Skip to content

Commit

Permalink
Update Dockerfiles
Browse files Browse the repository at this point in the history
  • Loading branch information
@leoherran-aws
leoherran-aws committed Mar 17, 2022
1 parent 5011692 commit f125ad2
Show file tree
Hide file tree
Showing 5 changed files with 228 additions and 200 deletions.
90 changes: 47 additions & 43 deletions al2/x86_64/standard/2.0/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright 2019-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# Copyright 2019-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Amazon Software License (the "License"). You may not use this file except in compliance with the License.
# A copy of the License is located at
Expand All @@ -13,8 +13,10 @@ FROM public.ecr.aws/amazonlinux/amazonlinux:2 AS core

# Install git, SSH, and other utilities
RUN set -ex \
&& yum install -yq openssh-clients \
&& yum install -y -q openssh-clients \
&& mkdir ~/.ssh \
&& mkdir -p /opt/tools \
&& mkdir -p /codebuild/image/config \
&& touch ~/.ssh/known_hosts \
&& ssh-keyscan -t rsa,dsa -H github.com >> ~/.ssh/known_hosts \
&& ssh-keyscan -t rsa,dsa -H bitbucket.org >> ~/.ssh/known_hosts \
Expand All @@ -23,8 +25,8 @@ RUN set -ex \
&& rpm --import https://download.mono-project.com/repo/xamarin.gpg \
&& curl https://download.mono-project.com/repo/centos7-stable.repo | tee /etc/yum.repos.d/mono-centos7-stable.repo \
&& amazon-linux-extras enable corretto8 \
&& yum groupinstall -yq "Development tools" \
&& yum install -yq \
&& yum groupinstall -y -q "Development tools" \
&& yum install -y -q \
GeoIP-devel ImageMagick asciidoc bzip2-devel bzr bzrtools cvs cvsps \
docbook-dtds docbook-style-xsl dpkg-dev e2fsprogs expat-devel expect fakeroot \
glib2-devel groff gzip icu iptables jq krb5-server libargon2-devel \
Expand Down Expand Up @@ -54,12 +56,12 @@ RUN set -ex \
&& cd git-$GIT_VERSION \
&& make -j4 prefix=/usr \
&& make install prefix=/usr \
&& cd .. ; rm -rf git-$GIT_VERSION \
&& cd .. && rm -rf git-$GIT_VERSION \
&& rm -rf $GIT_TAR_FILE /tmp/*

# Install Firefox
RUN set -ex \
&& yum install -yq gtk3-devel dbus-glib-devel \
&& yum install -y -q gtk3-devel dbus-glib-devel \
&& wget -qO ~/FirefoxSetup.tar.bz2 "https://download.mozilla.org/?product=firefox-latest&os=linux64" \
&& tar xjf ~/FirefoxSetup.tar.bz2 -C /opt/ \
&& ln -s /opt/firefox/firefox /usr/local/bin/firefox \
Expand All @@ -77,7 +79,7 @@ RUN set -ex \

# Install Chromium
RUN set -ex \
&& yum install -yq chromium
&& yum install -y -q chromium

# Install ChromeDriver
RUN set -ex \
Expand All @@ -96,17 +98,15 @@ RUN set -ex \
&& STUNNEL_VERSION=5.56 \
&& STUNNEL_TAR=stunnel-$STUNNEL_VERSION.tar.gz \
&& STUNNEL_SHA256="7384bfb356b9a89ddfee70b5ca494d187605bb516b4fff597e167f97e2236b22" \
&& curl -o $STUNNEL_TAR https://www.usenix.org.uk/mirrors/stunnel/archive/5.x/$STUNNEL_TAR \
&& echo "$STUNNEL_SHA256 $STUNNEL_TAR" | sha256sum -c - \
&& tar xfz $STUNNEL_TAR \
&& curl -o $STUNNEL_TAR https://www.usenix.org.uk/mirrors/stunnel/archive/5.x/$STUNNEL_TAR && echo "$STUNNEL_SHA256 $STUNNEL_TAR" | sha256sum --check && tar xfz $STUNNEL_TAR \
&& cd stunnel-$STUNNEL_VERSION \
&& ./configure \
&& make -j4 \
&& make install \
&& openssl genrsa -out key.pem 2048 \
&& openssl req -new -x509 -key key.pem -out cert.pem -days 1095 -subj "/C=US/ST=Washington/L=Seattle/O=Amazon/OU=Codebuild/CN=codebuild.amazon.com" \
&& cat key.pem cert.pem >> /usr/local/etc/stunnel/stunnel.pem \
&& cd .. ; rm -rf stunnel-${STUNNEL_VERSION}*
&& cd .. && rm -rf stunnel-${STUNNEL_VERSION}*

