-
Notifications
You must be signed in to change notification settings - Fork 61
/
Copy pathDockerfile
99 lines (78 loc) · 3.78 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# Default arguments
ARG nanoserverImage='mcr.microsoft.com/windows/nanoserver:ltsc2022'
ARG powershellImage='mcr.microsoft.com/powershell:nanoserver-ltsc2022'
ARG teamcityWindowsservercoreImage='teamcity-agent:EAP-windowsservercore-2022'
# The list of required arguments
# ARG nanoserverImage
# ARG powershellImage
# ARG teamcityWindowsservercoreImage
FROM ${powershellImage} AS dotnet
# On some agents, Windows 2022 requires administrator permissions to modify "C:/" folder within ...
# ... PowerShell container.
USER ContainerAdministrator
COPY scripts/*.cs /scripts/
SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
ARG teamcityWindowsservercoreImage
FROM ${teamcityWindowsservercoreImage} AS tools
# Workaround for https://github.com/PowerShell/PowerShell-Docker/issues/164
ARG nanoserverImage
FROM ${nanoserverImage}
ENV ProgramFiles="C:\Program Files" \
# set a fixed location for the Module analysis cache
PSModuleAnalysisCachePath="C:\Users\ContainerUser\AppData\Local\Microsoft\Windows\PowerShell\docker\ModuleAnalysisCache" \
# Persist %PSCORE% ENV variable for user convenience
PSCORE="$ProgramFiles\PowerShell\pwsh.exe"
# PowerShell
COPY --from=dotnet ["C:/Program Files/PowerShell", "C:/Program Files/PowerShell"]
# In order to set system PATH, ContainerAdministrator must be used
USER ContainerAdministrator
RUN setx /M PATH "%PATH%;%ProgramFiles%\PowerShell"
USER ContainerUser
# intialize powershell module cache
RUN pwsh -NoLogo -NoProfile -Command " \
$stopTime = (get-date).AddMinutes(15); \
$ErrorActionPreference = 'Stop' ; \
$ProgressPreference = 'SilentlyContinue' ; \
while(!(Test-Path -Path $env:PSModuleAnalysisCachePath)) { \
Write-Host "'Waiting for $env:PSModuleAnalysisCachePath'" ; \
if((get-date) -gt $stopTime) { throw 'timout expired'} \
Start-Sleep -Seconds 6 ; \
}"
# JDK
COPY --from=tools ["C:/Program Files/Java/OpenJDK", "C:/Program Files/Java/OpenJDK"]
# Git
COPY --from=tools ["C:/Program Files/Git", "C:/Program Files/Git"]
# .NET
COPY --from=tools ["C:/Program Files/dotnet", "C:/Program Files/dotnet"]
COPY --from=tools /BuildAgent /BuildAgent
EXPOSE 9090
VOLUME C:/BuildAgent/conf
# Configuration file for TeamCity agent
ENV CONFIG_FILE="C:\BuildAgent\conf\buildAgent.properties" \
# Java home directory
JAVA_HOME="C:\Program Files\Java\OpenJDK" \
# Opt out of the telemetry feature
DOTNET_CLI_TELEMETRY_OPTOUT=true \
# Disable first time experience
DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true \
# Configure Kestrel web server to bind to port 80 when present
ASPNETCORE_URLS=http://+:80 \
# Enable detection of running in a container
DOTNET_RUNNING_IN_CONTAINER=true \
# Enable correct mode for dotnet watch (only mode supported in a container)
DOTNET_USE_POLLING_FILE_WATCHER=true \
# Skip extraction of XML docs - generally not useful within an image/container - helps perfomance
NUGET_XMLDOC_MODE=skip
# Use ContainerAdministrator to update permissions and PATH
USER ContainerAdministrator
RUN setx /M PATH "%PATH%;%JAVA_HOME%\bin;C:\Program Files\Git\cmd;C:\Program Files\dotnet"
# Grant Permissions for ContainerUser (Default Account), OI - Object Inherit, CI - Container Inherit, ...
# ... F - full control, D - delete (critical for upgrade), /T - apply to subfolders & files
RUN cmd /c icacls.exe C:\\BuildAgent /grant:r DefaultAccount:(OI)(CI)F /grant:r DefaultAccount:(OI)(CI)D /T
RUN cmd /c icacls.exe C:\\BuildAgent /grant:r Users:(OI)(CI)F /grant:r Users:(OI)(CI)D /T
# Applied permission check for logging purposes
RUN cmd /c icacls.exe C:\\BuildAgent\\*
USER ContainerUser
# Trigger first run experience by running arbitrary cmd to populate local package cache
RUN dotnet help
CMD ["pwsh", "./BuildAgent/run-agent.ps1"]