Commit Graph

101 Commits (421eb444df726dd74ba811bfad4ae4484dde6744)

Author SHA1 Message Date
Daigo 3 Dango b9e9bb17d9 Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
Claire aa38f15cf1 Revert default Ruby version to 2.7.2 (#16154)
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781

Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
2021-05-04 23:06:19 +02:00
Daigo 3 Dango acd8edcdee Upgrade Ruby to 2.7.3 (#16004)
* Upgrade Ruby to 2.7.3

https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows

* Update rexml to 3.2.5

https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-04-09 02:31:36 +02:00
Mashiro d6432f2cb6 build: install shared-mime-info in Dockerfile (#15978) 2021-03-30 10:10:04 +02:00
Sandro bc5683f1b4 Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
2021-03-20 21:21:57 +01:00
Shlee 32cf85aa92 Update Dockerfile (#15869) 2021-03-12 05:33:35 +01:00
Daniel Jakots 530d435054 Update to Node.js-12.20.1 (#15558)
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
2021-01-28 22:53:56 +01:00
kaiyou a765a70d6b Fix the Dockerfile in case of Kaniko build (#15510)
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.

Co-authored-by: kaiyou <dev@kaiyou.fr>
2021-01-08 07:13:26 +01:00
Shlee 5630db1dab Update Dockerfile (#15232) 2020-11-29 09:20:02 +01:00
Daigo 3 Dango 75585748c9 Use Ruby 2.7.2 (#15150)
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
Kairui Song | 宋恺睿 4019f5233a Minor fix & improvement for the Dockerfile (#14686)
* Dockerfile: Fix building with multiarch

Tested on amd64 and arm64

* Reduce docker image size by clean up some unneeded source file
2020-08-30 16:45:49 +02:00
Shlee 31e1f4bbef Update Dockerfile (#13582) 2020-06-25 12:17:53 +02:00
Shlee 68bc5ef550 [Security] Update Dockerfile for Ruby 2.6.6 (#13393) 2020-04-05 12:52:07 +02:00
Shlee 0ca5d449ca [Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile

* Update Dockerfile
2020-03-10 12:00:55 +01:00
Sara Aimée Smiseth 8af34e6a64 Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64

* fix formating
2020-02-16 12:54:57 +01:00
Shlee 4f80dd3e26 Update Dockerfile (#12997) 2020-01-28 20:33:09 +01:00
Shlee 510f07e94a Upgrade Node v12 in Dockerfile (#12703) 2019-12-30 07:41:40 +01:00
Shlee 817286d233 Updated NodeJS in Dockerfile (#12492) 2019-11-29 17:03:20 +01:00
David Caldwell 6d6154eec0 Dockerfile: put back EXPOSE directive (#12279)
[Rkt](https://coreos.com/rkt) doesn't allow ports to be exposed to containers unless they are declared in the container manifest. Re-adding EXPOSE back in (removed in fa3a0f8bc8) allows the container to be used on rkt based systems.
2019-11-04 12:56:21 +01:00
Shlee 1c5690c8af Update nodejs in Dockerfile (#12052) 2019-10-02 17:28:31 +02:00
Shlee 722f448000 Update Ruby in Dockerfile (#12050) 2019-10-02 15:20:43 +02:00
Yamagishi Kazutoshi 5aafbec05e Use prebuilt node.js on Docker image (#11768) 2019-09-07 05:12:20 +02:00
Shlee 0c5a16c5d0 Update NodeJS source for Docker Image (#11707)
* Update Ruby/Node/jemalloc source for Docker Image

