| # This is the sandbox backend server. |
| # |
| # When it's run, the host maps in /var/run/docker.sock to this |
| # environment so the play-sandbox server can connect to the host's |
| # docker daemon, which has the gvisor "runsc" runtime available. |
| |
| FROM golang:1.22 AS build |
| |
| COPY go.mod /go/src/playground/go.mod |
| COPY go.sum /go/src/playground/go.sum |
| WORKDIR /go/src/playground |
| RUN go mod download |
| |
| COPY . /go/src/playground |
| WORKDIR /go/src/playground/sandbox |
| RUN go install |
| |
| FROM debian:buster |
| |
| RUN apt-get update |
| |
| # Extra stuff for occasional debugging: |
| RUN apt-get install --yes strace lsof emacs-nox net-tools tcpdump procps |
| |
| # Install Docker CLI: |
| RUN apt-get install --yes \ |
| apt-transport-https \ |
| ca-certificates \ |
| curl \ |
| gnupg2 \ |
| software-properties-common |
| RUN bash -c "curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -" |
| RUN add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian buster stable" |
| RUN apt-get update |
| RUN apt-get install --yes docker-ce-cli |
| |
| COPY --from=build /go/bin/sandbox /usr/local/bin/play-sandbox |
| |
| ENTRYPOINT ["/usr/local/bin/play-sandbox"] |