@fishawack/lab-env 4.40.1 → 4.41.0-beta.1

package/laravel/10/php/entrypoint.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# Setting $FW_ROOT will bypass the user switch to php
+if [ -z "$FW_ROOT" ]; then
+    # Set php user id to match host users id so no permission issues outside of docker
+    usermod -u $USER_UID php &>/dev/null
+
+    # Fix access rights to stdout and stderr
+    chown php /proc/self/fd/{1,2}
+
+    # Own the vendor folder otherwise it'll be owned by root/previous php id which will prevent writing
+    chown php /app/vendor
+
+    # If bash command then start an non login interactive shell
+    if [[ "$@" == "bash" ]]; then
+        exec su php
+    # Otherwise pipe the command into the non login non interactive shell as a command to exec
+    else
+        exec su php -c "$@"
+    fi
+else
+    echo "Accessing as root"
+    exec "$@"
+fi

package/laravel/10/php/package.json

@@ -0,0 +1,11 @@
+{
+    "name": "php",
+    "version": "1.0.0",
+    "description": "lab-env docker config for the php module",
+    "scripts": {
+        "preversion": "docker login",
+        "postversion": "docker buildx build --target development --platform linux/amd64,linux/arm64 -t fishawack/lab-env-laravel-10-php:$npm_package_version -t fishawack/lab-env-laravel-10-php:latest --push . && git add . && git commit -m \"build: Bumped fishawack/lab-env-laravel-10-php to $npm_package_version\""
+    },
+    "author": "Mike Mellor",
+    "license": "ISC"
+}

package/laravel/10/php/policy.xml

@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policymap [
+  <!ELEMENT policymap (policy)*>
+  <!ATTLIST policymap xmlns CDATA #FIXED ''>
+  <!ELEMENT policy EMPTY>
+  <!ATTLIST policy xmlns CDATA #FIXED '' domain NMTOKEN #REQUIRED
+    name NMTOKEN #IMPLIED pattern CDATA #IMPLIED rights NMTOKEN #IMPLIED
+    stealth NMTOKEN #IMPLIED value CDATA #IMPLIED>
+]>
+<!--
+  Configure ImageMagick policies.
+
+  Domains include system, delegate, coder, filter, path, or resource.
+
+  Rights include none, read, write, execute and all.  Use | to combine them,
+  for example: "read | write" to permit read from, or write to, a path.
+
+  Use a glob expression as a pattern.
+
+  Suppose we do not want users to process MPEG video images:
+
+    <policy domain="delegate" rights="none" pattern="mpeg:decode" />
+
+  Here we do not want users reading images from HTTP:
+
+    <policy domain="coder" rights="none" pattern="HTTP" />
+
+  The /repository file system is restricted to read only.  We use a glob
+  expression to match all paths that start with /repository:
+
+    <policy domain="path" rights="read" pattern="/repository/*" />
+
+  Lets prevent users from executing any image filters:
+
+    <policy domain="filter" rights="none" pattern="*" />
+
+  Any large image is cached to disk rather than memory:
+
+    <policy domain="resource" name="area" value="1GP"/>
+
+  Use the default system font unless overwridden by the application:
+
+    <policy domain="system" name="font" value="/usr/share/fonts/favorite.ttf"/>
+
+  Define arguments for the memory, map, area, width, height and disk resources
+  with SI prefixes (.e.g 100MB).  In addition, resource policies are maximums
+  for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
+  exceeds policy maximum so memory limit is 1GB).
+
+  Rules are processed in order.  Here we want to restrict ImageMagick to only
+  read or write a small subset of proven web-safe image types:
+
+    <policy domain="delegate" rights="none" pattern="*" />
+    <policy domain="filter" rights="none" pattern="*" />
+    <policy domain="coder" rights="none" pattern="*" />
+    <policy domain="coder" rights="read|write" pattern="{GIF,JPEG,PNG,WEBP}" />
+-->
+<policymap>
+  <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
+  <policy domain="resource" name="memory" value="256MiB"/>
+  <policy domain="resource" name="map" value="512MiB"/>
+  <policy domain="resource" name="width" value="16KP"/>
+  <policy domain="resource" name="height" value="16KP"/>
+  <!-- <policy domain="resource" name="list-length" value="128"/> -->
+  <policy domain="resource" name="area" value="128MP"/>
+  <policy domain="resource" name="disk" value="1GiB"/>
+  <!-- <policy domain="resource" name="file" value="768"/> -->
+  <!-- <policy domain="resource" name="thread" value="4"/> -->
+  <!-- <policy domain="resource" name="throttle" value="0"/> -->
+  <!-- <policy domain="resource" name="time" value="3600"/> -->
+  <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
+  <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
+  <!-- <policy domain="path" rights="none" pattern="@*" /> -->
+  <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
+  <!-- <policy domain="cache" name="synchronize" value="True"/> -->
+  <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
+  <!-- <policy domain="system" name="max-memory-request" value="256MiB"/> -->
+  <!-- <policy domain="system" name="shred" value="2"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <!-- <policy domain="system" name="font" value="/path/to/font.ttf"/> -->
+  <!-- <policy domain="system" name="pixel-cache-memory" value="anonymous"/> -->
+  <!-- <policy domain="system" name="shred" value="2"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <!-- not needed due to the need to use explicitly by mvg: -->
+  <!-- <policy domain="delegate" rights="none" pattern="MVG" /> -->
+  <!-- use curl -->
+  <policy domain="delegate" rights="none" pattern="URL" />
+  <policy domain="delegate" rights="none" pattern="HTTPS" />
+  <policy domain="delegate" rights="none" pattern="HTTP" />
+  <!-- in order to avoid to get image with password text -->
+  <policy domain="path" rights="none" pattern="@*"/>
+  <!-- disable ghostscript format types -->
+  <!-- <policy domain="coder" rights="none" pattern="PS" />
+  <policy domain="coder" rights="none" pattern="PS2" />
+  <policy domain="coder" rights="none" pattern="PS3" />
+  <policy domain="coder" rights="none" pattern="EPS" />
+  <policy domain="coder" rights="none" pattern="PDF" />
+  <policy domain="coder" rights="none" pattern="XPS" /> -->
+</policymap>

