# Copyright 2017-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. # # Licensed under the Amazon Software License (the "License"). You may not use this file except in compliance with the License. # A copy of the License is located at # # http://aws.amazon.com/asl/ # # or in the "license" file accompanying this file. # This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied. # See the License for the specific language governing permissions and limitations under the License. # FROM ubuntu:14.04.5 ENV DOCKER_BUCKET="download.docker.com" \ DOCKER_VERSION="18.09.0" \ DOCKER_CHANNEL="stable" \ DOCKER_SHA256="08795696e852328d66753963249f4396af2295a7fe2847b839f7102e25e47cb9" \ DIND_COMMIT="3b5fac462d21ca164b3778647420016315289034" \ DOCKER_COMPOSE_VERSION="1.23.2" \ GITVERSION_VERSION="3.6.5" # Install git, SSH, and other utilities RUN set -ex \ && echo 'Acquire::CompressionTypes::Order:: "gz";' > /etc/apt/apt.conf.d/99use-gzip-compression \ && apt-get update \ && apt install -y apt-transport-https \ && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF \ && echo "deb https://download.mono-project.com/repo/ubuntu stable-trusty main" | tee /etc/apt/sources.list.d/mono-official-stable.list \ && apt-get update \ && apt-get install software-properties-common -y --no-install-recommends \ && apt-add-repository ppa:git-core/ppa \ && apt-get update \ && apt-get install git=1:2.* -y --no-install-recommends \ && git version \ && apt-get install -y --no-install-recommends openssh-client=1:6.6* \ && mkdir ~/.ssh \ && touch ~/.ssh/known_hosts \ && ssh-keyscan -t rsa,dsa -H github.com >> ~/.ssh/known_hosts \ && ssh-keyscan -t rsa,dsa -H bitbucket.org >> ~/.ssh/known_hosts \ && chmod 600 ~/.ssh/known_hosts \ && apt-get install -y --no-install-recommends \ wget=1.15-* python3=3.4.* python3.4-dev=3.4.* fakeroot=1.20-* ca-certificates jq \ tar=1.27.* gzip=1.6-* zip=3.0-* autoconf=2.69-* automake=1:1.14.* \ bzip2=1.0.* file=1:5.14-* g++=4:4.8.* gcc=4:4.8.* imagemagick=8:6.7.* \ libbz2-dev=1.0.* libc6-dev=2.19-* libcurl4-openssl-dev=7.35.* libdb-dev=1:5.3.* \ libevent-dev=2.0.* libffi-dev=3.1~* libgeoip-dev=1.6.* libglib2.0-dev=2.40.* \ libjpeg-dev=8c-* libkrb5-dev=1.12+* liblzma-dev=5.1.* \ libmagickcore-dev=8:6.7.* libmagickwand-dev=8:6.7.* libmysqlclient-dev=5.5.* \ libncurses5-dev=5.9+* libpng12-dev=1.2.* libpq-dev=9.3.* libreadline-dev=6.3-* \ libsqlite3-dev=3.8.* libssl-dev=1.0.* libtool=2.4.* libwebp-dev=0.4.* \ libxml2-dev=2.9.* libxslt1-dev=1.1.* libyaml-dev=0.1.* make=3.81-* \ patch=2.7.* xz-utils=5.1.* zlib1g-dev=1:1.2.* unzip=6.0-* curl=7.35.* \ e2fsprogs=1.42.* iptables=1.4.* xfsprogs=3.1.* xz-utils=5.1.* \ mono-devel=5.* less=458-* groff=1.22.* liberror-perl=0.17-* \ asciidoc=8.6.* build-essential=11.* bzr=2.6.* cvs=2:1.12.* cvsps=2.1-* docbook-xml=4.5-* docbook-xsl=1.78.* dpkg-dev=1.17.* \ libdbd-sqlite3-perl=1.40-* libdbi-perl=1.630-* libdpkg-perl=1.17.