.gitlab-ci-legacy.yml

+include:
+  - project: pub/nexus-code-quality
+    file: /code-quality-template.yaml
+
+image: docker:latest
+
+variables:
+  DOCKER_DRIVER: overlay2
+  IMAGE_NAME: gitlab.nexdev.uk:5555/pub/rails-base-image-builder
+
+stages:
+  - prebuild
+  - test
+  - release
+
+
+docker_lint:
+  stage: prebuild
+  image: hadolint/hadolint:latest-debian
+  script:
+  # Ignoring DL3008 - Pin Versions of apt-get modules
+  - hadolint --ignore DL3008 Dockerfile
+  tags:
+  - nexus_runner
+
+release:version:
+  image: gitlab.nexdev.uk:5555/pub/nexus-release-image/master
+  stage: release
+  before_script:
+    - eval $(ssh-agent -s)
+    - echo "$CI_DEPLOY_KEY" | tr -d '\r' | ssh-add -
+    - ssh-keyscan gitlab.nexdev.uk >> ~/.ssh/known_hosts
+  script:
+    - /build/release.sh --run-tag-pipeline
+  tags:
+    - nexus_runner
+  only:
+    - master
+
+release_tag:
+  stage: release
+  script:
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN gitlab.nexdev.uk:5555
+    - docker build -t $IMAGE_NAME:$CI_COMMIT_REF_NAME .
+    - docker push $IMAGE_NAME:$CI_COMMIT_REF_NAME
+  only:
+    - tags
+  tags:
+    - nexus_runner
\ No newline at end of file

.gitlab-ci.yml

 include:
-  - project: pub/nexus-code-quality
-    file: /code-quality-template.yaml
-
-image: docker:latest
-
-variables:
-  DOCKER_DRIVER: overlay2
-  IMAGE_NAME: gitlab.nexdev.uk:5555/pub/rails-base-image-builder
-
-stages:
-  - prebuild
-  - test
-  - release
-
+  - project: nexus-mods/devops/ci/nexus-auto-devops
+    file: /Build.gitlab-ci.yml
+  - project: nexus-mods/devops/ci/nexus-auto-devops
+    file: /CodeQuality.gitlab-ci.yml
 
 docker_lint:
-  stage: prebuild
+  stage: build
   image: hadolint/hadolint:latest-debian
   script:
   # Ignoring DL3008 - Pin Versions of apt-get modules
   - hadolint --ignore DL3008 Dockerfile
   tags:
-  - nexus_runner
-
+  - nexus_runner
\ No newline at end of file
-release:version:
-  image: gitlab.nexdev.uk:5555/pub/nexus-release-image/master
-  stage: release
-  before_script:
-    - eval $(ssh-agent -s)
-    - echo "$CI_DEPLOY_KEY" | tr -d '\r' | ssh-add -
-    - ssh-keyscan gitlab.nexdev.uk >> ~/.ssh/known_hosts
-  script:
-    - /build/release.sh --run-tag-pipeline
-  tags:
-    - nexus_runner
-  only:
-    - master
-
-release_tag:
-  stage: release
-  script:
-    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN gitlab.nexdev.uk:5555
-    - docker build -t $IMAGE_NAME:$CI_COMMIT_REF_NAME .
-    - docker push $IMAGE_NAME:$CI_COMMIT_REF_NAME
-  only:
-    - tags
-  tags:
-    - nexus_runner
\ No newline at end of file

CHANGELOG.md

@@ -2,6 +2,14 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [3.0.3](https://gitlab.nexdev.uk/pub/rails-base-image-builder/-/compare/v3.0.2...v3.0.3) (2022-05-16)
+
+
+### Bug Fixes
+
+* Update .gitlab-ci.yml file ([e91a2df](https://gitlab.nexdev.uk/pub/rails-base-image-builder/-/commit/e91a2df50cb8c4f8826798a541e3c644722c26f2))
+* updated rails ([34edf1f](https://gitlab.nexdev.uk/pub/rails-base-image-builder/-/commit/34edf1f02afb416dbda678a8cd4534e975c5f2a2))
+
 ### [3.0.2](https://gitlab.nexdev.uk/pub/rails-base-image-builder/-/compare/v3.0.1...v3.0.2) (2022-04-22)
 
 

Dockerfile

 FROM ruby:2.7.5-slim-bullseye
 
-RUN apt-get update \
-    && DEBIAN_FRONTEND=noninteractive apt-get \
-        -o Dpkg::Options::="--force-confnew" --allow-remove-essential --allow-change-held-packages -fuy \
-        upgrade \
-    && apt-get install -y --no-install-recommends \
-        cmake \
-        pkg-config \
-        default-libmysqlclient-dev \
-        nodejs \
-        curl \
-        git \
-        ruby-dev \
-        telnet \
-        nano \
-        build-essential \
-        libpq-dev \
-        shared-mime-info \
-    && apt-get autoremove \
-    && apt-get autoclean \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/* \
-    && adduser nexus --system --group -u 1000 && mkdir -p /app && chown -R nexus:nexus /app
+# Bootstrap scripts will also be used by stage 2 (rails-runtime-base-image).
+COPY /app/bootstrap*sh /app/
+RUN chmod +x /app/bootstrap*sh
 
