Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
91 changes: 25 additions & 66 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,40 +1,50 @@
# syntax=docker/dockerfile:1

# ============================================================
# Stage 1: compile OpenSSL 1.1.1, jemalloc, Ruby
# ============================================================
FROM debian:bookworm-slim AS builder
FROM debian:stable-20260610-slim@sha256:34363c20bd149e41365fc77b086da067ed13ab2dff4cd0612788e12e6d52c44c

ARG OPENSSL_VERSION=1.1.1w
ARG JEMALLOC_VERSION=5.3.1
ARG RUBY_VERSION=2.6.10

LABEL \
org.opencontainers.image.title="ruby2.6-jemalloc" \
org.opencontainers.image.description="Ruby ${RUBY_VERSION} image with jemalloc ${JEMALLOC_VERSION}" \
org.opencontainers.image.source="https://github.com/UMNLibraries/ruby2.6-jemalloc-docker"

ENV DEBIAN_FRONTEND=noninteractive

RUN <<'EOF'
RUN <<__install__
set -eux
# Step: install builder dependencies
apt-get update
apt-get -y upgrade
apt-get install -y --no-install-recommends \
autoconf \
bison \
build-essential \
bzip2 \
ca-certificates \
libdb-dev \
libffi-dev \
libffi8 \
libgdbm-dev \
libgdbm6 \
libncurses5-dev \
libncurses6 \
libreadline-dev \
libreadline8 \
libyaml-0-2 \
libyaml-dev \
pkg-config \
wget \
zlib1g \
zlib1g-dev
rm -rf /var/lib/apt/lists/*
EOF
__install__

# Build OpenSSL 1.1.1 (required by Ruby 2.6; Debian ships OpenSSL 3 which is incompatible)
WORKDIR /tmp/build
RUN <<EOF
RUN <<__openssl__
set -eux
# Step: download OpenSSL source
wget -q "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz"
Expand All @@ -44,14 +54,15 @@ cd "openssl-${OPENSSL_VERSION}"
# Step: configure and build OpenSSL
./config --prefix=/opt/openssl --openssldir=/opt/openssl shared zlib
make -j"$(nproc)"
make test
make install_sw

# Step: clean OpenSSL build artifacts
rm -rf /tmp/build/openssl-*
EOF
__openssl__

# Build jemalloc
RUN <<EOF
RUN <<__jemalloc__
set -eux
# Step: download jemalloc source
wget -q "https://github.com/jemalloc/jemalloc/releases/download/${JEMALLOC_VERSION}/jemalloc-${JEMALLOC_VERSION}.tar.bz2"
Expand All @@ -61,22 +72,21 @@ cd "jemalloc-${JEMALLOC_VERSION}"
# Step: configure and build jemalloc
./configure --prefix=/usr/local
make -j"$(nproc)"
make test
make install

# Step: clean jemalloc build artifacts
rm -rf /tmp/build/jemalloc-*
EOF
__jemalloc__

# Build Ruby 2.6.x with jemalloc and OpenSSL 1.1.1
ENV LD_LIBRARY_PATH=/opt/openssl/lib:/usr/local/lib
RUN <<EOF
RUN <<__ruby__
set -eux
# Step: download Ruby source
wget -q "https://cache.ruby-lang.org/pub/ruby/2.6/ruby-${RUBY_VERSION}.tar.gz"
tar xzf "ruby-${RUBY_VERSION}.tar.gz"
cd "ruby-${RUBY_VERSION}"

# Step: configure and build Ruby
./configure \
--prefix=/usr/local \
--with-openssl-dir=/opt/openssl \
Expand All @@ -86,63 +96,12 @@ cd "ruby-${RUBY_VERSION}"
--disable-install-rdoc \
CFLAGS="-O2 -fno-omit-frame-pointer -Wno-error=implicit-function-declaration"
make -j"$(nproc)"
make test
make install

# Step: clean Ruby build artifacts
rm -rf /tmp/build/ruby-*
EOF

# ============================================================
# Stage 2: Final – small runtime image with debian base
# ============================================================
FROM debian:bookworm-slim

ARG RUBY_VERSION=2.6.10

LABEL org.opencontainers.image.title="ruby2.6-jemalloc-docker" \
org.opencontainers.image.description="Ruby 2.6 image with jemalloc 5.3.1" \
org.opencontainers.image.version="${RUBY_VERSION}" \
org.opencontainers.image.source="https://github.com/UMNLibraries/ruby2.6-jemalloc-docker"

ENV RUBY_VERSION=${RUBY_VERSION}

# Copy compiled Ruby, OpenSSL, and CA certificates from builder.
COPY --from=builder /usr/local /usr/local
COPY --from=builder /opt/openssl /opt/openssl
COPY --from=builder /etc/ssl/certs /etc/ssl/certs

# Install runtime library dependencies and register compiled library paths.
# Remove unnecessary build artifacts (headers, static libs, pkgconfig) to minimize image size.
RUN <<'EOF'
set -eux

# Step: install runtime dependencies required by Ruby, OpenSSL, jemalloc
apt-get update
apt-get install -y --no-install-recommends \
libffi8 \
libgdbm6 \
libncurses6 \
libreadline8 \
libyaml-0-2 \
zlib1g \
ca-certificates

# Step: remove build artifacts from copied Ruby and OpenSSL
rm -rf /usr/local/include \
/usr/local/lib/pkgconfig \
/usr/local/lib/*.a \
/usr/local/share/doc \
/usr/local/share/man \
/opt/openssl/include \
/opt/openssl/lib/pkgconfig \
/opt/openssl/lib/*.a

# Step: register compiled library paths for Ruby and OpenSSL at runtime
ldconfig /opt/openssl/lib /usr/local/lib

# Step: clean apt caches and temporary files
rm -rf /var/lib/apt/lists/* /var/tmp/* /tmp/*

EOF
__ruby__

CMD ["irb"]
20 changes: 7 additions & 13 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,15 @@ lint:
pre-commit run --all-file

build:
docker build --no-cache --progress=plain --platform "$(MULTIARCH_PLATFORMS)" --tag $(REGISTRY):latest .
docker build --progress=plain --platform "$(MULTIARCH_PLATFORMS)" --tag $(REGISTRY):latest .

.PHONY: tags
tags:
docker tag $(REGISTRY):latest $(REGISTRY):0.0.5

push:
docker push $(REGISTRY):latest
docker push $(REGISTRY):0.0.5

build-amd64:
docker buildx build --platform linux/amd64 --load -t ruby2.6-jemalloc:amd64 .
Expand All @@ -55,19 +60,8 @@ push-arm64:
pull-arm64:
docker pull --platform linux/arm64 $(REGISTRY):latest

build-release:
docker buildx build \
--platform $(MULTIARCH_PLATFORMS) \
--cache-from type=local,src=$(MULTIARCH_CACHE_DIR) \
--cache-to type=local,dest=$(MULTIARCH_CACHE_DIR)-new,mode=max \
--push \
-t $(REGISTRY):$(MULTIARCH_TAG) \
.
@rm -rf $(MULTIARCH_CACHE_DIR)
@mv $(MULTIARCH_CACHE_DIR)-new $(MULTIARCH_CACHE_DIR)

verify: build
./scripts/verify-ruby-jemalloc.sh ruby2.6-jemalloc:local
./scripts/verify-ruby-jemalloc.sh ruby2.6-jemalloc:latest

verify-amd64: build-amd64
./scripts/verify-ruby-jemalloc.sh ruby2.6-jemalloc:amd64 linux/amd64
Expand Down
Loading