diff --git a/src/almalinux/8/helix/amd64/Dockerfile b/src/almalinux/8/helix/amd64/Dockerfile index 8bae71692..1b34638c2 100644 --- a/src/almalinux/8/helix/amd64/Dockerfile +++ b/src/almalinux/8/helix/amd64/Dockerfile @@ -21,10 +21,7 @@ RUN dnf upgrade --refresh -y \ file \ && dnf clean all -RUN python3 -m pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && python3 -m pip install ./helix_scripts-*-py3-none-any.whl - -# Aspnetcore test runs expect python to be available without version suffix +# Test runs expect python to be available without version suffix RUN alternatives --set python /usr/bin/python3 \ && ln -sf /usr/bin/pip3 /usr/bin/pip @@ -33,8 +30,14 @@ ENV LANG=en-US.UTF-8 # create helixbot user and give rights to sudo without password RUN adduser --uid 1000 --shell /bin/bash --gid adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python3 -m venv /home/helixbot/.vsts-env +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/alpine/3.18/helix/Dockerfile b/src/alpine/3.18/helix/Dockerfile index 658403841..b50c94814 100644 --- a/src/alpine/3.18/helix/Dockerfile +++ b/src/alpine/3.18/helix/Dockerfile @@ -10,7 +10,8 @@ RUN apk add --upgrade --no-cache \ RUN python3 -m venv /venv && \ source /venv/bin/activate && \ pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl + pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl FROM library/alpine:3.18 @@ -52,5 +53,5 @@ USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/alpine/3.20/helix/Dockerfile b/src/alpine/3.20/helix/Dockerfile index ed3db3c64..167919264 100644 --- a/src/alpine/3.20/helix/Dockerfile +++ b/src/alpine/3.20/helix/Dockerfile @@ -12,7 +12,8 @@ RUN apk add --upgrade --no-cache \ RUN python3 -m venv /venv && \ source /venv/bin/activate && \ pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl + pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl FROM library/alpine:3.20 @@ -55,5 +56,5 @@ USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/alpine/3.21/helix/Dockerfile b/src/alpine/3.21/helix/Dockerfile index e4ef7b6a0..be3b1c9fc 100644 --- a/src/alpine/3.21/helix/Dockerfile +++ b/src/alpine/3.21/helix/Dockerfile @@ -12,7 +12,8 @@ RUN apk add --upgrade --no-cache \ RUN python3 -m venv /venv && \ source /venv/bin/activate && \ pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl + pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl FROM library/alpine:3.21 @@ -53,5 +54,5 @@ USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/azurelinux/3.0/helix/Dockerfile b/src/azurelinux/3.0/helix/Dockerfile index dfe4cecf6..bac125136 100644 --- a/src/azurelinux/3.0/helix/Dockerfile +++ b/src/azurelinux/3.0/helix/Dockerfile @@ -12,8 +12,8 @@ RUN tdnf install --refresh -y \ RUN python3 -m venv /venv && \ source /venv/bin/activate && \ pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl - + pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl FROM mcr.microsoft.com/azurelinux/base/core:3.0 @@ -29,6 +29,7 @@ RUN tdnf install --setopt tsflags=nodocs --refresh -y \ python3 \ python3-pip \ shadow-utils \ + sudo \ tar \ tzdata \ which \ @@ -37,7 +38,7 @@ RUN tdnf install --setopt tsflags=nodocs --refresh -y \ # create helixbot user and give rights to sudo without password RUN /usr/sbin/useradd -c '' --uid 1000 --shell /bin/bash --groups adm helixbot && \ chmod 755 /root && \ - echo "helixbot ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \ + echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot && \ mkdir /home/helixbot/ && chown -R helixbot /home/helixbot/ USER helixbot @@ -45,5 +46,5 @@ USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/cbl-mariner/2.0/helix/amd64/Dockerfile b/src/cbl-mariner/2.0/helix/amd64/Dockerfile index 