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@fishawack/lab-env",
-    "version": "4.40.1",
+    "version": "4.41.0-beta.1",
     "description": "Docker manager for FW",
     "main": "cli.js",
     "scripts": {
@@ -17,8 +17,8 @@
     "homepage": "https://bitbucket.org/fishawackdigital/lab-env#readme",
     "type": "commonjs",
     "bin": {
-        "lab-env": "./cli.js",
-        "fw": "./cli.js"
+        "lab-env": "cli.js",
+        "fw": "cli.js"
     },
     "dependencies": {
         "@aws-sdk/client-cloudfront": "^3.141.0",

package/php/8.2/CHANGELOG.md

@@ -0,0 +1,4 @@
+## Changelog
+
+### 1.0.0 (2025-07-21)
+* [Misc] initial commit

package/php/8.2/Dockerfile

@@ -0,0 +1,40 @@
+FROM chialab/php:8.2-fpm AS development
+
+LABEL org.opencontainers.image.authors="Mike Mellor <mike.mellor@avalerehealth.com>"
+
+# Install ghostscript
+RUN apt-get update && \
+    apt-get install -y ghostscript
+
+# Copy custom.ini
+COPY ./custom.ini /usr/local/etc/php/conf.d/custom.ini
+
+# Copy ImageMagick policy
+COPY ./policy.xml /etc/ImageMagick-6/policy.xml
+
+# Add php user
+RUN useradd -m -G www-data -s /bin/bash php
+
+# Change composer home dir
+ENV COMPOSER_HOME=/home/php/.composer
+
+# Cleanup apt-get install folders
+RUN apt-get clean && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY entrypoint.sh /bin/entrypoint.sh
+RUN chmod +x /bin/entrypoint.sh
+ENTRYPOINT ["/bin/entrypoint.sh"]
+
+CMD ["php-fpm"]
+
+FROM fishawack/lab-env-laravel-9-php:latest AS production
+
+# Copy source code into container
+COPY . /app
+
+# Install composer dependencies
+RUN TEMPFILE=$(mktemp) && \
+    curl -o "$TEMPFILE" "https://getcomposer.org/installer" && \
+    php <"$TEMPFILE" && \
+    ./composer.phar install -d /app --no-dev --no-interaction --no-ansi --optimize-autoloader

