Add version 5.1.0

docker-library · Nov 6, 2023 · b68b80a · b68b80a
1 parent 41ff6e8
commit b68b80a
Show file tree

Hide file tree

Showing 5 changed files with 588 additions and 0 deletions.
diff --git a/5.1/alpine3.18/Dockerfile b/5.1/alpine3.18/Dockerfile
@@ -0,0 +1,121 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM ruby:3.1-alpine3.18
+
+# explicitly set uid/gid to guarantee that it won't change in the future
+# the values 999:999 are identical to the current user/group id assigned
+# alpine already has a gid 999, so we'll use the next id
+RUN addgroup -S -g 1000 redmine && adduser -S -H -G redmine -u 999 redmine
+
+RUN set -eux; \
+	apk add --no-cache \
+		bash \
+		ca-certificates \
+		findutils \
+		su-exec \
+		tini \
+		tzdata \
+		wget \
+		\
+		breezy \
+		git \
+		mercurial \
+		openssh-client \
+		subversion \
+		\
+# we need "gsfonts" for generating PNGs of Gantt charts
+# and "ghostscript" for creating PDF thumbnails (in 4.1+)
+		ghostscript \
+		ghostscript-fonts \
+		imagemagick \
+	;
+
+ENV RAILS_ENV production
+WORKDIR /usr/src/redmine
+
+# https://github.com/docker-library/redmine/issues/138#issuecomment-438834176
+# (bundler needs this for running as an arbitrary user)
+ENV HOME /home/redmine
+RUN set -eux; \
+	[ ! -d "$HOME" ]; \
+	mkdir -p "$HOME"; \
+	chown redmine:redmine "$HOME"; \
+	chmod 1777 "$HOME"
+
+ENV REDMINE_VERSION 5.1.0
+ENV REDMINE_DOWNLOAD_URL https://www.redmine.org/releases/redmine-5.1.0.tar.gz
+ENV REDMINE_DOWNLOAD_SHA256 a94d6ecde5a100a6271503fef154818212dac01cf5e45e37e2beb4059365ba93
+
+RUN set -eux; \
+	wget -O redmine.tar.gz "$REDMINE_DOWNLOAD_URL"; \
+	echo "$REDMINE_DOWNLOAD_SHA256 *redmine.tar.gz" | sha256sum -c -; \
+	tar -xf redmine.tar.gz --strip-components=1; \
+	rm redmine.tar.gz files/delete.me log/delete.me; \
+	mkdir -p log public/plugin_assets sqlite tmp/pdf tmp/pids; \
+	chown -R redmine:redmine ./; \
+# log to STDOUT (https://github.com/docker-library/redmine/issues/108)
+	echo 'config.logger = Logger.new(STDOUT)' > config/additional_environment.rb; \
+# fix permissions for running as an arbitrary user
+	chmod -R ugo=rwX config db sqlite; \
+	find log tmp -type d -exec chmod 1777 '{}' +
+
+# build for musl-libc, not glibc (see https://github.com/sparklemotion/nokogiri/issues/2075, https://github.com/rubygems/rubygems/issues/3174)
+ENV BUNDLE_FORCE_RUBY_PLATFORM 1
+RUN set -eux; \
+	\
+	apk add --no-cache --virtual .build-deps \
+		coreutils \
+		freetds-dev \
+		gcc \
+		make \
+		mariadb-dev \
+		musl-dev \
+		patch \
+		postgresql-dev \
+		sqlite-dev \
+		ttf2ufm \
+		zlib-dev \
+	; \
+	\
+	su-exec redmine bundle config --local without 'development test'; \
+# https://github.com/redmine/redmine/commit/23dc108e70a0794f444803ac827a690085dcd557
+# ("gem puma" already exists in the Gemfile, but under "group :test" and we want it all the time)
+	puma="$(grep -E "^[[:space:]]*gem [:'\"]puma['\",[:space:]].*\$" Gemfile)"; \
+	{ echo; echo "$puma"; } | sed -re 's/^[[:space:]]+//' >> Gemfile; \
+# fill up "database.yml" with bogus entries so the redmine Gemfile will pre-install all database adapter dependencies