* libhttp-date-perl=6.02-* \ libio-pty-perl=1:1.08-* libserf-1-1=1.3.* libsvn-perl=1.8.* libsvn1=1.8.* libtcl8.6=8.6.* libtimedate-perl=2.3000-* \ libunistring0=0.9.* libxml2-utils=2.9.* libyaml-perl=0.84-* python-bzrlib=2.6.* python-configobj=4.7.* \ sgml-base=1.26+* sgml-data=2.0.* subversion=1.8.* tcl=8.6.* tcl8.6=8.6.* xml-core=0.13+* xmlto=0.0.* xsltproc=1.1.* python3-pip \ tk=8.6.* gettext=0.18.* gettext-base=0.18.* libapr1=1.5.* libaprutil1=1.5.* libasprintf0c2=0.18.* \ && rm -rf /var/lib/apt/lists/* \ && apt-get clean # Download and set up GitVersion RUN set -ex \ && wget "https://github.com/GitTools/GitVersion/releases/download/v${GITVERSION_VERSION}/GitVersion_${GITVERSION_VERSION}.zip" -O /tmp/GitVersion_${GITVERSION_VERSION}.zip \ && mkdir -p /usr/local/GitVersion_${GITVERSION_VERSION} \ && unzip /tmp/GitVersion_${GITVERSION_VERSION}.zip -d /usr/local/GitVersion_${GITVERSION_VERSION} \ && rm /tmp/GitVersion_${GITVERSION_VERSION}.zip \ && echo "mono /usr/local/GitVersion_${GITVERSION_VERSION}/GitVersion.exe \$@" >> /usr/local/bin/gitversion \ && chmod +x /usr/local/bin/gitversion # Install Docker RUN set -ex \ && curl -fSL "https://${DOCKER_BUCKET}/linux/static/${DOCKER_CHANNEL}/x86_64/docker-${DOCKER_VERSION}.tgz" -o docker.tgz \ && echo "${DOCKER_SHA256} *docker.tgz" | sha256sum -c - \ && tar --extract --file docker.tgz --strip-components 1 --directory /usr/local/bin/ \ && rm docker.tgz \ && docker -v \ # set up subuid/subgid so that "--userns-remap=default" works out-of-the-box && addgroup dockremap \ && useradd -g dockremap dockremap \ && echo 'dockremap:165536:65536' >> /etc/subuid \ && echo 'dockremap:165536:65536' >> /etc/subgid \ && wget "https://raw.githubusercontent.com/docker/docker/${DIND_COMMIT}/hack/dind" -O /usr/local/bin/dind \ && curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-Linux-x86_64 > /usr/local/bin/docker-compose \ && chmod +x /usr/local/bin/dind /usr/local/bin/docker-compose \ # Ensure docker-compose works && docker-compose version # Install dependencies by all python images equivalent to buildpack-deps:jessie # on the public repos. RUN set -ex \ && pip3 install awscli boto3 VOLUME /var/lib/docker # Configure SSH COPY ssh_config /root/.ssh/config COPY dockerd-entrypoint.sh /usr/local/bin/ ENV GPG_KEYS A917B1ECDA84AEC2B568FED6F50ABC807BD5DCD0 528995BFEDFBA7191D46839EF9BA0ADA31CBD89E 1729F83938DA44E27BA0F4D3DBDB397470D12172 ENV SRC_DIR="/usr/src" \ PHP_VERSION=7.1.16 \ PHP_DOWNLOAD_SHA="a5d67e477248a3911af7ef85c8400c1ba8cd632184186fd31070b96714e669f1" \ PHPPATH="/php" \ PHP_INI_DIR="/usr/local/etc/php" \ PHP_CFLAGS="-fstack-protector -fpic -fpie -O2" \ PHP_LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie" ENV PHP_SRC_DIR="$SRC_DIR/php" \ PHP_CPPFLAGS="$PHP_CFLAGS" \ PHP_URL="https://secure.php.net/get/php-$PHP_VERSION.tar.xz/from/this/mirror" \ PHP_ASC_URL="https://secure.php.net/get/php-$PHP_VERSION.tar.xz.asc/from/this/mirror" # Install