From b8a05311331fc94c5a12fbacba811c631f3acbf9 Mon Sep 17 00:00:00 2001
From: Aliaksandr Yakutovich <yakutovicha@gmail.com>
Date: Tue, 5 Oct 2021 12:49:04 +0200
Subject: [PATCH 1/2] Remove user's home folder from PYTHONPATH (#37)

---
 Dockerfile | 1 -
 README.md  | 1 -
 2 files changed, 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index cdc00da..44bab64 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,7 +14,6 @@ ARG NB_GID="1000"
 ENV SYSTEM_USER ${NB_USER}
 ENV SYSTEM_USER_UID ${NB_UID}
 ENV SYSTEM_USER_GID ${NB_GID}
-ENV PYTHONPATH /home/$SYSTEM_USER
 ENV CONDA_DIR /opt/conda
 ENV PATH $CONDA_DIR/bin:$PATH
 
diff --git a/README.md b/README.md
index c14c328..ee8de3c 100644
--- a/README.md
+++ b/README.md
@@ -41,7 +41,6 @@ The following environment variables can be set during container *startup*:
 ENV SYSTEM_USER ${NB_USER}
 ENV SYSTEM_USER_UID ${NB_UID}
 ENV SYSTEM_USER_GID ${NB_GID}
-ENV PYTHONPATH /home/$SYSTEM_USER
 ```
 
 To modify their value do the following:

From b608ac8f96ad8bc20df8bbb2b7baf1a10c52a7e9 Mon Sep 17 00:00:00 2001
From: Jusong Yu <jusong.yeu@gmail.com>
Date: Tue, 14 Jun 2022 13:50:21 +0200
Subject: [PATCH 2/2] Add build for arm64 architecture (#38)

There are rising requirements for running the AiiDA docker container on
MacBook m1 chip which is ARM64 supported architecture. Based on the Phusion
base image, we build it for the arch.
In this PR we also update the miniconda version.
---
 .github/workflows/build_and_test_on_pr.yml |  2 +-
 .github/workflows/push_to_dockerhub.yml    |  1 +
 Dockerfile                                 | 54 +++++++++++-----------
 my_init.d/create-system-user.sh            |  2 +
 opt/start-postgres.sh                      |  2 +-
 5 files changed, 33 insertions(+), 28 deletions(-)

diff --git a/.github/workflows/build_and_test_on_pr.yml b/.github/workflows/build_and_test_on_pr.yml
index e2cfe45..5726a62 100644
--- a/.github/workflows/build_and_test_on_pr.yml
+++ b/.github/workflows/build_and_test_on_pr.yml
@@ -52,7 +52,7 @@ jobs:
           export DOCKERID=`docker run -v $PWD/tmp:/home/aiida -d aiida-prerequisites:latest`
           docker exec --tty --user root $DOCKERID wait-for-services
           docker exec --tty --user aiida $DOCKERID wait-for-services
-          docker exec --tty --user aiida $DOCKERID /bin/bash -l -c '/usr/lib/postgresql/12/bin/pg_ctl -D /home/$SYSTEM_USER/.postgresql status' # Check that postgres is up.
+          docker exec --tty --user aiida $DOCKERID /bin/bash -l -c '/usr/lib/postgresql/14/bin/pg_ctl -D /home/$SYSTEM_USER/.postgresql status' # Check that postgres is up.
           docker exec --tty --user root $DOCKERID /bin/bash -l -c 'service rabbitmq-server status' # Check that rabbitmq is up.
           docker exec --tty --user aiida $DOCKERID /bin/bash -l -c 'conda create -y -n test_env python=3.8' # Check that one can create a new conda environment.
           docker exec --tty --user aiida $DOCKERID /bin/bash -l -c 'conda activate test_env' # Check that new environment works.
diff --git a/.github/workflows/push_to_dockerhub.yml b/.github/workflows/push_to_dockerhub.yml
index 0fd0fd5..763f528 100644
--- a/.github/workflows/push_to_dockerhub.yml
+++ b/.github/workflows/push_to_dockerhub.yml
@@ -48,4 +48,5 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           push: true
+          platforms: linux/amd64,linux/arm64
           tags: ${{ steps.meta.outputs.tags }}
diff --git a/Dockerfile b/Dockerfile
index 44bab64..a9e46cd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
 # See https://github.com/phusion/baseimage-docker/blob/master/Changelog.md
 # Based on Ubuntu 20.04
-FROM phusion/baseimage:focal-1.1.0
-MAINTAINER AiiDA Team
+FROM phusion/baseimage:jammy-1.0.0
+LABEL maintainer="AiiDA Team"
 
 # Use the following arguments during *build* time:
 # $ docker build  --build-arg NB_UID=200
@@ -23,7 +23,6 @@ ENV PATH $CONDA_DIR/bin:$PATH
 ENV PYTHON_VERSION py38
 ENV CONDA_VERSION 4.10.3
 ENV MINICONDA_VERSION ${PYTHON_VERSION}_${CONDA_VERSION}
-ENV MINICONDA_SHA256 935d72deb16e42739d69644977290395561b7a6db059b316958d97939e9bdf3d
 
 # Always activate /etc/profile, otherwise conda won't work.
 ENV BASH_ENV /etc/profile
@@ -36,10 +35,6 @@ ENV LC_ALL en_US.UTF-8
 ENV LANG en_US.UTF-8
 ENV LANGUAGE en_US.UTF-8
 
-# Add switch mirror to fix the issue.
