Sample Dockerfile for rails app

docker-compose.yml

version: "2"
services:
  datastore:
    image: busybox
    volumes:
      - mysql-data:/var/lib/mysql
      - redis-data:/data
      - app-tmp:/app/tmp

  mysql:
    image: mysql
    environment:
      MYSQL_ROOT_PASSWORD: password
    ports:
      - '3306:3306'
    volumes_from:
      - datastore

  redis:
    image: redis:alpine
    ports:
      - '6379:6379'
    volumes_from:
      - datastore

  app:
    build: .
    ports:
      - '3000:3000'
    environment:
      MYSQL_USERNAME: root
      MYSQL_PASSWORD: password
      MYSQL_HOST: mysql
      GENERAL_REDIS_URL: "redis://redis:6379"
      SIDEKIQ_REDIS_URL: "redis://redis:6379"
    links:
      - mysql
      - redis
    volumes_from:
      - datastore
    command: rails_s

volumes:
  mysql-data:
    driver: local
  redis-data:
    driver: local
  app-tmp:
    driver: local

Dockerfile

FROM appbase

# install npm & bower packages
WORKDIR /root
COPY package.json bower.json /root/
RUN npm install --only=prod && \
  npm cache clean && \
  bower install --allow-root

# install gems
WORKDIR /app
COPY Gemfile Gemfile.lock /app/
RUN bundle config build.nokogiri --use-system-libraries && \
  bundle install -j3 --without test --no-cache --deployment

# define ARG
ARG precompile
ARG git_commit
ARG yaml_vault_pass
ARG yaml_vault_sign_pass
ARG AWS_ACCESS_KEY_ID
ARG AWS_SECRET_ACCESS_KEY

ENV DOCKER 1

# Rails app directory
COPY . /app
RUN ln -sf /root/node_modules /app/node_modules && \
  mkdir -p vendor/assets tmp/pids tmp/sockets tmp/sessions && \
  ln -sf /root/bower_components vendor/assets/bower_components && \
  cp config/unicorn/docker.rb config/unicorn.rb && \
  sh -e docker/precompile_on_build.sh

# Use EntryKit
ENTRYPOINT [ \
  "prehook", "ruby -v", "--", \
  "prehook", "ruby docker/setup.rb", "--", \
  "switch", \
    "shell=/bin/sh", \
    "sidekiq=./docker/run_sidekiq_worker.sh", \
    "db_migrate=bundle exec rake db:migrate", \
    "assets_precompile=bundle exec rake assets:precompile", \
    "rails_c=bundle exec rails c", \
    "rails_db=bundle exec rails db", \
    "rails_s=bundle exec rails s -b 0.0.0.0", "--", \
  "bundle", "exec", "unicorn_rails", "-c", "config/unicorn.rb" ]

on_build.sh

#!/bin/sh

set -e
if [ "$git_commit" != "" ]; then
  echo ${git_commit} > revision.log
fi

if [ "$yaml_vault_pass" != "" ]; then
  export YAML_VAULT_PASSPHRASE=$yaml_vault_pass
  export YAML_VAULT_SIGN_PASSPHRASE=$yaml_vault_sign_pass
fi

assets_upload () {
  rails_env=$1
  RAILS_ENV=$rails_env RAILS_GROUPS=assets bundle exec rake assets:precompile assets:sync
  RAILS_ENV=$rails_env bundle exec rails r "system(%Q|aws s3 cp public/assets/manifest.json s3://assets-bucket/manifest-${rails_env}-${git_commit}.json|)"
}

if [ "$precompile" != "" -a "$git_commit" != "" ]; then
  cp config/database.yml.example config/database.yml
  if [ -e "tmp/docker_build_cache/tmp_cache.tar.gz" ]; then
    mv tmp/docker_build_cache/tmp_cache.tar.gz tmp
    cd tmp
    tar xzf tmp_cache.tar.gz
    cd ..
    ls tmp/cache
  fi

  # assets_precompileのために一時的に設定を複合化する
  if [ "$precompile" = "all" ]; then
    cp config/secrets.yml config/secrets.yml.bak
    bundle exec yaml_vault decrypt "config/secrets.yml" -o "config/secrets.yml" -k "production.vault"
    assets_upload staging
    assets_upload production
    assets_upload stress
    rm config/database.yml
    mv config/secrets.yml.bak config/secrets.yml
  elif [ "$precompile" = "production" ]; then
    cp config/secrets.yml config/secrets.yml.bak
    bundle exec yaml_vault decrypt "config/secrets.yml" -o "config/secrets.yml" -k "production.vault"
    assets_upload $precompile
    rm config/database.yml
    mv config/secrets.yml.bak config/secrets.yml
  else
    assets_upload $precompile
    rm config/database.yml
  fi
fi

setup.rb

require 'fileutils'
require 'yaml'
require 'erb'

Dir.chdir(File.expand_path("../", __dir__))

system('erb config/database.yml.example > config/database.yml')
system('erb config/database.yml.production.erb > config/database.yml.production')

system('erb docker/sidekiq.yml.erb > config/sidekiq.yml')

rails_env = ENV["RAILS_ENV"] || "development"

if rails_env == "production"
  system('bundle exec yaml_vault decrypt "config/secrets.yml" -o "config/secrets.yml" -k "production.vault.staging.vault"')
  system('bundle exec yaml_vault decrypt "config/database.yml.production" -o "config/database.yml" -k "production.username,production.password,staging.username,staging.password"')
elsif rails_env == "staging"
  system('bundle exec yaml_vault decrypt "config/secrets.yml" -o "config/secrets.yml" -k "staging.vault"')
  system('bundle exec yaml_vault decrypt "config/database.yml.production" -o "config/database.yml" -k "staging.username,staging.password"')
end

FileUtils.mkdir_p("public/assets")

if %w(development test performance).include?(rails_env)
  File.unlink("public/assets/manifest.json") if File.exist?("public/assets/manifest.json")
else
  if File.exist?("revision.log")
    sha1 = File.read("revision.log").chomp
    system("aws s3 cp s3://assets-bucket/manifest-#{rails_env}-#{sha1}.json public/assets/manifest.json")
  end
end

if ENV["ASSETS_PRECOMPILE"]
  system({"RAILS_GROUPS" => "assets"}, "bundle exec rake assets:precompile")
end