PHP RUN set -xe; \ mkdir -p $SRC_DIR; \ cd $SRC_DIR; \ wget -O php.tar.xz "$PHP_URL"; \ echo "$PHP_DOWNLOAD_SHA *php.tar.xz" | sha256sum -c -; \ wget -O php.tar.xz.asc "$PHP_ASC_URL"; \ export GNUPGHOME="$(mktemp -d)"; \ for key in $GPG_KEYS; do \ gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ done; \ gpg --batch --verify php.tar.xz.asc php.tar.xz; \ rm -rf "$GNUPGHOME"; \ set -eux; \ savedAptMark="$(apt-mark showmanual)"; \ apt-get update; \ apt-get install -y --no-install-recommends libedit-dev=3.1-* dpkg-dev=1.17.*; \ rm -rf /var/lib/apt/lists/*; \ apt-get clean; \ export \ CFLAGS="$PHP_CFLAGS" \ CPPFLAGS="$PHP_CPPFLAGS" \ LDFLAGS="$PHP_LDFLAGS" \ ; \ mkdir -p $PHP_SRC_DIR; \ tar -Jxf $SRC_DIR/php.tar.xz -C $PHP_SRC_DIR --strip-components=1; \ cd $SRC_DIR/php; \ gnuArch="$(dpkg-architecture -qDEB_BUILD_GNU_TYPE)"; \ debMultiarch="$(dpkg-architecture -qDEB_BUILD_MULTIARCH)"; \ # https://bugs.php.net/bug.php?id=74125 if [ ! -d /usr/include/curl ]; then \ ln -sT "/usr/include/$debMultiarch/curl" /usr/local/include/curl; \ fi; \ ./configure \ --build="$gnuArch" \ --with-config-file-path="$PHP_INI_DIR" \ --with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \ --disable-cgi \ # --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236) --enable-ftp \ # --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195) --enable-mbstring \ # --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself) --enable-mysqlnd \ --enable-sockets \ --enable-pcntl \ # https://wiki.php.net/rfc/argon2_password_hash (7.2+) --with-password-argon2 \ --with-curl \ --with-pdo-pgsql \ --with-pdo-mysql \ --with-libedit \ --with-openssl \ --with-zlib \ # bundled pcre does not support JIT on s390x # https://manpages.debian.org/stretch/libpcre3-dev/pcrejit.3.en.html#AVAILABILITY_OF_JIT_SUPPORT $(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \ --with-libdir="lib/$debMultiarch" \ ${PHP_EXTRA_CONFIGURE_ARGS:-} \ ; \ make -j "$(nproc)"; \ make test; \ make install; \ find /usr/local/bin /usr/local/sbin -type f -executable -exec strip --strip-all '{}' + || true; \ make clean; \ cd /; \ rm -rf $PHP_SRC_DIR; \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ find /usr/local -type f -executable -exec ldd '{}' ';' \ | awk '/=>/ { print $(NF-1) }' \ | sort -u \ | xargs -r dpkg-query --search \ | cut -d: -f1 \ | sort -u \ | xargs -r apt-mark manual \ ; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ php --version; \ pecl update-channels; \ rm -rf /tmp/pear ~/.pearrc; \ # Increase the memory size, default is 128M mkdir "$PHP_INI_DIR"; \ mkdir "$PHP_INI_DIR/conf.d"; \ touch "$PHP_INI_DIR/conf.d/memory.ini" \ && echo "memory_limit = 1G;" >> "$PHP_INI_DIR/conf.d/memory.ini"; ENV PATH="$PHPPATH/bin:/usr/local/php/bin:$PATH" # Install Composer globally RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer WORKDIR $PHPPATH