auto UID/GID, gosu and user entrypoint

.travis.yml

@@ -212,7 +212,7 @@ install:
         $DCC build sirf
         # extract updated ccache
         sudo rm -rf devel/.ccache/*
-        $DCC run --rm sirf /bin/bash -c 'sudo cp -R ccache/* /devel/.ccache/'
+        $DCC run --rm sirf /bin/bash -c 'sudo cp -R /opt/ccache/* /devel/.ccache/'
         # replace travis' ccache with the built images's
         mv devel/.ccache ~
       )

docker/.bashrc

@@ -16,11 +16,11 @@
 export PS1='sirf:\w$(__git_ps1)\$ '
 
 # Python (virtualenv)
-[ -f ~/py2/bin/activate ] && . ~/py2/bin/activate
+[ -f /opt/pyvenv/bin/activate ] && . /opt/pyvenv/bin/activate
 
 # SIRF env
-[ -f ~/SIRF-SuperBuild/INSTALL/bin/env_ccppetmr.sh ] && \
-   . ~/SIRF-SuperBuild/INSTALL/bin/env_ccppetmr.sh
+[ -f /opt/SIRF-SuperBuild/INSTALL/bin/env_ccppetmr.sh ] && \
+   . /opt/SIRF-SuperBuild/INSTALL/bin/env_ccppetmr.sh
 
 # shared permissions
 # [ $(ls -l / | grep devel | awk '{print $3}') == $(whoami) ] || sudo chown -R $(whoami) /devel

docker/Dockerfile

@@ -10,26 +10,29 @@ LABEL \
 
 ENV DEBIAN_FRONTEND noninteractive
 
+COPY .bashrc .
+COPY .profile .
+RUN chmod 644 .bashrc .profile
+
 # Python (virtualenv)
 COPY requirements.txt .
 COPY user_python-ubuntu.sh .
-RUN bash --login user_python-ubuntu.sh
+RUN bash user_python-ubuntu.sh
 RUN rm user_python-ubuntu.sh requirements.txt
 
 # SIRF
 COPY user_sirf-ubuntu.sh .
-COPY devel/.ccache/ ccache/
-RUN sudo chown -R "$(id -un)" ccache/
-RUN sudo chgrp -R "$(id -gn)" ccache/
-RUN ccache -o cache_dir="$PWD"/ccache
+COPY devel/.ccache/ /opt/ccache/
+RUN ccache -o cache_dir=/opt/ccache
 ARG BUILD_FLAGS="\
   -DCMAKE_BUILD_TYPE=Release -DUSE_SYSTEM_Boost=ON \
   -DUSE_SYSTEM_Armadillo=ON -DUSE_SYSTEM_FFTW3=ON \
   -DUSE_SYSTEM_HDF5=ON -DBUILD_siemens_to_ismrmrd=ON -DUSE_SYSTEM_SWIG=ON"
 ARG EXTRA_BUILD_FLAGS=""
-RUN bash --login user_sirf-ubuntu.sh
+RUN bash user_sirf-ubuntu.sh
 RUN rm user_sirf-ubuntu.sh
 
-ENV DEBIAN_FRONTEND ''
+RUN mv ~/.git-prompt.sh .
 
-CMD cd $HOME && /bin/bash --init-file .profile
+ENV DEBIAN_FRONTEND ''
+CMD ["/bin/bash"]

docker/Dockerfile-core

@@ -38,30 +38,17 @@ RUN bash build_system-ubuntu.sh
 RUN rm build_system-ubuntu.sh
 
 # X11 forwarding
-RUN apt-get update && apt-get install -y --no-install-recommends libx11-xcb1
+RUN apt-get update -qq && apt-get install -yq --no-install-recommends \
+  libx11-xcb1 \
+  && apt-get clean
 RUN mkdir -p /usr/share/X11/xkb
 RUN [ -e /usr/bin/X ] || ln -s /usr/bin/Xorg /usr/bin/X
 
-ARG mainUser=sirfuser
-ARG UID=1000
-ARG GROUPS=1000
-RUN addgroup --system --gid "$GROUPS" "$mainUser"
-RUN adduser --home /home/"$mainUser" --shell /bin/bash --system --ingroup "$mainUser" --uid "$UID" "$mainUser"
-#RUN echo "$mainUser:x:${uid}:${gid}:$mainUser,,,:/home/$mainUser:/bin/bash" >> /etc/passwd
-
-RUN echo "$mainUser ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/"$mainUser"
-
-ENV HOME /home/"$mainUser"
-WORKDIR $HOME
-
-COPY .bashrc .
-COPY .profile .
-RUN chown "$mainUser" .bashrc .profile
-RUN chgrp "$mainUser" .bashrc .profile
-RUN chmod 644 .bashrc .profile
-
-RUN apt-get clean
-USER "$mainUser"
+RUN apt-get update -qq && apt-get install -yq --no-install-recommends \
+  gosu \
+  && apt-get clean
 ENV DEBIAN_FRONTEND ''
-
-CMD cd $HOME && /bin/bash --init-file .profile
+WORKDIR /home-away
+COPY entrypoint.sh /usr/local/bin/
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+CMD ["/bin/bash"]

docker/build_essential-ubuntu.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/env bash
 # Essential
-apt-get update
-apt-get install -y curl
-apt-get install -y --no-install-recommends \
+apt-get update -qq
+apt-get install -yq curl
+apt-get install -yq --no-install-recommends \
   bash-completion      \
   build-essential      \
   git                  \
@@ -17,5 +17,5 @@ apt-get clean
 mkdir /opt/cmake
 curl https://cmake.org/files/v3.7/cmake-3.7.2-Linux-x86_64.sh > cmake.sh
 echo y | bash cmake.sh --prefix=/opt/cmake --exclude-subdir
-export PATH="$PATH:/opt/cmake/bin"
+export PATH="/opt/cmake/bin:$PATH"
 rm cmake.sh

