From e9bd41da781cd8ce16b416c4c175fbc01d6f8df3 Mon Sep 17 00:00:00 2001 From: Blink Date: Wed, 4 Jun 2025 19:16:03 +0000 Subject: [PATCH 1/3] feat: add Red Hat UBI9 development image --- images/redhat-ubi9/README.md | 153 +++++++++++++++++++++++++ images/redhat-ubi9/ubi9.Dockerfile | 178 +++++++++++++++++++++++++++++ 2 files changed, 331 insertions(+) create mode 100644 images/redhat-ubi9/README.md create mode 100644 images/redhat-ubi9/ubi9.Dockerfile diff --git a/images/redhat-ubi9/README.md b/images/redhat-ubi9/README.md new file mode 100644 index 0000000..980b05f --- /dev/null +++ b/images/redhat-ubi9/README.md @@ -0,0 +1,153 @@ +# Red Hat UBI9 Development Image + +A comprehensive development workspace image based on Red Hat Universal Base Image 9 (UBI9) for use with Coder. + +## Features + +### Base Operating System +- **Red Hat UBI9**: Enterprise-grade, security-focused base image +- **Enterprise Ready**: Red Hat supported with regular security updates +- **Compliance**: Meets enterprise security and compliance requirements + +### Development Tools + +#### Languages & Runtimes +- **Go 1.24.2**: Latest Go version with complete toolchain +- **Node.js 20**: Latest LTS with npm and pnpm +- **Python 3**: System Python with pip +- **Rust**: Latest stable with Cargo + +#### Go Development Tools +- `gopls` - Go language server +- `goimports` - Import management +- `moq` - Mock generation +- `swag` - Swagger documentation +- `swagger` - API client generation +- `migrate` - Database migrations +- `goreleaser` - Release automation +- `gotestsum` - Enhanced test output +- `kind` - Kubernetes in Docker +- `helm-docs` - Helm documentation +- `sqlc` - SQL code generation +- `ruleguard` - Custom linting rules +- `shfmt` - Shell script formatting +- `nfpm` - Package building +- `yq` - YAML processing +- `mockgen` - Interface mocking + +#### Infrastructure & DevOps +- **Docker CE**: Container development and deployment +- **Terraform**: Infrastructure as Code +- **kubectl**: Kubernetes command-line tool +- **Helm**: Kubernetes package manager + +#### Development Utilities +- **Git**: Version control +- **jq**: JSON processing +- **htop**: Process monitoring +- **tmux**: Terminal multiplexer +- **vim/nano**: Text editors +- **fish/zsh/bash**: Multiple shell options +- **pre-commit**: Git hooks framework + +#### Rust Tools +- `jj-cli` - Jujutsu version control +- `typos-cli` - Spell checker +- `watchexec-cli` - File watcher + +#### Protocol Buffers +- `protoc` - Protocol buffer compiler +- Go protobuf plugins + +## Usage + +### With Coder Templates + +Use this image in your Coder workspace templates: + +```hcl +resource "docker_image" "main" { + name = "codercom/enterprise-redhat-ubi9" +} + +resource "docker_container" "workspace" { + count = data.coder_workspace.me.start_count + image = docker_image.main.name + name = "coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}" + + # Add your configuration here +} +``` + +### Building Locally + +```bash +# Build the image +docker build -f ubi9.Dockerfile -t coder-redhat-ubi9 . + +# Run interactively +docker run -it --rm coder-redhat-ubi9 +``` + +### Environment Variables + +The image sets up the following environment: + +- `GOPATH=/home/coder/go` +- `GOROOT=/usr/local/go` +- `PATH` includes Go, Node.js, and all development tools +- `LANG=en_US.UTF-8` +- `LC_ALL=en_US.UTF-8` + +### User Configuration + +- **User**: `coder` (non-root) +- **Home**: `/home/coder` +- **Shell**: bash (with zsh and fish available) +- **Sudo**: Passwordless sudo access + +### Ports + +The following ports are exposed for development: + +- `3000` - Frontend development servers +- `8080` - Backend services +- `8443` - HTTPS services + +## Use Cases + +This image is ideal for: + +- **Go Development**: Complete Go development environment +- **Full-Stack Development**: Go backend + Node.js frontend +- **Cloud Native Development**: Kubernetes and container development +- **Infrastructure Development**: Terraform and DevOps workflows +- **Enterprise Environments**: Red Hat compliance and support +- **Multi-language Projects**: Go, Node.js, Python, Rust support + +## Security & Compliance + +- Based on Red Hat UBI9 for enterprise security +- Regular security updates from Red Hat +- Non-root user execution +- Minimal attack surface with curated tool selection +- Compliance with enterprise security policies + +## Size Optimization + +- Multi-stage build to minimize final image size +- Package cache cleanup +- Optimized layer structure +- Only essential development tools included + +## Support + +For issues related to: +- **This image**: Open an issue in the [coder/images](https://github.com/coder/images) repository +- **Coder platform**: Visit [coder.com/docs](https://coder.com/docs) +- **Red Hat UBI9**: Check [Red Hat documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9) + +## License + +This image configuration is provided under the same license as the Coder project. +Red Hat UBI9 is freely redistributable under Red Hat's Universal Base Image End User License Agreement. diff --git a/images/redhat-ubi9/ubi9.Dockerfile b/images/redhat-ubi9/ubi9.Dockerfile new file mode 100644 index 0000000..fb5aa65 --- /dev/null +++ b/images/redhat-ubi9/ubi9.Dockerfile @@ -0,0 +1,178 @@ +# Red Hat UBI9 based development container for Coder workspaces +# This Dockerfile creates a development environment based on Red Hat Universal Base Image 9 + +# Multi-stage build for Go tools +FROM registry.access.redhat.com/ubi9/go-toolset:1.21 AS go-builder + +USER root + +# Install Go manually to get the latest version +ARG GO_VERSION=1.24.2 +RUN curl -L "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" -o /tmp/go.tar.gz && \ + rm -rf /usr/local/go && \ + tar -C /usr/local -xzf /tmp/go.tar.gz && \ + rm /tmp/go.tar.gz + +ENV PATH=/usr/local/go/bin:$PATH +ENV GOPATH=/tmp/go + +# Install Go development tools +RUN mkdir -p "$GOPATH" && \ + go install github.com/matryer/moq@v0.2.3 && \ + go install github.com/swaggo/swag/cmd/swag@v1.7.4 && \ + go install github.com/go-swagger/go-swagger/cmd/swagger@v0.28.0 && \ + go install golang.org/x/tools/cmd/goimports@v0.31.0 && \ + go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.30 && \ + go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.34 && \ + go install github.com/golang-migrate/migrate/v4/cmd/migrate@v4.15.1 && \ + go install github.com/goreleaser/goreleaser@v1.6.1 && \ + go install golang.org/x/tools/gopls@v0.18.1 && \ + go install gotest.tools/gotestsum@v1.9.0 && \ + go install github.com/mattn/goveralls@v0.0.11 && \ + go install sigs.k8s.io/kind@v0.10.0 && \ + go install github.com/norwoodj/helm-docs/cmd/helm-docs@v1.5.0 && \ + CGO_ENABLED=1 go install github.com/sqlc-dev/sqlc/cmd/sqlc@v1.27.0 && \ + go install github.com/sethvargo/gcr-cleaner/cmd/gcr-cleaner-cli@v0.5.1 && \ + go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@v0.3.13 && \ + go install mvdan.cc/sh/v3/cmd/shfmt@v3.7.0 && \ + go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.35.1 && \ + go install github.com/mikefarah/yq/v4@v4.44.3 && \ + mv /tmp/go/bin/yq /tmp/go/bin/yq4 && \ + go install go.uber.org/mock/mockgen@v0.5.0 + +# Rust tools stage +FROM registry.access.redhat.com/ubi9/ubi:latest AS rust-builder + +RUN dnf install -y gcc openssl-devel pkg-config && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + +ENV PATH="/root/.cargo/bin:${PATH}" +ENV CARGO_INSTALL_ROOT=/tmp/cargo + +RUN cargo install jj-cli typos-cli watchexec-cli + +# Protocol Buffers stage +FROM registry.access.redhat.com/ubi9/ubi-minimal:latest AS proto-builder + +RUN microdnf install -y curl unzip && \ + curl -L -o /tmp/protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v23.4/protoc-23.4-linux-x86_64.zip && \ + cd /tmp && unzip protoc.zip && rm protoc.zip + +# Main development image +FROM registry.access.redhat.com/ubi9/ubi:latest + +LABEL name="coder-redhat-ubi9" \ + vendor="Red Hat" \ + version="1.0" \ + release="1" \ + summary="Coder workspace image based on Red Hat UBI9" \ + description="A Red Hat UBI9 based workspace image for Coder with Go, Node.js, and development tools" + +# Create coder user +RUN useradd -m -s /bin/bash coder && \ + echo 'coder ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/coder && \ + chmod 640 /etc/sudoers.d/coder + +# Install EPEL and enable additional repositories +RUN dnf install -y epel-release && \ + dnf config-manager --set-enabled crb + +# Install development packages +RUN dnf update -y && \ + dnf groupinstall -y "Development Tools" && \ + dnf install -y \ + bash-completion \ + bind-utils \ + cmake \ + curl \ + file \ + fish \ + git \ + htop \ + jq \ + less \ + make \ + nano \ + openssh-clients \ + procps-ng \ + python3 \ + python3-pip \ + rsync \ + sudo \ + tar \ + tmux \ + tree \ + unzip \ + vim \ + wget \ + which \ + zip \ + zsh && \ + dnf clean all + +# Install Node.js 20 from NodeSource +RUN curl -fsSL https://rpm.nodesource.com/setup_20.x | bash - && \ + dnf install -y nodejs + +# Install pnpm +RUN npm install -g pnpm + +# Install Docker CE +RUN dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo && \ + dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin + +# Install Terraform +RUN dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo && \ + dnf install -y terraform + +# Install kubectl +RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" && \ + install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl && \ + rm kubectl + +# Install Helm +RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash + +# Copy Go tools from builder stage +COPY --from=go-builder /tmp/go/bin/* /usr/local/bin/ +COPY --from=go-builder /usr/local/go /usr/local/go + +# Copy Rust tools from builder stage +COPY --from=rust-builder /tmp/cargo/bin/* /usr/local/bin/ + +# Copy Protocol Buffers from builder stage +COPY --from=proto-builder /tmp/bin/protoc /usr/local/bin/ +COPY --from=proto-builder /tmp/include /usr/local/include + +# Set up Go environment +ENV PATH=/usr/local/go/bin:$PATH +ENV GOPATH=/home/coder/go +ENV GOPROXY=https://proxy.golang.org,direct +ENV GOSUMDB=sum.golang.org + +# Set up development environment +RUN mkdir -p /home/coder/go/{bin,src,pkg} && \ + chown -R coder:coder /home/coder + +# Install additional development tools +RUN pip3 install --user pre-commit + +# Set locale +ENV LANG=en_US.UTF-8 +ENV LC_ALL=en_US.UTF-8 + +# Switch to coder user +USER coder +WORKDIR /home/coder + +# Set up shell environment +RUN echo 'export PATH="$PATH:/usr/local/go/bin:$GOPATH/bin"' >> ~/.bashrc && \ + echo 'export GOPATH="$HOME/go"' >> ~/.bashrc && \ + echo 'alias ll="ls -la"' >> ~/.bashrc && \ + echo 'alias la="ls -A"' >> ~/.bashrc && \ + echo 'alias l="ls -CF"' >> ~/.bashrc + +# Expose common development ports +EXPOSE 3000 8080 8443 + +CMD ["/bin/bash"] From b8027479235937d4dc0aa82c733470c85852e2b2 Mon Sep 17 00:00:00 2001 From: Blink Date: Wed, 4 Jun 2025 19:20:32 +0000 Subject: [PATCH 2/3] refactor: make Red Hat UBI9 image minimal like Ubuntu base - Simplified Dockerfile to match Ubuntu base image