Fix image build issues

helpers/linux-install-tools

@@ -0,0 +1,74 @@
+#!/bin/bash
+
+IFS=$'\n'
+for tool in $(jq -cr '.[]' ./toolchain.json); do
+  TOOL_NAME=$(echo "$tool" | jq -r '.name')
+  [ -z "$TOOL_NAME" ] && echo "Invalid syntax" && exit 1
+  echo "=============================="
+  echo "Installing $TOOL_NAME..."
+  echo "=============================="
+
+  TOOL_MANIFEST_URL=$(echo "$tool" | jq -r '.url')
+  if [ -z "$TOOL_MANIFEST_URL" ]; then
+    echo "No manifest found, skipping tool"
+    continue
+  fi
+
+  TOOL_MANIFEST=$(curl -s $TOOL_MANIFEST_URL)
+  for version in $(echo "$tool" | jq -r '.versions[]'); do
+    echo "Installing version $version"
+    found=false
+
+    for check_version in $(echo "$TOOL_MANIFEST" | jq -cr '.[]'); do
+      if [[ "$(echo "$check_version" | jq -r '.version')" != $version ]]; then
+        continue
+      fi
+
+      for check_file in $(echo "$check_version" | jq -cr '.files[]'); do
+        TOOL_PLATFORM=$(echo "$tool" | jq -r '.platform')
+        TOOL_ARCH=$(echo "$tool" | jq -r '.arch')
+        TOOL_PLATFORM_VERSION=$(echo "$tool" | jq -r '.platform_version')
+
+        if [ -n "$TOOL_PLATFORM" ]; then
+          [ $TOOL_PLATFORM != $(echo "$check_file" | jq -r '.platform') ] && continue
+        fi
+        if [ -n "$TOOL_ARCH" ]; then
+          [ $TOOL_ARCH != $(echo "$check_file" | jq -r '.arch') ] && continue
+        fi
+        if [ -n "$TOOL_PLATFORM_VERSION" ]; then
+          [ $TOOL_PLATFORM_VERSION != $(echo "$check_file" | jq -r '.platform_version') ] && continue
+        fi
+
+        found=true
+        FILENAME=$(echo "$check_file" | jq -r '.filename')
+        DOWNLOAD_URL=$(echo "$check_file" | jq -r '.download_url')
+
+        echo "Downloading package from $DOWNLOAD_URL"
+        curl -sL -o /tmp/build/$FILENAME $DOWNLOAD_URL
+        if [ $? -ne 0 ]; then
+          echo "Unable to download package" && exit 1
+        fi
+
+        mkdir -p /tmp/build/$FILENAME-dir
+        tar -xzf /tmp/build/$FILENAME -C /tmp/build/$FILENAME-dir
+        if [ $? -ne 0 ]; then
+          echo "Unable to extract package" && exit 1
+        fi
+
+        rm /tmp/build/$FILENAME
+        cd /tmp/build/$FILENAME-dir
+
+        echo "Setting up package $FILENAME"
+        bash ./setup.sh
+        cd ..
+        rm -rf $FILENAME-dir
+        break
+      done
+      break
+    done
+
+    [ $found == false ] && echo "Unable to find package" && exit 1
+  done
+done
+
+exit 0

ubuntu-22.04/Dockerfile

@@ -46,15 +46,31 @@ ARG PYTHON_VERSION_SHORT
 
 ENV NODEJS_VERSION=22.x
 ENV NVM_VERSION=0.40.1
+ENV AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache
+ENV RUNNER_TOOL_CACHE=/opt/hostedtoolcache
 ENV DEBIAN_FRONTEND=noninteractive
 
-RUN apt-get update -y \
-    && apt-get install --no-install-recommends --no-install-suggests -y \
+RUN cat <<EOF >> /etc/apt/apt.conf.d/10dpkg-options
+Dpkg::Options {
+  "--force-confdef";
+  "--force-confold";
+}
+EOF
+RUN cat <<EOF >> /etc/apt/apt.conf.d/02autoremove
+APT::Get::AutomaticRemove "0";
+APT::Get::HideAutoRemove "1";
+EOF
+RUN echo "APT::Acquire::Retries \"10\";" > /etc/apt/apt.conf.d/80retries \
+    && echo "APT::Get::Assume-Yes \"true\";" > /etc/apt/apt.conf.d/90assumeyes
+
+RUN apt-get update \
+    && apt-get install --no-install-recommends --no-install-suggests \
       apt-transport-https \
       ca-certificates \
       curl \
       gcc \
       gnupg \
+      jq \
       libbz2-1.0 \
       libev4 \
       libffi8 \
@@ -66,8 +82,7 @@ RUN apt-get update -y \
       make \
       openssl \
       sudo \
-      tklib \
-      vim
+      tklib
 
