-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathDockerfile
More file actions
62 lines (53 loc) · 2.39 KB
/
Dockerfile
File metadata and controls
62 lines (53 loc) · 2.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# Base runtime image — rw-base-runtime ships:
# - Python 3 + the worker binary + the standard CLI tooling
# (kubectl, aws, az, gcloud, helm, istioctl, gh, pwsh, jq, yq, skopeo,
# linear-cli, claude, cursor)
# - rw-core-keywords pip-installed system-wide (RW.Core / RW.platform /
# RW.fetchsecrets / etc.)
# - The robot-runtime helper scripts at /home/runwhen/robot-runtime/
# (entrypoint.sh, runrobot.{sh,py}, RWP.py, metrics_daemon.py, ...)
#
# Source: https://github.com/runwhen-contrib/rw-base-runtime
#
# Override at build time to pin a specific runtime sha (production tag
# suffix) or to test against a BYO base, e.g.:
#
# docker build \
# --build-arg BASE_IMAGE=ghcr.io/runwhen-contrib/rw-base-runtime:<sha7> \
# ...
#
# The CI workflow (.github/workflows/build-push.yaml) resolves the
# `runtime_ref` dispatch input to an rw-base-runtime commit sha and
# bakes that sha into the resulting image tag suffix.
ARG BASE_IMAGE=ghcr.io/runwhen-contrib/rw-base-runtime:latest
FROM ${BASE_IMAGE}
USER root
ENV RUNWHEN_HOME=/home/runwhen
ENV PATH "$PATH:/usr/local/bin:/home/runwhen/.local/bin"
# Set up directories and permissions.
#
# Codecollection contents MUST land at ${RUNWHEN_HOME}/collection (NOT
# /codecollection). PAPI emits RW_PATH_TO_ROBOT=$(RUNWHEN_HOME)/collection/
# codebundles/<bundle>/sli.robot and runrobot.{sh,py} only know how to
# resolve under /home/runwhen/collection — a mismatch surfaces as
# `FileNotFoundError: Could not find the robot file in any known locations.`
RUN mkdir -p $RUNWHEN_HOME/collection
WORKDIR $RUNWHEN_HOME/collection
# Copy files into container with correct ownership
COPY --chown=runwhen:0 . .
# Check and install requirements if requirements.txt exists
RUN if [ -f "requirements.txt" ]; then pip install --no-cache-dir -r requirements.txt; else echo "requirements.txt not found, skipping pip install"; fi
# Install additional user packages
#RUN apt-get update && \
# apt-get install -y --no-install-recommends net-tools && \
# apt-get clean && \
# rm -rf /var/lib/apt/lists/* /var/cache/apt
# Add runwhen user to sudoers with no password prompt
RUN echo "runwhen ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
# Set RunWhen Temp Dir
RUN mkdir -p /var/tmp/runwhen && chmod 1777 /var/tmp/runwhen
ENV TMPDIR=/var/tmp/runwhen
# Adjust permissions for runwhen user
RUN chown runwhen:0 -R $RUNWHEN_HOME/collection
# Switch to runwhen user
USER runwhen