Skip to content

Commit e9bd41d

Browse files
author
Blink
committed
feat: add Red Hat UBI9 development image
1 parent b52b290 commit e9bd41d

File tree

2 files changed

+331
-0
lines changed

2 files changed

+331
-0
lines changed

images/redhat-ubi9/README.md

Lines changed: 153 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,153 @@
1+
# Red Hat UBI9 Development Image
2+
3+
A comprehensive development workspace image based on Red Hat Universal Base Image 9 (UBI9) for use with Coder.
4+
5+
## Features
6+
7+
### Base Operating System
8+
- **Red Hat UBI9**: Enterprise-grade, security-focused base image
9+
- **Enterprise Ready**: Red Hat supported with regular security updates
10+
- **Compliance**: Meets enterprise security and compliance requirements
11+
12+
### Development Tools
13+
14+
#### Languages & Runtimes
15+
- **Go 1.24.2**: Latest Go version with complete toolchain
16+
- **Node.js 20**: Latest LTS with npm and pnpm
17+
- **Python 3**: System Python with pip
18+
- **Rust**: Latest stable with Cargo
19+
20+
#### Go Development Tools
21+
- `gopls` - Go language server
22+
- `goimports` - Import management
23+
- `moq` - Mock generation
24+
- `swag` - Swagger documentation
25+
- `swagger` - API client generation
26+
- `migrate` - Database migrations
27+
- `goreleaser` - Release automation
28+
- `gotestsum` - Enhanced test output
29+
- `kind` - Kubernetes in Docker
30+
- `helm-docs` - Helm documentation
31+
- `sqlc` - SQL code generation
32+
- `ruleguard` - Custom linting rules
33+
- `shfmt` - Shell script formatting
34+
- `nfpm` - Package building
35+
- `yq` - YAML processing
36+
- `mockgen` - Interface mocking
37+
38+
#### Infrastructure & DevOps
39+
- **Docker CE**: Container development and deployment
40+
- **Terraform**: Infrastructure as Code
41+
- **kubectl**: Kubernetes command-line tool
42+
- **Helm**: Kubernetes package manager
43+
44+
#### Development Utilities
45+
- **Git**: Version control
46+
- **jq**: JSON processing
47+
- **htop**: Process monitoring
48+
- **tmux**: Terminal multiplexer
49+
- **vim/nano**: Text editors
50+
- **fish/zsh/bash**: Multiple shell options
51+
- **pre-commit**: Git hooks framework
52+
53+
#### Rust Tools
54+
- `jj-cli` - Jujutsu version control
55+
- `typos-cli` - Spell checker
56+
- `watchexec-cli` - File watcher
57+
58+
#### Protocol Buffers
59+
- `protoc` - Protocol buffer compiler
60+
- Go protobuf plugins
61+
62+
## Usage
63+
64+
### With Coder Templates
65+
66+
Use this image in your Coder workspace templates:
67+
68+
```hcl
69+
resource "docker_image" "main" {
70+
name = "codercom/enterprise-redhat-ubi9"
71+
}
72+
73+
resource "docker_container" "workspace" {
74+
count = data.coder_workspace.me.start_count
75+
image = docker_image.main.name
76+
name = "coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}"
77+
78+
# Add your configuration here
79+
}
80+
```
81+
82+
### Building Locally
83+
84+
```bash
85+
# Build the image
86+
docker build -f ubi9.Dockerfile -t coder-redhat-ubi9 .
87+
88+
# Run interactively
89+
docker run -it --rm coder-redhat-ubi9
90+
```
91+
92+
### Environment Variables
93+
94+
The image sets up the following environment:
95+
96+
- `GOPATH=/home/coder/go`
97+
- `GOROOT=/usr/local/go`
98+
- `PATH` includes Go, Node.js, and all development tools
99+
- `LANG=en_US.UTF-8`
100+
- `LC_ALL=en_US.UTF-8`
101+
102+
### User Configuration
103+
104+
- **User**: `coder` (non-root)
105+
- **Home**: `/home/coder`
106+
- **Shell**: bash (with zsh and fish available)
107+
- **Sudo**: Passwordless sudo access
108+
109+
### Ports
110+
111+
The following ports are exposed for development:
112+
113+
- `3000` - Frontend development servers
114+
- `8080` - Backend services
115+
- `8443` - HTTPS services
116+
117+
## Use Cases
118+
119+
This image is ideal for:
120+
121+
- **Go Development**: Complete Go development environment
122+
- **Full-Stack Development**: Go backend + Node.js frontend
123+
- **Cloud Native Development**: Kubernetes and container development
124+
- **Infrastructure Development**: Terraform and DevOps workflows
125+
- **Enterprise Environments**: Red Hat compliance and support
126+
- **Multi-language Projects**: Go, Node.js, Python, Rust support
127+
128+
## Security & Compliance
129+
130+
- Based on Red Hat UBI9 for enterprise security
131+
- Regular security updates from Red Hat
132+
- Non-root user execution
133+
- Minimal attack surface with curated tool selection
134+
- Compliance with enterprise security policies
135+
136+
## Size Optimization
137+
138+
- Multi-stage build to minimize final image size
139+
- Package cache cleanup
140+
- Optimized layer structure
141+
- Only essential development tools included
142+
143+
## Support
144+
145+
For issues related to:
146+
- **This image**: Open an issue in the [coder/images](https://github.com/coder/images) repository
147+
- **Coder platform**: Visit [coder.com/docs](https://coder.com/docs)
148+
- **Red Hat UBI9**: Check [Red Hat documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9)
149+
150+
## License
151+
152+
This image configuration is provided under the same license as the Coder project.
153+
Red Hat UBI9 is freely redistributable under Red Hat's Universal Base Image End User License Agreement.

