From 041576c2446c79746756d0810b33408e4c5a73c0 Mon Sep 17 00:00:00 2001 From: Kat Morgan Date: Thu, 18 Jan 2024 05:29:10 -0800 Subject: [PATCH] rebuilding dockerfile (#41) --- .devcontainer/devcontainer.json | 5 +- docker/Dockerfile | 225 ++++++++++++++++++++------------ 2 files changed, 142 insertions(+), 88 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 330bc71..aecd2e1 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -71,9 +71,6 @@ "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {} }, "remoteUser": "vscode", - "forwardPorts": [1313, 2222, 6000, 7681, 8080], - "postCreateCommand": "true", "mounts": ["source=dind-var-lib-docker,target=/var/lib/docker,type=volume"], - "runArgs": ["--init", "--privileged", "--network=host"], - "overrideCommand": false + "runArgs": ["--privileged"] } diff --git a/docker/Dockerfile b/docker/Dockerfile index fb4fb99..852f137 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -8,6 +8,7 @@ # - https://mcr.microsoft.com/en-us/product/devcontainers/base/about FROM mcr.microsoft.com/devcontainers/base:ubuntu-22.04 +SHELL ["/bin/bash", "-c", "-e"] # Append rootfs directory tree into container to copy # additional files into the container's directory tree @@ -27,42 +28,64 @@ USER vscode # Install apt packages ARG APT_PKGS="\ gh \ -git \ +bc \ +mc \ vim \ +git \ +tar \ +mosh \ +file \ +wget \ +tree \ +pigz \ +fish \ curl \ tmux \ -gnupg \ +tmate \ socat \ +gnupg \ +pipenv \ +netcat \ +psmisc \ +procps \ +passwd \ +ripgrep \ +tcpdump \ +python3 \ +pciutils \ libwrap0 \ -gnupg-agent \ -manpages-posix \ +xz-utils \ +fontconfig \ +glibc-tools \ +python3-pip \ build-essential \ ca-certificates \ -manpages-posix-dev \ -apt-transport-https \ -software-properties-common \ +libarchive-tools \ +neofetch \ " -RUN set -ex \ +RUN echo \ && sudo apt-get update \ && sudo apt-get install ${APT_PKGS} \ && sudo apt-get clean \ && sudo apt-get autoremove -y \ && sudo apt-get purge -y --auto-remove \ && sudo rm -rf \ - /var/lib/{apt,dpkg,cache,log} \ + /var/lib/{apt,cache,log} \ /usr/share/{doc,man,locale} \ /var/cache/apt \ /root/.cache \ /var/tmp/* \ /tmp/* \ - && true + && echo # Install docker packages for codespaces docker-in-docker ARG APT_PKGS="\ docker-buildx-plugin \ docker-ce-cli \ +libffi-dev \ +iptables \ " -RUN set -ex \ +RUN echo \ && sudo apt-get update \ && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --batch --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg \ && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \ @@ -71,37 +94,37 @@ RUN set -ex \ && sudo apt-get clean \ && sudo apt-get autoremove -y \ && sudo apt-get purge -y --auto-remove \ - && sudo rm -rf \ - /var/lib/{apt,dpkg,cache,log} \ + && sudo sudo rm -rf \ + /var/lib/{apt,cache,log} \ /usr/share/{doc,man,locale} \ /var/cache/apt \ /root/.cache \ /var/tmp/* \ /tmp/* \ - && true + && echo # Install Kind Kubernetes-in-Docker -RUN set -ex \ +RUN echo \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && export varVerKind=$(curl -s https://api.github.com/repos/kubernetes-sigs/kind/releases/latest | awk -F '["v,]' '/tag_name/{print $5}') \ && export varUrlKind="https://github.com/kubernetes-sigs/kind/releases/download/v${varVerKind}/kind-linux-${arch}" \ && sudo curl --output /usr/bin/kind -L ${varUrlKind} \ && sudo chmod +x /usr/bin/kind \ && /usr/bin/kind version \ - && true + && echo # Install Kubectl -RUN set -ex \ +RUN echo \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && export varVerKubectl="$(curl --silent -L https://storage.googleapis.com/kubernetes-release/release/stable.txt | sed 's/v//g')" \ && export