TSYSDevStack/Dockerfile

# Use latest Debian stable as base image
FROM debian:stable-slim AS build

# Set environment variables
ENV DEBIAN_FRONTEND=noninteractive
ENV HOME=/home/tsysdevstack
ENV USER=tsysdevstack
ENV MISE_DATA_DIR=/home/tsysdevstack/.local/share/mise
ENV MISE_CONFIG_DIR=/home/tsysdevstack/.config/mise
ENV PATH=/home/tsysdevstack/.local/share/mise/shims:/home/tsysdevstack/.local/bin:/usr/local/bin:$PATH

# Install system dependencies (as root only during build time)
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
    ca-certificates \
    curl \
    wget \
    gnupg \
    lsb-release \
    git \
    unzip \
    zip \
    build-essential \
    python3 \
    python3-pip \
    python3-dev \
    nodejs \
    npm \
    sudo \
    locales \
    fonts-noto \
    fonts-noto-cjk \
    fonts-noto-color-emoji \
    fontconfig \
    && rm -rf /var/lib/apt/lists/* \
    && apt-get clean

# Set up locale
RUN echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && \
    locale-gen

# Create tsysdevstack user with specific UID/GID for consistency
RUN groupadd -g 1000 tsysdevstack && \
    useradd -u 1000 -g tsysdevstack -m -s /bin/bash tsysdevstack && \
    echo "tsysdevstack ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/tsysdevstack && \
    chmod 0440 /etc/sudoers.d/tsysdevstack

# Switch to tsysdevstack user for remaining operations
USER tsysdevstack
WORKDIR /home/tsysdevstack

# Install mise (version managed)
RUN curl -fsSL https://mise.run | sh -s -- -y && \
    # Add mise to PATH and source it in .bashrc
    echo 'eval "$(~/.local/bin/mise activate bash)"' >> ~/.bashrc && \
    echo 'eval "$(~/.local/bin/mise activate zsh)"' >> ~/.zshrc

# Install TeXLive for document generation
RUN mkdir -p /tmp/texlive && \
    cd /tmp/texlive && \
    wget http://mirror.ctan.org/systems/texlive/tlnet/install-tl-unx.tar.gz && \
    tar -xzf install-tl-unx.tar.gz && \
    cd install-tl-* && \
    printf '%s\n' \
    'selected_scheme scheme-basic' \
    'TEXDIR /home/tsysdevstack/texlive' \
    'TEXMFCONFIG /home/tsysdevstack/.texmf-config' \
    'TEXMFVAR /home/tsysdevstack/.texmf-var' \
    'option_doc 0' \
    'option_src 0' \
    > texlive.profile && \
    ./install-tl --profile=texlive.profile && \
    cd / && \
    rm -rf /tmp/texlive

ENV PATH=/home/tsysdevstack/texlive/bin/$(uname -m)-linuxmusl:$PATH

# Install additional TeXLive packages needed for PDF generation
RUN tlmgr install scheme-basic \
    collection-latex \
    collection-latexrecommended \
    collection-latexextra \
    collection-fontsrecommended \
    xetex \
    fontspec \
    lualatex \
    scheme-full \
    && mktexlsr

# Install pandoc with version pinning
RUN wget -q https://github.com/jgm/pandoc/releases/download/3.2/pandoc-3.2-1-amd64.deb -O /tmp/pandoc.deb && \
    dpkg-deb -x /tmp/pandoc.deb /tmp/pandoc && \
    cp -r /tmp/pandoc/usr/* /usr/local/ && \
    rm /tmp/pandoc.deb /tmp/pandoc

# Install additional tools via system packages
RUN sudo apt-get update && \
    sudo apt-get install -y --no-install-recommends \
    jq \
    yq \
    wkhtmltopdf \
    graphviz \
    && sudo rm -rf /var/lib/apt/lists/* \
    && sudo apt-get clean

# Set up mise for installing specific versions of tools
SHELL ["/bin/bash", "-c"]
RUN source ~/.bashrc && \
    mise use --global python@3.12.6 && \
    mise use --global node@21.7.3 && \
    mise install

# Install tools via npm (using mise-managed Node.js)
RUN source ~/.bashrc && \
    npm install -g mdbook@0.4.40 && \
    npm install -g typst@0.12.0 && \
    npm install -g @marp-team/marp-cli@3.4.0 && \
    npm install -g markwhen@0.9.1 && \
    npm install -g quarto-cli@1.6.17 && \
    npm install -g vale@3.4.2

# Install tools via pip (using mise-managed Python)
RUN source ~/.bashrc && \
    pip3 install --user kroki-cli==0.6.0 && \
    pip3 install --user bibtool==3.2

# Install Rust-based tools
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
ENV PATH=/home/tsysdevstack/.cargo/bin:$PATH
RUN source ~/.bashrc && \
    cargo install --version 0.8.0 ripgrep

# Install fish shell, zsh and other utilities
RUN sudo apt-get update && \
    sudo apt-get install -y --no-install-recommends \
    fish \
    zsh \
    && sudo rm -rf /var/lib/apt/lists/* \
    && sudo apt-get clean

# Set up oh-my-zsh
RUN sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended

# Final stage - create minimal runtime image
FROM debian:stable-slim

# Set environment variables
ENV DEBIAN_FRONTEND=noninteractive
ENV HOME=/home/tsysdevstack
ENV USER=tsysdevstack
ENV MISE_DATA_DIR=/home/tsysdevstack/.local/share/mise
ENV MISE_CONFIG_DIR=/home/tsysdevstack/.config/mise
ENV PATH=/home/tsysdevstack/.local/share/mise/shims:/home/tsysdevstack/.local/bin:/usr/local/bin:/home/tsysdevstack/texlive/bin/$(uname -m)-linuxmusl:$PATH

# Install minimal runtime dependencies
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
    ca-certificates \
    curl \
    wget \
    git \
    python3 \
    python3-pip \
    nodejs \
    npm \
    sudo \
    locales \
    fonts-noto \
    fonts-noto-cjk \
    fonts-noto-color-emoji \
    fontconfig \
    wkhtmltopdf \
    graphviz \
    jq \
    yq \
    && rm -rf /var/lib/apt/lists/* \
    && apt-get clean

# Set up locale
RUN echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && \
    locale-gen

# Create tsysdevstack user and group
RUN groupadd -g 1000 tsysdevstack && \
    useradd -u 1000 -g tsysdevstack -m -s /bin/bash tsysdevstack && \
    echo "tsysdevstack ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/tsysdevstack && \
    chmod 0440 /etc/sudoers.d/tsysdevstack

# Copy installed tools from build stage
COPY --from=build /home/tsysdevstack/ /home/tsysdevstack/
COPY --from=build /usr/local/ /usr/local/
COPY --from=build /home/tsysdevstack/.cargo/bin/ /home/tsysdevstack/.cargo/bin/

# Set up workspace directory
RUN mkdir -p /home/tsysdevstack/TSYSDevStack/Toolbox/docs/output && \
    chown -R tsysdevstack:tsysdevstack /home/tsysdevstack/TSYSDevStack

# Switch to tsysdevstack user
USER tsysdevstack
WORKDIR /home/tsysdevstack

# Expose output directory
VOLUME ["/home/tsysdevstack/TSYSDevStack/Toolbox/docs/output"]

# Default command
CMD ["/bin/bash"]