded source file
2020-08-30 16:45:49 +02:00
Shlee
9ea91bbf59
Update Dockerfile (#13582) 2020-06-25 12:17:53 +02:00
Shlee
e4a1ebf721
[Security] Update Dockerfile for Ruby 2.6.6 (#13393) 2020-04-05 12:52:07 +02:00
Shlee
51a1fbaafc
[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile

* Update Dockerfile
2020-03-10 12:00:55 +01:00
Sara Aimée Smiseth
250ca99cb5
Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64

* fix formating
2020-02-16 12:54:57 +01:00
Shlee
71baacb49a Update Dockerfile (#12997) 2020-01-28 20:33:09 +01:00
Shlee
e7d3495874 Upgrade Node v12 in Dockerfile (#12703) 2019-12-30 07:41:40 +01:00
Shlee
6c2c2eee46 Updated NodeJS in Dockerfile (#12492) 2019-11-29 17:03:20 +01:00
David Caldwell
3b609da9bd Dockerfile: put back EXPOSE directive (#12279)
[Rkt](https://coreos.com/rkt) doesn't allow ports to be exposed to containers unless they are declared in the container manifest. Re-adding EXPOSE back in (removed in 1dbf993bce) allows the container to be used on rkt based systems.
2019-11-04 12:56:21 +01:00
Shlee
f8a0c00920 Update nodejs in Dockerfile (#12052) 2019-10-02 17:28:31 +02:00
Shlee
ea8c781ec7 Update Ruby in Dockerfile (#12050) 2019-10-02 15:20:43 +02:00
Yamagishi Kazutoshi
d7ed697030 Use prebuilt node.js on Docker image (#11768) 2019-09-07 05:12:20 +02:00
Shlee
59b013df5f Update NodeJS source for Docker Image (#11707)
* Update Ruby/Node/jemalloc source for Docker Image

* Update Dockerfile

* Update Dockerfile
2019-08-31 20:07:29 +02:00
Shlee
33f4b6e1eb Update Dockerfile (#11710) 2019-08-31 20:06:49 +02:00
Eugen Rochko
15c7478c55
Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351) 2019-07-18 20:28:05 +02:00
Sandro Jäckel
1e6a1ea075 Docker: Remove dist-upgrade (#10822) 2019-05-26 22:26:45 +02:00
Sandro Jäckel
c90f3b9865 Docker: Keep /var/lib/apt/ to keep apt working (#10830) 2019-05-25 23:20:28 +02:00
Alfie John
0852e643b7 Expand abbreviation to minimise confusion (#10826) 2019-05-25 23:20:18 +02:00
Ben Lubar
d36fcb54c4 Re-organize Dockerfile to improve incremental builds. (#10212)
- Always run apt update before any other apt command. (This fixes
  incremental builds failing if a remote package is updated.)
- Only copy dependency lists before installing dependencies. (This means
  editing code doesn't force all dependencies to be re-downloaded.)
- Delete cache in the same layer that it is created. (Otherwise,
  deleting cache *increases* the size of the image on non-squashed
  builds.)
- Move the installation of some static dependencies to *before* Mastodon
  code is imported to Docker.
2019-03-08 16:12:48 +01:00
mohemohe
16fb39cffc Fix fail health check due to missing wget (#10110) 2019-02-25 04:06:24 +01:00
Sir-Boops
1dbf993bce Switch to Ubuntu for docker (#10100) 2019-02-24 16:32:40 +01:00
J0WI
26c1aba658 Do not use apk cache and upgrade (#9966) 2019-02-05 15:13:19 +01:00
J0WI
11d1502853 Replace LibreSSL by OpenSSL (#9975) 2019-02-05 15:12:45 +01:00
ashleyhull-versent
5c873a4ed7 Update Dockerfile (#9965) 2019-02-05 05:11:51 +01:00
ashleyhull-versent
8ec539fef1 Update Dockerfile (#9796) 2019-01-17 16:18:40 +01:00
Yamagishi Kazutoshi
ea03faa167 Installing libxml2 and libxslt on Docker (#9680) 2019-01-01 04:03:54 +01:00
Isatis
5f0d3e8bad Dockerfile: Nodejs 8.12 -> 8.14 (#9532) 2018-12-16 05:50:09 +01:00
ashleyhull-versent
51677ff070 Update Dockerfile (#9026) 2018-10-23 05:21:28 +02:00
Isatis
49b182cd51 Dockerfile: update Node to 8.12.0 and put Ruby on Alpine 3.7 for build system memory help (#8842) 2018-10-04 15:37:31 +02:00
ashleyhull-versent
94f9cb0855 Revert "Updated ruby/node images" (#8712)
* Revert "update vagrant configs (#8706)"

This reverts commit 8971bb8cf2.

