-
Notifications
You must be signed in to change notification settings - Fork 5
/
Dockerfile
164 lines (155 loc) · 7.7 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
ARG BASE_TAG="bullseye-slim"
ARG NODE_TAG="20-bullseye-slim"
FROM node:$NODE_TAG AS node_base
FROM debian:$BASE_TAG
# renovate: datasource=repology depName=debian_11/ca-certificates versioning=loose
ENV CA_CERTIFICATES_VERSION="20210119"
# renovate: datasource=repology depName=debian_11/curl versioning=loose
ENV CURL_VERSION="7.74.0-1.3+deb11u12"
# renovate: datasource=repology depName=debian_11/fontconfig versioning=loose
ENV FONTCONFIG_VERSION="2.13.1-4.2"
# renovate: datasource=repology depName=debian_11/git versioning=loose
ENV GIT_VERSION="1:2.30.2-1+deb11u2"
# renovate: datasource=repology depName=debian_11/git-lfs versioning=loose
ENV GIT_LFS_VERSION="2.13.2-1+b5"
# renovate: datasource=repology depName=debian_11/gnupg2 versioning=loose
ENV GNUPG2_VERSION="2.2.27-2+deb11u2"
# renovate: datasource=repology depName=debian_11/locales versioning=loose
ENV LOCALES_VERSION="2.31-13+deb11u10"
# renovate: datasource=repology depName=debian_11/procps versioning=loose
ENV PROCPS_VERSION="2:3.3.17-5"
# renovate: datasource=repology depName=debian_11/bzip2 versioning=loose
ENV BZIP2_VERSION="1.0.8-4"
# renovate: datasource=repology depName=debian_11/libglib2.0-0 versioning=loose
ENV LIBGLIB2_0_0_VERSION="2.66.8-1+deb11u4"
# renovate: datasource=repology depName=debian_11/libsm6 versioning=loose
ENV LIBSM6_VERSION="2:1.2.3-1"
# renovate: datasource=repology depName=debian_11/libxext6 versioning=loose
ENV LIBXEXT6_VERSION="2:1.3.3-1.1"
# renovate: datasource=repology depName=debian_11/libxrender1 versioning=loose
ENV LIBXRENDER1_VERSION="1:0.9.10-1"
# renovate: datasource=npm depName=eslint
ENV ESLINT_VERSION="8.56.0"
# renovate: datasource=npm depName=pnpm
ENV PNPM_VERSION="8.7.1"
ENV HOME="/root" \
LC_ALL="en_US.UTF-8" \
QODANA_DIST="/opt/idea" \
QODANA_DATA="/data" \
QODANA_DOCKER="true"
ENV JAVA_HOME="$QODANA_DIST/jbr" \
QODANA_CONF="$HOME/.config/idea" \
PATH="$QODANA_DIST/bin:$PATH"
# hadolint ignore=SC2174,DL3009
RUN --mount=target=/var/lib/apt/lists,type=cache,sharing=locked \
--mount=target=/var/cache/apt,type=cache,sharing=locked \
rm -f /etc/apt/apt.conf.d/docker-clean && \
mkdir -m 777 -p /opt $QODANA_DATA $QODANA_CONF && apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
ca-certificates=$CA_CERTIFICATES_VERSION \
curl=$CURL_VERSION \
fontconfig=$FONTCONFIG_VERSION \
git=$GIT_VERSION \
git-lfs=$GIT_LFS_VERSION \
gnupg2=$GNUPG2_VERSION \
locales=$LOCALES_VERSION \
procps=$PROCPS_VERSION && \
echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen && locale-gen && \
apt-get autoremove -y && apt-get clean && \
chmod 777 -R $HOME && \
echo 'root:x:0:0:root:/root:/bin/bash' > /etc/passwd && chmod 666 /etc/passwd && \
git config --global --add safe.directory '*'
ENV CONDA_DIR="/opt/miniconda3" \
CONDA_ENVS_PATH="$QODANA_DATA/cache/conda/envs" \
PIP_CACHE_DIR="$QODANA_DATA/cache/.pip/" \
POETRY_CACHE_DIR="$QODANA_DATA/cache/.poetry/" \
FLIT_ROOT_INSTALL=1
ENV PATH="$CONDA_DIR/bin:$HOME/.local/bin:$PATH"
# https://docs.conda.io/projects/miniconda/en/latest/miniconda-hashes.html
ARG CONDA_VERSION="py311_23.11.0-2"
# hadolint ignore=SC2174,DL3009
RUN --mount=target=/var/lib/apt/lists,type=cache,sharing=locked \
--mount=target=/var/cache/apt,type=cache,sharing=locked \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
bzip2=$BZIP2_VERSION \
libglib2.0-0=$LIBGLIB2_0_0_VERSION \
libsm6=$LIBSM6_VERSION \
libxext6=$LIBXEXT6_VERSION \
libxrender1=$LIBXRENDER1_VERSION && \
mkdir -m 777 -p $QODANA_DATA/cache && \
dpkgArch="$(dpkg --print-architecture)" && \
case "$dpkgArch" in \
'amd64') \
MINICONDA_URL="https://repo.anaconda.com/miniconda/Miniconda3-${CONDA_VERSION}-Linux-x86_64.sh" \
SHA256SUM="c9ae82568e9665b1105117b4b1e499607d2a920f0aea6f94410e417a0eff1b9c";; \
'arm64') \
MINICONDA_URL="https://repo.anaconda.com/miniconda/Miniconda3-${CONDA_VERSION}-Linux-aarch64.sh" \
SHA256SUM="decd447fb99dbd0fc5004481ec9bf8c04f9ba28b35a9292afe49ecefe400237f";; \
*) echo "Unsupported architecture $TARGETPLATFORM" >&2; exit 1;; \
esac && \
curl -fsSL -o /tmp/miniconda.sh "${MINICONDA_URL}" && \
echo "${SHA256SUM} /tmp/miniconda.sh" > /tmp/shasum && \
if [ "${CONDA_VERSION}" != "latest" ]; then sha256sum --check --status /tmp/shasum; fi && \
bash /tmp/miniconda.sh -b -p $CONDA_DIR && \
ln -s ${CONDA_DIR}/etc/profile.d/conda.sh /etc/profile.d/conda.sh && \
echo ". ${CONDA_DIR}/etc/profile.d/conda.sh" >> ~/.bashrc && \
echo "conda activate base" >> ~/.bashrc && ln -s ${CONDA_DIR}/bin/python3 /usr/bin/python3 && \
find ${CONDA_DIR}/ -follow -type f -name '*.a' -delete && find ${CONDA_DIR}/ -follow -type f -name '*.js.map' -delete && \
${CONDA_DIR}/bin/conda install -c conda-forge poetry pipenv && ${CONDA_DIR}/bin/conda clean -afy && \
chmod 777 -R $HOME/.conda && \
rm -rf /tmp/*
ENV PATH="/opt/yarn/bin:$PATH"
COPY --from=node_base /usr/local/bin/node /usr/local/bin/
COPY --from=node_base /usr/local/include/node /usr/local/include/node
COPY --from=node_base /usr/local/lib/node_modules /usr/local/lib/node_modules
COPY --from=node_base /opt/yarn-* /opt/yarn/
RUN ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm && \
ln -s /usr/local/lib/node_modules/npm/bin/npx-cli.js /usr/local/bin/npx && \
ln -s /usr/local/lib/node_modules/corepack/dist/corepack.js /usr/local/bin/corepack && \
node --version && \
npm --version && \
yarn --version && \
npm install -g eslint@$ESLINT_VERSION pnpm@$PNPM_VERSION && npm config set update-notifier false && \
chmod 777 -R "$HOME/.npm" "$HOME/.npmrc"
ARG QD_RELEASE="2023.3"
ARG QD_BUILD="QDPY-$QD_RELEASE"
# hadolint ignore=DL3003,SC2043
RUN set -ex && \
dpkgArch="$(dpkg --print-architecture)" && \
case "$dpkgArch" in \
"amd64") \
OS_ARCH_SUFFIX=""; \
;; \
"arm64") \
OS_ARCH_SUFFIX="-aarch64"; \
;; \
*) echo "Unsupported architecture $dpkgArch" >&2; exit 1 ;; \
esac && \
QD_NAME="qodana-$QD_BUILD$OS_ARCH_SUFFIX" \
QD_URL="https://download.jetbrains.com/qodana/$QD_RELEASE/$QD_NAME.tar.gz" && \
curl -fsSL "$QD_URL" -o "/tmp/$QD_NAME.tar.gz" \
"$QD_URL.sha256" -o "/tmp/$QD_NAME.tar.gz.sha256" \
"$QD_URL.sha256.asc" -o "/tmp/$QD_NAME.tar.gz.sha256.asc" && \
GNUPGHOME="$(mktemp -d)" && \
export GNUPGHOME && \
for key in \
"B46DC71E03FEEB7F89D1F2491F7A8F87B9D8F501" \
; do \
gpg --batch --keyserver "hkps://keys.openpgp.org" --recv-keys "$key" || \
gpg --batch --keyserver "keyserver.ubuntu.com" --recv-keys "$key" ; \
done && \
gpg --verify "/tmp/$QD_NAME.tar.gz.sha256.asc" "/tmp/$QD_NAME.tar.gz.sha256" && \
(cd /tmp && sha256sum --check --status "$QD_NAME.tar.gz.sha256") && \
mkdir -p /tmp/qd && tar -xzf "/tmp/$QD_NAME.tar.gz" --directory /tmp/qd --strip-components=1 && \
mv /tmp/qd/qodana-QD* "$QODANA_DIST" && \
chmod +x "$QODANA_DIST"/bin/*.sh "$QODANA_DIST"/bin/qodana && \
update-alternatives --install /usr/bin/java java "$JAVA_HOME/bin/java" 0 && \
update-alternatives --install /usr/bin/javac javac "$JAVA_HOME/bin/javac" 0 && \
update-alternatives --set java "$JAVA_HOME/bin/java" && \
update-alternatives --set javac "$JAVA_HOME/bin/javac" && \
apt-get purge --auto-remove -y gnupg2 && \
rm -rf /var/cache/apt /var/lib/apt/ /tmp/* "$GNUPGHOME"
LABEL maintainer="qodana-support@jetbrains.com" description="Qodana for Python (https://jb.gg/qodana-python)"
WORKDIR /data/project
ENTRYPOINT ["/opt/idea/bin/qodana"]