package/php/8.2/custom.ini

@@ -0,0 +1,5 @@
+file_uploads = On
+memory_limit = 500M
+upload_max_filesize = 500M
+post_max_size = 500M
+max_execution_time = 600

package/php/8.2/docker-compose.yml

@@ -0,0 +1,23 @@
+services:
+  php:
+    build:
+      context: $DIRNAME/php/8.2
+      target: development
+    image: fishawack/lab-env-php-8-2:${FW_PHP_8_2_VERSION:-latest}
+    init: true
+    working_dir: /app
+    networks:
+      - default
+    volumes:
+      - $CWD/:/app
+      - vendor:/app/vendor
+    environment:
+      - FW_ROOT=${FW_ROOT:-}
+      - USER_UID=${USER_UID:-0}
+      - USER_GID=${USER_GID:-0}
+networks:
+  default:
+    driver: "bridge"
+volumes:
+  vendor:
+    driver: "local"

package/php/8.2/entrypoint.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# Setting $FW_ROOT will bypass the user switch to php
+if [ -z "$FW_ROOT" ]; then
+    # Set php user id to match host users id so no permission issues outside of docker
+    usermod -u $USER_UID php &>/dev/null
+
+    # Fix access rights to stdout and stderr
+    chown php /proc/self/fd/{1,2}
+
+    # Own the vendor folder otherwise it'll be owned by root/previous php id which will prevent writing
+    chown php /app/vendor
+
+    # If bash command then start an non login interactive shell
+    if [[ "$@" == "bash" ]]; then
+        exec su php
+    # Otherwise pipe the command into the non login non interactive shell as a command to exec
+    else
+        exec su php -c "$@"
+    fi
+else
+    echo "Accessing as root"
+    exec "$@"
+fi

package/php/8.2/package.json

@@ -0,0 +1,11 @@
+{
+    "name": "php",
+    "version": "1.0.0",
+    "description": "lab-env docker config for the php module",
+    "scripts": {
+        "preversion": "docker login",
+        "postversion": "docker buildx build --target development --platform linux/amd64,linux/arm64 -t fishawack/lab-env-php-8-2:$npm_package_version -t fishawack/lab-env-php-8-2:latest --push . && git add . && git commit -m \"build: Bumped fishawack/lab-env-php-8-2 to $npm_package_version\""
+    },
+    "author": "Mike Mellor",
+    "license": "ISC"
+}

package/php/8.2/policy.xml

@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policymap [
+  <!ELEMENT policymap (policy)*>
+  <!ATTLIST policymap xmlns CDATA #FIXED ''>
+  <!ELEMENT policy EMPTY>
+  <!ATTLIST policy xmlns CDATA #FIXED '' domain NMTOKEN #REQUIRED
+    name NMTOKEN #IMPLIED pattern CDATA #IMPLIED rights NMTOKEN #IMPLIED
+    stealth NMTOKEN #IMPLIED value CDATA #IMPLIED>
+]>
+<!--
+  Configure ImageMagick policies.
+
+  Domains include system, delegate, coder, filter, path, or resource.
+
+  Rights include none, read, write, execute and all.  Use | to combine them,
+  for example: "read | write" to permit read from, or write to, a path.
+
+  Use a glob expression as a pattern.
+
+  Suppose we do not want users to process MPEG video images:
+
+    <policy domain="delegate" rights="none" pattern="mpeg:decode" />
+
+  Here we do not want users reading images from HTTP:
+
+    <policy domain="coder" rights="none" pattern="HTTP" />
+
+  The /repository file system is restricted to read only.  We use a glob
+  expression to match all paths that start with /repository:
+
+    <policy domain="path" rights="read" pattern="/repository/*" />
+
+  Lets prevent users from executing any image filters:
+
+    <policy domain="filter" rights="none" pattern="*" />
+
+  Any large image is cached to disk rather than memory:
+
+    <policy domain="resource" name="area" value="1GP"/>
+
+  Use the default system font unless overwridden by the application:
+
+    <policy domain="system" name="font" value="/usr/share/fonts/favorite.ttf"/>
+
+  Define arguments for the memory, map, area, width, height and disk resources
+  with SI prefixes (.e.g 100MB).  In addition, resource policies are maximums
+  for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
+  exceeds policy maximum so memory limit is 1GB).
+
+  Rules are processed in order.  Here we want to restrict ImageMagick to only
+  read or write a small subset of proven web-safe image types:
+
+    <policy domain="delegate" rights="none" pattern="*" />
+    <policy domain="filter" rights="none" pattern="*" />
+    <policy domain="coder" rights="none" pattern="*" />
+    <policy domain="coder" rights="read|write" pattern="{GIF,JPEG,PNG,WEBP}" />
+-->
+<policymap>
+  <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
+  <policy domain="resource" name="memory" value="256MiB"/>
+  <policy domain="resource" name="map" value="512MiB"/>
+  <policy domain="resource" name="width" value="16KP"/>
+  <policy domain="resource" name="height" value="16KP"/>
+  <!-- <policy domain="resource" name="list-length" value="128"/> -->
+  <policy domain="resource" name="area" value="128MP"/>
+  <policy domain="resource" name="disk" value="1GiB"/>
+  <!-- <policy domain="resource" name="file" value="768"/> -->
+  <!-- <policy domain="resource" name="thread" value="4"/> -->
+  <!-- <policy domain="resource" name="throttle" value="0"/> -->
+  <!-- <policy domain="resource" name="time" value="3600"/> -->
+  <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
+  <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
+  <!-- <policy domain="path" rights="none" pattern="@*" /> -->
+  <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
+  <!-- <policy domain="cache" name="synchronize" value="True"/> -->
+  <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
+  <!-- <policy domain="system" name="max-memory-request" value="256MiB"/> -->
+  <!-- <policy domain="system" name="shred" value="2"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <!-- <policy domain="system" name="font" value="/path/to/font.ttf"/> -->
+  <!-- <policy domain="system" name="pixel-cache-memory" value="anonymous"/> -->
+  <!-- <policy domain="system" name="shred" value="2"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <!-- not needed due to the need to use explicitly by mvg: -->
+  <!-- <policy domain="delegate" rights="none" pattern="MVG" /> -->
+  <!-- use curl -->
+  <policy domain="delegate" rights="none" pattern="URL" />
+  <policy domain="delegate" rights="none" pattern="HTTPS" />
+  <policy domain="delegate" rights="none" pattern="HTTP" />
+  <!-- in order to avoid to get image with password text -->
+  <policy domain="path" rights="none" pattern="@*"/>
+  <!-- disable ghostscript format types -->
+  <!-- <policy domain="coder" rights="none" pattern="PS" />
+  <policy domain="coder" rights="none" pattern="PS2" />
+  <policy domain="coder" rights="none" pattern="PS3" />
+  <policy domain="coder" rights="none" pattern="EPS" />
+  <policy domain="coder" rights="none" pattern="PDF" />
+  <policy domain="coder" rights="none" pattern="XPS" /> -->
+</policymap>

