runner/Containerfile at main · waldiez/runner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
#####################################################################################
FROM python:3.12-slim

LABEL maintainer="waldiez <[email protected]>"
LABEL org.opencontainers.image.source="quay.io/waldiez/runner"
LABEL org.opencontainers.image.title="waldiez/runner"
LABEL org.opencontainers.image.description="Waldiez runner allows you to run Waldiez flows in isolated environments"

# set environment variables
ENV PYTHONUNBUFFERED=1
ENV DEBIAN_FRONTEND="noninteractive"
ENV DEBCONF_NONINTERACTIVE_SEEN=true

# install system dependencies
# that might be later needed when running the
# flows (e.g. additional dependencies based on the tools and agents used)
RUN apt update && \
    apt upgrade -y && \
    apt install -y --no-install-recommends \
    build-essential \
    bzip2 \
    curl \
    ca-certificates \
    zip \
    unzip \
    git \
    jq \
    ffmpeg \
    graphviz \
    libpq-dev\
    wget \
    fonts-liberation \
    openssl \
    libcairo2-dev \
    libpango1.0-dev \
    libjpeg-dev \
    libgif-dev \
    librsvg2-dev \
    libpq-dev\
    libgdk-pixbuf-xlib-2.0-0 \
    libnspr4 \
    libnss3 \
    libx11-xcb1 \
    libxcomposite1 \
    libxdamage1 \
    libxrandr2 \
    rsync \
    tini \
    tzdata \
    locales \
    pandoc \
    xdg-utils \
    xvfb && \
    sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
    locale-gen en_US.UTF-8 && \
    curl -fsSL https://deb.nodesource.com/setup_22.x -o nodesource_setup.sh && \
    bash nodesource_setup.sh && \
    rm nodesource_setup.sh && \
    apt install -y nodejs && \
    npm install -g corepack && \
    corepack enable && \
    yarn set version stable && \
    apt clean && \
    rm -rf /var/lib/apt/lists/* && \
    rm -rf /var/cache/apt/archives/*

# Add ChromeDriver and Chrome
RUN ARCH=$(uname -m) && \
    if [ "$ARCH" = "x86_64" ]; then \
    CHROME_ARCH="linux64"; \
    elif [ "$ARCH" = "aarch64" ]; then \
    CHROME_ARCH="linux64"; \
    else \
    echo "Unsupported architecture: $ARCH" && exit 1; \
    fi && \
    LATEST_VERSION=$(curl -s "https://googlechromelabs.github.io/chrome-for-testing/last-known-good-versions-with-downloads.json" | \
    jq -r '.channels.Stable.version') && \
    echo "Installing Chrome and ChromeDriver version: $LATEST_VERSION for $CHROME_ARCH" && \
    curl -Lo /tmp/chrome.zip "https://edgedl.me.gvt1.com/edgedl/chrome/chrome-for-testing/${LATEST_VERSION}/${CHROME_ARCH}/chrome-linux64.zip" && \
    unzip /tmp/chrome.zip -d /opt && \
    ln -sf /opt/chrome-linux64/chrome /usr/bin/google-chrome && \
    curl -Lo /tmp/chromedriver.zip "https://edgedl.me.gvt1.com/edgedl/chrome/chrome-for-testing/${LATEST_VERSION}/${CHROME_ARCH}/chromedriver-linux64.zip" && \
    unzip /tmp/chromedriver.zip -d /usr/local/bin && \
    mv /usr/local/bin/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver && \
    chmod +x /usr/local/bin/chromedriver && \
    rm -rf /tmp/chrome.zip /tmp/chromedriver.zip /usr/local/bin/chromedriver-linux64