+# https://github.com/redmine/redmine/blob/e9f9767089a4e3efbd73c35fc55c5c7eb85dd7d3/Gemfile#L50-L79
+	echo '# the following entries only exist to force `bundle install` to pre-install all database adapter dependencies -- they can be safely removed/ignored' > ./config/database.yml; \
+	for adapter in mysql2 postgresql sqlserver sqlite3; do \
+		echo "$adapter:" >> ./config/database.yml; \
+		echo "  adapter: $adapter" >> ./config/database.yml; \
+	done; \
+	su-exec redmine bundle install --jobs "$(nproc)"; \
+	rm ./config/database.yml; \
+# fix permissions for running as an arbitrary user
+	chmod -R ugo=rwX Gemfile.lock "$GEM_HOME"; \
+# this requires coreutils because "chmod +X" in busybox will remove +x on files (and coreutils leaves files alone with +X)
+	rm -rf ~redmine/.bundle; \
+	\
+# https://github.com/naitoh/rbpdf/issues/31
+	rm /usr/local/bundle/gems/rbpdf-font-1.19.*/lib/fonts/ttf2ufm/ttf2ufm; \
+	\
+	runDeps="$( \
+		scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/bundle/gems \
+		| tr ',' '\n' \
+		| sort -u \
+		| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+	)"; \
+	apk add --no-network --virtual .redmine-rundeps $runDeps; \
+	apk del --no-network .build-deps
+
+VOLUME /usr/src/redmine/files
+
+COPY docker-entrypoint.sh /
+ENTRYPOINT ["/docker-entrypoint.sh"]
+
+EXPOSE 3000
+CMD ["rails", "server", "-b", "0.0.0.0"]
diff --git a/5.1/alpine3.18/docker-entrypoint.sh b/5.1/alpine3.18/docker-entrypoint.sh
@@ -0,0 +1,165 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+# TODO add "-u"
+
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+	local var="$1"
+	local fileVar="${var}_FILE"
+	local def="${2:-}"
+	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+		exit 1
+	fi
+	local val="$def"
+	if [ "${!var:-}" ]; then
+		val="${!var}"
+	elif [ "${!fileVar:-}" ]; then
+		val="$(< "${!fileVar}")"
+	fi
+	export "$var"="$val"
+	unset "$fileVar"
+}
+
+isLikelyRedmine=
+case "$1" in
+	rails | rake | passenger ) isLikelyRedmine=1 ;;
+esac
+
+_fix_permissions() {
+	# https://www.redmine.org/projects/redmine/wiki/RedmineInstall#Step-8-File-system-permissions
+	local dirs=( config log public/plugin_assets tmp ) args=()
+	if [ "$(id -u)" = '0' ]; then
+		args+=( ${args[@]:+,} '(' '!' -user redmine -exec chown redmine:redmine '{}' + ')' )
+
+		# https://github.com/docker-library/redmine/issues/268 - scanning "files" might be *really* expensive, so we should skip it if it seems like it's "already correct"
+		local filesOwnerMode
+		filesOwnerMode="$(stat -c '%U:%a' files)"
+		if [ "$files" != 'redmine:755' ]; then
+			dirs+=( files )
+		fi
+	fi
+	# directories 755, files 644:
+	args+=( ${args[@]:+,} '(' -type d '!' -perm 755 -exec sh -c 'chmod 755 "$@" 2>/dev/null || :' -- '{}' + ')' )
+	args+=( ${args[@]:+,} '(' -type f '!' -perm 644 -exec sh -c 'chmod 644 "$@" 2>/dev/null || :' -- '{}' + ')' )
+	find "${dirs[@]}" "${args[@]}"
+}
+
+# allow the container to be started with `--user`
+if [ -n "$isLikelyRedmine" ] && [ "$(id -u)" = '0' ]; then
+	_fix_permissions
+	exec su-exec redmine "$BASH_SOURCE" "$@"
+fi
+
+if [ -n "$isLikelyRedmine" ]; then
+	_fix_permissions
+	if [ ! -f './config/database.yml' ]; then
+		file_env 'REDMINE_DB_MYSQL'