varUrlKubectl="https://storage.googleapis.com/kubernetes-release/release/v${varVerKubectl}/bin/linux/${arch}/kubectl" \ && sudo curl -L ${varUrlKubectl} --output /bin/kubectl \ && sudo chmod +x /bin/kubectl \ && kubectl version --client \ - && true + && echo # Install pulumi -RUN set -ex \ +RUN echo \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "x64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && export urlPulumiRelease="https://api.github.com/repos/pulumi/pulumi/releases/latest" \ && export urlPulumiVersion=$(curl -s ${urlPulumiRelease} | awk -F '["v,]' '/tag_name/{print $5}') \ @@ -114,10 +137,10 @@ RUN set -ex \ && which pulumi \ && pulumi version \ && rm -rf /tmp/* \ - && true + && echo # Install pulumi esc -RUN set -ex \ +RUN echo \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "x64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && export urlPulumiRelease="https://api.github.com/repos/pulumi/esc/releases/latest" \ && export urlPulumiVersion=$(curl -s ${urlPulumiRelease} | awk -F '["v,]' '/tag_name/{print $5}') \ @@ -130,10 +153,10 @@ RUN set -ex \ && which esc \ && esc version \ && rm -rf /tmp/* \ - && true + && echo # Install pulumictl -RUN set -ex \ +RUN echo \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && export urlPulumiRelease="https://api.github.com/repos/pulumi/pulumictl/releases/latest" \ && export urlPulumiVersion=$(curl -s ${urlPulumiRelease} | awk -F '["v,]' '/tag_name/{print $5}') \ @@ -146,24 +169,24 @@ RUN set -ex \ && which pulumictl \ && pulumictl version \ && rm -rf /tmp/* \ - && true + && echo # Install nix # BUG: fix qemu buildx github action multi-arch arm64 nix install failure -RUN set -ex \ +RUN echo \ && export urlNix="https://install.determinate.systems/nix" \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && curl --proto '=https' --tlsv1.2 -sSf -L ${urlNix} --output /tmp/install.sh \ && chmod +x /tmp/install.sh \ && /tmp/install.sh install linux --init none --extra-conf "filter-syscalls = false" --no-confirm \ && sh -c "nix --version" \ - && rm -rf /tmp/* \ - && true + && sudo rm -rf /tmp/* \ + && echo # Install devbox # BUG: depends on Nix installer qemu buildx gha arm64 bug resolution # TODO: add devbox version test -RUN set -ex \ +RUN echo \ && export urlDevbox="https://get.jetpack.io/devbox" \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && curl --proto '=https' --tlsv1.2 -sSf -L ${urlDevbox} --output /tmp/install.sh \ @@ -171,20 +194,19 @@ RUN set -ex \ && /tmp/install.sh -f \ && devbox version \ && rm -rf /tmp/* \ - && true + && echo # Install direnv -RUN set -ex \ +RUN echo \ && echo 'eval "$(direnv hook $SHELL)"' | sudo tee -a /etc/skel/.bashrc | tee -a ${HOME}/.bashrc \ && curl --output /tmp/install.sh --proto '=https' --tlsv1.2 -Sf -L "https://direnv.net/install.sh" \ && chmod +x /tmp/install.sh \ && sudo bash -c "/tmp/install.sh" \ && direnv --version \ && sudo rm -rf /tmp/* \ - && true + && echo # Install golang -# TODO: relocate install to devbox ARG GO_PKGS="\ golang.org/x/tools/gopls@latest \ github.com/josharian/impl@latest \ @@ -194,14 +216,14 @@ github.com/go-delve/delve/cmd/dlv@latest \ honnef.co/go/tools/cmd/staticcheck@latest \ github.com/haya14busa/goplay/cmd/goplay@latest \ " -RUN set -ex \ +RUN echo \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && export goversion="$(curl -s https://go.dev/dl/?mode=json | awk -F'[":go]' '/ "version"/{print $8}' | head -n1)" \ && curl -L https://go.dev/dl/go${goversion}.linux-${arch}.tar.gz | sudo tar -C /usr/local/ -xzvf - \ && which go \ && go version \ && for pkg in ${GO_PKGS}; do go install ${pkg}; echo "Installed: ${pkg}"; done \ - && true + && echo # Install python # TODO: relocate install to devbox @@ -215,7 +237,7 @@ dotnet-runtime-7.0 \ ARG PIP_PKGS="\ setuptools \ " -RUN set -ex \ +RUN echo \ && sudo apt-get update \ && sudo apt-get install ${APT_PKGS} \ && sudo update-alternatives --install \ @@ -226,38 +248,36 @@ RUN set -ex \ && sudo apt-get autoremove -y \ && sudo apt-get purge -y --auto-remove \ && sudo rm -rf \ - /var/lib/{apt,dpkg,cache,log} \ + /var/lib/{apt,cache,log} \ /usr/share/{doc,man,locale} \ /var/cache/apt \ /root/.cache \ /var/tmp/* \ /tmp/* \ - && true + && echo # Install dotnet -# TODO: relocate install to devbox ARG APT_PKGS="\ dotnet-sdk-7.0 \ dotnet-runtime-7.0 \ " -RUN set -ex \ +RUN echo \ && sudo apt-get update \ && sudo apt-get install ${APT_PKGS} \ && sudo apt-get clean \ && sudo apt-get autoremove -y \ && sudo apt-get purge -y --auto-remove \ && sudo rm -rf \ - /var/lib/{apt,dpkg,cache,log} \ + /var/lib/{apt,cache,log} \ /usr/share/{doc,man,locale} \ /var/cache/apt \ /root/.cache \ /var/tmp/* \ /tmp/* \ - && true + && echo # Install nodejs npm yarn -# TODO: relocate install to devbox -RUN set -ex \ +RUN echo \ && export NODE_MAJOR=20 \ && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key \ | sudo gpg --batch --dearmor -o /etc/apt/keyrings/nodesource.gpg \ @@ -269,7 +289,7 @@ RUN set -ex \ && sudo apt-get autoremove -y \ && sudo apt-get purge -y --auto-remove \ && sudo rm -rf \ - /var/lib/{apt,dpkg,cache,log} \ + /var/lib/{apt,cache,log} \ /usr/share/{doc,man,locale} \ /var/cache/apt \ /root/.cache \ @@ -279,11 +299,11 @@ RUN set -ex \ && npm --version \ && sudo npm install --global yarn \ && yarn --version \ - && true + && echo # Install hugo EXPOSE 1313 -RUN set -ex \ +RUN echo \ && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ && export urlHugoRelease="https://api.github.com/repos/gohugoio/hugo/releases/latest" \ && export urlHugoVersion=$(curl -s ${urlHugoRelease} | awk -F '["v,]' '/tag_name/{print $5}') \ @@ -295,45 +315,19 @@ RUN set -ex \ && which hugo \ && hugo version \ && rm -rf /tmp/* \ - && true + && echo -## Install kind (kubernetes-in-docker) -## TODO: relocate install to devcontainer.json -#RUN set -ex \ -# && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ -# && export urlKindRelease="https://api.github.com/repos/kubernetes-sigs/kind/releases/latest" \ -# && export urlKindVersion=$(curl -s ${urlKindRelease} | awk -F '["v,]' '/tag_name/{print $5}') \ -# && export urlKindBase="https://github.com/kubernetes-sigs/kind/releases/download" \ -# && export urlKindBin="kind-linux-${arch}" \ -# && export urlKind="${urlKindBase}/v${urlKindVersion}/${urlKindBin}" \ -# && sudo curl -L ${urlKind} --output /usr/local/bin/kind \ -# && sudo chmod +x /usr/local/bin/kind \ -# && which kind \ -# && kind version \ -# && true -# -## Install kubectl -## TODO: relocate install to devcontainer.json -#RUN set -ex \ -# && export arch=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ -# && export varKubectlVersion="$(curl --silent -L https://storage.googleapis.com/kubernetes-release/release/stable.txt | sed 's/v//g')" \ -# && export varKubectlUrl="https://storage.googleapis.com/kubernetes-release/release/v${varKubectlVersion}/bin/linux/${arch}/kubectl" \ -# && sudo curl -L ${varKubectlUrl} --output /usr/local/bin/kubectl \ -# && sudo chmod +x /usr/local/bin/kubectl \ -# && kubectl version --client || true \ -# && true -# -## Install helm -## TODO: relocate install to devcontainer.json -#RUN set -ex \ -# && export varVerHelm="$(curl -s https://api.github.com/repos/helm/helm/releases/latest | awk -F '[\"v,]' '/tag_name/{print $5}')" \ -# && export