From 976d1e9a36804b62da565e48a4f2251f8f643cb7 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sun, 10 Sep 2023 19:56:15 +0300
Subject: [PATCH] Workbench: Split the main layer.

Should help with downloads (parallel downloads) and with builds (better
caching).
---
 workbench/Dockerfile | 37 +++++++++++++++++++++++--------------
 1 file changed, 23 insertions(+), 14 deletions(-)

diff --git a/workbench/Dockerfile b/workbench/Dockerfile
index 87c00e7..09629df 100644
--- a/workbench/Dockerfile
+++ b/workbench/Dockerfile
@@ -1,10 +1,9 @@
+# hadolint global ignore=DL4001
 # hadolint ignore=DL3007
 FROM registry.shore.co.il/toolbx:latest
 SHELL ["/bin/bash", "-o", "pipefail", "-xc"]
-ENV PIPX_HOME /opt/pipx
-ENV PIPX_BIN_DIR /opt/pipx/bin
 ENV PATH /opt/pipx/bin:/usr/local/lib/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
-# hadolint ignore=DL3008,DL3013,DL3016,DL3027,DL4001
+# hadolint ignore=DL3008
 RUN apt-get update && \
     curl --location --silent --fail --show-error https://github.com/kubernetes/kompose/releases/download/v1.26.1/kompose_1.26.1_amd64.deb --output /tmp/kompose.deb && \
     curl --location --silent --fail --show-error https://s3.amazonaws.com/session-manager-downloads/plugin/latest/ubuntu_64bit/session-manager-plugin.deb --output /tmp/session-manager-plugin.deb && \
@@ -157,7 +156,12 @@ RUN apt-get update && \
         xdg-user-dirs \
         zip \
     && \
-    export PIP_CONSTRAINT=/tmp/constraint.txt && \
+    rm /etc/ssh/ssh_host_* && \
+    rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
+ENV PIPX_HOME /opt/pipx
+ENV PIPX_BIN_DIR /opt/pipx/bin
+# hadolint ignore=DL3013
+RUN export PIP_CONSTRAINT=/tmp/constraint.txt && \
     echo 'resolvelib==0.5.4' > "$PIP_CONSTRAINT" && \
     echo 'Cython < 3.0' >> "$PIP_CONSTRAINT" && \
     python3 -m pip install --no-cache-dir --break-system-packages \
@@ -231,11 +235,14 @@ RUN apt-get update && \
     && \
     pipx install chalice && \
     pipx install curator-opensearch && \
-    npm install --global \
+    rm -rf /tmp/* /var/tmp/* ~/.cache/*
+# hadolint ignore=DL3016
+RUN npm install --global \
         corepack \
         @playwright/test \
     && \
-    export GOPATH=/usr/local/lib/go && \
+    rm -rf /tmp/* /var/tmp/* ~/.cache/*
+RUN export GOPATH=/usr/local/lib/go && \
     mkdir "$GOPATH" && \
     export GO111MODULE=on && \
     go install github.com/giantswarm/semver-bump@latest && \
@@ -247,7 +254,8 @@ RUN apt-get update && \
     go install github.com/hashicorp/envconsul@latest && \
     go install sigs.k8s.io/kustomize/kustomize/v4@latest && \
     go install github.com/1player/host-spawn@latest && \
-    wget https://raw.githubusercontent.com/rabbitmq/rabbitmq-server/v3.8.16/deps/rabbitmq_management/bin/rabbitmqadmin -qO /usr/local/bin/rabbitmqadmin && \
+    rm -rf /tmp/* /var/tmp/* ~/.cache/*
+RUN wget https://raw.githubusercontent.com/rabbitmq/rabbitmq-server/v3.8.16/deps/rabbitmq_management/bin/rabbitmqadmin -qO /usr/local/bin/rabbitmqadmin && \
     chmod +x /usr/local/bin/rabbitmqadmin && \
     wget https://github.com/docker/compose/releases/download/v2.14.0/docker-compose-linux-x86_64 -qO /usr/local/bin/docker-compose && \
     chmod +x /usr/local/bin/docker-compose && \
@@ -259,7 +267,11 @@ RUN apt-get update && \
     install -o root -g root -m 0755 /tmp/rke /usr/local/bin/rke && \
     curl --silent --location --fail --show-error https://github.com/SelfAdjointOperator/better-adb-sync/archive/refs/heads/master.tar.gz | tar -zxC /opt/ && \
     ln --symbolic /opt/better-adb-sync-master/src/adbsync.py /usr/local/bin/adbsync && \
-    _PIPENV_COMPLETE=bash_source pipenv > /etc/bash_completion.d/pipenv && \
+    git clone https://github.com/asdf-vm/asdf.git /opt/asdf && \
+    ln --symbolic --target /etc/profile.d/ /opt/asdf/asdf.sh && \
+    echo "export PATH=$PIPX_BIN_DIR:$GOPATH/bin:\$PATH" > /etc/profile.d/workbench.sh && \
+    rm -rf /tmp/* /var/tmp/* ~/.cache/*
+RUN _PIPENV_COMPLETE=bash_source pipenv > /etc/bash_completion.d/pipenv && \
     rabbitmqadmin --bash-completion  > /etc/bash_completion.d/rabbitmqadmin && \
     #poetry completions bash > /etc/bash_completion.d/poetry && \
     register-python-argcomplete gitlab > /etc/bash_completion.d/gitlab && \
@@ -276,17 +288,14 @@ RUN apt-get update && \
     wget https://github.com/mrolli/packer-bash-completion/raw/master/packer -qO /etc/bash_completion.d/packer && \
     wget https://raw.githubusercontent.com/dsifford/yarn-completion/v0.17.0/yarn-completion.bash -qO /etc/bash_completion.d/yarn && \
     #wget https://raw.githubusercontent.com/ziglang/shell-completions/master/_zig -qO /etc/bash_completion.d/zig && \
-    git clone https://github.com/asdf-vm/asdf.git /opt/asdf && \
-    ln --symbolic --target /etc/profile.d/ /opt/asdf/asdf.sh && \
     ln --symbolic /opt/asdf/completions/asdf.bash /etc/bash_completion.d/asdf && \
-    mkdir -p /usr/local/share/ca-certificates && \
+    rm -rf /tmp/* /var/tmp/* ~/.cache/*
+RUN mkdir -p /usr/local/share/ca-certificates && \
     wget https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem  -qO - | \
         awk '/-----BEGIN[A-Z0-9 ]*CERTIFICATE-----/ {n++} n > 0 {print > ("/usr/local/share/ca-certificates/rds-" (1+n) ".crt")}' && \
     update-ca-certificates && \
-    echo "export PATH=$PIPX_BIN_DIR:$GOPATH/bin:\$PATH" > /etc/profile.d/workbench.sh && \
     # pragma: allowlist nextline secret
-    rm /etc/ssh/ssh_host_* && \
-    rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/* ~/.cache/*
+    rm -rf /tmp/* /var/tmp/* ~/.cache/*
 COPY --chown=root:root bash_completion.d/* /etc/bash_completion.d/
 COPY --chown=root:root bin/* /usr/local/bin/
 ENV ASDF_DIR /opt/asdf
-- 
GitLab