kriss/slot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated Dockerfile

Browse Source
This commit is contained in:
Christophe Vila
2025-10-31 23:28:37 +01:00
parent 0aa131d155
commit 5436730ee2
2 changed files with 181 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

132
.devcontainer/server/Dockerfile
View File

@@ -1,22 +1,37 @@
ARG VARIANT=21-jdk
FROM eclipse-temurin:${VARIANT}
FROM debian:trixie
RUN groupadd debian \
--gid 1000 \
&& useradd debian \
--uid 1000 \
--gid debian \
--shell /bin/bash \
--create-home
RUN apt-get update \
&& apt-get -y install --no-install-recommends \
ca-certificates \
curl \
dirmngr \
git \
gnupg \
gpg \
gpg-agent \
libatomic1 \
nano \
python3 \
unzip \
vim-tiny \
wget \
xz-utils \
&& apt-get auto-remove -y \
&& apt-get clean -y \
&& chsh -s $(which bash) ubuntu \
&& echo 'export PS1="\e[01;32m\u\e[m:\e[01;34m\w\e[m\$ "' >> /home/ubuntu/.bashrc
&& rm -rf /var/lib/apt/lists/* \
&& echo 'export PS1="\e[01;32m\u\e[m:\e[01;34m\w\e[m\$ "' >> /home/debian/.bashrc
ARG NEXUS_REPO=https://rm.vilanet.fr/repository/raw
RUN --mount=type=secret,id=nexus_login,target=/tmp/nexus_login \
--mount=type=secret,id=nexus_pwd,target=/tmp/nexus_pwd \
curl -Lo /tmp/jetbrains.zip -u$(cat /tmp/nexus_login):$(cat /tmp/nexus_pwd) ${NEXUS_REPO}/jetbrains.zip
ENV JAVA_HOME=/opt/java/openjdk
COPY --from=eclipse-temurin:21 $JAVA_HOME $JAVA_HOME
ENV PATH="${JAVA_HOME}/bin:${PATH}"
ENV MAVEN_HOME=/opt/maven
ENV PATH=$MAVEN_HOME/bin:$PATH
@@ -29,13 +44,104 @@ RUN mkdir -p $MAVEN_HOME \
&& tar -xzf /tmp/apache-maven.tar.gz -C $MAVEN_HOME --strip-components=1 \
&& rm -f /tmp/apache-maven.tar.gz
ARG NODE_VERSION=22.21.1
RUN ARCH= OPENSSL_ARCH= && dpkgArch="$(dpkg --print-architecture)" \
&& case "${dpkgArch##*-}" in \
amd64) ARCH='x64' OPENSSL_ARCH='linux-x86_64';; \
ppc64el) ARCH='ppc64le' OPENSSL_ARCH='linux-ppc64le';; \
s390x) ARCH='s390x' OPENSSL_ARCH='linux*-s390x';; \
arm64) ARCH='arm64' OPENSSL_ARCH='linux-aarch64';; \
armhf) ARCH='armv7l' OPENSSL_ARCH='linux-armv4';; \
i386) ARCH='x86' OPENSSL_ARCH='linux-elf';; \
*) echo "unsupported architecture"; exit 1 ;; \
esac \
&& set -ex \
# use pre-existing gpg directory, see https://github.com/nodejs/docker-node/pull/1895#issuecomment-1550389150
&& export GNUPGHOME="$(mktemp -d)" \
# gpg keys listed at https://github.com/nodejs/node#release-keys
&& for key in \
C0D6248439F1D5604AAFFB4021D900FFDB233756 \
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
CC68F5A3106FF448322E48ED27F5E38D5B0A215F \
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
108F52B48DB57BB0CC439B2997B01419BD92F80A \
A363A499291CBBC940DD62E41F10027AF002F8B0 \
; do \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" || \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" ; \
done \
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
&& gpgconf --kill all \
&& rm -rf "$GNUPGHOME" \
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
# Remove unused OpenSSL headers to save ~34MB. See this NodeJS issue: https://github.com/nodejs/node/issues/46451
&& find /usr/local/include/node/openssl/archs -mindepth 1 -maxdepth 1 ! -name "$OPENSSL_ARCH" -exec rm -rf {} \; \
&& npm install -g npm \
&& npm install -g @anthropic-ai/claude-code \
# smoke tests
&& node --version \
&& npm --version \
&& rm -rf /tmp/*
ARG BUN_VERSION=1.3.1
RUN arch="$(dpkg --print-architecture)" \
&& case "${arch##*-}" in \
amd64) build="x64-baseline";; \
arm64) build="aarch64";; \
*) echo "error: unsupported architecture: $arch"; exit 1 ;; \
esac \
&& version="$BUN_VERSION" \
&& case "$version" in \
latest | canary | bun-v*) tag="$version"; ;; \
v*) tag="bun-$version"; ;; \
*) tag="bun-v$version"; ;; \
esac \
&& case "$tag" in \
latest) release="latest/download"; ;; \
*) release="download/$tag"; ;; \
esac \
&& curl "https://github.com/oven-sh/bun/releases/$release/bun-linux-$build.zip" \
-fsSLO \
--compressed \
--retry 5 \
|| (echo "error: failed to download: $tag" && exit 1) \
&& for key in \
"F3DCC08A8572C0749B3E18888EAB4D40A7B22B59" \
; do \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
done \
&& curl "https://github.com/oven-sh/bun/releases/$release/SHASUMS256.txt.asc" \
-fsSLO \
--compressed \
--retry 5 \
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
|| (echo "error: failed to verify: $tag" && exit 1) \
&& grep " bun-linux-$build.zip\$" SHASUMS256.txt | sha256sum -c - \
|| (echo "error: failed to verify: $tag" && exit 1) \
&& unzip "bun-linux-$build.zip" \
&& mv "bun-linux-$build/bun" /usr/local/bin/bun \
&& rm -f "bun-linux-$build.zip" SHASUMS256.txt.asc SHASUMS256.txt \
&& chmod +x /usr/local/bin/bun
ARG NEXUS_REPO=https://rm.vilanet.fr/repository/raw
RUN --mount=type=secret,id=nexus_login,target=/tmp/nexus_login \
--mount=type=secret,id=nexus_pwd,target=/tmp/nexus_pwd \
curl -Lo /tmp/jetbrains.zip -u$(cat /tmp/nexus_login):$(cat /tmp/nexus_pwd) ${NEXUS_REPO}/jetbrains.zip
# Set the default user
USER ubuntu
USER debian
RUN mkdir -p /home/ubuntu/.local/share && \
unzip -d /home/ubuntu/.local/share /tmp/jetbrains.zip
RUN mkdir -p /home/debian/.local/share \
&& unzip -d /home/debian/.local/share /tmp/jetbrains.zip
#ENV IDEA_VM_OPTIONS=/home/ubuntu/.local/share/jetbrains/vmoptions/idea.vmoptions
#ENV IDEA_VM_OPTIONS=/home/debian/.local/share/jetbrains/vmoptions/idea.vmoptions
# Set the working directory
WORKDIR /home/ubuntu
WORKDIR /home/debian

