[WIP] Reduce run layers, fix linter errors

builder/Dockerfile

@@ -1,38 +1,45 @@
-FROM ubuntu:latest
+FROM debian:sid
 
-MAINTAINER Eric Bidelman <ebidel@>
+LABEL name="lighthouse-ci"
+LABEL maintainer="Eric Bidelman <ebidel@>"
+LABEL version="1.0"
+LABEL description="Lighthouse CI for testing all the perf things"
 
 ## PART 1: Core components
 ## =======================
 
-# Install utilities
-RUN apt-get update --fix-missing && apt-get -y upgrade &&\
-apt-get install -y sudo curl wget unzip git
-
-# Install node 6
-RUN curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash - &&\
-sudo apt-get install -y nodejs
+# base deps
+ENV deps="apt-transport-https ca-certificates curl gnupg"
 
 # Install Xvfb and dbus for X11
 # Note: Uncomment if you don't want to use Headless Chrome.
-# RUN apt-get install -y xvfb dbus-x11
-
-# Install Chrome for Ubuntu
-RUN wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add - &&\
-sudo sh -c 'echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google-chrome.list' &&\
-sudo apt-get update &&\
-sudo apt-get install -y google-chrome-stable
+#ENV deps="$deps xvfb dbus-x11"
 
 # Install imagemagick for tests [optional]
-# RUN apt-get install -y imagemagick
+#ENV deps="$deps imagemagick"
+
+# Install git for Lighthouse source install
+#ENV deps="$deps git"
+
+# Install utilities
+RUN apt-get update && apt-get install -y $deps \
+ --no-install-recommends \
+ && curl -sSL https://deb.nodesource.com/setup_6.x | bash - \
+ && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add - \
+ && echo "deb [arch=amd64] https://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \
+ && apt-get update && apt-get install -y \
+ google-chrome-stable \
+ nodejs \
+ --no-install-recommends \
+ && npm --global install yarn \
+ && apt-get purge --auto-remove -y curl gnupg \
+ && rm -rf /var/lib/apt/lists/*
 
 # Copy key documents (except .dockerignored files)
 # Note: Uncomment these if you don't want to use Headless Chrome.
 # COPY etc/xvfb /etc/init.d/xvfb
 # RUN chmod +x /etc/init.d/xvfb
 
-RUN npm --global install yarn
-
 ## PART 2: Lighthouse
 ## ==================
 
@@ -49,34 +56,26 @@ RUN npm --global install yarn
 ARG CACHEBUST=1
 RUN yarn global add lighthouse
 
-## PART 3: Express server
-## ======================
+## PART 3: Setup Running Env
+## =========================
+
+# Copy Express server and run scripts
+COPY ["package.json", "server.js", "chromeuser-script.sh", "entrypoint.sh", "/"]
 
 # Install express
-COPY package.json /
 RUN yarn install
 
-# Add the simple server file
-COPY server.js /
-RUN chmod +x /server.js
-
-# Expose port 8080
-EXPOSE 8080
-
 ## PART 4: Final setup
 ## ===================
 
-# Add a user and make it a sudo user
-RUN useradd -m chromeuser &&\
-sudo adduser chromeuser sudo
+# Add Chrome as a user
+RUN groupadd -r chrome && useradd -r -g chrome -G audio,video chrome \
+ && mkdir -p /home/chrome/Downloads && chown -R chrome:chrome /home/chrome
 
-# Copy the chrome-user script used to start Chrome as non-root
-COPY chromeuser-script.sh /
-RUN chmod +x /chromeuser-script.sh
+# Run Chrome non-privileged
+USER chrome
 
-# Set the entrypoint
-COPY entrypoint.sh /
-RUN chmod +x /entrypoint.sh
-ENTRYPOINT ["/entrypoint.sh"]
+# Expose port 8080
+EXPOSE 8080
 
-# CMD ["/bin/bash"]
+ENTRYPOINT ["/entrypoint.sh"]

builder/entrypoint.sh

@@ -10,7 +10,7 @@ TMP_PROFILE_DIR=$(mktemp -d -t lighthouse.XXXXXXXXXX)
 # /etc/init.d/xvfb start
 # sleep 1s
 
-su chromeuser /chromeuser-script.sh
+/chromeuser-script.sh
 sleep 3s
 
 node /server.js