diff --git a/dogfood/contents/Dockerfile b/dogfood/contents/Dockerfile
index 421e4a1ad9a19..5922079c3d445 100644
--- a/dogfood/contents/Dockerfile
+++ b/dogfood/contents/Dockerfile
@@ -2,27 +2,31 @@ FROM rust:slim AS rust-utils
# Install rust helper programs
# ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
ENV CARGO_INSTALL_ROOT=/tmp/
-RUN cargo install exa bat ripgrep typos-cli watchexec-cli
+RUN cargo install exa bat ripgrep typos-cli watchexec-cli && \
+ # Reduce image size.
+ rm -rf /usr/local/cargo/registry
FROM ubuntu:jammy AS go
-RUN apt-get update && apt-get install --yes curl gcc
# Install Go manually, so that we can control the version
ARG GO_VERSION=1.22.5
-RUN mkdir --parents /usr/local/go
# Boring Go is needed to build FIPS-compliant binaries.
-RUN curl --silent --show-error --location \
+RUN apt-get update && \
+ apt-get install --yes curl && \
+ curl --silent --show-error --location \
"https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" \
- -o /usr/local/go.tar.gz
-
-RUN tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1
+ -o /usr/local/go.tar.gz && \
+ rm -rf /var/lib/apt/lists/*
ENV PATH=$PATH:/usr/local/go/bin
-
-# Install Go utilities.
ARG GOPATH="/tmp/"
-RUN mkdir --parents "$GOPATH" && \
+# Install Go utilities.
+RUN apt-get update && \
+ apt-get install --yes gcc && \
+ mkdir --parents /usr/local/go && \
+ tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 && \
+ mkdir --parents "$GOPATH" && \
# moq for Go tests.
go install github.com/matryer/moq@v0.2.3 && \
# swag for Swagger doc generation
@@ -73,24 +77,37 @@ RUN mkdir --parents "$GOPATH" && \
# yq v3 used in v1.
go install github.com/mikefarah/yq/v4@v4.30.6 && \
mv /tmp/bin/yq /tmp/bin/yq4 && \
- go install go.uber.org/mock/mockgen@v0.4.0
+ go install go.uber.org/mock/mockgen@v0.4.0 && \
+ # Reduce image size.
+ apt-get remove --yes gcc && \
+ apt-get autoremove --yes && \
+ apt-get clean && \
+ rm -rf /var/lib/apt/lists/* && \
+ rm -rf /usr/local/go && \
+ rm -rf /tmp/go/pkg && \
+ rm -rf /tmp/go/src
FROM gcr.io/coder-dev-1/alpine:3.18 as proto
WORKDIR /tmp
RUN apk add curl unzip
-RUN curl -L -o protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v23.3/protoc-23.3-linux-x86_64.zip
-RUN unzip protoc.zip
+RUN curl -L -o protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v23.3/protoc-23.3-linux-x86_64.zip && \
+ unzip protoc.zip && \
+ rm protoc.zip
FROM ubuntu:jammy
SHELL ["/bin/bash", "-c"]
+# Install packages from apt repositories
+ARG DEBIAN_FRONTEND="noninteractive"
+
# Updated certificates are necessary to use the teraswitch mirror.
# This must be ran before copying in configuration since the config replaces
# the default mirror with teraswitch.
RUN apt-get update && apt-get install --yes ca-certificates
COPY files /
+
# We used to copy /etc/sudoers.d/* in from files/ but this causes issues with
# permissions and layer caching. Instead, create the file directly.
RUN mkdir -p /etc/sudoers.d && \
@@ -98,9 +115,6 @@ RUN mkdir -p /etc/sudoers.d && \
chmod 750 /etc/sudoers.d/ && \
chmod 640 /etc/sudoers.d/nopasswd
-# Install packages from apt repositories
-ARG DEBIAN_FRONTEND="noninteractive"
-
RUN apt-get update --quiet && apt-get install --yes \
ansible \
apt-transport-https \
@@ -231,7 +245,9 @@ RUN systemctl disable \
# Configure systemd services for CVMs
RUN systemctl enable \
docker \
- ssh
+ ssh && \
+ # Workaround for envbuilder cache probing not working unless the filesystem is modified.
+ touch /tmp/.envbuilder-systemctl-enable-docker-ssh-workaround
# Install tools with published releases, where that is the
# preferred/recommended installation method.
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy