forked from myoung34/docker-github-actions-runner
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.base
More file actions
96 lines (92 loc) · 3.4 KB
/
Dockerfile.base
File metadata and controls
96 lines (92 loc) · 3.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# syntax=docker/dockerfile:1
ARG BUILD_IMAGE=ubuntu:noble
FROM ${BUILD_IMAGE}
ARG CHOWN_USER=runner
ARG GIT_LFS_VERSION=3.7.0
ARG LSB_RELEASE_CODENAME=noble
ARG DOCKER_CODENAME=noble
ARG DISTRO=ubuntu
ARG TARGETARCH
ENV GIT_LFS_VERSION=${GIT_LFS_VERSION} \
LANG=en_US.UTF-8 \
LANGUAGE=en_US.UTF-8 \
LC_ALL=en_US.UTF-8 \
DEBIAN_FRONTEND=noninteractive
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# hadolint ignore=SC2086,DL3015,DL3008,DL3013
RUN echo en_US.UTF-8 UTF-8 >> /etc/locale.gen \
&& apt-get update -qq \
&& apt-get upgrade -qq -y \
&& apt-get install -qq -y --no-install-recommends \
gnupg \
lsb-release \
curl \
tar \
unzip \
zip \
xz-utils \
apt-transport-https \
ca-certificates \
gpg-agent \
software-properties-common \
build-essential \
zlib1g-dev \
zstd \
gettext \
libcurl4-openssl-dev \
inetutils-ping \
jq \
wget \
dirmngr \
openssh-client \
locales \
python3-pip \
python3-setuptools \
python3 \
dumb-init \
nodejs \
rsync \
git \
gosu \
sudo \
&& sed -e 's/Defaults.*env_reset/Defaults env_keep = "HTTP_PROXY HTTPS_PROXY NO_PROXY FTP_PROXY http_proxy https_proxy no_proxy ftp_proxy"/' -i /etc/sudoers \
&& ( [[ $(apt-cache search -n liblttng-ust0 | \
awk '{print $1}') == "liblttng-ust0" ]] && \
apt-get install -q -y --no-install-recommends liblttng-ust0 || : ) \
&& ( [[ $(apt-cache search -n liblttng-ust1 | \
awk '{print $1}') == "liblttng-ust1" ]] && \
apt-get install -q -y --no-install-recommends liblttng-ust1 || : ) \
&& ( curl -sS "https://github.com/git-lfs/git-lfs/releases/download/v${GIT_LFS_VERSION}/git-lfs-linux-${TARGETARCH}-v${GIT_LFS_VERSION}.tar.gz" -L -o /tmp/lfs.tar.gz && \
tar -xzf /tmp/lfs.tar.gz -C /tmp && \
/tmp/git-lfs-${GIT_LFS_VERSION}/install.sh ) \
&& (install -m 0755 -d /etc/apt/keyrings && \
curl -fsSL "https://download.docker.com/linux/${DISTRO}/gpg" -o /etc/apt/keyrings/docker.asc && \
chmod a+r /etc/apt/keyrings/docker.asc && \
echo "deb [arch=${TARGETARCH} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/${DISTRO} ${DOCKER_CODENAME} stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null ) \
&& apt-get update -qq \
&& apt-get install -y --no-install-recommends \
docker-ce \
docker-ce-cli \
docker-buildx-plugin \
containerd.io \
&& GH_CLI_VERSION=$(curl -sSL -H "Accept: application/vnd.github+json" "https://api.github.com/repos/cli/cli/releases/latest" | \
jq -r '.tag_name' | sed 's/^v//g') \
&& GH_CLI_DOWNLOAD_URL=$(curl -sSL -H "Accept: application/vnd.github+json" "https://api.github.com/repos/cli/cli/releases/latest" | \
jq ".assets[] | select(.name == \"gh_${GH_CLI_VERSION}_linux_${TARGETARCH}.deb\")" | \
jq -r '.browser_download_url') \
&& curl -sSLo /tmp/ghcli.deb ${GH_CLI_DOWNLOAD_URL} && \
apt-get -y install /tmp/ghcli.deb \
&& groupadd -g 121 ${CHOWN_USER} \
&& useradd -mr -d /home/${CHOWN_USER} -u 1001 -g 121 -G sudo,docker ${CHOWN_USER} \
&& echo '%sudo ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \
&& rm -rf \
/var/cache/apt \
/tmp/* \
/root/.cache/pip \
/var/lib/apt/lists/* \
/var/log/*.log \
/var/log/apt/* \
/var/cache/debconf/templates.dat-old \
/var/cache/debconf/config.dat-old
#