+		file_env 'REDMINE_DB_POSTGRES'
+		file_env 'REDMINE_DB_SQLSERVER'
+
+		if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then
+			export REDMINE_DB_MYSQL='mysql'
+		elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then
+			export REDMINE_DB_POSTGRES='postgres'
+		fi
+
+		if [ "$REDMINE_DB_MYSQL" ]; then
+			adapter='mysql2'
+			host="$REDMINE_DB_MYSQL"
+			file_env 'REDMINE_DB_PORT' '3306'
+			file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}"
+			file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}"
+			file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}"
+			file_env 'REDMINE_DB_ENCODING' ''
+		elif [ "$REDMINE_DB_POSTGRES" ]; then
+			adapter='postgresql'
+			host="$REDMINE_DB_POSTGRES"
+			file_env 'REDMINE_DB_PORT' '5432'
+			file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}"
+			file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}"
+			file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}"
+			file_env 'REDMINE_DB_ENCODING' 'utf8'
+		elif [ "$REDMINE_DB_SQLSERVER" ]; then
+			adapter='sqlserver'
+			host="$REDMINE_DB_SQLSERVER"
+			file_env 'REDMINE_DB_PORT' '1433'
+			file_env 'REDMINE_DB_USERNAME' ''
+			file_env 'REDMINE_DB_PASSWORD' ''
+			file_env 'REDMINE_DB_DATABASE' ''
+			file_env 'REDMINE_DB_ENCODING' ''
+		else
+			echo >&2
+			echo >&2 'warning: missing REDMINE_DB_MYSQL, REDMINE_DB_POSTGRES, or REDMINE_DB_SQLSERVER environment variables'
+			echo >&2
+			echo >&2 '*** Using sqlite3 as fallback. ***'
+			echo >&2
+
+			adapter='sqlite3'
+			host='localhost'
+			file_env 'REDMINE_DB_PORT' ''
+			file_env 'REDMINE_DB_USERNAME' 'redmine'
+			file_env 'REDMINE_DB_PASSWORD' ''
+			file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db'
+			file_env 'REDMINE_DB_ENCODING' 'utf8'
+
+			mkdir -p "$(dirname "$REDMINE_DB_DATABASE")"
+			if [ "$(id -u)" = '0' ]; then
+				find "$(dirname "$REDMINE_DB_DATABASE")" \! -user redmine -exec chown redmine '{}' +
+			fi
+		fi
+
+		REDMINE_DB_ADAPTER="$adapter"
+		REDMINE_DB_HOST="$host"
+		echo "$RAILS_ENV:" > config/database.yml
+		for var in \
+			adapter \
+			host \
+			port \
+			username \
+			password \
+			database \
+			encoding \
+		; do
+			env="REDMINE_DB_${var^^}"
+			val="${!env}"
+			[ -n "$val" ] || continue
+			echo "  $var: \"$val\"" >> config/database.yml
+		done
+	fi
+
+	# install additional gems for Gemfile.local and plugins
+	bundle check || bundle install
+
+	if [ ! -s config/secrets.yml ]; then
+		file_env 'REDMINE_SECRET_KEY_BASE'
+		if [ -n "$REDMINE_SECRET_KEY_BASE" ]; then
+			cat > 'config/secrets.yml' <<-YML
+				$RAILS_ENV:
+				  secret_key_base: "$REDMINE_SECRET_KEY_BASE"
+			YML
+		elif [ ! -f config/initializers/secret_token.rb ]; then
+			rake generate_secret_token
+		fi
+	fi
+	if [ "$1" != 'rake' -a -z "$REDMINE_NO_DB_MIGRATE" ]; then
+		rake db:migrate
+	fi
+
+	if [ "$1" != 'rake' -a -n "$REDMINE_PLUGINS_MIGRATE" ]; then
+		rake redmine:plugins:migrate
+	fi
+
+	# remove PID file to enable restarting the container
+	rm -f tmp/pids/server.pid
+
+	if [ "$1" = 'passenger' ]; then
+		# Don't fear the reaper.
+		set -- tini -- "$@"
+	fi
+fi
+
+exec "$@"