* Update Dockerfile

* Update Dockerfile
2019-08-31 20:07:29 +02:00
Shlee 911ebfea45 Update Dockerfile (#11710) 2019-08-31 20:06:49 +02:00
Eugen Rochko 02cf7a07ae Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351) 2019-07-18 20:28:05 +02:00
Sandro Jäckel 7a8958b067 Docker: Remove dist-upgrade (#10822) 2019-05-26 22:26:45 +02:00
Sandro Jäckel 6ec47d8326 Docker: Keep /var/lib/apt/ to keep apt working (#10830) 2019-05-25 23:20:28 +02:00
Alfie John 3696497a20 Expand abbreviation to minimise confusion (#10826) 2019-05-25 23:20:18 +02:00
Ben Lubar f461d0a193 Re-organize Dockerfile to improve incremental builds. (#10212)
- Always run apt update before any other apt command. (This fixes
  incremental builds failing if a remote package is updated.)
- Only copy dependency lists before installing dependencies. (This means
  editing code doesn't force all dependencies to be re-downloaded.)
- Delete cache in the same layer that it is created. (Otherwise,
  deleting cache *increases* the size of the image on non-squashed
  builds.)
- Move the installation of some static dependencies to *before* Mastodon
  code is imported to Docker.
2019-03-08 16:12:48 +01:00
mohemohe ae14a371dc Fix fail health check due to missing wget (#10110) 2019-02-25 04:06:24 +01:00
Sir-Boops fa3a0f8bc8 Switch to Ubuntu for docker (#10100) 2019-02-24 16:32:40 +01:00
J0WI 96f3621ad9 Do not use apk cache and upgrade (#9966) 2019-02-05 15:13:19 +01:00
J0WI bda1a39dd2 Replace LibreSSL by OpenSSL (#9975) 2019-02-05 15:12:45 +01:00
ashleyhull-versent c00cf2b83b Update Dockerfile (#9965) 2019-02-05 05:11:51 +01:00
ashleyhull-versent b1fac0b869 Update Dockerfile (#9796) 2019-01-17 16:18:40 +01:00
Yamagishi Kazutoshi 6eae9c5601 Installing libxml2 and libxslt on Docker (#9680) 2019-01-01 04:03:54 +01:00
Isatis 638cac58b6 Dockerfile: Nodejs 8.12 -> 8.14 (#9532) 2018-12-16 05:50:09 +01:00
ashleyhull-versent b88c202e6c Update Dockerfile (#9026) 2018-10-23 05:21:28 +02:00
Isatis 59ed79b1f0 Dockerfile: update Node to 8.12.0 and put Ruby on Alpine 3.7 for build system memory help (#8842) 2018-10-04 15:37:31 +02:00
ashleyhull-versent 7b1d835fd0 Revert "Updated ruby/node images" (#8712)
* Revert "update vagrant configs (#8706)"

This reverts commit 272053adee.

* Revert "Updated ruby/node images (#8700)"

This reverts commit 8a6db140ca.
2018-09-17 14:55:48 +02:00
ashleyhull-versent 8a6db140ca Updated ruby/node images (#8700) 2018-09-15 22:30:02 +02:00
Kevin Liu 0c34e68653 Dockerfile: run asset precompilation as a build step (#7780)
* Dockerfile: run asset precompilation as a build step

* Replace OTP_SECRET and SECRET_KEY_BASE with placeholders
2018-07-15 01:19:09 +02:00
Yamagishi Kazutoshi cce7eb0316 Upgrade Node.js to v8.x on Docker image (#8019) 2018-07-14 15:12:27 +02:00
Yamagishi Kazutoshi 2275752fca Upgrade webpack to version v4.x (#6655) 2018-07-14 03:56:41 +02:00
Yamagishi Kazutoshi a947b55daf Add symbolic link for yarnpkg (#7894) 2018-06-26 20:34:01 +02:00
Yamagishi Kazutoshi d134e6f38f Add /mastodon/bin to $PATH (#7889) 2018-06-25 13:30:25 +02:00
Yamagishi Kazutoshi 1fbeac0c82 Update Ruby to version 2.4.4 (#6964)
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems
2018-04-01 23:43:08 +02:00
Eugen Rochko a235678802 Re-add git and nodejs-npm to Dockerfile (#6810)
Fix #6809

I don't know why, either
2018-03-17 15:28:09 +01:00
Eugen Rochko 36734278ba Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)
Fix 6734
2018-03-17 14:06:25 +01:00
Akihiko Odaki 53b39b8042 Use Alpine Linux yarn package in Docker (#6725)
Yarn was manually installed to meet the Yarn version requirement of
webpacker. Today, Alpine Linux 3.7 provides Yarn new enough.
2018-03-10 11:49:04 +01:00