# AWS Tools
# https://docs.aws.amazon.com/eks/latest/userguide/install-aws-iam-authenticator.html https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_CLI_installation.html
Expand All @@ -117,7 +117,7 @@ RUN curl -sS -o /usr/local/bin/aws-iam-authenticator https://amazon-eks.s3-us-we

# Configure SSM
RUN set -ex \
&& yum install -yq https://s3.amazonaws.com/amazon-ssm-us-east-1/3.0.1390.0/linux_amd64/amazon-ssm-agent.rpm
&& yum install -y -q https://s3.amazonaws.com/amazon-ssm-us-east-1/3.0.1390.0/linux_amd64/amazon-ssm-agent.rpm

# Install env tools for runtimes
## Dotnet
Expand Down Expand Up @@ -162,7 +162,7 @@ ENV GOPATH="/go"
FROM tools AS runtimes_1

#**************** JAVA ****************************************************
COPY tools/android-accept-licenses.sh /opt/tools/android-accept-licenses.sh
RUN cat tools/android-accept-licenses.sh > /opt/tools/android-accept-licenses.sh && chmod 755 /opt/tools/android-accept-licenses.sh

ENV JAVA_11_HOME="/opt/jvm/amazon-corretto-11" \
JDK_11_HOME="/opt/jvm/amazon-corretto-11" \
Expand All @@ -175,7 +175,7 @@ ENV JAVA_11_HOME="/opt/jvm/amazon-corretto-11" \
MAVEN_VERSION=3.6.3 \
INSTALLED_GRADLE_VERSIONS="4.10.3 5.4.1" \
GRADLE_VERSION=5.4.1 \
SBT_VERSION=1.2.8 \
SBT_VERSION=1.6.1 \
JDK_VERSION=11.0.5.10.1 \
ANDROID_HOME="/usr/local/android-sdk-linux" \
GRADLE_PATH="$SRC_DIR/gradle" \
Expand All @@ -190,7 +190,8 @@ ENV JAVA_11_HOME="/opt/jvm/amazon-corretto-11" \
MAVEN_DOWNLOAD_SHA512="c35a1803a6e70a126e80b2b3ae33eed961f83ed74d18fcd16909b2d44d7dada3203f1ffe726c17ef8dcca2dcaa9fca676987befeadc9b9f759967a8cb77181c0" \
GRADLE_DOWNLOADS_SHA256="14cd15fc8cc8705bd69dcfa3c8fefb27eb7027f5de4b47a8b279218f76895a91 5.4.1\n336b6898b491f6334502d8074a6b8c2d73ed83b92123106bd4bf837f04111043 4.10.3" \
ANDROID_SDK_MANAGER_SHA256="92ffee5a1d98d856634e8b71132e8a95d96c83a63fde1099be3d86df3106def9" \
SBT_DOWNLOAD_SHA256="9bb9212541176d6fcce7bd12e4cf8a9c9649f5b63f88b3aff474e0b02c7cfe58"
SBT_DOWNLOAD_SHA256="60286bf1b875b31e2955f8a699888cd2612e9afd94d03cde0a2e71efd7492ffc" \
LOG4J_UNSAFE_VERSIONS="2.11.1 1.2.8"

ARG MAVEN_CONFIG_HOME="/root/.m2"
ENV JDK_DOWNLOAD_TAR="amazon-corretto-${JDK_VERSION}-linux-x64.tar.gz" \
Expand All @@ -203,7 +204,7 @@ ENV JDK_DOWNLOAD_URL="https://d3pxv6yz143wms.cloudfront.net/${JDK_VERSION}/${JDK

RUN set -ex \
# Install Amazon Corretto 8
&& yum install -yq java-1.8.0-amazon-corretto-devel \
&& yum install -y -q java-1.8.0-amazon-corretto-devel \
# Ensure Java cacerts symlink points to valid location
&& update-ca-trust

Expand Down Expand Up @@ -275,9 +276,11 @@ RUN set -ex \
&& curl -fSL "https://github.com/sbt/sbt/releases/download/v${SBT_VERSION}/sbt-${SBT_VERSION}.tgz" -o sbt.tgz \
&& echo "${SBT_DOWNLOAD_SHA256} *sbt.tgz" | sha256sum -c - \
&& tar xzf sbt.tgz -C /usr/local/bin/ \
&& rm sbt.tgz
&& rm sbt.tgz \
&& for version in $LOG4J_UNSAFE_VERSIONS; do find / -name log4j*-$version.jar | xargs rm -f; done

ENV PATH "/usr/local/bin/sbt/bin:$PATH"
RUN sbt version
RUN sbt version -Dsbt.rootdir=true
# Cleanup
RUN rm -fr /tmp/* /var/tmp/*
#**************** END JAVA ****************************************************
Expand Down Expand Up @@ -309,17 +312,18 @@ ENV NODE_10_VERSION="10.19.0"
RUN n $NODE_10_VERSION && npm install --save-dev -g -f grunt && npm install --save-dev -g -f grunt-cli && npm install --save-dev -g -f webpack \
&& curl -sSL https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo \
&& rpm --import https://dl.yarnpkg.com/rpm/pubkey.gpg \
&& yum install -yq yarn \
&& yum install -y https://download-ib01.fedoraproject.org/pub/epel/8/Modular/x86_64/Packages/l/libuv-1.43.0-2.module_el8+13774+f8c1f5a5.x86_64.rpm \
&& yum install -y -q yarn \
&& yarn --version \
&& cd / && rm -rf $N_SRC_DIR; rm -rf /tmp/*
&& cd / && rm -rf $N_SRC_DIR && rm -rf /tmp/*

#**************** END NODEJS ****************************************************

#**************** RUBY *********************************************************

ENV RUBY_26_VERSION="2.6.5"

RUN rbenv install $RUBY_26_VERSION; rm -rf /tmp/*; rbenv global $RUBY_26_VERSION;ruby -v
RUN rbenv install $RUBY_26_VERSION && rm -rf /tmp/* && rbenv global $RUBY_26_VERSION && ruby -v

#**************** END RUBY *****************************************************

Expand All @@ -328,8 +332,8 @@ ENV PYTHON_37_VERSION="3.7.10"
ENV PYTHON_PIP_VERSION=21.1.2
ENV PYYAML_VERSION=5.4.1

COPY tools/runtime_configs/python/$PYTHON_37_VERSION /root/.pyenv/plugins/python-build/share/python-build/$PYTHON_37_VERSION
RUN env PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install $PYTHON_37_VERSION; rm -rf /tmp/*
RUN cat tools/runtime_configs/python/$PYTHON_37_VERSION > /root/.pyenv/plugins/python-build/share/python-build/$PYTHON_37_VERSION
RUN env PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install $PYTHON_37_VERSION && rm -rf /tmp/*
RUN pyenv global $PYTHON_37_VERSION
RUN set -ex \
&& pip3 install --no-cache-dir --upgrade --force-reinstall "pip==$PYTHON_PIP_VERSION" \
Expand All @@ -341,8 +345,8 @@ RUN set -ex \
#**************** PHP ****************************************************
ENV PHP_73_VERSION="7.3.13"

COPY tools/runtime_configs/php/$PHP_73_VERSION /root/.phpenv/plugins/php-build/share/php-build/definitions/$PHP_73_VERSION
RUN phpenv install $PHP_73_VERSION; rm -rf /tmp/*; phpenv global $PHP_73_VERSION
RUN cat tools/runtime_configs/php/$PHP_73_VERSION > /root/.phpenv/plugins/php-build/share/php-build/definitions/$PHP_73_VERSION
RUN phpenv install $PHP_73_VERSION && rm -rf /tmp/* && phpenv global $PHP_73_VERSION
RUN echo "memory_limit = 1G;" >> "/root/.phpenv/versions/$PHP_73_VERSION/etc/conf.d/memory.ini"

# Install Composer globally
Expand All @@ -356,25 +360,24 @@ ENV GOLANG_13_VERSION="1.13.15" \
ENV GOENV_DISABLE_GOPATH=1
ENV GOPATH="/go"

RUN goenv install $GOLANG_12_VERSION; rm -rf /tmp/*
RUN goenv install $GOLANG_12_VERSION && rm -rf /tmp/*

