From 7d1452e1c26e2c0cd45f6a93f57e1d1ebc44b97f Mon Sep 17 00:00:00 2001 From: 3rdvision Date: Wed, 20 Mar 2024 17:36:53 +0000 Subject: [PATCH] chore: adapt to rootless user --- realtime/base/Dockerfile | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/realtime/base/Dockerfile b/realtime/base/Dockerfile index ca80716..67b8222 100644 --- a/realtime/base/Dockerfile +++ b/realtime/base/Dockerfile @@ -10,9 +10,9 @@ ENV PYTHONFAULTHANDLER=1 ENV PYTHONUNBUFFERED=1 ENV PYTHONHASHSEED=random ENV PYTHONDONTWRITEBYTECODE=1 -ENV HOME="/root" -ENV PYENV_ROOT $HOME/.pyenv -ENV PATH $PYENV_ROOT/shims:$PYENV_ROOT/bin:$PATH +ENV HOME="/home/realtime" +ENV PYENV_ROOT="$HOME/.pyenv" +ENV PATH="$PYENV_ROOT/shims:$PATH" SHELL ["/bin/bash", "-o", "pipefail", "-c"] @@ -20,12 +20,6 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN apt-get update &&\ DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get install -q -y --no-install-recommends curl wget jq gnupg gnupg2 ca-certificates git build-essential libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev rclone -# install python and poetry with pyenv -RUN git clone https://github.com/pyenv/pyenv.git /pyenv && \ - /pyenv/bin/pyenv install $PYTHON_VERSION && \ - eval "$(/pyenv/bin/pyenv init -)" && /pyenv/bin/pyenv local $PYTHON_VERSION && pip install numpy poetry setuptools wheel six auditwheel && \ - pip install poetry==$POETRY_VERSION - # install google-chrome RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - && \ echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list && \ @@ -49,4 +43,14 @@ RUN wget -c -O KTX.deb https://github.com/KhronosGroup/KTX-Software/releases/dow dpkg -i KTX.deb && \ rm KTX.deb +# creat realtime user +RUN groupadd --gid 10000 realtime && useradd --uid 10000 --gid 10000 --shell /bin/bash --create-home realtime + +# install python and poetry with pyenv +USER realtime +RUN git clone https://github.com/pyenv/pyenv.git $HOME/pyenv && \ + $HOME/pyenv/bin/pyenv install $PYTHON_VERSION && \ + eval "$($HOME/pyenv/bin/pyenv init -)" && $HOME/pyenv/bin/pyenv global $PYTHON_VERSION && pip install numpy poetry setuptools wheel six auditwheel && \ + pip install poetry==$POETRY_VERSION + CMD ["tail", "-f", "/dev/null"]