-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathDockerfile
60 lines (46 loc) · 1.73 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
ARG GOLANG_VERSION=1.20.5
ARG SOPS_VERSION=3.7.3
ARG PYTHON_VERSION=3.10.11
FROM golang:${GOLANG_VERSION}-bullseye as golang_image
FROM mozilla/sops:v${SOPS_VERSION} as sops_image
FROM python:${PYTHON_VERSION}-bullseye
USER root
RUN apt-get update && \
apt-get install -y libffi-dev \
dpkg \
git
COPY --from=golang_image /usr/local/go/ /usr/local/go/
ENV PATH="/usr/local/go/bin:${PATH}"
COPY --from=sops_image /go/bin/sops /usr/local/bin/sops
ENV NIKE_LAB222_PROJECT pterradactyl
ENV POETRY_VERSION 1.4.1
ARG NB_USER="pterradactyl"
ARG NB_UID="1000"
ARG NB_GID="100"
# SETUP "pterradactyl" USER
RUN \
apt-get update && \
apt-get install -y sudo && \
useradd -m -s /bin/bash -N -u $NB_UID $NB_USER && \
chmod g+w /etc/passwd && \
echo "${NB_USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \
# Prevent apt-get cache from being persisted to this layer.
rm -rf /var/lib/apt/lists/*
# INSTALL AWSCLI VERSION 2
RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "tmp/awscliv2.zip"
RUN cd tmp && unzip awscliv2.zip && ./aws/install
RUN rm -rf tmp/*
# UPGRADE PIP AND INSTALL POETRY
RUN pip3 install --upgrade pip
RUN pip3 install --no-cache-dir poetry==$POETRY_VERSION \
&& poetry config virtualenvs.create false
# CREATE THE DIRECTORY FOR THE PROJECT
RUN mkdir -p /opt/nike-lab222/$NIKE_LAB222_PROJECT
# COPY SO THAT FILES ARE USABLE BY THE pterradactyl USER
COPY --chown=$NB_USER:$NB_GID . /opt/nike-lab222/$NIKE_LAB222_PROJECT/
WORKDIR /opt/nike-lab222/$NIKE_LAB222_PROJECT/
RUN poetry install && poetry cache clear --all .
# Make the default shell bash (vs "sh") for a better Jupyter terminal UX
ENV SHELL=/bin/bash
# CHANGE USER BACK TO NON-ROOT USER FOR CIS COMPLIANCE
USER $NB_USER