-USER nexus
+# Install OS packages required for the gem build environment.
+RUN /app/bootstrap-apt-upgrade.sh && \
+    apt-get install -y --no-install-recommends \
+      build-essential \
+      cmake \
+      curl \
+      default-libmysqlclient-dev \
+      git \
+      libpq-dev \
+      nano \
+      nodejs \
+      pkg-config \
+      ruby-dev \
+      shared-mime-info \
+      telnet && \
+    /app/bootstrap-apt-clean.sh
 
+# Prepare bundle for the gem build environment.
+RUN /app/bootstrap-app-dir.sh
+USER nexus
 WORKDIR /app
 COPY --chown=nexus:nexus Gemfile Gemfile.lock ./
-RUN bundle config --local build.sassc --disable-march-tune-native && gem install bundler -v 2.1 && bundle install --jobs 20 --retry 5
+RUN /app/bootstrap-app-bundle.sh

Gemfile

@@ -4,7 +4,7 @@ source 'https://rubygems.org'
 ruby '2.7.5'
 
 # Core Gems
-gem 'rails', '7.0.2.3'
+gem 'rails', '7.0.2.4'
 gem 'puma', '5.6.4'
 gem 'sass-rails', '5.1.0'
 gem 'uglifier', '4.2.0'

Gemfile.lock

 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.0.2.3)
-      actionpack (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
+    actioncable (7.0.2.4)
+      actionpack (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.2.3)
-      actionpack (= 7.0.2.3)
-      activejob (= 7.0.2.3)
-      activerecord (= 7.0.2.3)
-      activestorage (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
+    actionmailbox (7.0.2.4)
+      actionpack (= 7.0.2.4)
+      activejob (= 7.0.2.4)
+      activerecord (= 7.0.2.4)
+      activestorage (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
       mail (>= 2.7.1)
       net-imap
       net-pop
       net-smtp
-    actionmailer (7.0.2.3)
-      actionpack (= 7.0.2.3)
-      actionview (= 7.0.2.3)
-      activejob (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
+    actionmailer (7.0.2.4)
+      actionpack (= 7.0.2.4)
+      actionview (= 7.0.2.4)
+      activejob (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
       mail (~> 2.5, >= 2.5.4)
       net-imap
       net-pop
       net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (7.0.2.3)
-      actionview (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
+    actionpack (7.0.2.4)
+      actionview (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
       rack (~> 2.0, >= 2.2.0)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
     actionpack-cloudflare (1.1.0)
       actionpack (>= 3.2)
-    actiontext (7.0.2.3)
-      actionpack (= 7.0.2.3)
-      activerecord (= 7.0.2.3)
-      activestorage (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
+    actiontext (7.0.2.4)
+      actionpack (= 7.0.2.4)
+      activerecord (= 7.0.2.4)
+      activestorage (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.0.2.3)
-      activesupport (= 7.0.2.3)
+    actionview (7.0.2.4)
+      activesupport (= 7.0.2.4)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -53,22 +53,22 @@ GEM
       activemodel (>= 4.1, < 7.1)
       case_transform (>= 0.2)
       jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
-    activejob (7.0.2.3)
-      activesupport (= 7.0.2.3)
+    activejob (7.0.2.4)
+      activesupport (= 7.0.2.4)
       globalid (>= 0.3.6)
-    activemodel (7.0.2.3)
-      activesupport (= 7.0.2.3)
-    activerecord (7.0.2.3)
-      activemodel (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
-    activestorage (7.0.2.3)
-      actionpack (= 7.0.2.3)
-      activejob (= 7.0.2.3)
-      activerecord (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
+    activemodel (7.0.2.4)
+      activesupport (= 7.0.2.4)
+    activerecord (7.0.2.4)
+      activemodel (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
+    activestorage (7.0.2.4)
+      actionpack (= 7.0.2.4)
+      activejob (= 7.0.2.4)
+      activerecord (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (7.0.2.3)
+    activesupport (7.0.2.4)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -76,11 +76,11 @@ GEM
     addressable (2.8.0)
       public_suffix (>= 2.0.2, < 5.0)
     amq-protocol (2.3.2)
-    autoprefixer-rails (10.4.2.0)
+    autoprefixer-rails (10.4.7.0)
       execjs (~> 2)
     aws-eventstream (1.2.0)
-    aws-partitions (1.579.0)
-    aws-sdk-core (3.130.1)
+    aws-partitions (1.587.0)
+    aws-sdk-core (3.130.2)
       aws-eventstream (~> 1, >= 1.0.2)
       aws-partitions (~> 1, >= 1.525.0)
       aws-sigv4 (~> 1.1)
@@ -169,7 +169,7 @@ GEM
     listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.16.0)
+    loofah (2.18.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -212,7 +212,7 @@ GEM
       activesupport
       bunny
     nio4r (2.5.8)
-    nokogiri (1.13.4)
+    nokogiri (1.13.6)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     pg (1.3.5)
@@ -232,20 +232,20 @@ GEM
       rack (>= 2.0.0)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (7.0.2.3)
-      actioncable (= 7.0.2.3)
-      actionmailbox (= 7.0.2.3)
-      actionmailer (= 7.0.2.3)
-      actionpack (= 7.0.2.3)
-      actiontext (= 7.0.2.3)
-      actionview (= 7.0.2.3)
-      activejob (= 7.0.2.3)
-      activemodel (= 7.0.2.3)
-      activerecord (= 7.0.2.3)
-      activestorage (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
+    rails (7.0.2.4)
+      actioncable (= 7.0.2.4)
+      actionmailbox (= 7.0.2.4)
+      actionmailer (= 7.0.2.4)
+      actionpack (= 7.0.2.4)
+      actiontext (= 7.0.2.4)
+      actionview (= 7.0.2.4)
+      activejob (= 7.0.2.4)
+      activemodel (= 7.0.2.4)
+      activerecord (= 7.0.2.4)
+      activestorage (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
       bundler (>= 1.15.0)
-      railties (= 7.0.2.3)
+      railties (= 7.0.2.4)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
@@ -255,9 +255,9 @@ GEM
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.4.2)
       loofah (~> 2.3)
-    railties (7.0.2.3)
-      actionpack (= 7.0.2.3)
-      activesupport (= 7.0.2.3)
+    railties (7.0.2.4)
+      actionpack (= 7.0.2.4)
+      activesupport (= 7.0.2.4)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
@@ -345,7 +345,7 @@ GEM
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
     strings-case (0.3.0)
-    strscan (3.0.1)
+    strscan (3.0.3)
     thor (1.2.1)
     thread_safe (0.3.6)
     tilt (2.0.10)
@@ -400,7 +400,7 @@ DEPENDENCIES
   pundit-matchers (= 1.7.0)
   rack-attack (= 6.6.1)
   rack-cors (= 1.1.1)
-  rails (= 7.0.2.3)
+  rails (= 7.0.2.4)
   rails-controller-testing (= 1.0.5)
   redis (= 4.6.0)
   rspec-rails (= 5.1.1)