-# https://github.com/aiidalab/aiidalab-docker-stack/issues/9
-RUN echo "deb http://mirror.switch.ch/ftp/mirror/ubuntu/ bionic main \ndeb-src http://mirror.switch.ch/ftp/mirror/ubuntu/ bionic main \n" >> /etc/apt/sources.list
-
 # Install debian packages.
 # Note: prefix all 'apt-get install' lines with 'apt-get update' to prevent failures in partial rebuilds
 RUN apt-get clean && rm -rf /var/lib/apt/lists/*
@@ -47,6 +42,7 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     tzdata
 
 # Install required ubuntu packages.
+# The libpq-dev is needed for arm64 to pypi build psycopg2-binary in aiida-core
 RUN apt-get update && apt-get install -y --no-install-recommends  \
     build-essential       \
     bzip2                 \
@@ -65,32 +61,38 @@ RUN apt-get update && apt-get install -y --no-install-recommends  \
     vim                   \
     wget                  \
     zip                   \
+    libpq-dev             \
   && rm -rf /var/lib/apt/lists/* \
   && apt-get clean all
 
 # Install conda.
 RUN cd /tmp && \
-    wget --quiet https://repo.continuum.io/miniconda/Miniconda3-${MINICONDA_VERSION}-Linux-x86_64.sh && \
-    echo "${MINICONDA_SHA256} *Miniconda3-${MINICONDA_VERSION}-Linux-x86_64.sh" | sha256sum -c - && \
-    /bin/bash Miniconda3-${MINICONDA_VERSION}-Linux-x86_64.sh -f -b -p $CONDA_DIR && \
-    rm Miniconda3-${MINICONDA_VERSION}-Linux-x86_64.sh && \
-    echo "conda ${CONDA_VERSION}" >> $CONDA_DIR/conda-meta/pinned && \
-    conda config --system --prepend channels conda-forge && \
-    conda config --system --set auto_update_conda false && \
-    conda config --system --set show_channel_urls true && \
-    conda list python | grep '^python ' | tr -s ' ' | cut -d '.' -f 1,2 | sed 's/$/.*/' >> $CONDA_DIR/conda-meta/pinned && \
-    conda install --quiet --yes conda && \
-    conda install --quiet --yes pip && \
-    conda update --all --quiet --yes && \
+    export ARCH=`uname -m` && \
+    if [ "$ARCH" = "x86_64" ]; then \
+       echo "x86_64" && \
+       export MINICONDA_ARCH=x86_64 && \
+       export MINICONDA_SHA256=935d72deb16e42739d69644977290395561b7a6db059b316958d97939e9bdf3d; \
+    elif [ "$ARCH" = "aarch64" ]; then \
+       echo "aarch64" && \
+       export MINICONDA_ARCH=aarch64 && \
+       export MINICONDA_SHA256=19584b4fb5c0656e0cf9de72aaa0b0a7991fbd6f1254d12e2119048c9a47e5cc; \
+    else \
+       echo "unknown arch"; \
+    fi && \
+    wget --quiet https://repo.continuum.io/miniconda/Miniconda3-${MINICONDA_VERSION}-Linux-${MINICONDA_ARCH}.sh && \
+    echo "${MINICONDA_SHA256} *Miniconda3-${MINICONDA_VERSION}-Linux-${MINICONDA_ARCH}.sh" | sha256sum -c - && \
+    /bin/bash Miniconda3-${MINICONDA_VERSION}-Linux-${MINICONDA_ARCH}.sh -f -b -p $CONDA_DIR && \
+    rm Miniconda3-${MINICONDA_VERSION}-Linux-${MINICONDA_ARCH}.sh && \
+    echo "conda ${CONDA_VERSION}" >> $CONDA_DIR/conda-meta/pinned  && \
+    conda config --system --prepend channels conda-forge  && \
+    conda config --system --set auto_update_conda false  && \
+    conda config --system --set show_channel_urls true  && \
+    conda list python | grep '^python ' | tr -s ' ' | cut -d '.' -f 1,2 | sed 's/$/.*/' >> $CONDA_DIR/conda-meta/pinned  && \
+    conda install --quiet --yes conda  && \
+    conda install --quiet --yes pip  && \
+    conda update --all --quiet --yes  && \
     conda clean --all -f -y
 
-# Upgrade ruamel.py version. Fixes https://github.com/aiidateam/aiida-core/issues/4339.
-# Note: miniconda 4.10.3 installs 0.15.80 by default
-RUN conda install ruamel.yaml==0.16.10
-
-# This is needed to let non-root users create conda environments.
-RUN touch /opt/conda/pkgs/urls.txt
-
 # Copy the script load-singlesshagent.sh to /usr/local/bin.
 COPY bin/load-singlesshagent.sh /usr/local/bin/load-singlesshagent.sh
 
diff --git a/my_init.d/create-system-user.sh b/my_init.d/create-system-user.sh
index 1f46768..1a66e23 100755
--- a/my_init.d/create-system-user.sh
+++ b/my_init.d/create-system-user.sh
@@ -14,6 +14,8 @@ fi
 # Always make sure that /home/${SYSTEM_USER} folder is owned by ${SYSTEM_USER}.
 chown ${SYSTEM_USER}:${SYSTEM_USER} /home/${SYSTEM_USER}
 
+# make sure current user does have write permissions to conda path
+chown ${SYSTEM_USER}:${SYSTEM_USER} ${CONDA_DIR}
 
 # Add .bashrc file to the $SYSTEM_USER's home folder.
 if [[ ! -f /home/${SYSTEM_USER}/.bashrc ]]; then
diff --git a/opt/start-postgres.sh b/opt/start-postgres.sh
index 09fae6b..c1d9403 100755
--- a/opt/start-postgres.sh
+++ b/opt/start-postgres.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-PGSQL_VERSION=12
+PGSQL_VERSION=14
 PGBIN=/usr/lib/postgresql/${PGSQL_VERSION}/bin
 
 # -w waits until server is up