@@ -2,27 +2,28 @@ FROM rust:slim AS rust-utils
22# Install rust helper programs
33# ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
44ENV CARGO_INSTALL_ROOT=/tmp/
5- RUN cargo install exa bat ripgrep typos-cli watchexec-cli
5+ RUN cargo install exa bat ripgrep typos-cli watchexec-cli && \
6+ # Reduce image size.
7+ rm -rf /usr/local/cargo/registry
68
79FROM ubuntu:jammy AS go
810
9- RUN apt-get update && apt-get install --yes curl gcc
1011# Install Go manually, so that we can control the version
1112ARG GO_VERSION=1.22.5
12- RUN mkdir --parents /usr/local/go
1313
1414# Boring Go is needed to build FIPS-compliant binaries.
1515RUN curl --silent --show-error --location \
1616"https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" \
1717-o /usr/local/go.tar.gz
1818
19- RUN tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1
20-
2119ENV PATH=$PATH:/usr/local/go/bin
22-
23- # Install Go utilities.
2420ARG GOPATH="/tmp/"
25- RUN mkdir --parents"$GOPATH" && \
21+ # Install Go utilities.
22+ RUN apt-get update && \
23+ apt-get install --yes curl gcc && \
24+ mkdir --parents /usr/local/go && \
25+ tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 && \
26+ mkdir --parents"$GOPATH" && \
2627# moq for Go tests.
2728go install github.com/matryer/moq@v0.2.3 && \
2829# swag for Swagger doc generation
@@ -73,34 +74,44 @@ RUN mkdir --parents "$GOPATH" && \
7374# yq v3 used in v1.
7475go install github.com/mikefarah/yq/v4@v4.30.6 && \
7576mv /tmp/bin/yq /tmp/bin/yq4 && \
76- go install go.uber.org/mock/mockgen@v0.4.0
77+ go install go.uber.org/mock/mockgen@v0.4.0 && \
78+ # Reduce image size.
79+ apt-get remove --yes curl gcc && \
80+ apt-get autoremove --yes && \
81+ apt-get clean && \
82+ rm -rf /var/lib/apt/lists && \
83+ rm -rf /usr/local/go && \
84+ rm -rf /tmp/go/pkg && \
85+ rm -rf /tmp/go/src
7786
7887FROM gcr.io/coder-dev-1/alpine:3.18 as proto
7988WORKDIR /tmp
8089RUN apk add curl unzip
81- RUN curl -L -o protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v23.3/protoc-23.3-linux-x86_64.zip
82- RUN unzip protoc.zip
90+ RUN curl -L -o protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v23.3/protoc-23.3-linux-x86_64.zip && \
91+ unzip protoc.zip && \
92+ rm protoc.zip
8393
8494FROM ubuntu:jammy
8595
8696SHELL ["/bin/bash" ,"-c" ]
8797
98+ # Install packages from apt repositories
99+ ARG DEBIAN_FRONTEND="noninteractive"
100+
88101# Updated certificates are necessary to use the teraswitch mirror.
89102# This must be ran before copying in configuration since the config replaces
90103# the default mirror with teraswitch.
91104RUN apt-get update && apt-get install --yes ca-certificates
92105
93106COPY files /
107+
94108# We used to copy /etc/sudoers.d/* in from files/ but this causes issues with
95109# permissions and layer caching. Instead, create the file directly.
96110RUN mkdir -p /etc/sudoers.d && \
97111echo'coder ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/nopasswd && \
98112chmod 750 /etc/sudoers.d/ && \
99113chmod 640 /etc/sudoers.d/nopasswd
100114
101- # Install packages from apt repositories
102- ARG DEBIAN_FRONTEND="noninteractive"
103-
104115RUN apt-get update --quiet && apt-get install --yes \
105116ansible \
106117apt-transport-https \
@@ -231,7 +242,9 @@ RUN systemctl disable \
231242# Configure systemd services for CVMs
232243RUN systemctl enable \
233244docker \
234- ssh
245+ ssh && \
246+ # Workaround for envbuilder cache probing not working unless the filesystem is modified.
247+ touch /tmp/.envbuilder-systemctl-enable-docker-ssh-workaround
235248
236249# Install tools with published releases, where that is the
237250# preferred/recommended installation method.