* Revert "Updated ruby/node images (#8700)"

This reverts commit 5aae71cf60.
2018-09-17 14:55:48 +02:00
ashleyhull-versent
5aae71cf60 Updated ruby/node images (#8700) 2018-09-15 22:30:02 +02:00
Kevin Liu
68cccb00ef Dockerfile: run asset precompilation as a build step (#7780)
* Dockerfile: run asset precompilation as a build step

* Replace OTP_SECRET and SECRET_KEY_BASE with placeholders
2018-07-15 01:19:09 +02:00
Yamagishi Kazutoshi
0eacf2b419 Upgrade Node.js to v8.x on Docker image (#8019) 2018-07-14 15:12:27 +02:00
Yamagishi Kazutoshi
e9b322d0a6 Upgrade webpack to version v4.x (#6655) 2018-07-14 03:56:41 +02:00
Yamagishi Kazutoshi
523d8f20e3 Add symbolic link for yarnpkg (#7894) 2018-06-26 20:34:01 +02:00
Yamagishi Kazutoshi
097fd44978 Add /mastodon/bin to $PATH (#7889) 2018-06-25 13:30:25 +02:00
Yamagishi Kazutoshi
f464f98fd3 Update Ruby to version 2.4.4 (#6964)
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems
2018-04-01 23:43:08 +02:00
Eugen Rochko
844616e950
Re-add git and nodejs-npm to Dockerfile (#6810)
Fix #6809

I don't know why, either
2018-03-17 15:28:09 +01:00
Eugen Rochko
0074cad44f
Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)
Fix 6734
2018-03-17 14:06:25 +01:00
Akihiko Odaki
36579bac88 Use Alpine Linux yarn package in Docker (#6725)
Yarn was manually installed to meet the Yarn version requirement of
webpacker. Today, Alpine Linux 3.7 provides Yarn new enough.
2018-03-10 11:49:04 +01:00
Akihiko Odaki
58a4633707 Remove su-exec from Docker image (#6722)
It is no longer necessary since commit
be9bab171d.
2018-03-10 11:42:42 +01:00
Akihiko Odaki
494969d394 Remove git from Docker image (#6724) 2018-03-10 11:42:28 +01:00
Yamagishi Kazutoshi
ed902581d3 Update Yarn to version 1.5.1 (#6689) 2018-03-08 07:09:10 +01:00
Eugen Rochko
d7573fe584
Separate chown command in Dockerfile. Use tootsuite/mastodon image (#6662)
Fix #6605
2018-03-07 01:57:31 +01:00
Akihiko Odaki
81cefc1913 Do not use npm (#6656)
Both of yarn and npm are used in Mastodon, but the combined usage requires
a redundant dependency and may lead to data inconsistency.

Considering that yarn has autoclean feature which npm does not have,
this change replaces all npm usage with yarn.

This change requires documentation update. Most notably, the following
command must be executed before assets precompilation if any system
dependency of node-sass has changed:

yarn install --force --pure-lockfile
2018-03-06 21:36:46 +01:00
haosbvnker
3d4e788ea9 Fix permissions for volumes (#6637)
When volumes are declared, but the corresponding directories don't exist, permissions for those directories will be root:root instead of mastodon:mastodon..
This changes makes sure the permissions of the volume directories are as expected.
2018-03-05 16:45:09 +01:00
Moritz Heiber
a4fd4ad1d5 Fix build error for missing variable interpolation in chown instruction (#6519) 2018-02-20 19:11:36 +01:00
Eugen Rochko
be9bab171d
Set Docker permissions during the build process (#6514)
* Set Docker permissions during the build process

* Remove docker_entrypoint.sh and use COPY with chown
2018-02-20 17:25:01 +01:00
Yamagishi Kazutoshi
7233ac07d2 Add support Ruby v2.5.0 (#6097) 2018-01-19 20:53:30 +01:00
Pierre Ozoux
7be53a10b0 Fix "tzinfo-data is not present" docker error (#6300)
when starting the container.
2018-01-19 19:11:19 +01:00
Yamagishi Kazutoshi
34e2a06de0 Update Yarn to version 1.3.2 (#5900) 2017-12-06 11:42:51 +01:00
Alex Coto
ae6dd08121 Change libinconv download URL to HTTPS (#5738) 2017-11-17 18:21:05 +01:00
Hinaloe
1e1d788757 Reduce container size with clean yarn (#3506)
* Reduce container size with clean yarn

* Merge trouble
2017-09-30 22:05:24 +02:00
Yamagishi Kazutoshi
b9f59ebcc6 Update Yarn to version 1.1.0 (#5125)
* Update Yarn to version 1.1.0

* remove hard-coding
2017-09-28 04:51:36 +02:00
Daigo 3 Dango
66be6475b6 Bump ruby version to 2.4.2 (#4958)
* Bump ruby version to 2.4.2

https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-4-2-released/

Gemfile.lock is also updated.