images/redhat-ubi9/ubi9.Dockerfile

Lines changed: 178 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,178 @@
1+
# Red Hat UBI9 based development container for Coder workspaces
2+
# This Dockerfile creates a development environment based on Red Hat Universal Base Image 9
3+
4+
# Multi-stage build for Go tools
5+
FROM registry.access.redhat.com/ubi9/go-toolset:1.21 AS go-builder
6+
7+
USER root
8+
9+
# Install Go manually to get the latest version
10+
ARG GO_VERSION=1.24.2
11+
RUN curl -L "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" -o /tmp/go.tar.gz && \
12+
rm -rf /usr/local/go && \
13+
tar -C /usr/local -xzf /tmp/go.tar.gz && \
14+
rm /tmp/go.tar.gz
15+
16+
ENV PATH=/usr/local/go/bin:$PATH
17+
ENV GOPATH=/tmp/go
18+
19+
# Install Go development tools
20+
RUN mkdir -p "$GOPATH" && \
21+
go install github.com/matryer/[email protected] && \
22+
go install github.com/swaggo/swag/cmd/[email protected] && \
23+
go install github.com/go-swagger/go-swagger/cmd/[email protected] && \
24+
go install golang.org/x/tools/cmd/[email protected] && \
25+
go install google.golang.org/protobuf/cmd/[email protected] && \
26+
go install storj.io/drpc/cmd/[email protected] && \
27+
go install github.com/golang-migrate/migrate/v4/cmd/[email protected] && \
28+
go install github.com/goreleaser/[email protected] && \
29+
go install golang.org/x/tools/[email protected] && \
30+
go install gotest.tools/[email protected] && \
31+
go install github.com/mattn/[email protected] && \
32+
go install sigs.k8s.io/[email protected] && \
33+
go install github.com/norwoodj/helm-docs/cmd/[email protected] && \
34+
CGO_ENABLED=1 go install github.com/sqlc-dev/sqlc/cmd/[email protected] && \
35+
go install github.com/sethvargo/gcr-cleaner/cmd/[email protected] && \
36+
go install github.com/quasilyte/go-ruleguard/cmd/[email protected] && \
37+
go install mvdan.cc/sh/v3/cmd/[email protected] && \
38+
go install github.com/goreleaser/nfpm/v2/cmd/[email protected] && \
39+
go install github.com/mikefarah/yq/[email protected] && \
40+
mv /tmp/go/bin/yq /tmp/go/bin/yq4 && \
41+
go install go.uber.org/mock/[email protected]
42+
43+
# Rust tools stage
44+
FROM registry.access.redhat.com/ubi9/ubi:latest AS rust-builder
45+
46+
RUN dnf install -y gcc openssl-devel pkg-config && \
47+
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
48+
49+
ENV PATH="/root/.cargo/bin:${PATH}"
50+
ENV CARGO_INSTALL_ROOT=/tmp/cargo
51+
52+
RUN cargo install jj-cli typos-cli watchexec-cli
53+
54+
# Protocol Buffers stage
55+
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest AS proto-builder
56+
57+
RUN microdnf install -y curl unzip && \
58+
curl -L -o /tmp/protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v23.4/protoc-23.4-linux-x86_64.zip && \
59+
cd /tmp && unzip protoc.zip && rm protoc.zip
60+
61+
# Main development image
62+
FROM registry.access.redhat.com/ubi9/ubi:latest
63+
64+
LABEL name="coder-redhat-ubi9" \
65+
vendor="Red Hat" \
66+
version="1.0" \
67+
release="1" \
68+
summary="Coder workspace image based on Red Hat UBI9" \
69+