varUrlHelm="https://get.helm.sh/helm-v${varVerHelm}-linux-amd64.tar.gz" \ -# && curl -L ${varUrlHelm} | tar xzvf - --directory /tmp linux-amd64/helm \ -# && chmod +x /tmp/linux-amd64/helm \ -# && sudo mv /tmp/linux-amd64/helm /usr/local/bin/helm \ -# && helm version \ -# && rm -rf /tmp/linux-amd64 \ -# && true +# Install helm +# TODO: relocate install to devcontainer.json +RUN echo \ + && export varVerHelm="$(curl -s https://api.github.com/repos/helm/helm/releases/latest | awk -F '[\"v,]' '/tag_name/{print $5}')" \ + && export varUrlHelm="https://get.helm.sh/helm-v${varVerHelm}-linux-amd64.tar.gz" \ + && curl -L ${varUrlHelm} | tar xzvf - --directory /tmp linux-amd64/helm \ + && chmod +x /tmp/linux-amd64/helm \ + && sudo mv /tmp/linux-amd64/helm /usr/local/bin/helm \ + && helm version \ + && rm -rf /tmp/linux-amd64 \ + && echo WORKDIR /workspaces CMD ["/usr/bin/zsh"] @@ -354,3 +348,66 @@ LABEL \ org.opencontainers.image.url="https://github.com/pulumi/devcontainer" \ org.opencontainers.image.documentation="https://github.com/pulumi/devcontainer" \ org.opencontainers.image.authors="https://github.com/pulumi" + +################################################################################## +# Common Functions +ARG curl="/usr/bin/curl --silent --show-error --tlsv1.2 --location" +ARG INSTALL="install -m 755 -o root -g root" +ARG BIN="/usr/local/bin" +ARG dir_clean="\ +sudo rm -rf \ +/var/lib/{apt,cache,log} \ +/usr/share/{doc,man,locale} \ +/var/cache/apt \ +/home/*/.cache \ +/root/.cache \ +/var/tmp/* \ +/tmp/* \ +" + +# jq +RUN set -ex; echo \ +&& export NAME="jq" \ +&& export TEST="${NAME} --version" \ +&& export REPOSITORY="jqlang/jq" \ +&& export ARCH="$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }')" \ +&& export VERSION="$(${curl} https://api.github.com/repos/${REPOSITORY}/releases/latest | awk -F '[\"v\",-]' '/tag_name/{print $5}')" \ +&& export PKG="${NAME}-linux-${ARCH}" \ +&& export URL="https://github.com/${REPOSITORY}/releases/download/${NAME}-${VERSION}/${NAME}-linux-${ARCH}" \ +&& echo "INFO[${NAME}] Installed:" \ +&& echo "INFO[${NAME}] Command: ${NAME}" \ +&& echo "INFO[${NAME}] Package: ${PKG}" \ +&& echo "INFO[${NAME}] Latest Release: ${VERSION}" \ +&& echo "INFO[${NAME}] Architecture: ${ARCH}" \ +&& echo "INFO[${NAME}] Source: ${URL}" \ +&& ${curl} ${URL} --output /tmp/${NAME} \ +&& file /tmp/${NAME} \ +&& sudo ${INSTALL} /tmp/${NAME} ${BIN}/${NAME} \ +&& ${dir_clean} \ +&& ${TEST} \ +&& echo + +# Insall Github Actions Local Testing CLI +# - https://nektosact.com +# - https://github.com/nektos/gh-act +RUN echo \ +&& export NAME=act \ +&& export TEST="${NAME} --version" \ +&& export REPOSITORY="nektos/gh-act" \ +&& export VERSION="$(${curl} https://api.github.com/repos/${REPOSITORY}/releases/latest | jq --raw-output .tag_name)" \ +&& export ARCH=$(uname -m | awk '{ if ($1 == "x86_64") print "amd64"; else if ($1 == "aarch64" || $1 == "arm64") print "arm64"; else print "unknown" }') \ +&& export PKG="linux-${ARCH}" \ +&& export URL="https://github.com/${REPOSITORY}/releases/download/${VERSION}/${PKG}" \ +&& echo "---------------------------------------------------------"\ +&& echo "INFO[${NAME}] Installed:" \ +&& echo "INFO[${NAME}] Command: ${NAME}" \ +&& echo "INFO[${NAME}] Package: ${PKG}" \ +&& echo "INFO[${NAME}] Latest Release: ${VERSION}" \ +&& echo "INFO[${NAME}] Architecture: ${ARCH}" \ +&& echo "INFO[${NAME}] Source: ${URL}" \ +&& echo "---------------------------------------------------------"\ +&& ${curl} ${URL} --output /tmp/${NAME} \ +&& sudo ${INSTALL} /tmp/${NAME} ${BIN}/${NAME} \ +&& ${dir_clean} \ +&& ${TEST} \ +&& echo \ No newline at end of file