KNEL/TSYSDevStack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ab54d694f26d0a9b7df70d341afadccd3d3ac5ab
TSYSDevStack/ToolboxStack/output/toolbox-qadocker/Dockerfile
ReachableCEO ab54d694f2 chore(filesystem): reflect major filesystem restructuring changes 
- Renamed DocStack to dockstack
- Transformed toolbox-template into toolbox-qadocker with new functionality
- Removed NewToolbox.sh script
- Updated PROMPT and configuration files across all toolboxes
- Consolidated audit and testing scripts
- Updated QWEN.md to reflect new filesystem structure as authoritative source
- Merged PROMPT content into QWEN.md as requested

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>

The filesystem structure has been intentionally restructured and is now the authoritative source of truth for the project organization.
2025-10-31 13:26:39 -05:00

81 lines
3.4 KiB
Docker
Raw Blame History

# Use Ubuntu 24.04 as base for the QA Docker toolbox
FROM ubuntu:24.04
# Set build arguments (these can be overridden at build time)
ARG USER_ID=1000
ARG GROUP_ID=1000
ARG USERNAME=toolbox
# Set up environment and install essential packages
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
curl \
gnupg \
lsb-release \
git \
unzip \
wget \
zsh \
&& rm -rf /var/lib/apt/lists/*
# Install Docker CLI
RUN install -m 0755 -d /etc/apt/keyrings \
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
&& chmod a+r /etc/apt/keyrings/docker.gpg \
&& echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null \
&& apt-get update \
&& apt-get install -y --no-install-recommends docker-ce-cli \
&& rm -rf /var/lib/apt/lists/*
# Install hadolint for Dockerfile linting
RUN wget -O /usr/local/bin/hadolint https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 \
&& chmod +x /usr/local/bin/hadolint
# Install dive for exploring Docker image layers
RUN wget -O /tmp/dive_0.10.0_linux_amd64.deb https://github.com/wagoodman/dive/releases/download/v0.10.0/dive_0.10.0_linux_amd64.deb \
&& dpkg -i /tmp/dive_0.10.0_linux_amd64.deb \
&& rm /tmp/dive_0.10.0_linux_amd64.deb
# Install git for cloning security repositories
RUN apt-get update && apt-get install -y --no-install-recommends git \
&& rm -rf /var/lib/apt/lists/*
# Create non-root user
RUN groupadd --gid "${GROUP_ID}" "${USERNAME}" \
&& useradd --uid "${USER_ID}" --gid "${GROUP_ID}" --shell /bin/bash --create-home "${USERNAME}"
# Set up basic shell configuration
RUN echo 'export PATH="$PATH:/usr/local/bin"' >> /home/${USERNAME}/.bashrc
# Prepare workspace directory with appropriate ownership
RUN mkdir -p /workspace \
&& chown "${USER_ID}:${GROUP_ID}" /workspace
# Remove sudo to ensure no root escalation is possible at runtime
RUN apt-get remove -y sudo 2>/dev/null || true && apt-get autoremove -y 2>/dev/null || true && rm -rf /var/lib/apt/lists/* 2>/dev/null || true
# Install aqua for package management
RUN curl -sSfL https://raw.githubusercontent.com/aquaproj/aqua-installer/v3.0.0/aqua-installer | bash -s -- -v v3.0.0 \
&& mv /usr/local/bin/aqua /usr/local/bin/aqua-tmp \
&& mkdir -p /root/.local/share/aquaproj-aqua/bin \
&& mv /usr/local/bin/aqua-tmp /root/.local/share/aquaproj-aqua/bin/aqua \
&& ln -s /root/.local/share/aquaproj-aqua/bin/aqua /usr/local/bin/aqua
# Copy the aqua.yaml configuration for the non-root user and install packages
COPY aqua.yaml /tmp/aqua.yaml
RUN chown "${USER_ID}:${GROUP_ID}" /tmp/aqua.yaml \
&& mkdir -p /home/${USERNAME}/.config/aquaproj-aqua \
&& chown "${USER_ID}:${GROUP_ID}" /home/${USERNAME}/.config/aquaproj-aqua \
&& su - "${USERNAME}" -c 'cp /tmp/aqua.yaml /home/${USERNAME}/.config/aquaproj-aqua/aqua.yaml' \
&& su - "${USERNAME}" -c 'AQUA_GLOBAL_CONFIG=/home/${USERNAME}/.config/aquaproj-aqua/aqua.yaml aqua install'
ENV PATH=/root/.local/share/aquaproj-aqua/bin:/home/${USERNAME}/.local/share/aquaproj-aqua/bin:/usr/local/bin:${PATH}
WORKDIR /workspace
USER ${USERNAME}
CMD ["/bin/bash"]
Reference in New Issue View Git Blame Copy Permalink