-
Notifications
You must be signed in to change notification settings - Fork 6
/
ubuntu-focal.Dockerfile
161 lines (137 loc) · 4.73 KB
/
ubuntu-focal.Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
FROM ubuntu:20.04
# Set environment variables needed at build
ENV DEBIAN_FRONTEND=noninteractive
# Copy in environment variables not needed at build
COPY .env /.env
# Install base software
RUN apt-get update \
&& apt-get install -y software-properties-common \
&& apt-get dist-upgrade -y \
&& apt-get install -y \
apt-transport-https \
apt-utils \
bc \
build-essential \
ca-certificates \
curl \
dnsutils \
ftp \
gcc \
git \
iproute2 \
iptables \
iputils-ping \
jq \
libssl-dev \
libffi-dev \
libunwind8 \
locales \
lsb-release \
netcat \
openssh-client \
openssl \
parallel \
pkg-config \
rsync \
shellcheck \
sudo \
supervisor \
time \
tzdata \
unzip \
upx \
wget \
zip \
zstd \
&& apt-get autoclean \
&& apt-get autoremove
# Runner user
RUN adduser --disabled-password --gecos "" --uid 1000 runner \
&& groupadd docker \
&& usermod -aG sudo runner \
&& usermod -aG docker runner \
&& echo "%sudo ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers
# Install GitHub CLI
COPY software/gh-cli.sh gh-cli.sh
RUN bash gh-cli.sh && rm gh-cli.sh
# Install Hashicorp Packer
COPY software/packer.sh packer.sh
RUN bash packer.sh && rm packer.sh
# Install kubectl
COPY software/kubectl.sh kubectl.sh
RUN bash kubectl.sh && rm kubectl.sh
# Set up additional repos
COPY software/repos-deb.sh repos.sh
RUN bash repos.sh && rm repos.sh
# Install Azure CLI
RUN apt-get install -y powershell
COPY software/azure-deb.sh azure.sh
RUN bash azure.sh && rm azure.sh
COPY software/powershell-modules.ps1 powershell-modules.ps1
RUN pwsh powershell-modules.ps1 && rm powershell-modules.ps1
# Clear apt-get cache
RUN apt-get autoclean && apt-get autoremove
# Runner agent and Docker configs
ARG TARGETPLATFORM=linux/amd64
ARG RUNNER_VERSION=2.284.0
ARG DOCKER_CHANNEL=stable
ARG DOCKER_VERSION=20.10.11
ARG COMPOSE_VERSION=1.29.2
ARG DEBUG=false
RUN test -n "$TARGETPLATFORM" || (echo "TARGETPLATFORM must be set" && false)
# Docker installation
RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
&& if [ "$ARCH" = "arm64" ]; then export ARCH=aarch64 ; fi \
&& if [ "$ARCH" = "amd64" ]; then export ARCH=x86_64 ; fi \
&& if ! curl -L -o docker.tgz "https://download.docker.com/linux/static/${DOCKER_CHANNEL}/${ARCH}/docker-${DOCKER_VERSION}.tgz"; then \
echo >&2 "error: failed to download 'docker-${DOCKER_VERSION}' from '${DOCKER_CHANNEL}' for '${ARCH}'"; \
exit 1; \
fi; \
echo "Downloaded Docker from https://download.docker.com/linux/static/${DOCKER_CHANNEL}/${ARCH}/docker-${DOCKER_VERSION}.tgz"; \
tar --extract \
--file docker.tgz \
--strip-components 1 \
--directory /usr/local/bin/ \
; \
rm docker.tgz; \
dockerd --version; \
docker --version
# Docker-compose installation
RUN curl -L "https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-Linux-x86_64" -o /usr/local/bin/docker-compose ; \
chmod +x /usr/local/bin/docker-compose ; \
docker-compose --version
ENV RUNNER_ASSETS_DIR=/runnertmp
# Runner download supports amd64 as x64
#
# libyaml-dev is required for ruby/setup-ruby action.
# It is installed after installdependencies.sh and before removing /var/lib/apt/lists
# to avoid rerunning apt-update on its own.
RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
&& if [ "$ARCH" = "amd64" ]; then export ARCH=x64 ; fi \
&& mkdir -p "$RUNNER_ASSETS_DIR" \
&& cd "$RUNNER_ASSETS_DIR" \
&& curl -L -o runner.tar.gz https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${ARCH}-${RUNNER_VERSION}.tar.gz \
&& tar xzf ./runner.tar.gz \
&& rm runner.tar.gz \
&& ./bin/installdependencies.sh \
&& apt-get install -y libyaml-dev \
&& rm -rf /var/lib/apt/lists/*
RUN echo AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache > /runner.env \
&& mkdir /opt/hostedtoolcache \
&& chgrp runner /opt/hostedtoolcache \
&& chmod g+rwx /opt/hostedtoolcache
COPY modprobe startup.sh /usr/local/bin/
COPY supervisor/ /etc/supervisor/conf.d/
COPY logger.sh /opt/bash-utils/logger.sh
COPY entrypoint.sh /usr/local/bin/
COPY docker/daemon.json /etc/docker/daemon.json
RUN chmod +x /usr/local/bin/startup.sh /usr/local/bin/entrypoint.sh /usr/local/bin/modprobe
RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
&& curl -L -o /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_${ARCH} \
&& chmod +x /usr/local/bin/dumb-init
VOLUME /var/lib/docker
COPY --chown=runner:docker patched $RUNNER_ASSETS_DIR/patched
# No group definition, as that makes it harder to run docker.
USER runner
ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
CMD ["startup.sh"]