Restructure Dockerfile and remove packer for docker builds

Jenkinsfile

@@ -176,8 +176,14 @@ pipeline {
                   }
                 } finally {
                   library("tailor-meta@${params.tailor_meta}")
+                  try {
+                    if (fileExists(".")) {
+                    deleteDir()
+                    }
+                  } catch (e) {
+                    println e
+                  }
                   cleanDocker()
-                  deleteDir()
                 }
               }}]
             }

environment/Dockerfile

@@ -2,87 +2,77 @@ FROM ubuntu:jammy
 
 LABEL tailor="environment"
 
-ARG AWS_ACCESS_KEY_ID
-ENV AWS_ACCESS_KEY_ID ${AWS_ACCESS_KEY_ID}
-
-ARG AWS_SECRET_ACCESS_KEY
-ENV AWS_SECRET_ACCESS_KEY ${AWS_SECRET_ACCESS_KEY}
-
-ARG AWS_DEFAULT_REGION=us-east-1
-
-
-ARG GITHUB_TOKEN
-ENV GITHUB_TOKEN ${GITHUB_TOKEN}
-
 ARG ANSIBLE_VAULT_PASS
 ARG APT_REPO
 ARG APT_REGION
 ARG RELEASE_LABEL
 ARG RELEASE_TRACK
 ARG ORGANIZATION
 ARG FLAVOUR
-ENV BUNDLE_ROOT /opt/${ORGANIZATION}/${RELEASE_LABEL}/${FLAVOUR}
-
-SHELL ["/bin/bash", "-c"]
 
-ENV DEBIAN_FRONTEND noninteractive
-ENV PYTHONUNBUFFERED 1
+ARG AWS_ACCESS_KEY_ID
+ARG AWS_SECRET_ACCESS_KEY
+ARG AWS_DEFAULT_REGION=us-east-1
+ARG GITHUB_TOKEN 
 
-RUN sed -i 's/archive.ubuntu.com/us-east-1.ec2.&/g' /etc/apt/sources.list
-RUN apt-get update && apt-get install --no-install-recommends -y locales curl gnupg1 gpgv1 sudo
-RUN locale-gen en_US.UTF-8
-ENV LANG en_US.UTF-8
+ENV DEBIAN_FRONTEND=noninteractive \
+    LANG=en_US.UTF-8 \
+    PYTHONUNBUFFERED=1 \
+    BUNDLE_ROOT=/opt/${ORGANIZATION}/${RELEASE_LABEL}/${FLAVOUR} \
+    AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
+    AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
+    GITHUB_TOKEN=${GITHUB_TOKEN}
 
-RUN apt-get update && apt-get install --no-install-recommends -y \
-  python3-dev \
-  python3-pip \
-  python3-setuptools \
-  python3-wheel \
-  git
+SHELL ["/bin/bash", "-c"]
 
-# Let's start with some basic stuff.
-RUN apt-get update -qq && apt-get install --no-install-recommends -qqy \
+RUN sed -i 's/archive.ubuntu.com/us-east-1.ec2.&/g' /etc/apt/sources.list && \
+    apt-get update && apt-get install --no-install-recommends -y \
+    locales \
+    curl \
+    gnupg1 \
+    gpgv1 \
+    sudo \
+    python3-dev \
+    python3-pip \
+    python3-setuptools \
+    python3-wheel \
+    git \
     ansible \
     apt-transport-https \
     ca-certificates \
-    curl \
     gcc \
     iptables \
     libguestfs-tools \
     lxc \
     openssh-client \
     unzip \
     wget \
-    xz-utils
+    xz-utils && \
+    locale-gen en_US.UTF-8 && \
+    rm -rf /var/lib/apt/lists/*
 
