Migrate Dockerfile from Debian ruby-slim to Arch base image #18

New issue

Closed

opened 2026-05-10 16:23:56 +00:00 by ldraney · 0 comments

ldraney commented

2026-05-10 16:23:56 +00:00

Owner

Type

Infra

Lineage

Plan: pal-enterprises infrastructure overhaul (Ticket 4 of 5)

Repo

ldraney/pal-enterprises

User Story

As a platform owner
I want the pal-enterprises production image built from the Arch Linux Ruby base image
So that production runs the same rolling-release Ruby stack as dev and the shared base

Context

The current Dockerfile uses ruby:3.4.8-slim (Debian) with manually pinned version. The Arch base image (pal-e/ruby-arch:latest) is now available in Harbor, providing rolling-release Ruby with jemalloc, postgresql-libs, and build tools.

This also removes the old k8s/dev.yaml which is replaced by the dev overlay in pal-e-deployments.

File Targets

Files the agent should modify:

Dockerfile — rewrite FROM to use harbor.harbor.svc.cluster.local/pal-e/ruby-arch:latest, adapt multi-stage build for Arch (pacman instead of apt, Arch paths for jemalloc)

Files the agent should delete:

k8s/dev.yaml — replaced by dev overlay in pal-e-deployments
.ruby-version — no longer needed (Arch doesn't pin Ruby versions)

Acceptance Criteria

Dockerfile builds successfully with Arch base image
docker run <image> ruby --version shows current Arch Ruby
App boots: rails server starts without errors
Health check at /up returns 200
Keycloak OIDC login flow completes
k8s/dev.yaml removed
.ruby-version removed
No apt-get or Debian-specific commands remain in Dockerfile

Dependencies

Arch base image must exist in Harbor — see pal-e-platform base image ticket

Constraints

Preserve multi-stage build (build stage for gem compilation, runtime stage stripped)
Preserve bootsnap precompilation
Preserve jemalloc LD_PRELOAD
Preserve non-root user (rails) in final stage
Do not change Gemfile or application code

pal-e-platform base image ticket — provides the FROM image
ldraney/pal-enterprises#14 — Ruby 4.0 upgrade (will be closed, superseded by rolling release)

### Type Infra ### Lineage Plan: pal-enterprises infrastructure overhaul (Ticket 4 of 5) ### Repo `ldraney/pal-enterprises` ### User Story As a platform owner I want the pal-enterprises production image built from the Arch Linux Ruby base image So that production runs the same rolling-release Ruby stack as dev and the shared base ### Context The current Dockerfile uses `ruby:3.4.8-slim` (Debian) with manually pinned version. The Arch base image (`pal-e/ruby-arch:latest`) is now available in Harbor, providing rolling-release Ruby with jemalloc, postgresql-libs, and build tools. This also removes the old `k8s/dev.yaml` which is replaced by the dev overlay in pal-e-deployments. ### File Targets Files the agent should modify: - `Dockerfile` — rewrite FROM to use `harbor.harbor.svc.cluster.local/pal-e/ruby-arch:latest`, adapt multi-stage build for Arch (pacman instead of apt, Arch paths for jemalloc) Files the agent should delete: - `k8s/dev.yaml` — replaced by dev overlay in pal-e-deployments - `.ruby-version` — no longer needed (Arch doesn't pin Ruby versions) ### Acceptance Criteria - [ ] Dockerfile builds successfully with Arch base image - [ ] `docker run <image> ruby --version` shows current Arch Ruby - [ ] App boots: `rails server` starts without errors - [ ] Health check at `/up` returns 200 - [ ] Keycloak OIDC login flow completes - [ ] `k8s/dev.yaml` removed - [ ] `.ruby-version` removed - [ ] No apt-get or Debian-specific commands remain in Dockerfile ### Dependencies - Arch base image must exist in Harbor — see pal-e-platform base image ticket ### Constraints - Preserve multi-stage build (build stage for gem compilation, runtime stage stripped) - Preserve bootsnap precompilation - Preserve jemalloc LD_PRELOAD - Preserve non-root user (rails) in final stage - Do not change Gemfile or application code ### Related - pal-e-platform base image ticket — provides the FROM image - `ldraney/pal-enterprises#14` — Ruby 4.0 upgrade (will be closed, superseded by rolling release)