-
-
Notifications
You must be signed in to change notification settings - Fork 2.5k
/
Dockerfile
81 lines (70 loc) · 2.93 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
FROM ubuntu:bionic-20191029
LABEL authors="Selenium <[email protected]>"
#================================================
# Customize sources for apt-get
#================================================
RUN echo "deb http://archive.ubuntu.com/ubuntu bionic main universe\n" > /etc/apt/sources.list \
&& echo "deb http://archive.ubuntu.com/ubuntu bionic-updates main universe\n" >> /etc/apt/sources.list \
&& echo "deb http://security.ubuntu.com/ubuntu bionic-security main universe\n" >> /etc/apt/sources.list
# No interactive frontend during docker build
ENV DEBIAN_FRONTEND=noninteractive \
DEBCONF_NONINTERACTIVE_SEEN=true
#========================
# Miscellaneous packages
# Includes minimal runtime used for executing non GUI Java programs
#========================
RUN apt-get -qqy update \
&& apt-get -qqy --no-install-recommends install \
bzip2 \
ca-certificates \
openjdk-8-jre-headless \
tzdata \
sudo \
unzip \
wget \
jq \
curl \
supervisor \
gnupg2 \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/* \
&& sed -i 's/securerandom\.source=file:\/dev\/random/securerandom\.source=file:\/dev\/urandom/' ./usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/java.security
#===================
# Timezone settings
# Possible alternative: https://github.com/docker/docker/issues/3359#issuecomment-32150214
#===================
ENV TZ "UTC"
RUN echo "${TZ}" > /etc/timezone \
&& dpkg-reconfigure --frontend noninteractive tzdata
#========================================
# Add normal user with passwordless sudo
#========================================
RUN useradd seluser \
--shell /bin/bash \
--create-home \
&& usermod -a -G sudo seluser \
&& echo 'ALL ALL = (ALL) NOPASSWD: ALL' >> /etc/sudoers \
&& echo 'seluser:secret' | chpasswd
ENV HOME=/home/seluser
#======================================
# Add Grid check script
#======================================
COPY check-grid.sh entry_point.sh /opt/bin/
#======================================
# Add Supervisor configuration file
#======================================
COPY supervisord.conf /etc
#==========
# Selenium & relaxing permissions for OpenShift and other non-sudo environments
#==========
RUN mkdir -p /opt/selenium /var/run/supervisor /var/log/supervisor \
&& touch /opt/selenium/config.json \
&& chmod -R 777 /opt/selenium /var/run/supervisor /var/log/supervisor /etc/passwd \
&& wget --no-verbose https://selenium-release.storage.googleapis.com/3.141/selenium-server-standalone-3.141.59.jar \
-O /opt/selenium/selenium-server-standalone.jar \
&& chgrp -R 0 /opt/selenium ${HOME} /var/run/supervisor /var/log/supervisor \
&& chmod -R g=u /opt/selenium ${HOME} /var/run/supervisor /var/log/supervisor
#===================================================
# Run the following commands as non-privileged user
#===================================================
USER seluser
CMD ["/opt/bin/entry_point.sh"]