first round of changes: dedicated cache folder, cleaner base image, version management
This commit is contained in:
Justin
@ -5,27 +5,46 @@
|
||||
FROM safeclaude-base:latest
|
||||
|
||||
# System packages: what's needed to build Ruby, talk to Postgres, proxy the
|
||||
# database (socat), and run browser tests (headless Chrome).
|
||||
# database (socat), run browser tests (headless Chrome), and unpack the Node
|
||||
# download below (xz-utils).
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
build-essential \
|
||||
libssl-dev libreadline-dev zlib1g-dev libffi-dev libyaml-dev \
|
||||
libpq-dev \
|
||||
socat \
|
||||
chromium chromium-driver \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
xz-utils
|
||||
|
||||
# Capybara/Selenium look for Chrome at these paths.
|
||||
ENV CHROME_BIN=/usr/bin/chromium
|
||||
ENV CHROMEDRIVER=/usr/bin/chromedriver
|
||||
|
||||
# rbenv and nvm get installed by the hooks at launch instead of here, because
|
||||
# they live in the home folder — and that folder is swapped in fresh each run, so
|
||||
# anything we installed there now would just be thrown away. Here we only set the
|
||||
# paths and shell setup; the two lines below do nothing until a hook installs the
|
||||
# matching tool.
|
||||
ENV RBENV_ROOT=/home/coder/.rbenv
|
||||
ENV NVM_DIR=/home/coder/.nvm
|
||||
ENV PATH="$RBENV_ROOT/bin:$RBENV_ROOT/shims:$PATH"
|
||||
# --- Ruby (one pinned version) ---
|
||||
# A project only ever needs one Ruby, so we install it straight into /usr/local
|
||||
# instead of running a version manager. ruby-build (the tool rbenv uses under the
|
||||
# hood) does the download + compile. To change versions, bump RUBY_VERSION and
|
||||
# rebuild with `safeclaude build`.
|
||||
ARG RUBY_VERSION=3.3.6
|
||||
RUN git clone --depth 1 https://github.com/rbenv/ruby-build.git /tmp/ruby-build && \
|
||||
PREFIX=/usr/local /tmp/ruby-build/install.sh && \
|
||||
rm -rf /tmp/ruby-build && \
|
||||
ruby-build "$RUBY_VERSION" /usr/local && \
|
||||
gem install bundler --no-document
|
||||
|
||||
RUN echo '[ -d "$RBENV_ROOT/bin" ] && eval "$(rbenv init - bash)"' >> /etc/bash.bashrc && \
|
||||
echo '[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"' >> /etc/bash.bashrc
|
||||
# Gems install into the project's cache folder (which lives on the host), so they
|
||||
# persist between runs and survive container/volume resets. The bundle hook
|
||||
# relies on this too. BUNDLE_PATH is set here so both the hook and your app see it.
|
||||
ENV BUNDLE_PATH=/code/.safeclaude/cache/bundle
|
||||
|
||||
# --- Node (one pinned version) ---
|
||||
# Same idea: download one Node and unpack it into /usr/local. Bump NODE_VERSION
|
||||
# and rebuild to change it.
|
||||
ARG NODE_VERSION=22.11.0
|
||||
RUN arch="$(uname -m)" && \
|
||||
case "$arch" in \
|
||||
x86_64) narch=x64 ;; \
|
||||
aarch64) narch=arm64 ;; \
|
||||
*) echo "unsupported arch: $arch" >&2; exit 1 ;; \
|
||||
esac && \
|
||||
curl -fsSL "https://nodejs.org/dist/v${NODE_VERSION}/node-v${NODE_VERSION}-linux-${narch}.tar.xz" \
|
||||
| tar -xJ -C /usr/local --strip-components=1
|
||||
|
||||
Reference in New Issue
Block a user