 # Install Docker from Docker Inc. repositories.
 RUN curl -sSL https://get.docker.com/ | VERSION=24.0.6 sh
 
 # Install packer
 RUN curl -sSL https://releases.hashicorp.com/packer/1.9.1/packer_1.9.1_linux_amd64.zip > packer.zip && \
     unzip packer.zip -d /usr/local/bin && \
-    rm packer.zip
-RUN curl -sSlL https://github.com/locusrobotics/packer-builder-qemu-chroot/releases/download/v1.1.0-u1/packer-builder-qemu-chroot_linux_amd64.tar.gz > packer_qemu_chroot.tar.gz && \
+    rm packer.zip && \
+    curl -sSlL https://github.com/locusrobotics/packer-builder-qemu-chroot/releases/download/v1.1.0-u1/packer-builder-qemu-chroot_linux_amd64.tar.gz > packer_qemu_chroot.tar.gz && \
     tar xf packer_qemu_chroot.tar.gz && mv packer-plugin-qemu-chroot /usr/local/bin/packer-plugin-qemu-chroot && \
     rm packer_qemu_chroot.tar.gz
 
-COPY tailor-image tailor-image
-RUN pip3 install -e tailor-image
-
 COPY rosdistro/rosdep/rosdep.yaml /root/rosdep.yaml
 COPY rosdistro /rosdistro
 
-# Create non-root user
-RUN groupadd -r tailor && useradd -ms /bin/bash -g tailor -G sudo tailor
-RUN usermod -aG docker tailor
-RUN echo "tailor ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers
+COPY tailor-image tailor-image
+RUN pip3 install -e tailor-image
 
 # Add package mirror
 # TODO(pbovbel) read this from configuration
 RUN apt-get update && apt-get install --no-install-recommends -y apt-transport-https apt-transport-s3 && \
-    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 142D5F1683E1528B
-
-RUN echo "deb [arch=amd64] ${APT_REPO}/${RELEASE_LABEL}/ubuntu jammy main" >> /etc/apt/sources.list && \
+    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 142D5F1683E1528B && \
+    echo "deb [arch=amd64] ${APT_REPO}/${RELEASE_LABEL}/ubuntu jammy main" >> /etc/apt/sources.list && \
     echo "deb [arch=amd64] ${APT_REPO}/${RELEASE_LABEL}/ubuntu jammy-mirror main" >> /etc/apt/sources.list
 
 # Create auth config file for accesing s3 via apt
@@ -93,16 +83,21 @@ RUN echo "AccessKeyId = $AWS_ACCESS_KEY_ID" | tee /etc/apt/s3auth.conf && \
 
 RUN apt-get update && \
     RTI_NC_LICENSE_ACCEPTED=yes apt-get install --no-install-recommends -qy\
-    ${ORGANIZATION}-${FLAVOUR}-${RELEASE_LABEL}
+    ${ORGANIZATION}-${FLAVOUR}-${RELEASE_LABEL}  && \
+    rm -rf /var/lib/apt/lists/*
 
 RUN pip3 install -U catkin_tools
 
-USER tailor
+# Create non-root user
+ARG USER_NAME=tailor
+RUN groupadd -r "$USER_NAME" && useradd -ms /bin/bash -g "$USER_NAME" -G sudo "$USER_NAME" && \
+    usermod -aG docker "$USER_NAME" && \
+    echo "${USER_NAME} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers
 
-RUN mkdir -p /home/tailor && \
-    usermod -d /home/tailor tailor
+USER ${USER_NAME}
+WORKDIR /home/${USER_NAME}
 
