-
Notifications
You must be signed in to change notification settings - Fork 61
/
Dockerfile
105 lines (88 loc) · 4.9 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# Default arguments
ARG dotnetWindowsComponent='https://builds.dotnet.microsoft.com/dotnet/Sdk/6.0.413/dotnet-sdk-6.0.413-win-x64.zip'
ARG dotnetWindowsComponentSHA512='a9e1bbb52484ad0667b258451ebb6b47ce6c7b788c015aee8a86c5e0c4dcf4ee8c82d796921869d64c92bb2afef2c7ceea09cfe255d8519d48f2471a098c361e'
ARG gitWindowsComponent='https://github.com/git-for-windows/git/releases/download/v2.47.1.windows.1/MinGit-2.47.1-64-bit.zip'
ARG gitWindowsComponentSHA256='50b04b55425b5c465d076cdb184f63a0cd0f86f6ec8bb4d5860114a713d2c29a'
ARG jdkWindowsComponent='https://corretto.aws/downloads/resources/17.0.7.7.1/amazon-corretto-17.0.7.7.1-windows-x64-jdk.zip'
ARG jdkWindowsComponentMD5SUM='feb7eab99c647a0b4347be9f0a3276de'
ARG mercurialWindowsComponent='https://www.mercurial-scm.org/release/windows/mercurial-5.9.1-x64.msi'
ARG teamcityMinimalAgentImage='teamcity-minimal-agent:EAP-nanoserver-1803'
ARG windowsservercoreImage='mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-1803'
# The list of required arguments
# ARG windowsservercoreImage
# ARG dotnetWindowsComponent
# ARG dotnetWindowsComponentSHA512
# ARG jdkWindowsComponent
# ARG jdkWindowsComponentMD5SUM
# ARG gitWindowsComponent
# ARG gitWindowsComponentSHA256
# ARG mercurialWindowsComponentName
# ARG teamcityMinimalAgentImage
FROM ${teamcityMinimalAgentImage} AS buildagent
ARG windowsservercoreImage
FROM ${windowsservercoreImage}
COPY scripts/*.cs /scripts/
# PowerShell
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
ARG dotnetWindowsComponent
ARG dotnetWindowsComponentSHA512
ARG jdkWindowsComponent
ARG jdkWindowsComponentMD5SUM
ARG gitWindowsComponent
ARG gitWindowsComponentSHA256
ARG mercurialWindowsComponent
RUN [Net.ServicePointManager]::SecurityProtocol = 'tls12, tls11, tls' ; \
$code = Get-Content -Path "scripts/Web.cs" -Raw ; \
Add-Type -IgnoreWarnings -TypeDefinition "$code" -Language CSharp ; \
$downloadScript = [Scripts.Web]::DownloadFiles($Env:jdkWindowsComponent + '#MD5#' + $Env:jdkWindowsComponentMD5SUM, 'jdk.zip', $Env:gitWindowsComponent + '#SHA256#' + $Env:gitWindowsComponentSHA256, 'git.zip', $Env:mercurialWindowsComponent, 'hg.msi', $Env:dotnetWindowsComponent + '#SHA512#' + $Env:dotnetWindowsComponentSHA512, 'dotnet.zip') ; \
Remove-Item -Force -Recurse $Env:ProgramFiles\dotnet; \
# .NET 6.0, .NET Framework 4 is inherited from base image
Expand-Archive dotnet.zip -Force -DestinationPath $Env:ProgramFiles\dotnet; \
Remove-Item -Force dotnet.zip; \
Get-ChildItem -Path $Env:ProgramFiles\dotnet -Include *.lzma -File -Recurse | foreach { $_.Delete()}; \
# JDK
Expand-Archive jdk.zip -DestinationPath $Env:ProgramFiles\Java ; \
Get-ChildItem $Env:ProgramFiles\Java | Rename-Item -NewName "OpenJDK" ; \
Remove-Item $Env:ProgramFiles\Java\OpenJDK\lib\src.zip -Force ; \
Remove-Item -Force jdk.zip ; \
# Git
$gitPath = $Env:ProgramFiles + '\Git'; \
Expand-Archive git.zip -DestinationPath $gitPath ; \
Remove-Item -Force git.zip ; \
# avoid circular dependencies in gitconfig
$gitConfigFile = $gitPath + '\etc\gitconfig'; \
$configContent = Get-Content $gitConfigFile; \
$configContent = $configContent.Replace('path = C:/Program Files/Git/etc/gitconfig', ''); \
Set-Content $gitConfigFile $configContent; \
# Mercirual
Start-Process msiexec -Wait -ArgumentList /q, /i, hg.msi ; \
Remove-Item -Force hg.msi
COPY --from=buildagent /BuildAgent /BuildAgent
EXPOSE 9090
VOLUME C:/BuildAgent/conf
CMD ["powershell", "./BuildAgent/run-agent.ps1"]
# Configuration file for TeamCity agent
ENV CONFIG_FILE="C:\BuildAgent\conf\buildAgent.properties" \
# Java home directory
JAVA_HOME="C:\Program Files\Java\OpenJDK" \
# Opt out of the telemetry feature
DOTNET_CLI_TELEMETRY_OPTOUT=true \
# Disable first time experience
DOTNET_SKIP_FIRST_TIME_EXPERIENCE=true \
# Configure Kestrel web server to bind to port 80 when present
ASPNETCORE_URLS=http://+:80 \
# Enable detection of running in a container
DOTNET_RUNNING_IN_CONTAINER=true \
# Enable correct mode for dotnet watch (only mode supported in a container)
DOTNET_USE_POLLING_FILE_WATCHER=true \
# Skip extraction of XML docs - generally not useful within an image/container - helps perfomance
NUGET_XMLDOC_MODE=skip
USER ContainerAdministrator
RUN setx /M PATH ('{0};{1}\bin;C:\Program Files\Git\cmd;C:\Program Files\Mercurial' -f $env:PATH, $env:JAVA_HOME)
# Grant Permissions for ContainerUser (Default Account), OI - Object Inherit, CI - Container Inherit, ...
# ... F - full control, D - delete, /T - apply to subfolders & files
RUN cmd /c icacls.exe "C:\\BuildAgent" /grant:r 'DefaultAccount:(OI)(CI)F' /grant:r 'DefaultAccount:(OI)(CI)D' /T
RUN cmd /c icacls.exe "C:\\BuildAgent" /grant:r 'Users:(OI)(CI)F' /grant:r 'Users:(OI)(CI)D' /T
# Applied permission check for logging purposes
RUN cmd /c icacls.exe C:\\BuildAgent\\*
USER ContainerUser