-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
149 lines (140 loc) · 3.38 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
# base
FROM ubuntu:24.04
# set the github runner version
ARG RUNNER_VERSION="2.319.1"
ARG DOCKER_GROUP
ENV DOCKER_GROUP=$DOCKER_GROUP
ARG RUNNER_USER="runner"
ENV RUNNER_USER=$RUNNER_USER
ARG USER="runner"
ENV USER=$USER
ARG LANG="C.UTF-8"
ENV LANG=$LANG
RUN usermod -u 666 ubuntu && groupmod -g 666 ubuntu
# update the base packages and add a non-sudo user
RUN groupadd -g ${DOCKER_GROUP} docker && apt-get update -y --fix-missing && apt-get upgrade -y && useradd -mg ${DOCKER_GROUP} runner
ARG LIBS="curl\
jq\
build-essential\
libssl-dev\
libffi-dev\
python3\
python3-venv\
python3-dev\
python3-pip\
tzdata\
ssh\
ca-certificates\
gnupg\
kmod\
uidmap\
autoconf\
automake\
dbus\
dnsutils\
dpkg\
dpkg-dev\
fakeroot\
fonts-noto-color-emoji\
gnupg2\
imagemagick\
iproute2\
iputils-ping\
libcurl4\
libgbm-dev\
libgsl-dev\
libmagic-dev\
libmagickcore-dev\
libmagickwand-dev\
libsecret-1-dev\
libsqlite3-dev\
libyaml-dev\
libtool\
libunwind8\
libxkbfile-dev\
libxss1\
locales\
mercurial\
openssh-client\
p7zip-rar\
pkg-config\
python-is-python3\
graphviz\
rpm\
texinfo\
tk\
upx\
xorriso\
xvfb\
xz-utils\
zsync\
bzip2\
g++\
gcc\
make\
tar\
unzip\
wget\
acl\
aria2\
binutils\
bison\
brotli\
coreutils\
file\
flex\
ftp\
haveged\
lz4\
m4\
mediainfo\
netcat-traditional\
net-tools\
p7zip-full\
parallel\
pass\
patchelf\
pigz\
pollinate\
rsync\
shellcheck\
sphinxsearch\
sqlite3\
sshpass\
subversion\
sudo\
swig\
telnet\
time\
zip\
ant\
ant-optional\
nodejs\
openjdk-17-jre-headless"
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --fix-missing ${LIBS} &&\
install -m 0755 -d /etc/apt/keyrings && \
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg &&\
chmod a+r /etc/apt/keyrings/docker.gpg
# * Setup docker
RUN echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null &&\
usermod -aG docker runner
RUN apt-get update -y && \
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin &&\
rm -rf /var/lib/apt/lists/*
# cd into the user directory, download and unzip the github actions runner
WORKDIR /home/runner
RUN curl -O -L https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz \
&& tar xzf ./actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz && rm ./actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz
# install some additional dependencies
RUN chown -R runner ~runner && /home/runner/bin/installdependencies.sh
# copy over the start.sh script
COPY start.sh start.sh
RUN apt-get autoremove --purge
# since the config and run script for actions are not allowed to be run by root,
# set the user to "docker" so all subsequent commands are run as the docker user
USER runner
# set the entrypoint to the start.sh script
ENTRYPOINT ["./start.sh"]