package/core/1/CHANGELOG.md

@@ -1,124 +0,0 @@
-## Changelog
-
-### 1.7.2 (2025-05-15)
-
-#### Bug Fixes
-
-* use n flag in symlink to override if symlink already exists ([cdc1a41](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/cdc1a41639785f65e2076477f33e86a8ea8cb8fa))
-
-### 1.7.2-beta.1 (2025-05-15)
-
-#### Bug Fixes
-
-* use n flag in symlink to override if symlink already exists ([cdc1a41](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/cdc1a41639785f65e2076477f33e86a8ea8cb8fa))
-
-### 1.7.1 (2025-05-15)
-
-#### Reverts
-
-* Revert "feat: installed husky npm module globally" ([91cc456](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/91cc4564ea2fd6650924732a2a75cb4a9fb749b5))
-
-### 1.7.1-beta.1 (2025-05-14)
-
-#### Reverts
-
-* Revert "feat: installed husky npm module globally" ([91cc456](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/91cc4564ea2fd6650924732a2a75cb4a9fb749b5))
-
-### 1.7.0 (2025-05-14)
-
-#### Features
-
-* installed husky npm module globally ([e08f5a7](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/e08f5a7850d0743137c26addf694f586c8c8ee74))
-* updated node from 20 to 22 ([e592f6e](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/e592f6e93fc6554227f8902c8c1c21a3564a32ce))
-
-### 1.7.0-beta.1 (2025-05-14)
-
-#### Features
-
-* installed husky npm module globally ([e08f5a7](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/e08f5a7850d0743137c26addf694f586c8c8ee74))
-* updated node from 20 to 22 ([e592f6e](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/e592f6e93fc6554227f8902c8c1c21a3564a32ce))
-
-### 1.6.0 (2024-10-22)
-
-#### Features
-
-* own global node_modules folder so local modules can be linked ([82f84fa](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/82f84faa5dfa7c009458bec4fe3a9f2b437c34bf))
-
-### 1.5.2 (2024-10-08)
-
-#### Bug Fixes
-
-* rclone in alpine image and aws sdk back in full image as rclone used for s3 content ([9e68463](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/9e684631bb83c105aa9e5407e8fee30a788309cd))
-
-### 1.5.1 (2024-10-07)
-
-#### Bug Fixes
-
-* move aws from full image to alpine now that s3 content requests are supported ([a947817](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/a94781756ea482545b63018e72ab30ce25727af9))
-
-### 1.5.0 (2024-10-01)
-
-#### Features
-
-* commit into lab-env and create pull request against development on publish ([22e9c66](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/22e9c666dff1e6453090da472a6cd4f0b89c6fbb))
-
-#### Bug Fixes
-
-* close source branch by default on pull request ([5208373](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/5208373822272c648a547f9b328720cb4fdf9bd4))
-
-### 1.4.2 (2024-10-01)
-
-#### Bug Fixes
-
-* trigger ci ([301d679](https://bitbucket.org/fishawackdigital/lab-env-core-1/commits/301d6795162f0bf8941a3b9413a30092a3e8bf21))
-
-### 1.4.1 (2024-07-17)
-* [fix] set global var for git across file system so git avail in mounted volumes i.e node_modules
-
-### 1.4.0 (2024-06-04)
-* [feat] bumped node from 18 to 20
-
-### 1.3.3 (2024-02-09)
-* [fix] symlink wine64 now htat wine is the default global command but electron expects wine64
-
-### 1.3.2 (2024-01-24)
-* [fix] install latest eb cli and use node images python rather than pyenv
-
-### 1.3.1 (2024-01-22)
-* [fix] rebuild of image to get the latest chromium version to fix new puppeteer headless mode
-
-### 1.3.0 (2023-03-17)
-* [feat] node user is now added to www-data group for easier file permission management
-* [fix] disable npm message about update being available
-
-### 1.2.2 (2023-02-25)
-* [fix] set BRANCH and CI_COMMIT_REF_NAME env variables in container
-* [fix] installed git-branch to fetch the current branch for deployment targets
-* [refactor] moved global node module symlinking to alpine image for future use
-
-### 1.2.1 (2023-02-25)
-* [fix] install eb cli into root of image rather than root user directory
-* [perf] dont recurse and dont change group of node_modules to speed up command
-* [refactor] set node git flag without switching user directly in dockerfile
-
-### 1.1.4 (2023-02-23)
-* [Fix] Installed missing are-you-es5 global npm module
-* [Fix] Installed missing check-dependencies global npm module
-
-### 1.1.3 (2023-02-23)
-* [Fix] Switch to ENV for $PATH updates to avoid shell profile loading issues
-* [Fix] Moved chromium to alpine image as its needed for svg tasks and testing
-
-### 1.1.2 (2023-02-22)
-* [Fix] cd into $PWD after su command or we'll start in users home directory
-
-### 1.1.1 (2023-02-22)
-* [Fix] Use -l login flag for su command for both non interactive and interactive shells
-* [Fix] Switch $PATH writes to .profile so they are executed on non interactive shells
-
-### 1.1.0 (2023-02-22)
-* [Feature] Watertight now baked into image so not needed in package.json of projects
-* [Fix] lftp installed in alpine image as it's needed for content tasks
-
-### 1.0.0 (2023-02-21)
-* [Misc] initial commit