TODO
- [ ] Update Dockerfile with Alpine release of ruby-2.4.2

* Revert jwt version

It seems that jwt 2.0.0 fails in some environment.
ref. https://github.com/zaru/webpush/issues/42

* Bump Ruby version on docker image
2017-09-18 04:55:57 +02:00
Wonderfall
cecf204bbb Update to Alpine 3.6 (#4747) 2017-08-30 23:52:19 +02:00
Thomas Leister
5d408fd9aa [Docker] Add multicore support to "make" and "bundler" (#4544)
* Let make and bundler use multiple cores

* Adds -j option to bundle install instead of bundle config
2017-08-07 18:55:07 +02:00
Yamagishi Kazutoshi
ab60aa2266 Use GNU libiconv in Nokogiri (#4494)
System default libiconv of Alpine Linux only supports some charset (e.g. UTF-8).
Therefore, the preview card of the page which is not UTF-8 will be broken in the Docker environment.

Using GNU libiconv!
2017-08-03 18:04:36 +02:00
Yamagishi Kazutoshi
c0c7af2194 Download npm and yarn from Alpine packages repository (#4242) 2017-07-18 15:21:30 +02:00
Yamagishi Kazutoshi
407073d7a2 Move icu-dev to build-dependencies (#4240) 2017-07-18 15:19:49 +02:00
Yamagishi Kazutoshi
35b868eeca Install libidn with Docker (#4219) 2017-07-16 04:40:56 +02:00
nullkal
007ab330e6 Use charlock_holmes instead of nkf at FetchLinkCardService (#4080)
* Specs for language detection

* Use CharlockHolmes instead of NKF

* Correct mistakes

* Correct style

* Set hint_enc instead of falling back and strip_tags

* Improve specs

* Add dependencies
2017-07-08 22:44:31 +02:00
Wonderfall
ae78d012ac Some Dockerfile improvements (#3182)
- improve docker_entrypoint.sh
- serve static files with puma by default
- sort packages list
- use virtual package for build deps
- show how to assign UID/GID
2017-05-20 20:01:05 +02:00
Wonderfall
d972845ff6 Fix #2680 - Run processes in Docker as non-root user (#3159) 2017-05-20 15:12:29 +02:00
Akihiko Odaki
d5cabfe5c6 Use CLD3 (#2949)
Compact Language Detector v3 (CLD3) is the successor of CLD2, which was
used in the previous implementation. CLD3 includes improvements since CLD2,
and supports newer compilers. On the other hand, it has additional
requirements and cld3-ruby, the FFI of CLD3 for Ruby, is still new and may
be still inmature.

Though CLD3 is named after CLD2, it is implemented with a neural network
model, different from the old implementation, which is based on a Naïve
Bayesian classifier.

CLD3 supports newer compilers, such as GCC 6. CLD2 is not compatible with
GCC 6 because it assigns negative values to varibales typed unsigned.
(see internal/cld_generated_cjk_uni_prop_80.cc) The support for GCC 6 and
newer compilers are essential today, when some server operating system
such as Ubuntu Server 16.10 has GCC 6 by default.

On the one hand, CLD3 requires C++11 support. Environments with old
compilers such as Ubuntu Server 14.04 needs to update the system or install
a newer compiler.

CLD3 needs protocol buffers as a new dependency. However,it is not
considered problematic because major server operating systems, CentOS and
Ubuntu Server provide them.

The FFI cld3-ruby was written by me (Akihiko Odaki) for use in Mastodon.
It is still new and may be inmature, but confirmed to pass existing tests.
2017-05-09 19:58:03 +02:00
Eugen Rochko
f5bf5ebb82 Replace sprockets/browserify with Webpack (#2617)
* Replace browserify with webpack

* Add react-intl-translations-manager

* Do not minify in development, add offline-plugin for ServiceWorker background cache updates

* Adjust tests and dependencies

* Fix production deployments

* Fix tests

* More optimizations

* Improve travis cache for npm stuff

* Re-run travis

* Add back support for custom.scss as before

* Remove offline-plugin and babili

* Fix issue with Immutable.List().unshift(...values) not working as expected

* Make travis load schema instead of running all migrations in sequence

* Fix missing React import in WarningContainer. Optimize rendering performance by using ImmutablePureComponent instead of
React.PureComponent. ImmutablePureComponent uses Immutable.is() to compare props. Replace dynamic callback bindings in
<UI />

* Add react definitions to places that use JSX

* Add Procfile.dev for running rails, webpack and streaming API at the same time
2017-05-03 02:04:16 +02:00