-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
113 lines (90 loc) · 3.04 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
FROM node:20.18.0-bookworm as node
FROM python:3.13.0-bookworm as python
FROM koalaman/shellcheck:v0.10.0 as shellcheck
FROM mvdan/shfmt:v3.10.0 as shfmt
FROM hadolint/hadolint:v2.12.0 as hadolint
FROM ubuntu:jammy-20240808 as base
USER root
ENV INSIDE_DOCKER=1
ENV USERNAME=app-user
ARG GROUPNAME=${USERNAME}
ARG USER_UID=1000
ARG USER_GID=${USER_UID}
ENV HOME=/home/${USERNAME}
ENV APP_DIR=/app
RUN set -e \
&& export DEBIAN_FRONTEND=noninteractive \
&& apt-get update -qq \
&& apt-get install -y -qq --no-install-recommends ca-certificates=* git=* sudo=* gcc=* build-essential=* \
&& echo "--- Give sudo rights to 'USERNAME' ---" \
&& echo "${USERNAME}" ALL=\(root\) NOPASSWD:ALL >/etc/sudoers.d/"${USERNAME}" \
&& chmod 0440 /etc/sudoers.d/"${USERNAME}" \
&& echo "--- Clean ---" \
&& apt-get clean \
&& apt-get autoremove \
&& rm -rf /var/lib/apt/lists/*
# Add user and project directory
RUN \
groupadd --gid ${USER_GID} ${GROUPNAME} \
&& useradd --uid ${USER_UID} --gid ${USER_GID} --shell /bin/bash \
--create-home ${USERNAME} \
&& mkdir ${APP_DIR} \
&& chown ${USER_GID}:${USER_GID} ${APP_DIR}
# Add shellcheck
COPY --from=shellcheck --chown=root /bin/shellcheck /usr/local/bin/
# Add shfmt
COPY --from=shfmt --chown=root /bin/shfmt /usr/local/bin/
# Add hadolint
COPY --from=hadolint --chown=root /bin/hadolint /usr/local/bin/
# Add NodeJS (without yarn)
COPY --from=node --chown=root /usr/local/bin /usr/local/bin/
COPY --from=node --chown=root /usr/local/include /usr/local/include/
COPY --from=node --chown=root /usr/local/lib /usr/local/lib/
COPY --from=node --chown=root /usr/local/share /usr/local/share/
# Remove dead symbolic links from yarn
RUN find /usr/local/bin/. -xtype l -exec rm {} \; 2>/dev/null
# Add Python
COPY --from=python --chown=root /usr/local/lib /usr/local/lib
COPY --from=python --chown=root /usr/local/include /usr/local/include/
COPY --from=python --chown=root /usr/local/bin /usr/local/bin
USER ${USERNAME}
WORKDIR ${APP_DIR}
# Install project packages
COPY --chown=${USERNAME} package-lock.json package.json .npmrc ./
RUN set -e \
&& npm ci --quiet \
&& touch node_modules/.gitkeep
ENV \
LD_LIBRARY_PATH=/usr/local/lib \
PATH=${HOME}/.local/bin:${PATH}
COPY --chown=${USERNAME} requirements.txt ./
RUN set -e \
&& pip install -q --no-cache-dir -r requirements.txt
CMD [ "bash" ]
FROM base as dev
USER root
RUN set -e \
&& export DEBIAN_FRONTEND=noninteractive \
&& echo "--- Install packages ---" \
&& apt-get update -qq \
&& apt-get install -y -qq --no-install-recommends \
gnupg2=* \
openssh-client=* \
locales=* \
&& echo "--- Add locales ---" \
&& sed -i "/en_US.UTF-8/s/^# //g" /etc/locale.gen \
&& locale-gen "en_US.UTF-8" \
&& echo "--- Clean ---" \
&& apt-get clean \
&& apt-get autoremove \
&& rm -rf /var/lib/apt/lists/*
USER ${USERNAME}
FROM dev as vscode
WORKDIR ${HOME}
RUN set -e \
&& mkdir -p .vscode-server/extensions \
.vscode-server-insiders/extensions \
&& chown -R "${USERNAME}" \
.vscode-server \
.vscode-server-insiders
WORKDIR ${APP_DIR}