README.md

 # Rails Base Image Builder
 
-This repository is the base image for all base image that is used in the `builder` stage of all of our rails apps.
+This repository is the 'stage 1' base image used in the `builder` stage on all of our rails applications.
+
+* Stage 1 (rails-base-image-builder): Install packages to compile gems, and compile those gems.
+* Stage 2 (rails-runtime-base-image): Install packages and configure OS for runtime environment.
 
 ## Update gems
 
-To update the gems in this core image, great care must be taken. Once the gemfile has been update, the lock file can be updated with
-a simple helper script. There are many ways of achieving this, but the recommended way is:
+To update the gems in this core image, great care must be taken. Once the gemfile has been update, the lock file can be
+updated with a simple helper script. There are many ways of achieving this, but the recommended way is:
 
 ```
-docker run -it -v "$(pwd)":/app -v /usr/local/bundle:/usr/local/bundle ruby:2.7.5 sh -c "apt-get update; apt-get install -y cmake build-essential; cd /app; gem install bundler:2.1; bundle update; bundle install;"
+./gem-update.sh
 ```
 
 Once both the `Gemfile` and `Gemfile.lock` files are both updated, a commit can be created to force a new update.

app/bootstrap-app-bundle.sh

+#!/bin/sh
+set -ex
+bundle config --local build.sassc --disable-march-tune-native
+gem install bundler -v 2.1
+bundle install --jobs 20 --retry 5

app/bootstrap-app-dir.sh

+#!/bin/sh
+set -ex
+# Common bootstrap for a nexus application in a container.
+adduser nexus --system --group -u 1000
+chown -R nexus:nexus /app

app/bootstrap-apt-clean.sh

+#!/bin/sh
+set -ex
+apt-get autoremove
+apt-get autoclean
+apt-get clean
+rm -rf /var/lib/apt/lists/*

app/bootstrap-apt-upgrade.sh

+#!/bin/sh
+set -ex
+apt-get update
+DEBIAN_FRONTEND=noninteractive apt-get \
+  -o Dpkg::Options::="--force-confnew" --allow-remove-essential --allow-change-held-packages -fuy \
+  upgrade

gem-update.sh

+#!/bin/bash
+cd "$(dirname "$0")"
+set -ex
+docker run -it -v "$(pwd)":/app \
+  -v /usr/local/bundle:/usr/local/bundle ruby:2.7.5 sh \
+  -c "apt-get update; \
+      apt-get install -y cmake build-essential; \
+      cd /app; \
+      gem install bundler:2.1; \
+      bundle update; \
+      bundle install;"