forked from dfinity/ic
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile.bazel
70 lines (56 loc) · 3.35 KB
/
Dockerfile.bazel
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# https://hub.docker.com/_/ubuntu
# focal-20220922
FROM ubuntu@sha256:e722c7335fdd0ce77044ab5942cb1fbd2b5f60d1f5416acfcdb0814b2baf7898
ARG BAZEL_VERSION=invalid
ENV TZ=UTC
COPY --chown=0700 ./files/known_hosts /etc/ssh/ssh_known_hosts
RUN export DEBIAN_FRONTEND=noninteractive && ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && \
apt -yq update && apt -yqq install \
curl build-essential git gnupg node-json5 uuid-dev \
# GitLab CI \
sudo gosu jq rclone \
# Test \
rsync \
# RUST \
gcc lld pkg-config libssl-dev libunwind-dev libsqlite3-dev zlib1g-dev libclang-10-dev \
# IC-OS \
python3 python-is-python3 fakeroot android-sdk-ext4-utils cryptsetup-bin zstd lsb-release grub-efi-amd64-bin libsystemd-dev faketime dosfstools libselinux-dev mtools
ARG buildevents_version=0.6.0
RUN curl -fsSL https://github.com/honeycombio/buildevents/releases/download/v${buildevents_version}/buildevents-linux-amd64 -o /usr/bin/buildevents && \
chmod +x /usr/bin/buildevents
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null && \
curl -L "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/Release.key" | apt-key add - && \
echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list && \
apt -yq update && \
apt -yqq install --no-install-recommends docker-ce-cli podman buildah
ARG bazelisk_sha=8b739ac23a189b70d51a98041e90ba16f6559d5f991d83bbc031c740f8796310
RUN curl -fsSL https://github.com/bazelbuild/bazelisk/releases/download/v1.12.2/bazelisk-linux-amd64 -o /usr/bin/bazel && \
echo "$bazelisk_sha /usr/bin/bazel" | sha256sum --check && \
chmod 777 /usr/bin/bazel
RUN groupadd -g 1000 ubuntu && useradd -ms /bin/bash -u 1000 -g 1000 ubuntu
# CI before script requires sudo
RUN echo "ALL ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
# Init for reaping zombies and performing signal forwarding (https://github.com/krallin/tini)
ARG tini_version=0.19.0
RUN curl -fsSL https://github.com/krallin/tini/releases/download/v${tini_version}/tini -o /tini && \
curl -fsSL https://github.com/krallin/tini/releases/download/v${tini_version}/tini.asc -o /tini.asc && \
chmod +x /tini
RUN gpg --batch --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \
gpg --batch --verify /tini.asc /tini && chmod +x /tini
COPY ./files/generate-bazel-completion.sh /tmp/
RUN /tmp/generate-bazel-completion.sh
RUN echo "source /etc/bash_completion.d/bazel" >>/etc/bash.bashrc
# Pre-populate the Bazel installation for root
RUN USE_BAZEL_VERSION=${BAZEL_VERSION} bazel version
USER ubuntu
# Pre-populate the Bazel installation for ubuntu
RUN USE_BAZEL_VERSION=${BAZEL_VERSION} bazel version
WORKDIR /
USER 0
RUN mv /usr/bin/docker /usr/bin/docker-bin
COPY ./files/containers.conf /etc/containers/containers.conf
COPY ./files/docker.sh /usr/bin/docker
COPY ./files/entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/tini", "--", "/entrypoint.sh"]
CMD ["/bin/bash"]