# Add GeckoDriver (for Firefox)
RUN ARCH=$(uname -m) && \
    if [ "$ARCH" = "x86_64" ]; then \
    GECKO_ARCH="linux64"; \
    elif [ "$ARCH" = "aarch64" ]; then \
    GECKO_ARCH="linux-aarch64"; \
    else \
    echo "Unsupported architecture: $ARCH" && exit 1; \
    fi && \
    curl -fsSL https://packages.mozilla.org/apt/repo-signing-key.gpg | \
    gpg --dearmor -o /etc/apt/trusted.gpg.d/mozilla.gpg && \
    echo "deb https://packages.mozilla.org/apt mozilla main" > /etc/apt/sources.list.d/mozilla.list && \
    apt-get update && \
    apt-get install -y firefox && \
    FIREFOX_VERSION=$(firefox --version | grep -oP '\d+\.\d+') && \
    echo "Firefox version: $FIREFOX_VERSION" && \
    GECKO_VERSION=""; \
    for i in 1 2 3; do \
    GECKO_VERSION=$(curl -sL -o /dev/null -w '%{url_effective}' https://github.com/mozilla/geckodriver/releases/latest | awk -F/ '{print $NF}'); \
    if [ "$GECKO_VERSION" != "null" ] && [ -n "$GECKO_VERSION" ]; then break; fi; \
    echo "Retrying fetch of GeckoDriver version... ($i)"; \
    sleep 2; \
    done && \
    if [ -z "$GECKO_VERSION" ] || [ "$GECKO_VERSION" = "null" ]; then \
    echo "Failed to fetch GeckoDriver version" >&2; exit 1; \
    fi && \
    echo "GeckoDriver version: $GECKO_VERSION for $GECKO_ARCH" && \
    curl -Lo /tmp/geckodriver.tar.gz "https://github.com/mozilla/geckodriver/releases/download/${GECKO_VERSION}/geckodriver-${GECKO_VERSION}-${GECKO_ARCH}.tar.gz" && \
    tar -xzf /tmp/geckodriver.tar.gz -C /usr/local/bin && \
    chmod +x /usr/local/bin/geckodriver && \
    rm /tmp/geckodriver.tar.gz && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

# Ensure /usr/local/bin is in the PATH
ENV PATH="/usr/local/bin:${PATH}"

# Set locale and timezone
ENV LANG=en_US.UTF-8 \
    LANGUAGE=en_US.UTF-8 \
    LC_ALL=en_US.UTF-8 \
    LC_CTYPE=en_US.UTF-8 \
    TZ=Etc/UTC

RUN pip install --upgrade pip

COPY requirements/main.txt /tmp/requirements.txt
RUN pip install --root-user-action ignore -r /tmp/requirements.txt \
    && rm /tmp/requirements.txt \
    && pip freeze > /opt/base-locked.txt

RUN python3.12 /usr/local/lib/python3.12/site-packages/waldiez/utils/ag2_patch.py autogen /usr/local/lib/python3.12/site-packages/waldiez/utils/ag2.diff

# let's hope this will not be needed (e.g. no need to open a shell)
# if it does, I like colors
RUN sed -i 's/^#force_color_prompt=yes/force_color_prompt=yes/' /etc/skel/.bashrc

# add a non-root user and group
ARG GROUP_ID=1000
ENV GROUP_ID=${GROUP_ID}
RUN addgroup --system --gid ${GROUP_ID} waldiez
ARG USER_ID=1000
ENV USER_ID=${USER_ID}
RUN adduser --disabled-password --gecos '' --shell /bin/bash --uid ${USER_ID} --gid ${GROUP_ID} waldiez
RUN mkdir -p /home/waldiez/.local/bin /home/waldiez/app /home/waldiez/app/waldiez_runner/storage && \
    chown -R waldiez:waldiez /home/waldiez
ENV PATH=/home/waldiez/.local/bin:${PATH}

USER waldiez

COPY --chown=waldiez:waldiez . /home/waldiez/app
RUN chmod +x /home/waldiez/app/scripts/start.sh

EXPOSE 8888
VOLUME /home/waldiez/app/waldiez_runner/storage

WORKDIR /home/waldiez/app


ENV TINI_SUBREAPER=true
ENTRYPOINT ["/usr/bin/tini", "--"]

CMD ["/home/waldiez/app/scripts/start.sh"]