-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
85 lines (69 loc) · 2.4 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
ARG BUILD_ON_IMAGE=glcr.b-data.ch/python/base
ARG PYTHON_VERSION=latest
FROM ${BUILD_ON_IMAGE}:${PYTHON_VERSION} AS files
RUN mkdir /files
COPY conf/shell /files
COPY conf/stack /files
COPY scripts /files
## Ensure file modes are correct
RUN find /files -type d -exec chmod 755 {} \; \
&& find /files -type f -exec chmod 644 {} \; \
&& find /files/usr/local/bin -type f -exec chmod 755 {} \;
FROM docker.io/koalaman/shellcheck:stable AS sci
FROM ${BUILD_ON_IMAGE}:${PYTHON_VERSION}
ARG DEBIAN_FRONTEND=noninteractive
ARG BUILD_ON_IMAGE
ENV PARENT_IMAGE=${BUILD_ON_IMAGE}:${PYTHON_VERSION} \
PARENT_IMAGE_BUILD_DATE=${BUILD_DATE}
RUN dpkgArch="$(dpkg --print-architecture)" \
## Ensure that common CA certificates
## and OpenSSL libraries are up to date
&& apt-get update \
&& apt-get -y install --only-upgrade \
ca-certificates \
openssl \
## Install hadolint
&& case "$dpkgArch" in \
amd64) tarArch="x86_64" ;; \
arm64) tarArch="arm64" ;; \
*) echo "error: Architecture $dpkgArch unsupported"; exit 1 ;; \
esac \
&& apiResponse="$(curl -sSL \
https://api.github.com/repos/hadolint/hadolint/releases/latest)" \
&& downloadUrl="$(echo "$apiResponse" | grep -e \
"browser_download_url.*Linux-$tarArch\"" | cut -d : -f 2,3 | tr -d \")" \
&& echo "$downloadUrl" | xargs curl -sSLo /usr/local/bin/hadolint \
&& chmod 755 /usr/local/bin/hadolint \
## Create backup of root directory
&& cp -a /root /var/backups \
## Clean up
&& rm -rf /var/lib/apt/lists/*
## Update environment
ARG USE_ZSH_FOR_ROOT
ARG SET_LANG
ARG SET_TZ
ENV LANG=${SET_LANG:-$LANG} \
TZ=${SET_TZ:-$TZ}
## Change root's shell to ZSH
RUN if [ -n "$USE_ZSH_FOR_ROOT" ]; then \
chsh -s /bin/zsh; \
fi \
## Update timezone if needed
&& if [ "$TZ" != "Etc/UTC" ]; then \
echo "Setting TZ to $TZ"; \
ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime \
&& echo "$TZ" > /etc/timezone; \
fi \
## Add/Update locale if needed
&& if [ "$LANG" != "en_US.UTF-8" ]; then \
sed -i "s/# $LANG/$LANG/g" /etc/locale.gen; \
locale-gen; \
echo "Setting LANG to $LANG"; \
update-locale --reset LANG="$LANG"; \
fi
## Unset environment variable BUILD_DATE
ENV BUILD_DATE=
## Copy files as late as possible to avoid cache busting
COPY --from=files /files /
## Copy shellcheck as late as possible to avoid cache busting
COPY --from=sci --chown=root:root /bin/shellcheck /usr/local/bin