No commit hash on the deployed project

[ahangarha]

Since we don't push the .git directory, we don't have access to the commit hash of the deployed app.

react-webpack-rails-tutorial/.dockerignore

Lines 46 to 48 in 764a299

	# Specific to .dockerignore
	.git/
	.github/

Should we include .git, or is there a better way to not keep the whole .git directory in the docker image?

[ihab4real]

Should we include .git, or is there a better way to not keep the whole .git directory in the docker image?

Hey there! If the only thing we need from .git/ and .github/ is the commit sha, I think we should avoid including the entire .git directory in the Docker image for only that. It's more secure (.git directory can sometimes contain sensitive information) or can just be large and affect the Docker image size unnecessarily.

The approach I'm proposing is to use a build-time environment variable to capture the commit hash during the Docker build process. Here's how it would work:

In our Dockerfile, we'll add a build argument to capture the commit hash:

ARG GIT_COMMIT_SHA
ENV GIT_COMMIT_SHA=${GIT_COMMIT_SHA}

Then we pass it during build:
docker build . --build-arg GIT_COMMIT_SHA=$(git rev-parse HEAD)

Lastly we modify the GitCommitSha model to first check for this environment variable:

def self.current_sha
  @current_sha ||= ENV['GIT_COMMIT_SHA'].presence || 
                  retrieve_sha_from_file.presence || 
                  retrieve_sha_from_git
end

We also should add a new context in pages_spec.rb to test this environment variable approach.