docker/build_gadgetron-ubuntu.sh

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 # Gadgetron
-apt-get update
-apt-get install -y --no-install-recommends \
+apt-get update -qq
+apt-get install -yq --no-install-recommends \
   h5utils              \
   liblapack-dev        \
   libace-dev

docker/build_python-ubuntu.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
-apt-get update
-apt-get install -y --no-install-recommends \
+apt-get update -qq
+apt-get install -yq --no-install-recommends \
   python-dev           \
   python-tk
 apt-get clean

docker/build_system-ubuntu.sh

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 # SIRF external dependencies
-apt-get update
-apt-get install -y --no-install-recommends \
+apt-get update -qq
+apt-get install -yq --no-install-recommends \
   hdf5-tools           \
   hdfview              \
   libarmadillo-dev     \

docker/devel/test.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 pip install -U nose
-cd ~/SIRF-SuperBuild
+pushd /opt/SIRF-SuperBuild
 
 ./INSTALL/bin/gadgetron >& gadgetron.log&
 # print for debugging
@@ -11,4 +11,5 @@ ret=$?
 cat SIRF-prefix/src/SIRF-build/Testing/Temporary/LastTest.log
 # may exceed 4MB travis log limit
 cat gadgetron.log
+popd
 exit $ret

docker/docker-compose.nix.yml

@@ -1,11 +1,6 @@
 version: '3.2'
 services:
  sirf:
-  # perhaps uncomment the following and insert the host uid and gid (run `id`)
-  # build:
-  #  args:
-  #   UID: 1000
-  #   GROUPS: 1000
   environment:
    - DISPLAY
   volumes:

docker/docker-compose.yml

@@ -3,6 +3,11 @@ services:
  sirf:
   container_name: sirf
   image: ccppetmr/sirf:latest
+  environment:
+   # mainUser: ${USER:-sirfuser}
+   mainUser: sirfuser
+   GROUP_ID: ${GROUPS:-1000}
+   USER_ID: ${UID:-1000}
   build:
    context: .
    # depends_on:
@@ -22,8 +27,6 @@ services:
   build:
    context: .
    dockerfile: Dockerfile-core
-   args:
-    mainUser: sirfuser
    cache_from:
     - ubuntu:16.04
     - ccppetmr/sirf:core

docker/entrypoint.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Add local user
+# Either use runtime USER_ID:GROUP_ID or fallback 1000:1000
+
+USER_ID=${USER_ID:-1000}
+GROUP_ID=${GROUP_ID:-1000}
+mainUser=${mainUser:-sirfuser}
+OLD_HOME=/home-away
+export HOME=/home/$mainUser
+
+cd /
+mv $OLD_HOME $HOME
+cd $HOME
+
+echo "$UID:$GID Creating and switching to: $mainUser:$USER_ID:$GROUP_ID"
+# groupadd -g $GROUP_ID -o -f $mainUser
+addgroup --system --gid "$GROUP_ID" "$mainUser"
+# useradd --shell /bin/bash -u $USER_ID -o -c "" -M -d $HOME \
+#   -g $mainUser -G sudo $mainUser \
+#   -p $(echo somepassword | openssl passwd -1 -stdin)
+adduser --system --shell /bin/bash --no-create-home --home /home/"$mainUser" \
+  --ingroup "$mainUser" --uid "$USER_ID" "$mainUser"
+
+echo "$mainUser ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/"$mainUser"
+
+for i in /opt/* "$HOME"; do
+  if [ -d "$i" ]; then
+    chown -R $mainUser "$i"
+    chgrp -R $mainUser "$i"
+  fi
+done
+
+exec gosu $mainUser "$@"

docker/user_python-ubuntu.sh

@@ -1,11 +1,16 @@
 #!/usr/bin/env bash
+[ -f .bashrc ] && . .bashrc
+INSTALL_DIR="${1:-/opt/pyvenv}"
+
 # Python (virtualenv)
-curl -O https://bootstrap.pypa.io/get-pip.py
-python get-pip.py --user
+curl https://bootstrap.pypa.io/get-pip.py > get-pip.py
+python2 get-pip.py
 rm get-pip.py
-python -m pip install -U --user pip virtualenv
-python -m virtualenv ~/py2
-export PIPINST="$HOME/py2/bin/pip install -U"
+python2 -m pip install -U pip virtualenv
+python2 -m virtualenv "$INSTALL_DIR"
+source "$INSTALL_DIR"/bin/activate
 
 # Python (runtime)
-$PIPINST -r requirements.txt
+if [ -f requirements.txt ]; then
+  pip install -U -r requirements.txt
+fi

docker/user_sirf-ubuntu.sh

@@ -1,8 +1,9 @@
 #!/usr/bin/env bash
+[ -f .bashrc ] && . .bashrc
 # SIRF
-git clone https://github.com/CCPPETMR/SIRF-SuperBuild --recursive -b master
-pushd SIRF-SuperBuild
-PATH=/usr/lib/ccache:"$PATH" cmake $BUILD_FLAGS $EXTRA_BUILD_FLAGS .
+git clone https://github.com/CCPPETMR/SIRF-SuperBuild --recursive -b master /opt/SIRF-SuperBuild
+pushd /opt/SIRF-SuperBuild
+cmake $BUILD_FLAGS $EXTRA_BUILD_FLAGS .
 make -j 2
 
 [ -f INSTALL/share/gadgetron/config/gadgetron.xml ] || \