forked from mozilla/addons-server
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
123 lines (101 loc) · 3.74 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
FROM python:3.6-slim-stretch
ENV PYTHONDONTWRITEBYTECODE=1
ARG GROUP_ID=1000
ARG USER_ID=1000
# Run all initial setup with root user. This is the default but mentioned here
# for documentation.
# We won't switch to the `olympia` user inside the dockerfile
# but rather use the `user` option in docker-compose.yml instead
USER root
# Allow scripts to detect we're running in our own container
RUN touch /addons-server-docker-container
# Add nodesource repository and requirements
ADD docker/nodesource.gpg.key /etc/pki/gpg/GPG-KEY-nodesource
RUN apt-get update && apt-get install -y \
apt-transport-https \
gnupg2 \
&& rm -rf /var/lib/apt/lists/*
RUN cat /etc/pki/gpg/GPG-KEY-nodesource | apt-key add -
ADD docker/debian-stretch-nodesource-repo /etc/apt/sources.list.d/nodesource.list
ADD docker/debian-buster-testing-repo /etc/apt/sources.list.d/testing.list
RUN apt-get update && apt-get -t stretch install -y \
# General (dev-) dependencies
bash-completion \
build-essential \
curl \
libjpeg-dev \
libsasl2-dev \
libxml2-dev \
libxslt-dev \
locales \
zlib1g-dev \
libffi-dev \
libssl-dev \
libmagic-dev \
libpcre3-dev \
nodejs \
# Git, because we're using git-checkout dependencies
git \
# Dependencies for mysql-python
mysql-client \
default-libmysqlclient-dev \
swig \
gettext \
# Use rsvg-convert to render our static theme previews
librsvg2-bin \
# Use pngcrush to optimize the PNGs uploaded by developers
pngcrush \
# Use libmaxmind for speedy geoip lookups
libmaxminddb0 \
libmaxminddb-dev \
&& rm -rf /var/lib/apt/lists/*
# Install `file` and `libmagic` from the `buster` repositories for an up-to-date
# file-detection.
RUN apt-get update && apt-get -t buster install -y \
file \
libmagic-dev \
&& rm -rf /var/lib/apt/lists/*
# Compile required locale
RUN localedef -i en_US -f UTF-8 en_US.UTF-8
# Set the locale. This is mainly so that tests can write non-ascii files to
# disk.
ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8
COPY . /code
WORKDIR /code
RUN groupadd -g ${GROUP_ID} olympia
RUN useradd -g ${GROUP_ID} -u ${USER_ID} -Md /deps/ olympia
# Create /deps/ and move ownership over to `olympia` user so that
# we can install things there
# Also run `chown` on `/code/` which technically doesn't change permissions
# on the host but ensures that the image knows about correct permissions.
RUN mkdir /deps/ && chown -R olympia:olympia /deps/ /code/
ENV PIP_BUILD=/deps/build/
ENV PIP_CACHE_DIR=/deps/cache/
ENV PIP_SRC=/deps/src/
# Allow us to install all dependencies to the `olympia` users
# home directory (which is `/deps/`)
ENV PIP_USER=true
ENV PYTHONUSERBASE=/deps
# Make sure that installed binaries are accessible
ENV PATH $PYTHONUSERBASE/bin:$PATH
ENV NPM_CONFIG_PREFIX=/deps/
ENV SWIG_FEATURES="-D__x86_64__"
# From now on run everything with the `olympia` user by default.
USER olympia
RUN ln -s /code/package.json /deps/package.json && \
make update_deps && \
rm -rf /deps/build/ /deps/cache/
# Preserve bash history across image updates.
# This works best when you link your local source code
# as a volume.
ENV HISTFILE /code/docker/artifacts/bash_history
# Configure bash history.
ENV HISTSIZE 50000
ENV HISTIGNORE ls:exit:"cd .."
# This prevents dupes but only in memory for the current session.
ENV HISTCONTROL erasedups
ENV CLEANCSS_BIN /deps/node_modules/.bin/cleancss
ENV LESS_BIN /deps/node_modules/.bin/lessc
ENV UGLIFY_BIN /deps/node_modules/.bin/uglifyjs
ENV ADDONS_LINTER_BIN /deps/node_modules/.bin/addons-linter