-RUN echo "${ANSIBLE_VAULT_PASS}" | tee /home/tailor/.vault_pass.txt
-RUN aws configure set aws_access_key_id ${AWS_ACCESS_KEY_ID} && \
+RUN echo "${ANSIBLE_VAULT_PASS}" | tee /home/tailor/.vault_pass.txt && \
+    aws configure set aws_access_key_id ${AWS_ACCESS_KEY_ID} && \
     aws configure set aws_secret_access_key ${AWS_SECRET_ACCESS_KEY} && \
     aws configure set default.region ${AWS_DEFAULT_REGION}

environment/image_recipes/docker/Dockerfile

@@ -0,0 +1,93 @@
+ARG OS_NAME=ubuntu
+ARG OS_VERSION=jammy
+
+FROM ${OS_NAME}:${OS_VERSION} AS base
+
+ARG TYPE
+ARG BUNDLE_FLAVOUR
+ARG IMAGE_NAME
+ARG ECR_SERVER
+ARG ECR_REPOSITORY
+ARG PLAYBOOK_FILE
+ARG BUNDLE_FOLDER
+ARG ORGANIZATION
+ARG BUNDLE_TRACK
+ARG BUNDLE_VERSION
+ARG ANSIBLE_CONFIG
+
+# Extra args
+ARG username
+ARG password
+ARG extra_arguments_ansible
+ARG ansible_command
+ARG description
+ARG disk_size
+ARG group
+
+LABEL tailor=docker_image
+
+ENV DEBIAN_FRONTEND=noninteractive \
+    LANG=en_US.UTF-8 \
+    PYTHONUNBUFFERED=1 \
+    BUNDLE_ROOT=/opt/${ORGANIZATION}/${BUNDLE_VERSION}/${BUNDLE_FLAVOUR} \
+    ANSIBLE_CONFIG=${ANSIBLE_CONFIG}
+
+# Install basics
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    python3 \
+    sudo \
+    locales \
+    ccache \
+    gnupg \
+    openssl \
+    libboost-all-dev \
+    tzdata \
+    libtinyxml2-9 && \
+    locale-gen en_US.UTF-8 && \
+    rm -rf /var/lib/apt/lists/*
+
+# Add user
+RUN groupadd -r "${username}" && \
+    useradd -ms /bin/bash \
+    -p "$(echo "${password}" | openssl passwd -1 -stdin)" \
+    -g "$username" -G sudo "$username" && \
+    echo "${username} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \
+    mkdir -p /home/"${username}" && \
+    usermod -d /home/"${username}" "${username}"
+
+FROM base AS bundle
+
+COPY librospack.so ${BUNDLE_FOLDER}/lib/librospack.so
+COPY .vault_pass.txt /root/.vault_pass.txt
+
+RUN cat > /tmp/default.inv <<'EOF'
+[default]
+default ansible_host=localhost ansible_connection=local
+EOF
+
+RUN --mount=type=bind,source=bin,target=/tmp/bin,ro \
+    --mount=type=bind,source=share/locus_ansible,target=/tmp/share/locus_ansible,ro \
+    bash -c "mkdir -p ${BUNDLE_FOLDER}/bin ${BUNDLE_FOLDER}/share && \
+    cp -a /tmp/bin/. ${BUNDLE_FOLDER}/bin/ && \
+    cp -a /tmp/share/locus_ansible ${BUNDLE_FOLDER}/share/locus_ansible && \
+    source ${BUNDLE_FOLDER}/share/locus_ansible/package.bash && \
+    cd ${BUNDLE_FOLDER}/share/locus_ansible && \
+    ${ansible_command} ${PLAYBOOK_FILE} \
+    -i /tmp/default.inv \
+    ${extra_arguments_ansible} \
+    -e ansible_user=${username} \
+    -e organization=${ORGANIZATION} \
+    -e bundle_track=${BUNDLE_TRACK} \
+    -e bundle_version=${BUNDLE_VERSION} \
+    -e bundle_flavour=${BUNDLE_FLAVOUR} \
+    -e ansible_host=default \
+    --vault-password-file=/root/.vault_pass.txt"
+
+FROM bundle AS runtime
+
+COPY entrypoint.sh /bin/entrypoint.sh
+
+USER ${username}
+WORKDIR /home/${username}
+ENTRYPOINT [ "/bin/entrypoint.sh" ]