From d498d6743225228826028c3a94db84031d8df3c1 Mon Sep 17 00:00:00 2001 From: kobenguyent <7845001+kobenguyent@users.noreply.github.com> Date: Fri, 16 May 2025 18:14:57 +0200 Subject: [PATCH 1/7] improve Dockerfile --- Dockerfile | 94 ++++++++++++++++++++++++++---------------------------- 1 file changed, 45 insertions(+), 49 deletions(-) diff --git a/Dockerfile b/Dockerfile index d637da4b5..e50c5461a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,61 +1,57 @@ -# Download Playwright and its dependencies +# Use a specific Playwright base image for reproducibility FROM mcr.microsoft.com/playwright:v1.48.1-noble -ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD true +ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true -RUN apt-get update --allow-releaseinfo-change - -# Installing the pre-required packages and libraries -RUN apt-get update && \ - apt-get install -y libgtk2.0-0 \ - libxtst6 libxss1 libnss3 xvfb - -# Install latest chrome dev package and fonts to support major charsets (Chinese, Japanese, Arabic, Hebrew, Thai and a few others) -# Note: this installs the necessary libs to make the bundled version of Chromium that Puppeteer -# installs, work. -RUN apt-get update && apt-get install -y gnupg wget && \ - wget --quiet --output-document=- https://dl-ssl.google.com/linux/linux_signing_key.pub | gpg --dearmor > /etc/apt/trusted.gpg.d/google-archive.gpg && \ - echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list && \ - apt-get update && \ - apt-get install -y google-chrome-stable --no-install-recommends && \ - rm -rf /var/lib/apt/lists/* - - -# Add pptr user. +# Set non-root user early for security RUN groupadd -r pptruser && useradd -r -g pptruser -G audio,video pptruser \ - && mkdir -p /home/pptruser/Downloads \ - && chown -R pptruser:pptruser /home/pptruser \ - && chown -R pptruser:pptruser /home/pptruser - -#RUN mkdir /home/codecept - -COPY . /codecept - -RUN chown -R pptruser:pptruser /codecept -RUN runuser -l pptruser -c 'npm i --loglevel=warn --prefix /codecept' - -RUN ln -s /codecept/bin/codecept.js /usr/local/bin/codeceptjs -RUN mkdir /tests -WORKDIR /tests -# Install puppeteer so it's available in the container. -RUN npm i puppeteer@$(npm view puppeteer version) && npx puppeteer browsers install chrome + && mkdir -p /home/pptruser/Downloads /codecept /tests \ + && chown -R pptruser:pptruser /home/pptruser /codecept /tests + +# Install dependencies in a single layer to reduce image size +RUN apt-get update --allow-releaseinfo-change && apt-get install -y --no-install-recommends \ + libgtk2.0-0 \ + libxtst6 \ + libxss1 \ + libnss3 \ + xvfb \ + gnupg \ + wget \ + google-chrome-stable \ + fonts-noto \ + fonts-freefont-ttf \ + && wget --quiet --output-document=- https://dl-ssl.google.com/linux/linux_signing_key.pub | gpg --dearmor > /etc/apt/trusted.gpg.d/google-archive.gpg \ + && echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \ + && apt-get update \ + && apt-get install -y google-chrome-stable --no-install-recommends \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +# Set working directory +WORKDIR /codecept + +# Copy project files +COPY . . + +# Install Node.js dependencies as non-root user +RUN runuser -u pptruser -- npm install --loglevel=warn --prefix /codecept \ + && npm install puppeteer@$(npm view puppeteer version) \ + && npx puppeteer browsers install chrome \ + && npx playwright install \ + && ln -s /codecept/bin/codecept.js /usr/local/bin/codeceptjs + +# Verify Chrome installation RUN google-chrome --version -# Install playwright browsers -RUN npx playwright install - -# Allow to pass argument to codecept run via env variable +# Environment variables ENV CODECEPT_ARGS="" ENV RUN_MULTIPLE=false ENV NO_OF_WORKERS="" - -# Set HOST ENV variable for Selenium Server ENV HOST=selenium +ENV NODE_ENV=production -# Run user as non privileged. -# USER pptruser +# Switch to non-root user +USER pptruser -# Set the entrypoint +# Set entrypoint and command ENTRYPOINT ["/codecept/docker/entrypoint"] - -# Run tests -CMD ["bash", "/codecept/docker/run.sh"] +CMD ["bash", "/codecept/docker/run.sh"] \ No newline at end of file From 158566929cffb5391f207603c6a40fb56b97dbba Mon Sep 17 00:00:00 2001 From: kobenguyent <7845001+kobenguyent@users.noreply.github.com> Date: Fri, 16 May 2025 18:22:09 +0200 Subject: [PATCH 2/7] fix: unable to locate google chrome stable --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index e50c5461a..4d0d749eb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,7 +7,7 @@ RUN groupadd -r pptruser && useradd -r -g pptruser -G audio,video pptruser \ && mkdir -p /home/pptruser/Downloads /codecept /tests \ && chown -R pptruser:pptruser /home/pptruser /codecept /tests -# Install dependencies in a single layer to reduce image size +# Install dependencies and set up Google Chrome repository RUN apt-get update --allow-releaseinfo-change && apt-get install -y --no-install-recommends \ libgtk2.0-0 \ libxtst6 \ @@ -16,11 +16,11 @@ RUN apt-get update --allow-releaseinfo-change && apt-get install -y --no-install xvfb \ gnupg \ wget \ - google-chrome-stable \ + ca-certificates \ fonts-noto \ fonts-freefont-ttf \ - && wget --quiet --output-document=- https://dl-ssl.google.com/linux/linux_signing_key.pub | gpg --dearmor > /etc/apt/trusted.gpg.d/google-archive.gpg \ - && echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \ + && wget --quiet -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /etc/apt/keyrings/google-chrome.gpg \ + && echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/google-chrome.gpg] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \ && apt-get update \ && apt-get install -y google-chrome-stable --no-install-recommends \ && apt-get clean \ From dc154dd6ff799873c7906639d0a5f3f24ec66235 Mon Sep 17 00:00:00 2001 From: kobenguyent <7845001+kobenguyent@users.noreply.github.com> Date: Sat, 17 May 2025 06:43:12 +0200 Subject: [PATCH 3/7] Update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4d0d749eb..b31c37244 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Use a specific Playwright base image for reproducibility -FROM mcr.microsoft.com/playwright:v1.48.1-noble +FROM mcr.microsoft.com/playwright:v1.52.0-noble ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true # Set non-root user early for security From edff677fb5716bc0f88caad5f082fda914f02075 Mon Sep 17 00:00:00 2001 From: kobenguyent <7845001+kobenguyent@users.noreply.github.com> Date: Sat, 17 May 2025 06:48:07 +0200 Subject: [PATCH 4/7] Update Dockerfile --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index b31c37244..61de4ad1a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -32,6 +32,8 @@ WORKDIR /codecept # Copy project files COPY . . +WORKDIR /tests + # Install Node.js dependencies as non-root user RUN runuser -u pptruser -- npm install --loglevel=warn --prefix /codecept \ && npm install puppeteer@$(npm view puppeteer version) \ From 7cb0c29dd15945e946f3fff8b783b0f40447e960 Mon Sep 17 00:00:00 2001 From: kobenguyent <7845001+kobenguyent@users.noreply.github.com> Date: Mon, 19 May 2025 13:55:13 +0200 Subject: [PATCH 5/7] Update Dockerfile Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- Dockerfile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 61de4ad1a..4b87554ee 100644 --- a/Dockerfile +++ b/Dockerfile @@ -35,11 +35,11 @@ COPY . . WORKDIR /tests # Install Node.js dependencies as non-root user -RUN runuser -u pptruser -- npm install --loglevel=warn --prefix /codecept \ - && npm install puppeteer@$(npm view puppeteer version) \ - && npx puppeteer browsers install chrome \ - && npx playwright install \ - && ln -s /codecept/bin/codecept.js /usr/local/bin/codeceptjs +RUN runuser -u pptruser -- npm install --loglevel=warn --prefix /codecept +RUN runuser -u pptruser -- npm install puppeteer@$(npm view puppeteer version) +RUN runuser -u pptruser -- npx puppeteer browsers install chrome +RUN runuser -u pptruser -- npx playwright install +RUN ln -s /codecept/bin/codecept.js /usr/local/bin/codeceptjs # Verify Chrome installation RUN google-chrome --version From 6bf47483515c87865acab511e4f3a4d486c43d0b Mon Sep 17 00:00:00 2001 From: kobenguyent <7845001+kobenguyent@users.noreply.github.com> Date: Mon, 19 May 2025 13:56:27 +0200 Subject: [PATCH 6/7] Update Dockerfile --- Dockerfile | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4b87554ee..419e0f837 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,12 +26,10 @@ RUN apt-get update --allow-releaseinfo-change && apt-get install -y --no-install && apt-get clean \ && rm -rf /var/lib/apt/lists/* -# Set working directory -WORKDIR /codecept - # Copy project files -COPY . . +COPY . /codecept +# Set working directory WORKDIR /tests # Install Node.js dependencies as non-root user @@ -56,4 +54,4 @@ USER pptruser # Set entrypoint and command ENTRYPOINT ["/codecept/docker/entrypoint"] -CMD ["bash", "/codecept/docker/run.sh"] \ No newline at end of file +CMD ["bash", "/codecept/docker/run.sh"] From 163215d6bd59a019fc7be48c879dd116554c192b Mon Sep 17 00:00:00 2001 From: kobenguyent <7845001+kobenguyent@users.noreply.github.com> Date: Mon, 19 May 2025 15:08:29 +0200 Subject: [PATCH 7/7] Update Dockerfile --- Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 419e0f837..7b0be6244 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,11 +29,12 @@ RUN apt-get update --allow-releaseinfo-change && apt-get install -y --no-install # Copy project files COPY . /codecept +# Install Node.js dependencies as non-root user +RUN runuser -u pptruser -- npm install --loglevel=warn --prefix /codecept + # Set working directory WORKDIR /tests -# Install Node.js dependencies as non-root user -RUN runuser -u pptruser -- npm install --loglevel=warn --prefix /codecept RUN runuser -u pptruser -- npm install puppeteer@$(npm view puppeteer version) RUN runuser -u pptruser -- npx puppeteer browsers install chrome RUN runuser -u pptruser -- npx playwright install