package/core/1/Dockerfile

@@ -1,113 +0,0 @@
-#####
-# Alpine image
-#####
-
-FROM node:22 AS alpine
-
-LABEL org.opencontainers.image.authors="Mike Mellor <mike.mellor@avalerehealth.com>"
-
-ARG TARGETARCH
-
-WORKDIR /app
-
-EXPOSE 3000
-EXPOSE 3001
-
-# Get latest apt-get
-RUN apt-get update
-
-# Update npm to latest
-RUN npm install -g npm@latest
-
-# Install dart sass vm (arch switch)
-RUN curl -L -o /sass.tar.gz https://github.com/sass/dart-sass/releases/download/1.57.1/dart-sass-1.57.1-linux-$(if [ "$TARGETARCH" = "arm64" ]; then echo 'arm64'; else echo 'x64'; fi).tar.gz
-RUN tar -xf /sass.tar.gz -C /
-ENV PATH="${PATH}:/dart-sass/"
-RUN rm -rf /sass.tar.gz
-
-# Set safe directory to remove intel errors when running git rev-parse
-RUN su node -c "git config --global --add safe.directory /app"
-
-# Also set global git flag for allowing access across filesystems for mounted node_modules dir
-ENV GIT_DISCOVERY_ACROSS_FILESYSTEM=1
-
-# Disable npm message about updates being available
-RUN su node -c "npm config set update-notifier false"
-
-# Add node user to www-data group
-RUN usermod -a -G www-data node
-
-# Install lftp
-RUN apt-get install -y lftp
-
-# Install chromium
-RUN apt-get install -y chromium fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 --no-install-recommends
-# Stop Puppeteer downloading browsers during npm install
-ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
-ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium
-
-# Install package.json checker
-RUN npm install check-dependencies -g
-
-# Install node_modules checker
-RUN npm install are-you-es5 -g
-
-# Install git branch fetcher
-RUN npm install git-branch -g
-
-# Link root global node_modules to ~/.node_modules
-RUN ln -s /usr/local/lib/node_modules/ /home/node/.node_modules
-
-# Install rclone
-RUN curl https://rclone.org/install.sh | bash
-
-# Cleanup apt-get install folders
-RUN apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-COPY entrypoint.sh /bin/entrypoint.sh
-RUN chmod +x /bin/entrypoint.sh
-ENTRYPOINT ["/bin/entrypoint.sh"]
-
-#####
-# Full image
-#####
-
-FROM alpine AS full
-
-# Get latest apt-get
-RUN apt-get update
-
-# Install ghostscript
-RUN apt-get install -y ghostscript
-
-# Install zip
-RUN apt-get install zip
-
-# Install AWS Elastic Beanstalk cli
-ENV PATH="${PATH}:/.ebcli-virtual-env/executables"
-RUN apt-get -y install python-is-python3 python3-pip && \
-    pip install virtualenv --break-system-packages && \
-    git clone https://github.com/aws/aws-elastic-beanstalk-cli-setup.git ~/aws-eb && \
-    python ~/aws-eb/scripts/ebcli_installer.py --location / && \
-    rm -rf ~/aws-eb
-
-# Install AWS-CLI@2 (arch switch)
-RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-$(if [ "$TARGETARCH" = "arm64" ]; then echo 'aarch64'; else echo 'x86_64'; fi).zip" -o "awscliv2.zip"
-RUN unzip awscliv2.zip
-RUN ./aws/install
-RUN rm -rf ./aws && rm -rf awscliv2.zip
-
-# Update electron globally
-RUN npm install -g electron-packager@latest
-
-# Install wine64
-RUN apt-get install -y wine64 && \
-    ln -s /usr/bin/wine /usr/bin/wine64
-
-# Install watertight
-RUN --mount=type=ssh npm install -g git+ssh://git@bitbucket.org/fishawackdigital/watertight-node-auto.git#v6.0.0
-
-# Cleanup apt-get install folders
-RUN apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

package/core/1/README.md

@@ -1,9 +0,0 @@
-## Background
-
-### What
-
-The image used for core@8 and above.
-
-### Why
-
-Allows us to automate the local developer & CI environments.