3c4c9b2fd..41d414431 100644 --- a/src/cbl-mariner/2.0/helix/amd64/Dockerfile +++ b/src/cbl-mariner/2.0/helix/amd64/Dockerfile @@ -13,23 +13,27 @@ RUN tdnf install --setopt tsflags=nodocs --refresh -y \ llvm \ python3-pip \ shadow-utils \ + sudo \ tar \ tzdata \ which \ && tdnf clean all -RUN ln -sf /usr/bin/python3 /usr/bin/python && \ - python -m pip install --upgrade setuptools && \ - pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl && \ - rm ./helix_scripts-*-py3-none-any.whl +RUN ln -sf /usr/bin/python3 /usr/bin/python # create helixbot user and give rights to sudo without password RUN /usr/sbin/useradd -c '' --uid 1000 --shell /bin/bash --groups adm helixbot && \ chmod 755 /root && \ - echo "helixbot ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \ + echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot && \ mkdir /home/helixbot/ && chown -R helixbot /home/helixbot/ USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python -m venv /home/helixbot/.vsts-env +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install --upgrade pip && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/centos-stream/10/helix/Dockerfile b/src/centos-stream/10/helix/Dockerfile index 38b654d78..6d4c14a6f 100644 --- a/src/centos-stream/10/helix/Dockerfile +++ b/src/centos-stream/10/helix/Dockerfile @@ -11,8 +11,9 @@ RUN dnf upgrade --refresh -y \ RUN python3 -m venv /venv \ && . /venv/bin/activate \ && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl - + && pip install ./helix_scripts-*-py3-none-any.whl \ + && rm ./helix_scripts-*-py3-none-any.whl + FROM quay.io/centos/centos:stream10 # Install dependencies @@ -50,12 +51,12 @@ ENV LANG=en_US.utf8 # create helixbot user and give rights to sudo without password RUN /usr/sbin/adduser --uid 1000 --shell /bin/bash --gid adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env # Install Helix Dependencies -ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/centos-stream/9/helix/amd64/Dockerfile b/src/centos-stream/9/helix/amd64/Dockerfile index da8260f34..6fcb25154 100644 --- a/src/centos-stream/9/helix/amd64/Dockerfile +++ b/src/centos-stream/9/helix/amd64/Dockerfile @@ -32,17 +32,21 @@ RUN dnf upgrade --refresh -y \ which \ && dnf clean all -RUN ln -sf /usr/bin/python3 /usr/bin/python \ - && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl +RUN ln -sf /usr/bin/python3 /usr/bin/python ENV LANG=en_US.utf8 # create helixbot user and give rights to sudo without password RUN /usr/sbin/adduser --uid 1000 --shell /bin/bash --gid adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python -m venv /home/helixbot/.vsts-env +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/centos-stream/9/mlnet/helix/amd64/Dockerfile b/src/centos-stream/9/mlnet/helix/amd64/Dockerfile index d97eaea99..aeb8601b0 100644 --- a/src/centos-stream/9/mlnet/helix/amd64/Dockerfile +++ b/src/centos-stream/9/mlnet/helix/amd64/Dockerfile @@ -46,6 +46,7 @@ RUN dnf upgrade --refresh -y \ procps-ng \ python3 \ python3-devel \ + python3-pip \ readline-devel \ sudo \ swig \ @@ -82,17 +83,21 @@ RUN wget http://releases.llvm.org/3.9.1/openmp-3.9.1.src.tar.xz \ # Sets the library path to pickup openmp ENV LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64 -RUN ln -sf /usr/bin/python3 /usr/bin/python \ - && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl +RUN ln -sf /usr/bin/python3 /usr/bin/python ENV LANG=en_US.utf8 # create helixbot user and give rights to sudo without password RUN /usr/sbin/adduser --uid 1000 --shell /bin/bash --gid adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python -m venv /home/helixbot/.vsts-env \ No newline at end of file +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/debian/11/helix/amd64/Dockerfile