opencode-docker/Dockerfile at main · pkhamre/opencode-docker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
FROM debian:13-slim@sha256:4e401d95de7083948053197a9c3913343cd06b706bf15eb6a0c3ccd26f436a0e AS builder-tools

ARG USER_UID=1000
ARG USER_GID=1000
ARG NODE_MAJOR=24
ARG OPENCODE_VERSION=1.17.7

ENV DEBIAN_FRONTEND=noninteractive

RUN apt-get update && apt-get install --no-install-recommends -y \
    ca-certificates \
    curl \
    gnupg \
    git \
    python3 \
    python3-venv \
    xvfb \
    xclip \
    wl-clipboard \
    ripgrep \
    jq \
    rustc \
    cargo \
    && rm -rf /var/lib/apt/lists/*

RUN mkdir -p /etc/apt/keyrings && \
    curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
    echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_${NODE_MAJOR}.x nodistro main" > /etc/apt/sources.list.d/nodesource.list && \
    apt-get update && apt-get install --no-install-recommends -y nodejs && \
    rm -rf /var/lib/apt/lists/*

RUN echo "Installing OpenCode version: ${OPENCODE_VERSION}" && \
    curl -fsSL https://opencode.ai/install -o /tmp/install-opencode.sh && \
    echo "fc3c1b2123f49b6df545a7622e5127d21cd794b15134fc3b66e1ca49f7fb297e  /tmp/install-opencode.sh" | sha256sum -c - && \
    bash /tmp/install-opencode.sh --version "${OPENCODE_VERSION}" --no-modify-path && \
    rm -f /tmp/install-opencode.sh && \
    install -m 0755 /root/.opencode/bin/opencode /usr/local/bin/opencode

RUN npm install -g @upstash/context7-mcp@3.2.1

RUN node --version && \
    npm --version && \
    python3 --version && \
    python3 -m venv /tmp/test-venv && \
    rm -rf /tmp/test-venv && \
    opencode --version

COPY scripts/collect-runtime-deps.sh /usr/local/bin/collect-runtime-deps.sh
RUN chmod 0755 /usr/local/bin/collect-runtime-deps.sh

FROM builder-tools AS collector

ARG USER_UID=1000
ARG USER_GID=1000

RUN mkdir -p /opt/runtime-rootfs && \
    /usr/local/bin/collect-runtime-deps.sh /opt/runtime-rootfs \
      opencode node npm python3 Xvfb xclip wl-copy wl-paste git \
      mkdir find grep rg jq cat head tail sed awk \
      ls cp mv rm chmod wc sort cut env date dirname basename \
      rustc cargo

RUN cd /opt/runtime-rootfs && \
    for dir in bin sbin lib lib64; do \
      if [ -d "${dir}" ] && [ ! -L "${dir}" ]; then \
        mkdir -p "usr/${dir}"; \
        if [ -n "$(ls -A "${dir}" 2>/dev/null)" ]; then \
          cp -a "${dir}"/. "usr/${dir}"/; \
        fi; \
        rm -rf "${dir}"; \
        ln -s "usr/${dir}" "${dir}"; \
      fi; \
    done

RUN mkdir -p /opt/runtime-rootfs/app/.local/share /opt/runtime-rootfs/app/.config/opencode /opt/runtime-rootfs/app/.cache && \
    chown -R ${USER_UID}:${USER_GID} /opt/runtime-rootfs/app && \
    printf 'opencode:x:%s:%s:OpenCode User:/app:/usr/bin/python3\n' "${USER_UID}" "${USER_GID}" >> /opt/runtime-rootfs/etc/passwd && \
    printf 'opencode:x:%s:\n' "${USER_GID}" >> /opt/runtime-rootfs/etc/group

# TODO: Pin to SHA256 digest once available: gcr.io/distroless/base-debian13@sha256:<digest>
FROM gcr.io/distroless/base-debian13 AS final

ARG USER_UID=1000
ARG USER_GID=1000

WORKDIR /app

ENV DISPLAY=:99.0
ENV HOME=/app
ENV XDG_CONFIG_HOME=/app/.config
ENV OPENCODE_CONFIG_DIR=/app/.config/opencode
ENV XDG_DATA_HOME=/app/.local/share
ENV PATH=/usr/local/bin:/usr/bin

COPY --from=collector /opt/runtime-rootfs/ /
COPY --chmod=0755 bootstrap.py /usr/local/bin/bootstrap.py

USER ${USER_UID}:${USER_GID}

ENTRYPOINT ["/usr/bin/python3", "/usr/local/bin/bootstrap.py"]