 RUN groupadd --gid 1000 runner \
     && adduser --home /workspace --shell /bin/sh --uid 1000 --gid 1000 --disabled-password runner \
@@ -85,7 +100,7 @@ RUN mkdir -p /usr/share/keyrings \
     && echo "deb [signed-by=/usr/share/keyrings/git-core_ppa.gpg] https://ppa.launchpadcontent.net/git-core/ppa/ubuntu ${DISTRIB_CODENAME} main" | tee /etc/apt/sources.list.d/git-core_ppa.list > /dev/null \
     && echo "deb [signed-by=/usr/share/keyrings/github_git-lfs.gpg] https://packagecloud.io/github/git-lfs/ubuntu ${DISTRIB_CODENAME} main" | tee /etc/apt/sources.list.d/github_git-lfs.list > /dev/null \
     && apt-get update -y \
-    && apt-get install --no-install-recommends --no-install-suggests -y \
+    && apt-get install --no-install-recommends --no-install-suggests \
       git \
       git-lfs
 
@@ -95,8 +110,8 @@ RUN set -x \
     && chmod 0644 /usr/share/keyrings/nodesource.gpg \
     && arch=$(dpkg --print-architecture) \
     && echo "deb [arch=$arch signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_${NODEJS_VERSION} nodistro main" | tee /etc/apt/sources.list.d/nodesource.list > /dev/null \
-    && apt-get update -y \
-    && apt-get install --no-install-recommends --no-install-suggests -y nodejs \
+    && apt-get update \
+    && apt-get install --no-install-recommends --no-install-suggests nodejs \
     && npm update --global npm \
     && npm install --global yarn \
     && curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v${NVM_VERSION}/install.sh | bash
@@ -116,15 +131,46 @@ RUN set -x \
       ansible \
       virtualenv
 
-RUN curl -sSL -O https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb \
-    && dpkg -i packages-microsoft-prod.deb \
-    && rm packages-microsoft-prod.deb \
-    && apt-get update -y \
-    && apt-get install --no-install-recommends --no-install-suggests -y azcopy
+RUN cd /tmp/build \
+    && curl -OL https://aka.ms/downloadazcopy-v10-linux \
+    && tar -xvzf downloadazcopy-v10-linux \
+    && rm downloadazcopy-v10-linux \
+    && cp -r azcopy_linux_amd64_*/azcopy /usr/local/bin/ \
+    && rm -r azcopy_linux_amd64_* \
+    && chmod 0755 /usr/local/bin/azcopy \
+    && ln -s /usr/local/bin/azcopy /usr/local/bin/azcopy10
 
-RUN mkdir -p /opt/hostedtoolcache \
-    && chown runner:runner /opt/hostedtoolcache \
-    && chmod 0755 /opt/hostedtoolcache
+RUN if [[ -f "/etc/fwupd/daemon.conf" ]]; then \
+        sed -i 's/UpdateMotd=true/UpdateMotd=false/g' /etc/fwupd/daemon.conf; \
+    fi
+
+RUN echo 'fs.inotify.max_user_watches=655360' >> /etc/sysctl.conf \
+    && echo 'fs.inotify.max_user_instances=1280' >> /etc/sysctl.conf \
+    \
+    && echo 'session required pam_limits.so' >> /etc/pam.d/common-session \
+    && echo 'session required pam_limits.so' >> /etc/pam.d/common-session-noninteractive \
+    && echo 'DefaultLimitNOFILE=65536' >> /etc/systemd/system.conf \
+    && echo 'DefaultLimitSTACK=16M:infinity' >> /etc/systemd/system.conf \
+    \
+    && echo '* soft nofile 65536' >> /etc/security/limits.conf \
+    && echo '* hard nofile 65536' >> /etc/security/limits.conf \
+    \
+    && echo '* soft stack 16384' >> /etc/security/limits.conf \
+    && echo '* hard stack 16384' >> /etc/security/limits.conf
+
+RUN set -x \
+    && mkdir -p ${AGENT_TOOLSDIRECTORY}
+
+COPY helpers/linux-install-tools /tmp/build/linux-install-tools
+COPY ubuntu-22.04/toolchain.json /tmp/build/toolchain.json
+RUN set -x \
+    && cd /tmp/build \
+    && chmod +x linux-install-tools \
+    && bash ./linux-install-tools
+
+RUN set -x \
+    && chmod -R 0777 /opt \
+    && chmod -R 0777 /usr/share
 
 USER runner
 WORKDIR /workspace

ubuntu-22.04/toolchain.json

@@ -0,0 +1,38 @@
+[
+  {
+    "name": "Python",
+    "url" : "https://raw.githubusercontent.com/actions/python-versions/main/versions-manifest.json",
+    "platform" : "linux",
+    "platform_version": "22.04",
+    "arch": "x64",
+    "versions": [
+      "3.10.*",
+      "3.11.*",
+      "3.12.*",
+      "3.13.*"
+    ]
+  },
+  {
+    "name": "node",
+    "url" : "https://raw.githubusercontent.com/actions/node-versions/main/versions-manifest.json",
+    "platform" : "linux",
+    "arch": "x64",
+    "versions": [
+      "18.*",
+      "20.*",
+      "22.*"
+    ]
+  },
+  {
+    "name": "go",
+    "url" : "https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json",
+    "arch": "x64",
+    "platform" : "linux",
+    "versions": [
+      "1.21.*",
+      "1.22.*",
+      "1.23.*"
+    ],
+    "default": "1.23.*"
+  }
+]