2

I'm running some issues with docker/docker-compose and bundler. After building my image I can run the rails server correctly without any issue, but, when I try to run a console with rails console I constantly get:

Could not find i18n-0.7.0 in any of the sources
Run `bundle install` to install missing gems.

If I try to run bundle install in the container there is no problem, all seems to be correctly installed.

docker-compose run web bundle install

...
Using spring 1.3.6
Using therubyracer 0.12.2
Using turbolinks 2.5.3
Using uglifier 2.7.2
Using web-console 2.2.1
Updating files in vendor/cache
Bundle complete! 24 Gemfile dependencies, 119 gems now installed.
Bundled gems are installed into /usr/local/bundle.

My docker-compose.yml looks like this:

db:
  image: postgres
web:
  build: .
  command: rails s -p 3000 -b 0.0.0.0
  ports:
    - "3000:3000"
  volumes:
    - .:/app
    - ./github_rsa:/root/.ssh/id_rsa
  links:
    - db

I need to mount a volume with the ssh key because there are some gems that need to be pulled from private repositories.

My Dockerfile looks like this:

FROM ruby:2.2.0

RUN apt-get update -qq && apt-get install -y build-essential \
    libpq-dev \
    libxml2-dev libxslt1-dev \
    nodejs

ENV HOME /root
ENV APP_HOME /app

RUN mkdir $APP_HOME
RUN mkdir $APP_HOME/tmp
RUN mkdir $APP_HOME/log

# Copy the Gemfile and Gemfile.lock into the image.
# Temporarily set the working directory to where they are.
WORKDIR /tmp
ADD Gemfile Gemfile
ADD Gemfile.lock Gemfile.lock

# Copy the github key for pulling gems
COPY github_rsa /root/.ssh/id_rsa

RUN \
    chown -R root:root /root/.ssh && \
    chmod 700 $HOME/.ssh && \
    chmod 600 $HOME/.ssh/id_rsa

RUN echo "Host github.com\n\tStrictHostKeyChecking no\n" >> /root/.ssh/config

# Start ssh agent and add keys
RUN eval "$(ssh-agent)" && \
    ssh-add && \
    ssh-add -l

# Install bundler
RUN gem install bundler -v '~> 1.10'

# Install ruby dependencies
RUN bundle install

# Remove the ssh key now, we don't want to ship secrets on our images
RUN rm /root/.ssh/id_rsa

# Add app to container
ADD . $APP_HOME

# Add container working directory
WORKDIR $APP_HOME

# Expose puma port
EXPOSE 3000
bilby91
  • 904
  • 1
  • 8
  • 20

1 Answers1

4

You need to take this image down immediately. The following does not work:

RUN rm /root/.ssh/id_rsa

You cannot remove files like this; they will still exist in previous layers and be accessible to anyone who has the image. At the moment, you are shipping your secrets.

Regarding the actual question, I suspect it's just to do with the working directory and paths. Try moving RUN bundle install to after the WORKDIR instruction.

Adrian Mouat
  • 44,585
  • 16
  • 110
  • 102
  • Adrian, thanks for pointing out the issue with the ssh key! Do you have an idea on how to improve it? I need the ssh key for the pulling! I'll try your suggestion, but I think the gems caching will be lost with that change. – bilby91 Sep 30 '15 at 12:18
  • The best idea is honestly to pull the code outside of the Dockerfile and `COPY` it in. – Adrian Mouat Sep 30 '15 at 12:52
  • And regarding `bundle install` my suggestion was only intended to figure out if it was a directory/path issue, not necessarily a final solution. – Adrian Mouat Sep 30 '15 at 12:53
  • The bundle install suggestion didn't work :(. I'm really frustrated not figuring out what is happening! It doesn't make sense that `rails server` works and `rails console` don't. – bilby91 Sep 30 '15 at 13:58
  • The way to debug it is to run the image for the layer immediately before for the `bundle install` and see what happens when you run the `bundle install` in it. – Adrian Mouat Sep 30 '15 at 14:13
  • How do I run an intermediate layer ? Is there any trick or just removing all the directives after the `bundle install` ? – bilby91 Sep 30 '15 at 14:34
  • 2
    Figure out the issue. It was a problem with my `.bundle/config` file. Didn't know that is was present. It was installing my gems in `vendor/cache` and I was also mounting `.` volume so strange stuff was happening. The only issue now is that every time I have to update the Gemfile I need to rebuild the image with all the gems! :( – bilby91 Sep 30 '15 at 15:13