puts the scripts in the container and take out the user
This commit is contained in:
parent
13253a2dcc
commit
e1564574f7
@ -47,9 +47,9 @@ RUN wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.37.2/install.sh |
|
|||||||
ENV NODE_PATH $NVM_DIR/versions/node//v$NODE_VERSION/lib/node_modules
|
ENV NODE_PATH $NVM_DIR/versions/node//v$NODE_VERSION/lib/node_modules
|
||||||
ENV PATH $NVM_DIR/versions/node//v$NODE_VERSION/bin:$PATH
|
ENV PATH $NVM_DIR/versions/node//v$NODE_VERSION/bin:$PATH
|
||||||
|
|
||||||
RUN useradd --create-home grassroots
|
#RUN useradd --create-home grassroots
|
||||||
WORKDIR /home/grassroots
|
# WORKDIR /home/grassroots
|
||||||
USER grassroots
|
# USER grassroots
|
||||||
|
|
||||||
ARG pip_extra_index_url=https://pip.grassrootseconomics.net:8433
|
ARG pip_extra_index_url=https://pip.grassrootseconomics.net:8433
|
||||||
ARG cic_base_version=0.1.2a79
|
ARG cic_base_version=0.1.2a79
|
||||||
@ -57,44 +57,49 @@ ARG cic_eth_version=0.11.0b8+build.c2286e5c
|
|||||||
ARG sarafu_faucet_version=0.0.2a28
|
ARG sarafu_faucet_version=0.0.2a28
|
||||||
ARG sarafu_token_version=0.0.1a6
|
ARG sarafu_token_version=0.0.1a6
|
||||||
ARG cic_contracts_version=0.0.2a2
|
ARG cic_contracts_version=0.0.2a2
|
||||||
RUN pip install --user --index-url https://pypi.org/simple --extra-index-url $pip_extra_index_url cic-base[full_graph]==$cic_base_version \
|
RUN pip install --index-url https://pypi.org/simple --extra-index-url $pip_extra_index_url cic-base[full_graph]==$cic_base_version \
|
||||||
cic-eth==$cic_eth_version \
|
cic-eth==$cic_eth_version \
|
||||||
cic-contracts==$cic_contracts_version \
|
cic-contracts==$cic_contracts_version \
|
||||||
sarafu-faucet==$sarafu_faucet_version \
|
sarafu-faucet==$sarafu_faucet_version \
|
||||||
sarafu-token==$sarafu_token_version
|
sarafu-token==$sarafu_token_version
|
||||||
|
|
||||||
|
# -------------- begin runtime container ----------------
|
||||||
FROM python:3.8.6-slim-buster as runtime-image
|
FROM python:3.8.6-slim-buster as runtime-image
|
||||||
|
|
||||||
RUN apt-get update
|
RUN apt-get update
|
||||||
RUN apt-get install -y --no-install-recommends gnupg libpq-dev
|
RUN apt-get install -y --no-install-recommends gnupg libpq-dev
|
||||||
RUN apt-get install -y --no-install-recommends jq
|
RUN apt-get install -y jq bash iputils-ping socat
|
||||||
|
|
||||||
COPY --from=compile-image /usr/local/bin/ /usr/local/bin/
|
COPY --from=compile-image /usr/local/bin/ /usr/local/bin/
|
||||||
COPY --from=compile-image /usr/local/etc/cic/ /usr/local/etc/cic/
|
COPY --from=compile-image /usr/local/etc/cic/ /usr/local/etc/cic/
|
||||||
|
COPY --from=compile-image /usr/local/lib/python3.8/site-packages/ \
|
||||||
|
/usr/local/lib/python3.8/site-packages/
|
||||||
|
|
||||||
RUN useradd --create-home grassroots
|
ENV EXTRA_INDEX_URL https://pip.grassrootseconomics.net:8433
|
||||||
WORKDIR /home/grassroots
|
# RUN useradd -u 1001 --create-home grassroots
|
||||||
# COPY python dependencies to user dir
|
# RUN adduser grassroots sudo && \
|
||||||
COPY --from=compile-image /home/grassroots/.local .local
|
# echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
|
||||||
ENV PATH=/home/grassroots/.local/bin:$PATH
|
# WORKDIR /home/grassroots
|
||||||
|
|
||||||
COPY contract-migration/testdata/pgp testdata/pgp
|
COPY contract-migration/testdata/pgp testdata/pgp
|
||||||
COPY contract-migration/sarafu_declaration.json sarafu_declaration.json
|
COPY contract-migration/sarafu_declaration.json sarafu_declaration.json
|
||||||
COPY contract-migration/keystore keystore
|
COPY contract-migration/keystore keystore
|
||||||
COPY contract-migration/envlist .
|
COPY contract-migration/envlist .
|
||||||
|
COPY contract-migration/scripts scripts/
|
||||||
|
|
||||||
# RUN chown grassroots:grassroots .local/
|
|
||||||
|
|
||||||
RUN mkdir -p /tmp/cic/config
|
|
||||||
RUN chown grassroots:grassroots /tmp/cic/config
|
|
||||||
# A shared output dir for environment configs
|
# A shared output dir for environment configs
|
||||||
|
RUN mkdir -p /tmp/cic/config
|
||||||
|
# RUN chown grassroots:grassroots /tmp/cic/config
|
||||||
RUN chmod a+rwx /tmp/cic/config
|
RUN chmod a+rwx /tmp/cic/config
|
||||||
|
|
||||||
COPY contract-migration/*.sh ./
|
COPY contract-migration/*.sh ./
|
||||||
RUN chown grassroots:grassroots -R .
|
# RUN chown grassroots:grassroots -R .
|
||||||
RUN chmod gu+x *.sh
|
RUN chmod gu+x *.sh
|
||||||
|
|
||||||
|
# we copied these from the root build container.
|
||||||
|
# this is dumb though...I guess the compile image should have the same user
|
||||||
|
# RUN chown grassroots:grassroots -R /usr/local/lib/python3.8/site-packages/
|
||||||
|
|
||||||
USER grassroots
|
# USER grassroots
|
||||||
|
|
||||||
ENTRYPOINT [ ]
|
ENTRYPOINT [ ]
|
||||||
|
Loading…
Reference in New Issue
Block a user