heckyel/code-server-dind
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
code-server-dind/Dockerfile
Astound 9ea4e093fc
All checks were successful
release / release-default (push) Successful in 1h34m41s
Details
Add Helm and k9s
2025-07-15 22:50:34 -05:00

152 lines
4.9 KiB
Docker
Raw Blame History

# SPDX-License-Identifier: GPL-3.0-or-later
# Copyright (C) 2025 Jesus E.
#
# This file is part of code-server-dind.
# This program is licensed under the GNU GPL version 3 or (at your option) any later version.
# See the LICENSE file or https://www.gnu.org/licenses/gpl-3.0.txt for more details.
FROM debian:bookworm-slim
# Build-time architecture detection
ARG TARGETARCH
ENV ARCH=${TARGETARCH:-amd64}
ENV DEBIAN_FRONTEND=noninteractive
ENV KUBECTL_VERSION=1.33.0
ENV HELM_VERSION=3.18.4
ENV K9S_VERSION=0.50.8
ENV KUBECTL_DATE=2025-05-01
ENV TFLINT_VERSION=0.58.1
# User config
ENV DOCKER_USER=coder \
UID=1000 \
GID=1000 \
PASSWORD=undefined \
HASHED_PASSWORD=undefined
# Base packages
RUN apt-get update -y && apt-get upgrade -y && apt-get install --no-install-recommends -y \
bash \
bash-completion \
ca-certificates \
curl \
dbus \
default-jre \
doas \
dos2unix \
dumb-init \
file \
fuse3 \
git \
gnupg \
iproute2 \
iptables \
jq \
lsb-release \
lsof \
make \
nano \
net-tools \
nodejs \
npm \
openssh-client \
passwd \
pipx \
python3 \
python3-pip \
python3-venv \
siege \
sudo \
tar \
tree \
uidmap \
unzip \
virtualenv \
wget \
xz-utils && \
curl -fsSL https://aquasecurity.github.io/trivy-repo/deb/public.key | \
gpg --dearmor > /usr/share/keyrings/trivy.gpg && \
echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" > /etc/apt/sources.list.d/trivy.list && \
apt-get update -y && apt-get install --no-install-recommends -y trivy && \
apt-get clean && rm -rf /var/lib/apt/lists/*
# Docker
RUN curl -fsSL https://get.docker.com | sh && dockerd --version
# AWS CLI (handle arch manually)
RUN set -e; \
case "$ARCH" in \
amd64) AWS_ARCH="x86_64" ;; \
arm64) AWS_ARCH="aarch64" ;; \
*) echo "Unsupported ARCH: $ARCH" && exit 1 ;; \
esac && \
curl -o awscliv2.zip "https://awscli.amazonaws.com/awscli-exe-linux-${AWS_ARCH}.zip" && \
unzip awscliv2.zip && ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli --update && \
rm -rf awscliv2.zip aws/
# kubectl
RUN curl -o kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/${KUBECTL_VERSION}/${KUBECTL_DATE}/bin/linux/${ARCH}/kubectl && \
chmod +x kubectl && mv kubectl /usr/local/bin/
# eksctl
RUN curl -sLO "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_Linux_${ARCH}.tar.gz" && \
curl -sL "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_checksums.txt" | grep "Linux_${ARCH}" | sha256sum --check && \
tar -xzf eksctl_Linux_${ARCH}.tar.gz -C /tmp && \
mv /tmp/eksctl /usr/local/bin && rm eksctl_Linux_${ARCH}.tar.gz
# Helm
RUN curl -sLO "https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCH}.tar.gz" && \
tar -xzf helm-v${HELM_VERSION}-linux-${ARCH}.tar.gz && \
mv linux-${ARCH}/helm /usr/local/bin/ && \
rm -rf linux-${ARCH} helm-v${HELM_VERSION}-linux-${ARCH}.tar.gz
# k9s
RUN curl -sLO "https://github.com/derailed/k9s/releases/download/v${K9S_VERSION}/k9s_linux_${ARCH}.deb" && \
dpkg -i k9s_linux_${ARCH}.deb && rm k9s_linux_${ARCH}.deb
# TFlint
RUN curl -sLO "https://github.com/terraform-linters/tflint/releases/download/v${TFLINT_VERSION}/tflint_linux_${ARCH}.zip" && \
unzip -q tflint_linux_${ARCH}.zip && \
mv tflint /usr/local/bin/ && \
rm tflint_linux_${ARCH}.zip
# code-server (auto-detects arch)
RUN curl -fsSL https://code-server.dev/install.sh | sh
# Custom shell prompt
RUN curl -Ls https://git.fridu.us/heckyel/hyperterm/raw/branch/master/install.sh -o "$HOME/install.sh" && \
bash "$HOME/install.sh" -s && rm "$HOME/install.sh"
# Pre-commit config
COPY .pre-commit-config.yaml /usr/local/share/default-pre-commit-config.yaml
COPY .setup-precommit.sh /usr/local/bin/setup-precommit
RUN chmod +x /usr/local/bin/setup-precommit
# Gitleaks
ENV GITLEAKS_VERSION="8.27.2"
RUN set -e; \
case "$ARCH" in \
amd64) GITLEAKS_ARCH="x64" ;; \
arm64) GITLEAKS_ARCH="arm64" ;; \
*) echo "Unsupported ARCH: $ARCH" && exit 1 ;; \
esac && \
curl -sSL "https://github.com/gitleaks/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_linux_${GITLEAKS_ARCH}.tar.gz" -o gitleaks.tar.gz && \
tar -xzf gitleaks.tar.gz gitleaks && \
mv gitleaks /usr/local/bin/gitleaks && chmod +x /usr/local/bin/gitleaks && \
rm gitleaks.tar.gz
# BFG
ENV BFG_VERSION=1.15.0
RUN curl -L -o /usr/local/bin/bfg.jar "https://repo1.maven.org/maven2/com/madgag/bfg/${BFG_VERSION}/bfg-${BFG_VERSION}.jar" && \
printf '#!/bin/sh\nexec java -jar /usr/local/bin/bfg.jar "$@"\n' > /usr/local/bin/bfg && \
chmod +x /usr/local/bin/bfg
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
VOLUME ["/home/coder"]
EXPOSE 8080
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD ["/usr/local/bin/entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink