mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
brew/Dockerfile
Andrei Neculau bc8c7a2a16
docker: revert back linuxbrew's UID to 1000 
In https://github.com/Homebrew/brew/pull/17584 we have changed "linuxbrew" user's UID/GID to 1001 in order to mitigate for Ubuntu 23.04 and higher, which started creating a default "ubuntu" user taking over UID/GID 1000 .

While we may desire a deterministic UID in the homebrew docker image, the change effectively modified the behaviour for all current 3 images based on Ubuntu 18.04 20.04 and 22.04 by changing the linuxbrew's user UID/GID from 1000 to 1001. As per https://hub.docker.com/u/homebrew, we do not currently publish an image for 24.04 which the change is mitigating for.

Rather than mitigating for indeterministic behaviour of upstream changes, this commit implements the workaround in https://bugs.launchpad.net/cloud-images/+bug/2005129 to delete the default "ubuntu" user.
2024-07-09 21:29:49 +02:00

96 lines
3.8 KiB
Docker
Raw Blame History

ARG version=22.04
# version is passed through by Docker.
# shellcheck disable=SC2154
FROM ubuntu:"${version}"
ARG DEBIAN_FRONTEND=noninteractive
# Deterministic UID (first user). Helps with docker build cache
ENV USER_ID=1000
# Delete the default ubuntu user & group UID=1000 GID=1000 in Ubuntu 23.04+
# that conflicts with the linuxbrew user
RUN touch /var/mail/ubuntu && chown ubuntu /var/mail/ubuntu && userdel -r ubuntu; true
# We don't want to manually pin versions, happy to use whatever
# Ubuntu thinks is best.
# hadolint ignore=DL3008
# /etc/lsb-release is checked inside the container and sets DISTRIB_RELEASE.
# We need `[` instead of `[[` because the shell is `/bin/sh`.
# shellcheck disable=SC1091,SC2154,SC2292
RUN apt-get update \
&& apt-get install -y --no-install-recommends software-properties-common gnupg-agent \
&& add-apt-repository -y ppa:git-core/ppa \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
acl \
bzip2 \
ca-certificates \
curl \
file \
fonts-dejavu-core \
g++ \
gawk \
git \
gpg \
less \
locales \
make \
netbase \
openssh-client \
patch \
sudo \
unzip \
uuid-runtime \
tzdata \
jq \
&& if [ "$(. /etc/lsb-release; echo "${DISTRIB_RELEASE}" | cut -d. -f1)" -ge 22 ]; then apt-get install -y --no-install-recommends skopeo; fi \
&& curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \
&& chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
&& apt-get update \
&& apt-get install -y --no-install-recommends gh \
&& apt-get remove --purge -y software-properties-common \
&& apt-get autoremove --purge -y \
&& rm -rf /var/lib/apt/lists/* \
&& sed -i -E 's/^(USERGROUPS_ENAB\s+)yes$/\1no/' /etc/login.defs \
&& localedef -i en_US -f UTF-8 en_US.UTF-8 \
&& useradd -u "${USER_ID}" --create-home --shell /bin/bash --user-group linuxbrew \
&& echo 'linuxbrew ALL=(ALL) NOPASSWD:ALL' >>/etc/sudoers \
&& su - linuxbrew -c 'mkdir ~/.linuxbrew'
USER linuxbrew
COPY --chown=linuxbrew:linuxbrew . /home/linuxbrew/.linuxbrew/Homebrew
ENV PATH="/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin:${PATH}" \
XDG_CACHE_HOME=/home/linuxbrew/.cache
WORKDIR /home/linuxbrew
RUN --mount=type=cache,target=/tmp/homebrew-core,uid="${USER_ID}",sharing=locked \
# Clone the homebre-core repo into /tmp/homebrew-core or pull latest changes if it exists
git clone https://github.com/homebrew/homebrew-core /tmp/homebrew-core || { cd /tmp/homebrew-core && git pull; } \
&& mkdir -p /home/linuxbrew/.linuxbrew/Homebrew/Library/Taps/homebrew/homebrew-core \
&& cp -r /tmp/homebrew-core /home/linuxbrew/.linuxbrew/Homebrew/Library/Taps/homebrew/
RUN --mount=type=cache,target=/home/linuxbrew/.cache,uid="${USER_ID}" \
--mount=type=cache,target=/home/linuxbrew/.bundle,uid="${USER_ID}" \
mkdir -p \
.linuxbrew/bin \
.linuxbrew/etc \
.linuxbrew/include \
.linuxbrew/lib \
.linuxbrew/opt \
.linuxbrew/sbin \
.linuxbrew/share \
.linuxbrew/var/homebrew/linked \
.linuxbrew/Cellar \
&& ln -s ../Homebrew/bin/brew .linuxbrew/bin/brew \
&& git -C .linuxbrew/Homebrew remote set-url origin https://github.com/Homebrew/brew \
&& git -C .linuxbrew/Homebrew fetch origin \
&& HOMEBREW_NO_ANALYTICS=1 HOMEBREW_NO_AUTO_UPDATE=1 brew tap --force homebrew/core \
&& brew install-bundler-gems --groups=all \
&& brew cleanup \
&& { git -C .linuxbrew/Homebrew config --unset gc.auto; true; } \
&& { git -C .linuxbrew/Homebrew config --unset homebrew.devcmdrun; true; } \
&& touch .linuxbrew/.homebrewdocker
Reference in New Issue View Git Blame Copy Permalink