Skip to content

Commit

Permalink
fix: remove non-root user from the base library/ubuntu image
Browse files Browse the repository at this point in the history
  • Loading branch information
@eitsupi
eitsupi committed Nov 13, 2024
1 parent 6416a0a commit e3a6b1d
Show file tree
Hide file tree
Showing 40 changed files with 320 additions and 40 deletions.
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/cuda.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/geospatial.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:{{ubuntu_series}}

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

COPY scripts/install_tidyverse.sh /rocker_scripts/install_tidyverse.sh
RUN /rocker_scripts/install_tidyverse.sh
Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/ml-verse.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/ml.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/r-ver.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:{{ubuntu_series}}

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/rstudio.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:{{ubuntu_series}}

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

ENV S6_VERSION="v2.1.0.2"
ENV RSTUDIO_VERSION="{{rstudio_version}}"
Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/shiny-verse.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:{{ubuntu_series}}

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

COPY scripts/install_tidyverse.sh /rocker_scripts/install_tidyverse.sh
RUN /rocker_scripts/install_tidyverse.sh
Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/shiny.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:{{ubuntu_series}}

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

ENV S6_VERSION="v2.1.0.2"
ENV SHINY_SERVER_VERSION="latest"
Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/tidyverse.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:{{ubuntu_series}}

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

COPY scripts/install_tidyverse.sh /rocker_scripts/install_tidyverse.sh
RUN /rocker_scripts/install_tidyverse.sh
Expand Down
9 changes: 8 additions & 1 deletion build/templates/dockerfiles/verse.Dockerfile.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:{{ubuntu_series}}

ENV R_VERSION="{{r_version}}"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

COPY scripts/install_tidyverse.sh /rocker_scripts/install_tidyverse.sh
RUN /rocker_scripts/install_tidyverse.sh
Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/cuda_4.4.1.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="4.4.1"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/cuda_4.4.2.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="4.4.2"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/cuda_devel.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="devel"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/geospatial_4.4.1.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:jammy

ENV R_VERSION="4.4.1"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

COPY scripts/install_tidyverse.sh /rocker_scripts/install_tidyverse.sh
RUN /rocker_scripts/install_tidyverse.sh
Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/geospatial_4.4.2.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:noble

ENV R_VERSION="4.4.2"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

COPY scripts/install_tidyverse.sh /rocker_scripts/install_tidyverse.sh
RUN /rocker_scripts/install_tidyverse.sh
Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/geospatial_devel.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM docker.io/library/ubuntu:latest

ENV R_VERSION="devel"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

COPY scripts/install_tidyverse.sh /rocker_scripts/install_tidyverse.sh
RUN /rocker_scripts/install_tidyverse.sh
Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/ml-verse_4.4.1.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="4.4.1"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/ml-verse_4.4.2.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="4.4.2"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/ml-verse_devel.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="devel"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
9 changes: 8 additions & 1 deletion dockerfiles/ml_4.4.1.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1

FROM nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

ENV R_VERSION="4.4.1"
Expand All @@ -12,7 +14,12 @@ ENV LANG=en_US.UTF-8

COPY scripts/bin/ /rocker_scripts/bin/
COPY scripts/setup_R.sh /rocker_scripts/setup_R.sh
RUN /rocker_scripts/setup_R.sh
RUN <<EOF
if grep -q "1000" /etc/passwd; then
userdel --remove $(id -un "1000");
fi
/rocker_scripts/setup_R.sh
EOF

CMD ["R"]

Expand Down
Loading

0 comments on commit e3a6b1d

Please sign in to comment.