devcontainer/supervisor/Dockerfile at main · home-assistant/devcontainer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
FROM mcr.microsoft.com/devcontainers/python:3-3.14

ENV \
    DEBIAN_FRONTEND=noninteractive \
    DEVCONTAINER=1 \
    NVM_DIR="/root/.nvm"

SHELL ["/bin/bash", "-o", "pipefail", "-c"]

# Uninstall pre-installed formatting and linting tools
# They would conflict with our pinned versions
RUN \
    pipx uninstall pydocstyle \
    && pipx uninstall pycodestyle \
    && pipx uninstall mypy \
    && pipx uninstall pylint

# Install tools
# dbus-broker is the active system bus; dbus-daemon is installed only for
# its binary, which Supervisor tests invoke directly (it ships no unit files).
RUN \
    apt-get update \
    && apt-get install -y --no-install-recommends \
        apparmor \
        dbus-broker \
        dbus-daemon \
        network-manager \
        libpulse0 \
        systemd-journal-remote \
        systemd-resolved \
        xz-utils

COPY ./common/rootfs /
COPY ./common/rootfs_supervisor /
COPY ./common/install /tmp/common/install

# Install common
RUN \
    pip3 install --no-cache-dir uv \
    && bash devcontainer_init \
    && common_install_packages \
        docker \
        shellcheck \
        cosign \
        os-agent \
    && usermod -aG docker vscode

COPY ./supervisor/rootfs /

# Set up venv for UV
USER vscode
ENV VIRTUAL_ENV="/home/vscode/.local/ha-venv"
RUN uv venv $VIRTUAL_ENV

# Setting PATH here isn't enough, VSCode rewites it after initial scripts finish
# Must also be set in remoteEnv in devcontainer.json
ENV PATH="$VIRTUAL_ENV/bin:$PATH"

# Configure systemd as init system
USER root

# Remove the fake systemctl and policy-rc.d that the base image ships
# to prevent service management during build. We need the real systemctl
# since this container runs systemd as PID 1.
RUN rm -f /usr/local/bin/systemctl /usr/sbin/policy-rc.d

# Mask unnecessary systemd units to make sure they don't interfere
RUN systemctl mask \
    systemd-networkd.service \
    systemd-networkd-wait-online.service \
    getty@.service \
    serial-getty@.service

# Create persistent journal directory so journald stores logs on disk
RUN systemd-tmpfiles --create --prefix /var/log/journal

# Enable services which are otherwise disabled by default
RUN systemctl enable \
    haos-agent \
    hassio-apparmor \
    mount-securityfs \
    systemd-journal-gatewayd

STOPSIGNAL SIGRTMIN+3
CMD ["/sbin/init"]