alpine-elixir
alpine-elixir copied to clipboard
version 1.12.2 not building any more.
The following DockerFile is no longer building on several machines.
It fails on theRUN
command following the # Install NPM
comment with the error
#13 18.22 ERROR: http://dl-cdn.alpinelinux.org/alpine/edge/main: UNTRUSTED signature
Bumping docker image version to 1.13.4 fixes the problem.
From my sparse understanding of Alpine and Docker, it appears that some dependencies have likely been shuffled between repos, but I don't know enough to fix this problem without spending more time than I have.
Is there a simple fix, or do you recommend going with 1.13.x
FROM bitwalker/alpine-elixir:1.12.2 AS phx-builder
RUN mix local.hex --force && mix local.rebar --force
# Important! Update this no-op ENV variable when this Dockerfile
# is updated with the current date. It will force refresh of all
# of the base images and things like `apt-get update` won't be using
# old cached versions when the Dockerfile is built.
ENV REFRESHED_AT=2019-07-31
# Install NPM
RUN \
mkdir -p /opt/app && \
chmod -R 777 /opt/app && \
apk update && \
apk --no-cache --update add \
make \
g++ \
wget \
curl \
inotify-tools \
nodejs \
npm && \
npm install npm -g --no-progress && \
update-ca-certificates --fresh && \
rm -rf /var/cache/apk/*
# Add local node module binaries to PATH
ENV PATH=./node_modules/.bin:$PATH
# Ensure latest versions of Hex/Rebar are installed on build
ONBUILD RUN mix do local.hex --force, local.rebar --force
WORKDIR /opt/app
ENV MIX_ENV=prod
# Cache elixir deps
ADD mix.exs mix.lock ./
RUN mix do deps.get, deps.compile
# Same with npm deps
ADD assets/package.json assets/
RUN cd assets && \
npm install
ADD . .
# Run frontend build, compile, and digest assets
RUN mix do compile, assets.deploy && \
mix release --force
FROM alpine:3.13.5
EXPOSE 4000
ENV PORT=4000 MIX_ENV=prod
ENV LANG=en_US.UTF-8 \
HOME=/opt/app/ \
# Set this so that CTRL+G works properly
TERM=xterm \
PATH=/opt/app/bin:/usr/local/bin:${PATH}
RUN apk add --no-cache libstdc++
RUN \
# Create default user and home directory, set owner to default
adduser -s /bin/sh -u 1001 -G root -h "${HOME}" -S -D default && \
chown -R 1001:0 "${HOME}" && \
# Add tagged repos as well as the edge repo so that we can selectively install edge packages
echo "@main http://dl-cdn.alpinelinux.org/alpine/v3.10/main" >> /etc/apk/repositories && \
echo "@community http://dl-cdn.alpinelinux.org/alpine/v3.10/community" >> /etc/apk/repositories && \
echo "@edge http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
# Upgrade Alpine and base packages
apk --no-cache --update --available upgrade && \
# Install bash and Erlang/OTP deps
apk add --no-cache --update pcre@edge && \
apk add --no-cache --update \
imagemagick \
bash \
ca-certificates \
openssl \
ncurses \
unixodbc \
zlib && \
# Update ca certificates
update-ca-certificates --fresh
COPY --from=phx-builder /opt/app/_build/prod/rel/pay .
COPY --from=phx-builder /opt/app/priv/fonts/* /usr/share/fonts/
CMD cd /opt/app && pay eval "Pay.Release.migrate()" && pay start
Alpine signing keys were rotated: https://www.alpinelinux.org/posts/Alpine-edge-signing-keys-rotated.html
bitwalker has mentioned redirecting folks to official elixir images: https://github.com/bitwalker/alpine-elixir/issues/57
thank you @bmitchinson. it worked for me.
we've been using the official images for dev for a while. I don't normally look at the production images, so i'm not entirely sure why we haven't switched those. possibly because the bitwalker images are set up for easy multi stage builds. or could just be the natural disinclination to perturb working production environments.