pattern - Removed multi-stage builds and extensive tooling - Kept only essential packages: Docker, Git, Python, development tools - Updated README to reflect minimal base image approach - Image now serves as extensible base rather than comprehensive environment - Follows coder/images repository conventions for base images --- images/redhat-ubi9/README.md | 124 ++++++++---------- images/redhat-ubi9/ubi9.Dockerfile | 204 ++++++----------------------- 2 files changed, 92 insertions(+), 236 deletions(-) diff --git a/images/redhat-ubi9/README.md b/images/redhat-ubi9/README.md index 980b05f..5c65d93 100644 --- a/images/redhat-ubi9/README.md +++ b/images/redhat-ubi9/README.md @@ -1,6 +1,10 @@ -# Red Hat UBI9 Development Image +# Red Hat UBI9 Base Image -A comprehensive development workspace image based on Red Hat Universal Base Image 9 (UBI9) for use with Coder. +[![Docker Pulls](https://img.shields.io/docker/pulls/codercom/enterprise-redhat-ubi9?label=codercom%2Fenterprise-redhat-ubi9)](https://hub.docker.com/r/codercom/enterprise-redhat-ubi9) + +## Description + +A minimal base image based on Red Hat Universal Base Image 9 (UBI9) for use with Coder workspaces. This image provides enterprise-grade security and compliance while maintaining a minimal footprint. ## Features @@ -8,62 +12,31 @@ A comprehensive development workspace image based on Red Hat Universal Base Imag - **Red Hat UBI9**: Enterprise-grade, security-focused base image - **Enterprise Ready**: Red Hat supported with regular security updates - **Compliance**: Meets enterprise security and compliance requirements +- **Minimal**: Only essential packages included -### Development Tools +### Included Tools -#### Languages & Runtimes -- **Go 1.24.2**: Latest Go version with complete toolchain -- **Node.js 20**: Latest LTS with npm and pnpm -- **Python 3**: System Python with pip -- **Rust**: Latest stable with Cargo - -#### Go Development Tools -- `gopls` - Go language server -- `goimports` - Import management -- `moq` - Mock generation -- `swag` - Swagger documentation -- `swagger` - API client generation -- `migrate` - Database migrations -- `goreleaser` - Release automation -- `gotestsum` - Enhanced test output -- `kind` - Kubernetes in Docker -- `helm-docs` - Helm documentation -- `sqlc` - SQL code generation -- `ruleguard` - Custom linting rules -- `shfmt` - Shell script formatting -- `nfpm` - Package building -- `yq` - YAML processing -- `mockgen` - Interface mocking - -#### Infrastructure & DevOps +#### Essential Development Tools +- **Development Tools**: GCC, make, and essential build tools - **Docker CE**: Container development and deployment -- **Terraform**: Infrastructure as Code -- **kubectl**: Kubernetes command-line tool -- **Helm**: Kubernetes package manager - -#### Development Utilities - **Git**: Version control +- **Python 3**: System Python with pip +- **Bash**: Default shell + +#### System Utilities +- **curl/wget**: HTTP clients - **jq**: JSON processing - **htop**: Process monitoring -- **tmux**: Terminal multiplexer -- **vim/nano**: Text editors -- **fish/zsh/bash**: Multiple shell options -- **pre-commit**: Git hooks framework - -#### Rust Tools -- `jj-cli` - Jujutsu version control -- `typos-cli` - Spell checker -- `watchexec-cli` - File watcher - -#### Protocol Buffers -- `protoc` - Protocol buffer compiler -- Go protobuf plugins +- **vim**: Text editor +- **unzip**: Archive extraction +- **rsync**: File synchronization +- **systemd**: System and service manager ## Usage ### With Coder Templates -Use this image in your Coder workspace templates: +Use this image as a base in your Coder workspace templates: ```hcl resource "docker_image" "main" { @@ -79,6 +52,24 @@ resource "docker_container" "workspace" { } ``` +### Extending This Image + +Extend this image with additional tooling and language packages: + +```dockerfile +FROM codercom/enterprise-redhat-ubi9 + +# Install Go +RUN curl -L "https://go.dev/dl/go1.24.2.linux-amd64.tar.gz" | tar -C /usr/local -xz +ENV PATH=/usr/local/go/bin:$PATH + +# Install Node.js +RUN curl -fsSL https://rpm.nodesource.com/setup_20.x | bash - && \ + dnf install -y nodejs + +# Add your tools here +``` + ### Building Locally ```bash @@ -89,57 +80,44 @@ docker build -f ubi9.Dockerfile -t coder-redhat-ubi9 . docker run -it --rm coder-redhat-ubi9 ``` +## How To Use It + +Extend this image with additional tooling and language packages. + ### Environment Variables The image sets up the following environment: -- `GOPATH=/home/coder/go` -- `GOROOT=/usr/local/go` -- `PATH` includes Go, Node.js, and all development tools - `LANG=en_US.UTF-8` +- `LANGUAGE=en_US.UTF-8` - `LC_ALL=en_US.UTF-8` ### User Configuration - **User**: `coder` (non-root) - **Home**: `/home/coder` -- **Shell**: bash (with zsh and fish available) +- **Shell**: bash - **Sudo**: Passwordless sudo access - -### Ports - -The following ports are exposed for development: - -- `3000` - Frontend development servers -- `8080` - Backend services -- `8443` - HTTPS services +- **Groups**: docker (for Docker access) ## Use Cases -This image is ideal for: +This base image is ideal for: -- **Go Development**: Complete Go development environment -- **Full-Stack Development**: Go backend + Node.js frontend -- **Cloud Native Development**: Kubernetes and container development -- **Infrastructure Development**: Terraform and DevOps workflows - **Enterprise Environments**: Red Hat compliance and support -- **Multi-language Projects**: Go, Node.js, Python, Rust support +- **Container Development**: Docker and containerized applications +- **Custom Development Images**: Extend with specific language runtimes +- **Security-Conscious Deployments**: Minimal attack surface +- **Compliance Requirements**: Red Hat enterprise support ## Security & Compliance - Based on Red Hat UBI9 for enterprise security - Regular security updates from Red Hat - Non-root user execution -- Minimal attack surface with curated tool selection +- Minimal package installation - Compliance with enterprise security policies -## Size Optimization - -- Multi-stage build to minimize final image size -- Package cache cleanup -- Optimized layer structure -- Only essential development tools included - ## Support For issues related to: diff --git a/images/redhat-ubi9/ubi9.Dockerfile b/images/redhat-ubi9/ubi9.Dockerfile index fb5aa65..12c4e2b 100644 --- a/images/redhat-ubi9/ubi9.Dockerfile +++ b/images/redhat-ubi9/ubi9.Dockerfile @@ -1,178 +1,56 @@ -# Red Hat UBI9 based development container for Coder workspaces -# This Dockerfile creates a development environment based on Red Hat Universal Base Image 9 - -# Multi-stage build for Go tools -FROM registry.access.redhat.com/ubi9/go-toolset:1.21 AS go-builder - -USER root - -# Install Go manually to get the latest version -ARG GO_VERSION=1.24.2 -RUN curl -L "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" -o /tmp/go.tar.gz && \ - rm -rf /usr/local/go && \ - tar -C /usr/local -xzf /tmp/go.tar.gz && \ - rm /tmp/go.tar.gz - -ENV PATH=/usr/local/go/bin:$PATH -ENV GOPATH=/tmp/go - -# Install Go development tools -RUN mkdir -p "$GOPATH" && \ - go install github.com/matryer/moq@v0.2.3 && \ - go install github.com/swaggo/swag/cmd/swag@v1.7.4 && \ - go install github.com/go-swagger/go-swagger/cmd/swagger@v0.28.0 && \ - go install golang.org/x/tools/cmd/goimports@v0.31.0 && \ - go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.30 && \ - go install storj.io/drpc/cmd/protoc-gen-go-drpc@v0.0.34 && \ - go install github.com/golang-migrate/migrate/v4/cmd/migrate@v4.15.1 && \ - go install github.com/goreleaser/goreleaser@v1.6.1 && \ - go install golang.org/x/tools/gopls@v0.18.1 && \ - go install gotest.tools/gotestsum@v1.9.0 && \ - go install github.com/mattn/goveralls@v0.0.11 && \ - go install sigs.k8s.io/kind@v0.10.0 && \ - go install github.com/norwoodj/helm-docs/cmd/helm-docs@v1.5.0 && \ - CGO_ENABLED=1 go install github.com/sqlc-dev/sqlc/cmd/sqlc@v1.27.0 && \ - go install github.com/sethvargo/gcr-cleaner/cmd/gcr-cleaner-cli@v0.5.1 && \ - go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@v0.3.13 && \ - go install mvdan.cc/sh/v3/cmd/shfmt@v3.7.0 && \ - go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.35.1 && \ - go install github.com/mikefarah/yq/v4@v4.44.3 && \ - mv /tmp/go/bin/yq /tmp/go/bin/yq4 && \ - go install go.uber.org/mock/mockgen@v0.5.0 - -# Rust tools stage -FROM registry.access.redhat.com/ubi9/ubi:latest AS rust-builder - -RUN dnf install -y gcc openssl-devel pkg-config && \ - curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y - -ENV PATH="/root/.cargo/bin:${PATH}" -ENV CARGO_INSTALL_ROOT=/tmp/cargo - -RUN cargo install jj-cli typos-cli watchexec-cli - -# Protocol Buffers stage -FROM registry.access.redhat.com/ubi9/ubi-minimal:latest AS proto-builder - -RUN microdnf install -y curl unzip && \ - curl -L -o /tmp/protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v23.4/protoc-23.4-linux-x86_64.zip && \ - cd /tmp && unzip protoc.zip && rm protoc.zip - -# Main development image FROM registry.access.redhat.com/ubi9/ubi:latest -LABEL name="coder-redhat-ubi9" \ - vendor="Red Hat" \ - version="1.0" \ - release="1" \ - summary="Coder workspace image based on Red Hat UBI9" \ - description="A Red Hat UBI9 based workspace image for Coder with Go, Node.js, and development tools" - -# Create coder user -RUN useradd -m -s /bin/bash coder && \ - echo 'coder ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/coder && \ - chmod 640 /etc/sudoers.d/coder +USER root -# Install EPEL and enable additional repositories -RUN dnf install -y epel-release && \ - dnf config-manager --set-enabled crb +# Install the Docker CE repository +RUN dnf install -y ca-certificates curl && \ + dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo && \ + dnf clean all -# Install development packages +# Install baseline packages RUN dnf update -y && \ dnf groupinstall -y "Development Tools" && \ - dnf install -y \ - bash-completion \ - bind-utils \ - cmake \ - curl \ - file \ - fish \ - git \ - htop \ - jq \ - less \ - make \ - nano \ - openssh-clients \ - procps-ng \ - python3 \ - python3-pip \ - rsync \ - sudo \ - tar \ - tmux \ - tree \ - unzip \ - vim \ - wget \ - which \ - zip \ - zsh && \ + dnf install -y --setopt=install_weak_deps=False \ + bash \ + containerd.io \ + curl \ + docker-ce \ + docker-ce-cli \ + docker-buildx-plugin \ + docker-compose-plugin \ + git \ + htop \ + jq \ + python3 \ + python3-pip \ + sudo \ + systemd \ + unzip \ + vim \ + wget \ + rsync && \ dnf clean all -# Install Node.js 20 from NodeSource -RUN curl -fsSL https://rpm.nodesource.com/setup_20.x | bash - && \ - dnf install -y nodejs +# Enable Docker starting with systemd +RUN systemctl enable docker -# Install pnpm -RUN npm install -g pnpm - -# Install Docker CE -RUN dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo && \ - dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin - -# Install Terraform -RUN dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo && \ - dnf install -y terraform - -# Install kubectl -RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" && \ - install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl && \ - rm kubectl - -# Install Helm -RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - -# Copy Go tools from builder stage -COPY --from=go-builder /tmp/go/bin/* /usr/local/bin/ -COPY --from=go-builder /usr/local/go /usr/local/go - -# Copy Rust tools from builder stage -COPY --from=rust-builder /tmp/cargo/bin/* /usr/local/bin/ - -# Copy Protocol Buffers from builder stage -COPY --from=proto-builder /tmp/bin/protoc /usr/local/bin/ -COPY --from=proto-builder /tmp/include /usr/local/include - -# Set up Go environment -ENV PATH=/usr/local/go/bin:$PATH -ENV GOPATH=/home/coder/go -ENV GOPROXY=https://proxy.golang.org,direct -ENV GOSUMDB=sum.golang.org - -# Set up development environment -RUN mkdir -p /home/coder/go/{bin,src,pkg} && \ - chown -R coder:coder /home/coder - -# Install additional development tools -RUN pip3 install --user pre-commit +# Create a symlink for standalone docker-compose usage +RUN ln -s /usr/libexec/docker/cli-plugins/docker-compose /usr/bin/docker-compose # Set locale +RUN dnf install -y glibc-langpack-en && \ + dnf clean all ENV LANG=en_US.UTF-8 +ENV LANGUAGE=en_US.UTF-8 ENV LC_ALL=en_US.UTF-8 -# Switch to coder user -USER coder -WORKDIR /home/coder +# Add a user `coder` so that you're not developing as the `root` user +RUN useradd coder \ + --create-home \ + --shell=/bin/bash \ + --groups=docker \ + --uid=1000 \ + --user-group && \ + echo "coder ALL=(ALL) NOPASSWD:ALL" >>/etc/sudoers.d/nopasswd -# Set up shell environment -RUN echo 'export PATH="$PATH:/usr/local/go/bin:$GOPATH/bin"' >> ~/.bashrc && \ - echo 'export GOPATH="$HOME/go"' >> ~/.bashrc && \ - echo 'alias ll="ls -la"' >> ~/.bashrc && \ - echo 'alias la="ls -A"' >> ~/.bashrc && \ - echo 'alias l="ls -CF"' >> ~/.bashrc - -# Expose common development ports -EXPOSE 3000 8080 8443 - -CMD ["/bin/bash"] +USER coder From f9d25f55d81e2ac19c3e3f5ab83a3989399d50c3 Mon Sep 17 00:00:00 2001 From: Blink Date: Wed, 4 Jun 2025 19:42:05 +0000 Subject: [PATCH 3/3] fix: format README.md with dprint - Add required blank lines after headings - Fixes CI formatting check failure --- images/redhat-ubi9/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/images/redhat-ubi9/README.md b/images/redhat-ubi9/README.md index 5c65d93..a4de14d 100644 --- a/images/redhat-ubi9/README.md +++ b/images/redhat-ubi9/README.md @@ -9,6 +9,7 @@ A minimal base image based on Red Hat Universal Base Image 9 (UBI9) for use with ## Features ### Base Operating System + - **Red Hat UBI9**: Enterprise-grade, security-focused base image - **Enterprise Ready**: Red Hat supported with regular security updates - **Compliance**: Meets enterprise security and compliance requirements @@ -17,6 +18,7 @@ A minimal base image based on Red Hat Universal Base Image 9 (UBI9) for use with ### Included Tools #### Essential Development Tools + - **Development Tools**: GCC, make, and essential build tools - **Docker CE**: Container development and deployment - **Git**: Version control @@ -24,6 +26,7 @@ A minimal base image based on Red Hat Universal Base Image 9 (UBI9) for use with - **Bash**: Default shell #### System Utilities + - **curl/wget**: HTTP clients - **jq**: JSON processing - **htop**: Process monitoring @@ -121,6 +124,7 @@ This base image is ideal for: ## Support For issues related to: + - **This image**: Open an issue in the [coder/images](https://github.com/coder/images) repository - **Coder platform**: Visit [coder.com/docs](https://coder.com/docs) - **Red Hat UBI9**: Check [Red Hat documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9)