127
.devcontainer/ui/Dockerfile
View File

@@ -1,6 +1,50 @@
FROM debian:bookworm
FROM debian:trixie
ARG NODE_VERSION=22.17.1
RUN groupadd debian \
--gid 1000 \
&& useradd debian \
--uid 1000 \
--gid debian \
--shell /bin/bash \
--create-home
RUN apt-get update \
&& apt-get -y install --no-install-recommends \
ca-certificates \
curl \
dirmngr \
git \
gnupg \
gpg \
gpg-agent \
libatomic1 \
nano \
python3 \
unzip \
vim-tiny \
wget \
xz-utils \
&& apt-get auto-remove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* \
&& echo 'export PS1="\e[01;32m\u\e[m:\e[01;34m\w\e[m\$ "' >> /home/debian/.bashrc
ENV JAVA_HOME=/opt/java/openjdk
COPY --from=eclipse-temurin:21 $JAVA_HOME $JAVA_HOME
ENV PATH="${JAVA_HOME}/bin:${PATH}"
ENV MAVEN_HOME=/opt/maven
ENV PATH=$MAVEN_HOME/bin:$PATH
ARG MAVEN_VERSION=3.9.11
ARG BASE_URL=https://dlcdn.apache.org/maven/maven-3/${MAVEN_VERSION}/binaries
RUN mkdir -p $MAVEN_HOME \
&& curl -fsSL -o /tmp/apache-maven.tar.gz ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
&& tar -xzf /tmp/apache-maven.tar.gz -C $MAVEN_HOME --strip-components=1 \
&& rm -f /tmp/apache-maven.tar.gz
ARG NODE_VERSION=22.21.1
RUN ARCH= OPENSSL_ARCH= && dpkgArch="$(dpkg --print-architecture)" \
&& case "${dpkgArch##*-}" in \
amd64) ARCH='x64' OPENSSL_ARCH='linux-x86_64';; \
@@ -12,9 +56,6 @@ RUN ARCH= OPENSSL_ARCH= && dpkgArch="$(dpkg --print-architecture)" \
*) echo "unsupported architecture"; exit 1 ;; \
esac \
&& set -ex \
# libatomic1 for arm
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
# use pre-existing gpg directory, see https://github.com/nodejs/docker-node/pull/1895#issuecomment-1550389150
&& export GNUPGHOME="$(mktemp -d)" \
# gpg keys listed at https://github.com/nodejs/node#release-keys
@@ -28,8 +69,8 @@ RUN ARCH= OPENSSL_ARCH= && dpkgArch="$(dpkg --print-architecture)" \
108F52B48DB57BB0CC439B2997B01419BD92F80A \
A363A499291CBBC940DD62E41F10027AF002F8B0 \
; do \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" || \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" ; \
done \
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
@@ -41,34 +82,15 @@ RUN ARCH= OPENSSL_ARCH= && dpkgArch="$(dpkg --print-architecture)" \
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
# Remove unused OpenSSL headers to save ~34MB. See this NodeJS issue: https://github.com/nodejs/node/issues/46451
&& find /usr/local/include/node/openssl/archs -mindepth 1 -maxdepth 1 ! -name "$OPENSSL_ARCH" -exec rm -rf {} \; \
&& apt-mark auto '.*' > /dev/null \
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
| sort -u \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
| xargs -r apt-mark manual \
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
&& npm install -g npm \
&& npm install -g @anthropic-ai/claude-code \
# smoke tests
&& node --version \
&& npm --version \
&& rm -rf /tmp/*
ARG BUN_VERSION=latest
RUN apt-get update -qq \
&& apt-get install -qq --no-install-recommends \
ca-certificates \
curl \
dirmngr \
gpg \
gpg-agent \
unzip \
python3 \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& arch="$(dpkg --print-architecture)" \
ARG BUN_VERSION=1.3.1
RUN arch="$(dpkg --print-architecture)" \
&& case "${arch##*-}" in \
amd64) build="x64-baseline";; \
arm64) build="aarch64";; \
@@ -108,43 +130,18 @@ RUN apt-get update -qq \
&& rm -f "bun-linux-$build.zip" SHASUMS256.txt.asc SHASUMS256.txt \
&& chmod +x /usr/local/bin/bun
COPY docker-entrypoint.sh /usr/local/bin
RUN mkdir -p /usr/local/bun-node-fallback-bin && ln -s /usr/local/bin/bun /usr/local/bun-node-fallback-bin/node
ENV PATH="${PATH}:/usr/local/bun-node-fallback-bin"
ARG NEXUS_REPO=https://rm.vilanet.fr/repository/raw
RUN --mount=type=secret,id=nexus_login,target=/tmp/nexus_login \
--mount=type=secret,id=nexus_pwd,target=/tmp/nexus_pwd \
curl -Lo /tmp/jetbrains.zip -u$(cat /tmp/nexus_login):$(cat /tmp/nexus_pwd) ${NEXUS_REPO}/jetbrains.zip
# Disable the runtime transpiler cache by default inside Docker containers.
# On ephemeral containers, the cache is not useful
ARG BUN_RUNTIME_TRANSPILER_CACHE_PATH=0
ENV BUN_RUNTIME_TRANSPILER_CACHE_PATH=${BUN_RUNTIME_TRANSPILER_CACHE_PATH}
# Set the default user
USER debian
# Ensure `bun install -g` works
ARG BUN_INSTALL_BIN=/usr/local/bin
ENV BUN_INSTALL_BIN=${BUN_INSTALL_BIN}
RUN mkdir -p /home/debian/.local/share \
&& unzip -d /home/debian/.local/share /tmp/jetbrains.zip
RUN groupadd bun \
--gid 1000 \
&& useradd bun \
--uid 1000 \
--gid bun \
--shell /bin/sh \
--create-home \
&& ln -s /usr/local/bin/bun /usr/local/bin/bunx \
&& which bun \
&& which bunx \
&& bun --version
#ENV IDEA_VM_OPTIONS=/home/debian/.local/share/jetbrains/vmoptions/idea.vmoptions
RUN apt-get update \
&& apt-get -y install --no-install-recommends \
ca-certificates \
git \
nano \
vim-tiny \
&& apt-get auto-remove -y \
&& apt-get clean -y \
&& chsh -s $(which bash) bun \
&& echo 'export PS1="\e[01;32m\u\e[m:\e[01;34m\w\e[m\$ "' >> /home/bun/.bashrc
USER bun
WORKDIR /home/bun
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["/usr/local/bin/bun"]
# Set the working directory
WORKDIR /home/debian