RUN goenv install $GOLANG_13_VERSION; rm -rf /tmp/*; \
goenv global $GOLANG_13_VERSION
RUN goenv install $GOLANG_13_VERSION && rm -rf /tmp/* && goenv global $GOLANG_13_VERSION

RUN go get -u github.com/golang/dep/cmd/dep
#**************** END GOLANG ****************************************************

#=======================End of layer: runtimes_1 =================
FROM runtimes_1 AS runtimes_2

#Docker 19
#Docker 20
ENV DOCKER_BUCKET="download.docker.com" \
DOCKER_CHANNEL="stable" \
DIND_COMMIT="3b5fac462d21ca164b3778647420016315289034" \
DOCKER_COMPOSE_VERSION="1.24.0"

ENV DOCKER_SHA256="caf74e54b58c0b38bb4d96c8f87665f29b684371c9a325562a3904b8c389995e"
ENV DOCKER_VERSION="20.10.9"
ENV DOCKER_SHA256="dd6ff72df1edfd61ae55feaa4aadb88634161f0aa06dbaaf291d1be594099ff3"
ENV DOCKER_VERSION="20.10.11"

VOLUME /var/lib/docker

Expand All @@ -397,8 +400,8 @@ RUN set -ex \
#Python 3.8
ENV PYTHON_38_VERSION="3.8.10"

COPY tools/runtime_configs/python/$PYTHON_38_VERSION /root/.pyenv/plugins/python-build/share/python-build/$PYTHON_38_VERSION
RUN env PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install $PYTHON_38_VERSION; rm -rf /tmp/*
RUN cat tools/runtime_configs/python/$PYTHON_38_VERSION > /root/.pyenv/plugins/python-build/share/python-build/$PYTHON_38_VERSION
RUN env PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install $PYTHON_38_VERSION && rm -rf /tmp/*
RUN pyenv global $PYTHON_38_VERSION
RUN set -ex \
&& pip3 install --no-cache-dir --upgrade --force-reinstall "pip==$PYTHON_PIP_VERSION" \
Expand All @@ -408,8 +411,8 @@ RUN set -ex \
#Python 3.9
ENV PYTHON_39_VERSION="3.9.5"

COPY tools/runtime_configs/python/$PYTHON_39_VERSION /root/.pyenv/plugins/python-build/share/python-build/$PYTHON_39_VERSION
RUN env PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install $PYTHON_39_VERSION; rm -rf /tmp/*
RUN cat tools/runtime_configs/python/$PYTHON_39_VERSION > /root/.pyenv/plugins/python-build/share/python-build/$PYTHON_39_VERSION
RUN env PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install $PYTHON_39_VERSION && rm -rf /tmp/*
RUN pyenv global $PYTHON_39_VERSION
RUN set -ex \
&& pip3 install --no-cache-dir --upgrade --force-reinstall "pip==$PYTHON_PIP_VERSION" \
Expand Down Expand Up @@ -456,14 +459,15 @@ ENV MAVEN_CONFIG=$MAVEN_CONFIG_HOME
ENV DEBIAN_FRONTEND="noninteractive"

# Configure SSH
COPY ssh_config /root/.ssh/config
COPY runtimes.yml /codebuild/image/config/runtimes.yml
COPY dockerd-entrypoint.sh /usr/local/bin/
COPY legal/THIRD_PARTY_LICENSES.txt /usr/share/doc
COPY legal/bill_of_material.txt /usr/share/doc
COPY amazon-ssm-agent.json /etc/amazon/ssm/

ENTRYPOINT ["dockerd-entrypoint.sh"]
RUN cat ssh_config > /root/.ssh/config
RUN cat runtimes.yml > /codebuild/image/config/runtimes.yml
RUN cat dockerd-entrypoint.sh > /usr/local/bin/dockerd-entrypoint.sh
RUN chmod +x /usr/local/bin/dockerd-entrypoint.sh
RUN cat legal/THIRD_PARTY_LICENSES.txt > /usr/share/doc/THIRD_PARTY_LICENSES.txt
RUN cat legal/bill_of_material.txt > /usr/share/doc/bill_of_material.txt
RUN cat amazon-ssm-agent.json > /etc/amazon/ssm/amazon-ssm-agent.json

ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"]

#=======================End of layer: al2_v1 =================

Loading

0 comments on commit f125ad2

Please sign in to comment.