openops/engine.Dockerfile at main · openops-cloud/openops · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
FROM public.ecr.aws/lambda/nodejs:20

# Architecture will be set automatically by Docker buildx
ARG TARGETARCH

ENV NODE_VERSION=20.18.0
ENV NODE_ENV=production

RUN <<-```
    set -ex
    dnf install tar gzip shadow-utils util-linux findutils python3 make gcc gcc-c++ zlib-devel brotli-devel openssl-devel -y
    dnf -y clean all && rm -rf /var/cache

    # Install YQ with architecture-specific binary
    if [ "$TARGETARCH" = "arm64" ]; then
        curl -L https://github.com/mikefarah/yq/releases/latest/download/yq_linux_arm64 -o /usr/bin/yq
    else
        curl -L https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -o /usr/bin/yq
    fi
    chmod +x /usr/bin/yq

    # Install hcledit (note: arm64 version might not be available, defaulting to amd64)
    curl -L https://github.com/minamijoyo/hcledit/releases/download/v0.2.15/hcledit_0.2.15_linux_amd64.tar.gz -o /tmp/hcledit_0.2.15_linux_amd64.tar.gz
    tar -C /usr/bin -xf /tmp/hcledit_0.2.15_linux_amd64.tar.gz
    chmod +x /usr/bin/hcledit
    rm /tmp/hcledit_0.2.15_linux_amd64.tar.gz

    # Install AWS CLI with architecture-specific package
    if [ "$TARGETARCH" = "arm64" ]; then
        curl -L https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip -o awscliv2.zip
    else
        curl -L https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zip
    fi
    unzip -q awscliv2.zip
    chmod +x ./aws/install
    ./aws/install
    rm awscliv2.zip
    rm -rf aws
```

ENV LD_LIBRARY_PATH=""
ENV AZURE_CONFIG_DIR="/tmp/azure"
ENV AZURE_EXTENSION_DIR="/opt/azure/config/cliextensions"

RUN <<-```
    set -ex
    pip3 install azure-cli==2.74.0
    mkdir -p /tmp/azure
    mkdir -p /opt/azure/config/cliextensions
    if command -v az >/dev/null 2>&1; then
        az config set extension.use_dynamic_install=yes_without_prompt
        az extension add --name reservation --only-show-errors || true
        az extension add --name resource-graph --only-show-errors || true
        az extension add --name costmanagement --only-show-errors || true
        az extension add --name billing-benefits --only-show-errors || true
        az extension add --name quotas --only-show-errors || true
        az extension add --name ssh --only-show-errors || true
    fi
```

ENV CLOUDSDK_CONFIG="/tmp/gcloud"
RUN <<-```
    set -ex
    dnf install -y gnupg unzip libstdc++ binutils python3

    # Install Google Cloud CLI with architecture-specific package
    if [ "$TARGETARCH" = "arm64" ]; then
        # For ARM64 architecture
        curl -sSL https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-516.0.0-linux-arm.tar.gz -o /tmp/gcloud.tar.gz
    else
        # For AMD64 architecture
        curl -sSL https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-516.0.0-linux-x86_64.tar.gz -o /tmp/gcloud.tar.gz
    fi
    mkdir -p /opt && tar -C /opt -xf /tmp/gcloud.tar.gz
    /opt/google-cloud-sdk/install.sh --quiet
    /opt/google-cloud-sdk/bin/gcloud components install beta --quiet

    chmod -R +x /opt/google-cloud-sdk/bin/
    ln -s /opt/google-cloud-sdk/bin/gcloud /usr/bin/gcloud

    rm /tmp/gcloud.tar.gz
    dnf -y clean all && rm -rf /var/cache
```
ENV PATH="/opt/google-cloud-sdk/bin:$PATH"

RUN <<-```
    set -ex
    mkdir -p /var/tmp-base && cd /var/tmp-base && mkdir -p npm-global .npm/_logs .npm/_cache codes
    npm config --global set prefix /tmp/npm-global
    npm config --global set cache /tmp/.npm/_cache
    npm config --global set logs-dir /tmp/.npm/_logs
    cd codes && npm init -y && npm i @tsconfig/node20@20.1.4 @types/node@20.14.8 typescript@5.6.3
    npm install -g node-gyp npm@9.3.1 cross-env@7.0.3
```

ENV PATH=/tmp/npm-global:$PATH

COPY --link package.json package-lock.json .npmrc ./
RUN npm ci --no-audit --no-fund
COPY --link dist/packages/engine .
COPY --link dist dist

ARG VERSION=unknown
ENV OPS_VERSION=$VERSION

COPY tools/link-packages.sh tools/link-packages.sh
RUN ./tools/link-packages.sh

# This is required to make the isolated-vm package (code piece sandbox) work in arm64 docker images
# https://github.com/laverdet/isolated-vm/issues/424
ENV NODE_OPTIONS=--no-node-snapshot

ENTRYPOINT [ "/bin/bash", "-c" ]
CMD [ "cp -r /var/tmp-base/. /tmp/ && /lambda-entrypoint.sh main.handler; exit $?" ]