b/src/debian/11/helix/amd64/Dockerfile index 65857407a..7f14dddc9 100644 --- a/src/debian/11/helix/amd64/Dockerfile +++ b/src/debian/11/helix/amd64/Dockerfile @@ -42,16 +42,20 @@ RUN apt-get update \ ENV LANG=en_US.utf8 -RUN ln -sf /usr/bin/python3 /usr/bin/python \ - && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl +RUN ln -sf /usr/bin/python3 /usr/bin/python # Create helixbot user and give rights to sudo without password -# additionally, preinstall the virtualenv packages used for VSTS reporting to save time RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python -m venv /home/helixbot/.vsts-env +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install --upgrade pip && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/debian/11/helix/arm64v8/Dockerfile b/src/debian/11/helix/arm64v8/Dockerfile index 4ed013917..26049bd0b 100644 --- a/src/debian/11/helix/arm64v8/Dockerfile +++ b/src/debian/11/helix/arm64v8/Dockerfile @@ -43,20 +43,20 @@ RUN apt-get update \ ENV LANG=en_US.utf8 -RUN ln -sf /usr/bin/python3 /usr/bin/python \ - && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && export CRYPTOGRAPHY_DONT_BUILD_RUST=1 \ - && pip install ./helix_scripts-*-py3-none-any.whl +RUN ln -sf /usr/bin/python3 /usr/bin/python -# Create helixbot users and give rights to sudo without password -# (we use two users here to ensure volume mounting works with two possible UIDs of the host UID) -# additionally, preinstall the virtualenv packages used for VSTS reporting to save time -RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1001 --shell /bin/bash --ingroup adm helixbot \ - && /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot2 \ +# Create helixbot user and give rights to sudo without password +RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers \ - && echo "helixbot2 ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python -m venv /home/helixbot/.vsts-env +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install --upgrade pip && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/debian/12/helix/amd64/Dockerfile b/src/debian/12/helix/amd64/Dockerfile index 9bfb114d0..eaf09ac89 100644 --- a/src/debian/12/helix/amd64/Dockerfile +++ b/src/debian/12/helix/amd64/Dockerfile @@ -12,7 +12,8 @@ RUN apt-get update \ RUN python3 -m venv /venv \ && . /venv/bin/activate \ && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl + && pip install ./helix_scripts-*-py3-none-any.whl \ + && rm ./helix_scripts-*-py3-none-any.whl FROM library/debian:bookworm @@ -59,15 +60,14 @@ RUN apt-get update \ ENV LANG=en_US.utf8 # Create helixbot user and give rights to sudo without password -# additionally, preinstall the virtualenv packages used for VSTS reporting to save time RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/debian/12/helix/arm32v7/Dockerfile b/src/debian/12/helix/arm32v7/Dockerfile index da99d6dcd..f2a548c32 100644 --- a/src/debian/12/helix/arm32v7/Dockerfile +++ b/src/debian/12/helix/arm32v7/Dockerfile @@ -21,7 +21,8 @@ ENV PATH="/root/.cargo/bin:${PATH}" RUN python3 -m venv /venv \ && . /venv/bin/activate \ && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl + && pip install ./helix_scripts-*-py3-none-any.whl \ + && rm ./helix_scripts-*-py3-none-any.whl FROM library/debian:bookworm @@ -68,15 +69,14 @@ RUN apt-get update \ ENV LANG=en_US.utf8 # Create helixbot user and give rights to sudo without password -# additionally, preinstall the virtualenv packages used for VSTS reporting to save time RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/debian/12/helix/arm64v8/Dockerfile b/src/debian/12/helix/arm64v8/Dockerfile index 510e8ce46..ff1bdccf0 100644 --- a/src/debian/12/helix/arm64v8/Dockerfile +++ b/src/debian/12/helix/arm64v8/Dockerfile @@ -12,7 +12,8 @@ RUN apt-get update \ RUN python3 -m venv /venv \ && . /venv/bin/activate \ && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl + && pip install ./helix_scripts-*-py3-none-any.whl \ + && rm ./helix_scripts-*-py3-none-any.whl FROM library/debian:bookworm @@ -58,15 +59,14 @@ RUN apt-get update \ ENV LANG=en_US.utf8 # Create helixbot user and give rights to sudo without password -# additionally, preinstall the virtualenv packages used for VSTS reporting to save time RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/debian/13/helix/Dockerfile b/src/debian/13/helix/Dockerfile index b49c0c22a..e73e093a6 100644 --- a/src/debian/13/helix/Dockerfile +++ b/src/debian/13/helix/Dockerfile @@ -15,7 +15,8 @@ RUN apt-get update \ RUN python3 -m venv /venv \ && . /venv/bin/activate \ && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl + && pip install ./helix_scripts-*-py3-none-any.whl \ + && rm ./helix_scripts-*-py3-none-any.whl FROM library/debian:trixie ARG TARGETARCH @@ -73,15 +74,14 @@ RUN ARCH=$TARGETARCH \ ENV LANG=en_US.utf8 # Create helixbot user and give rights to sudo without password -# additionally, preinstall the virtualenv packages used for VSTS reporting to save time RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/fedora/41/helix/amd64/Dockerfile b/src/fedora/41/helix/amd64/Dockerfile index 0b526b55a..bb8271ad1 100644 --- a/src/fedora/41/helix/amd64/Dockerfile +++ b/src/fedora/41/helix/amd64/Dockerfile @@ -14,9 +14,9 @@ RUN dnf upgrade --refresh -y \ RUN python3 -m venv /venv \ && source /venv/bin/activate \ - pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl + && pip install ./helix_scripts-*-py3-none-any.whl \ + && rm ./helix_scripts-*-py3-none-any.whl FROM library/fedora:41 @@ -62,11 +62,13 @@ ENV LANG=en-US.UTF-8 # Fedora does not have all options as other Linux systems RUN /usr/sbin/adduser --uid 1000 --shell /bin/bash --group adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers \ + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot \ && chmod +s /usr/bin/ping -# Install Helix Dependencies +USER helixbot ENV VIRTUAL_ENV=/home/helixbot/.vsts-env + +# Install Helix Dependencies RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV diff --git a/src/opensuse/15.6/helix/amd64/Dockerfile b/src/opensuse/15.6/helix/amd64/Dockerfile index f646a0b42..aca58128b 100644 --- a/src/opensuse/15.6/helix/amd64/Dockerfile +++ b/src/opensuse/15.6/helix/amd64/Dockerfile @@ -45,15 +45,19 @@ RUN wget https://packages.microsoft.com/keys/microsoft.asc \ libmsquic \ && zypper clean -a -RUN ln -sf /usr/bin/python3.12 /usr/bin/python \ - && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl +RUN ln -sf /usr/bin/python3.12 /usr/bin/python # create helixbot user and give rights to sudo without password RUN /usr/sbin/useradd --uid 1000 --shell /bin/bash --system --create-home --groups trusted helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python -m venv /home/helixbot/.vsts-env +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/ubuntu/20.04/helix/Dockerfile b/src/ubuntu/20.04/helix/Dockerfile index 7e55a1542..357c8732e 100644 --- a/src/ubuntu/20.04/helix/Dockerfile +++ b/src/ubuntu/20.04/helix/Dockerfile @@ -27,9 +27,9 @@ RUN apt-get update && \ llvm \ locales \ locales-all \ - python3-dev \ + python3.9-dev \ python3-pip \ - python3-venv \ + python3.9-venv \ software-properties-common \ sudo \ tzdata \ @@ -41,9 +41,7 @@ RUN apt-get update && \ ENV LANG=en_US.utf8 -RUN ln -sf /usr/bin/python3 /usr/bin/python && \ - pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl +RUN ln -sf /usr/bin/python3.9 /usr/bin/python # Add MsQuic RUN curl -LO https://packages.microsoft.com/keys/microsoft.asc && \ @@ -58,8 +56,14 @@ RUN curl -LO https://packages.microsoft.com/keys/microsoft.asc && \ # create helixbot user and give rights to sudo without password RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot && \ chmod 755 /root && \ - echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python -m venv /home/helixbot/.vsts-env +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/ubuntu/20.04/helix/sqlserver/amd64/Dockerfile b/src/ubuntu/20.04/helix/sqlserver/amd64/Dockerfile index 6d424c3d6..5ab8eb46b 100644 --- a/src/ubuntu/20.04/helix/sqlserver/amd64/Dockerfile +++ b/src/ubuntu/20.04/helix/sqlserver/amd64/Dockerfile @@ -25,4 +25,4 @@ RUN groupadd -g 1000 sqlserver_users \ CMD ["/opt/mssql/bin/sqlservr"] -USER helixbot \ No newline at end of file +USER helixbot diff --git a/src/ubuntu/20.04/helix/wasm/amd64/Dockerfile b/src/ubuntu/20.04/helix/wasm/amd64/Dockerfile index 1abade825..0737598c4 100644 --- a/src/ubuntu/20.04/helix/wasm/amd64/Dockerfile +++ b/src/ubuntu/20.04/helix/wasm/amd64/Dockerfile @@ -8,7 +8,7 @@ USER root RUN apt-get clean && \ mv /etc/apt/sources.list /etc/apt/sources.list1 && apt-get update && \ - mv /etc/apt/sources.list1 /etc/apt/sources.list && apt-get update && \ + mv /etc/apt/sources.list1 /etc/apt/sources.list && apt-get update && \ apt-get install -qq -y \ libnode-dev \ curl \ @@ -17,7 +17,6 @@ RUN apt-get clean && \ \ && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 - # update node, which is required for newer npm, jsvu and v8 COPY ./setup-node-23.x.sh /tmp RUN /tmp/setup-node-23.x.sh && apt-get -y install nodejs diff --git a/src/ubuntu/22.04/helix/Dockerfile b/src/ubuntu/22.04/helix/Dockerfile index 1f23cc4e1..60d18cef5 100644 --- a/src/ubuntu/22.04/helix/Dockerfile +++ b/src/ubuntu/22.04/helix/Dockerfile @@ -40,9 +40,7 @@ RUN apt-get update && \ ENV LANG=en_US.utf8 -RUN ln -sf /usr/bin/python3 /usr/bin/python && \ - pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl +RUN ln -sf /usr/bin/python3 /usr/bin/python # Add MsQuic RUN curl -LO https://packages.microsoft.com/keys/microsoft.asc && \ @@ -57,8 +55,14 @@ RUN curl -LO https://packages.microsoft.com/keys/microsoft.asc && \ # create helixbot user and give rights to sudo without password RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot && \ chmod 755 /root && \ - echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env -RUN python -m venv /home/helixbot/.vsts-env +RUN python -m venv /home/helixbot/.vsts-env && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/ubuntu/22.04/mlnet/helix/amd64/Dockerfile b/src/ubuntu/22.04/mlnet/helix/amd64/Dockerfile index add7e30e2..13b29c35b 100644 --- a/src/ubuntu/22.04/mlnet/helix/amd64/Dockerfile +++ b/src/ubuntu/22.04/mlnet/helix/amd64/Dockerfile @@ -1,21 +1,25 @@ -FROM mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-22.04-mlnet - -# Install Helix Dependencies -RUN apt-get update \ - && apt-get install -y \ - python3-pip \ - python3-venv \ - && rm -rf /var/lib/apt/lists/* - -RUN ln -sf /usr/bin/python3 /usr/bin/python && \ - pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl - -# create helixbot user and give rights to sudo without password -RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot && \ - chmod 755 /root && \ - echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers - -USER helixbot - -RUN python -m venv /home/helixbot/.vsts-env +FROM mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-22.04-mlnet + +# Install Helix Dependencies +RUN apt-get update \ + && apt-get install -y \ + python3-pip \ + python3-venv \ + && rm -rf /var/lib/apt/lists/* + +RUN ln -sf /usr/bin/python3 /usr/bin/python + +# create helixbot user and give rights to sudo without password +RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot && \ + chmod 755 /root && \ + echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot + +USER helixbot +WORKDIR /home/helixbot +ENV VIRTUAL_ENV=/home/helixbot/.vsts-env + +RUN python -m venv $VIRTUAL_ENV && \ + ${VIRTUAL_ENV}/bin/pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ + ${VIRTUAL_ENV}/bin/pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/src/ubuntu/24.04/helix/Dockerfile b/src/ubuntu/24.04/helix/Dockerfile index 84f0dff5b..c9dbba9e1 100644 --- a/src/ubuntu/24.04/helix/Dockerfile +++ b/src/ubuntu/24.04/helix/Dockerfile @@ -16,7 +16,8 @@ RUN apt-get update && \ RUN python3 -m venv /venv && \ . /venv/bin/activate && \ pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple && \ - pip install ./helix_scripts-*-py3-none-any.whl + pip install ./helix_scripts-*-py3-none-any.whl && \ + rm ./helix_scripts-*-py3-none-any.whl FROM ubuntu.azurecr.io/ubuntu:noble ARG TARGETARCH @@ -24,7 +25,7 @@ ENV DEBIAN_FRONTEND=noninteractive RUN LIBCURL=libcurl4 && \ if [ "$TARGETARCH" = "arm" ]; then \ - LIBCURL="libcurl4t64"; fi && \ + LIBCURL="libcurl4t64"; fi && \ apt-get update && \ apt-get install -qq -y \ autoconf \ @@ -73,16 +74,19 @@ RUN curl -LO https://packages.microsoft.com/keys/microsoft.asc && \ apt-get install -y libmsquic && \ rm -rf /var/lib/apt/lists/* +# Remove user (probably ubuntu) with UID 1000 to UID 2000 to avoid conflict with helixbot +RUN user_id=$(id -un 1000) && \ + /usr/sbin/userdel --force --remove $user_id + # create helixbot user and give rights to sudo without password -RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1001 --shell /bin/bash --ingroup adm helixbot && \ +RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot && \ chmod 755 /root && \ - echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV - diff --git a/src/ubuntu/24.10/helix/Dockerfile b/src/ubuntu/24.10/helix/Dockerfile index b6aa30f94..ce1c1be47 100644 --- a/src/ubuntu/24.10/helix/Dockerfile +++ b/src/ubuntu/24.10/helix/Dockerfile @@ -16,7 +16,8 @@ RUN apt-get update \ RUN python3 -m venv /venv \ && . /venv/bin/activate \ && pip download --no-deps helix-scripts --index-url https://dnceng.pkgs.visualstudio.com/public/_packaging/helix-client-prod/pypi/simple \ - && pip install ./helix_scripts-*-py3-none-any.whl + && pip install ./helix_scripts-*-py3-none-any.whl \ + && rm ./helix_scripts-*-py3-none-any.whl FROM ubuntu.azurecr.io/ubuntu:oracular ARG TARGETARCH @@ -24,7 +25,7 @@ ENV DEBIAN_FRONTEND=noninteractive RUN LIBCURL=libcurl4 \ && if [ "$TARGETARCH" = "arm" ]; then \ - LIBCURL="libcurl4t64"; fi \ + LIBCURL="libcurl4t64"; fi \ && apt-get update \ && apt-get install -qq -y \ autoconf \ @@ -76,15 +77,19 @@ RUN ARCH=$TARGETARCH \ && dpkg -i libmsquic* \ && rm libmsquic* +# Remove user (probably ubuntu) with UID 1000 to UID 2000 to avoid conflict with helixbot +RUN user_id=$(id -un 1000) && \ + /usr/sbin/userdel --force --remove $user_id + # create helixbot user and give rights to sudo without password -RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1001 --shell /bin/bash --ingroup adm helixbot \ +RUN /usr/sbin/adduser --disabled-password --gecos '' --uid 1000 --shell /bin/bash --ingroup adm helixbot \ && chmod 755 /root \ - && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers + && echo "helixbot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/helixbot USER helixbot # Install Helix Dependencies ENV VIRTUAL_ENV=/home/helixbot/.vsts-env RUN python3 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY --from=venv --chown=helixbot /venv $VIRTUAL_ENV