description="A Red Hat UBI9 based workspace image for Coder with Go, Node.js, and development tools"
70+
71+
# Create coder user
72+
RUN useradd -m -s /bin/bash coder && \
73+
echo 'coder ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/coder && \
74+
chmod 640 /etc/sudoers.d/coder
75+
76+
# Install EPEL and enable additional repositories
77+
RUN dnf install -y epel-release && \
78+
dnf config-manager --set-enabled crb
79+
80+
# Install development packages
81+
RUN dnf update -y && \
82+
dnf groupinstall -y "Development Tools" && \
83+
dnf install -y \
84+
bash-completion \
85+
bind-utils \
86+
cmake \
87+
curl \
88+
file \
89+
fish \
90+
git \
91+
htop \
92+
jq \
93+
less \
94+
make \
95+
nano \
96+
openssh-clients \
97+
procps-ng \
98+
python3 \
99+
python3-pip \
100+
rsync \
101+
sudo \
102+
tar \
103+
tmux \
104+
tree \
105+
unzip \
106+
vim \
107+
wget \
108+
which \
109+
zip \
110+
zsh && \
111+
dnf clean all
112+
113+
# Install Node.js 20 from NodeSource
114+
RUN curl -fsSL https://rpm.nodesource.com/setup_20.x | bash - && \
115+
dnf install -y nodejs
116+
117+
# Install pnpm
118+
RUN npm install -g pnpm
119+
120+
# Install Docker CE
121+
RUN dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo && \
122+
dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
123+
124+
# Install Terraform
125+
RUN dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo && \
126+
dnf install -y terraform
127+
128+
# Install kubectl
129+
RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" && \
130+
install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl && \
131+
rm kubectl
132+
133+
# Install Helm
134+
RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
135+
136+
# Copy Go tools from builder stage
137+
COPY --from=go-builder /tmp/go/bin/* /usr/local/bin/
138+
COPY --from=go-builder /usr/local/go /usr/local/go
139+
140+
# Copy Rust tools from builder stage
141+
COPY --from=rust-builder /tmp/cargo/bin/* /usr/local/bin/
142+
143+
# Copy Protocol Buffers from builder stage
144+
COPY --from=proto-builder /tmp/bin/protoc /usr/local/bin/
145+
COPY --from=proto-builder /tmp/include /usr/local/include
146+
147+
# Set up Go environment
148+
ENV PATH=/usr/local/go/bin:$PATH
149+
ENV GOPATH=/home/coder/go
150+
ENV GOPROXY=https://proxy.golang.org,direct
151+
ENV GOSUMDB=sum.golang.org
152+
153+
# Set up development environment
154+
RUN mkdir -p /home/coder/go/{bin,src,pkg} && \
155+
chown -R coder:coder /home/coder
156+
157+
# Install additional development tools
158+
RUN pip3 install --user pre-commit
159+
160+
# Set locale
161+
ENV LANG=en_US.UTF-8
162+
ENV LC_ALL=en_US.UTF-8
163+
164+
# Switch to coder user
165+
USER coder
166+
WORKDIR /home/coder
167+
168+
# Set up shell environment
169+
RUN echo 'export PATH="$PATH:/usr/local/go/bin:$GOPATH/bin"' >> ~/.bashrc && \
170+
echo 'export GOPATH="$HOME/go"' >> ~/.bashrc && \
171+
echo 'alias ll="ls -la"' >> ~/.bashrc && \
172+
echo 'alias la="ls -A"' >> ~/.bashrc && \
173+
echo 'alias l="ls -CF"' >> ~/.bashrc
174+
175+
# Expose common development ports
176+
EXPOSE 3000 8080 8443
177+
178+
CMD ["/bin/bash"]

0 commit comments

Comments
 (0)