- Always run apt update before any other apt command. (This fixes
  incremental builds failing if a remote package is updated.)
- Only copy dependency lists before installing dependencies. (This means
  editing code doesn't force all dependencies to be re-downloaded.)
- Delete cache in the same layer that it is created. (Otherwise,
  deleting cache *increases* the size of the image on non-squashed
  builds.)
- Move the installation of some static dependencies to *before* Mastodon
  code is imported to Docker.

* Revert "update vagrant configs (#8706)"

This reverts commit 8971bb8c.

* Revert "Updated ruby/node images (#8700)"

This reverts commit 5aae71cf.

* Dockerfile: run asset precompilation as a build step

* Replace OTP_SECRET and SECRET_KEY_BASE with placeholders

https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems

Fix #6809

I don't know why, either

Fix 6734

Yarn was manually installed to meet the Yarn version requirement of
webpacker. Today, Alpine Linux 3.7 provides Yarn new enough.

It is no longer necessary since commit
be9bab17.

Fix #6605

Both of yarn and npm are used in Mastodon, but the combined usage requires
a redundant dependency and may lead to data inconsistency.

Considering that yarn has autoclean feature which npm does not have,
this change replaces all npm usage with yarn.

This change requires documentation update. Most notably, the following
command must be executed before assets precompilation if any system
dependency of node-sass has changed:

yarn install --force --pure-lockfile

When volumes are declared, but the corresponding directories don't exist, permissions for those directories will be root:root instead of mastodon:mastodon..
This changes makes sure the permissions of the volume directories are as expected.

* Set Docker permissions during the build process

* Remove docker_entrypoint.sh and use COPY with chown

when starting the container.

* Reduce container size with clean yarn

* Merge trouble

* Update Yarn to version 1.1.0

* remove hard-coding

* Bump ruby version to 2.4.2

https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-4-2-released/

Gemfile.lock is also updated.

TODO
- [ ] Update Dockerfile with Alpine release of ruby-2.4.2

* Revert jwt version

It seems that jwt 2.0.0 fails in some environment.
ref. https://github.com/zaru/webpush/issues/42

* Bump Ruby version on docker image