Ruby 3.2.2 was released with a two security fixes. While the security
fixes have been assessed to have low impact on Discourse, we still want
to get the upgrade in as a preventive measure.
By default nginx in the container only listens for IPv4 connections. Some users
want to enable direct IPv6 connectivity to the container either via forwarding
or NAT. This provides an easy method to allow that.
Check for Ubuntu 22.04 and 22.10 versions before trying to use
`bullseye-backports` otherwise they throw this error.
```
E: The value 'bullseye-backports' is invalid for APT::Default-Release as
such a release is not available in the sources failed
```
A treeless clone is nearly as small as a shallow clone, but it contains the full history which makes it possible to easily checkout tags and commits and allows all features of docker_manager to work correctly.
See https://github.blog/2020-12-21-get-up-to-speed-with-partial-clone-and-shallow-clone/ for more information on treeless clones.
Also this change makes it possible to correctly pull the main branch which didn't work before.
This uses the new sparse-registry feature from Rust 1.68 which lowers the memory usage. This avoids that cargo is killed due to an OOM issue (exit code 137) during "Updating crates.io index".
Per the docs, first parameter for the block is STDOUT + STDERR, 2nd one is STDIN:
https://ruby-doc.org/3.1.3/exts/pty/PTY.html#method-c-spawn
As it is now, the method looks like it's reading from STDIN, though in
fact it's reading from an incorrectly named parameter for STDOUT.
The `git` version in our discourse_test docker image was recently updated to include a permissions check before running any git commands. For this to pass, git operations must be performed by the user which owns the git repository's directory.
discourse_dev installs a temporary version of Discourse to create a pre-migrated database. Previously this was installing gems in the global bundler directory, which could lead to permissions errors. This commit makes it use a local vendor directory, just like we do in the production install of Discourse.
The slim images aren't able to run the full `rake docker:test` task, so having it as the entrypoint doesn't make sense. We only want it as the entrypoint on `discourse_test:release`
Some existing templates (e.g. those written by following [the multisite guide](https://meta.discourse.org/t/multisite-configuration-with-docker/14084) use the `after_bundle_exec` hook to run application code like `multisite:migrate`. Relatively recently, the ruby app has started depending on `yarn` dependencies for basic functionality, and therefore requires `yarn install` to have been run to avoid errors.
This commit moves the `yarn install` step before `bundle install`, so that existing users of the `after_bundle_exec` hook do not need to update their templates.
