Update images

- replace shell script with pwsh
- add more tools from actions/virtual-environments
- fixup pwsh modules installation
- install node 12 and 16 in base
- add node 14 in js-*
- build rust images
- restrict flavours to amd64 only for now
- add helper scripts from actions/virtual-environments
- overhaul build and dockerfile

linux/ubuntu/Dockerfile

@@ -10,29 +10,36 @@ ARG FROM_IMAGE
 ARG FROM_TAG
 
 # > Our custom ARGs
-ARG NODE_VERSION=14
+ARG NODE_VERSION="12 16"
 ARG DISTRO=ubuntu
 ARG TYPE=act
-ARG RUNNER=root
+ARG RUNNER
 
 # > Force apt to not be interactive/not ask
 ENV DEBIAN_FRONTEND=noninteractive
 
-SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ]
+SHELL [ "/bin/bash", "--login", "-e", "-o", "pipefail", "-c" ]
+WORKDIR /tmp
 
 COPY ./linux/${DISTRO}/scripts /imagegeneration/installers
 RUN /imagegeneration/installers/${TYPE}.sh
 
-ARG BUILD_TAG
-ARG BUILD_REF="master"
-ARG BUILD_TAG_VERSION="dev"
+ARG BUILD_DATE
+ARG BUILD_TAG=${TYPE}
+ARG BUILD_REF
+ARG BUILD_TAG_VERSION
+ARG BUILD_OWNER
+ARG BUILD_REPO
 
-LABEL org.opencontainers.image.vendor="catthehacker"
-LABEL org.opencontainers.image.authors="me@hackerc.at"
-LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${DISTRO}/${TYPE}/"
-LABEL org.opencontainers.image.source="https://github.com/catthehacker/docker_images"
-LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION}
-LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}
-LABEL org.opencontainers.image.revision=${BUILD_REF}
+LABEL org.opencontainers.image.created="${BUILD_DATE}"
+LABEL org.opencontainers.image.vendor="${BUILD_OWNER}"
+LABEL org.opencontainers.image.authors="https://github.com/${BUILD_OWNER}"
+LABEL org.opencontainers.image.url="https://github.com/${BUILD_OWNER}/${BUILD_REPO}/tree/${BUILD_REF}/linux/${DISTRO}/${TYPE}/"
+LABEL org.opencontainers.image.source="https://github.com/${BUILD_OWNER}/${BUILD_REPO}"
+LABEL org.opencontainers.image.documentation="https://github.com/${BUILD_OWNER}/${BUILD_REPO}"
+LABEL org.opencontainers.image.version="${BUILD_TAG_VERSION}"
+LABEL org.opencontainers.image.title="${BUILD_TAG}-${TARGETARCH}"
+LABEL org.opencontainers.image.description="Special image built for using with https://github.com/nektos/act"
+LABEL org.opencontainers.image.revision="${BUILD_REF}"
 
 USER ${RUNNER}

linux/ubuntu/scripts/act.sh

@@ -7,21 +7,21 @@ set -Eeuxo pipefail
 
 printf "\n\t🐋 Build started 🐋\t\n"
 
+# Remove '"' so it can be sourced by sh/bash
 sed 's|"||g' -i "/etc/environment"
 
-echo "USER=$(whoami)" | tee -a "/etc/environment"
-echo "RUNNER_USER=$(whoami)" | tee -a "/etc/environment"
-
 ImageOS=ubuntu$(echo "${FROM_TAG}" | cut -d'.' -f 1)
-echo "IMAGE_OS=$ImageOS" | tee -a "/etc/environment"
-echo "ImageOS=$ImageOS" | tee -a "/etc/environment"
-echo "LSB_RELEASE=${FROM_TAG}" | tee -a "/etc/environment"
-
 AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache
-echo "AGENT_TOOLSDIRECTORY=${AGENT_TOOLSDIRECTORY}" | tee -a "/etc/environment"
-echo "RUN_TOOL_CACHE=${AGENT_TOOLSDIRECTORY}" | tee -a "/etc/environment"
-echo "DEPLOYMENT_BASEPATH=/opt/runner" | tee -a "/etc/environment"
-echo ". /etc/environment" | tee -a /etc/profile
+{
+  echo "IMAGE_OS=$ImageOS"
+  echo "ImageOS=$ImageOS"
+  echo "LSB_RELEASE=${FROM_TAG}"
+  echo "AGENT_TOOLSDIRECTORY=${AGENT_TOOLSDIRECTORY}"
+  echo "RUN_TOOL_CACHE=${AGENT_TOOLSDIRECTORY}"
+  echo "DEPLOYMENT_BASEPATH=/opt/runner"
+  echo "USER=$(whoami)"
+  echo "RUNNER_USER=$(whoami)"
+} | tee -a "/etc/environment"
 
 mkdir -m 0777 -p "${AGENT_TOOLSDIRECTORY}"
 chown -R 1001:1000 "${AGENT_TOOLSDIRECTORY}"
@@ -36,6 +36,7 @@ packages=(
   gawk
   curl
   git
+  jq
   wget
   sudo
   gnupg-agent
@@ -50,7 +51,7 @@ packages=(
 )
 
 apt-get -yq update
-apt-get -yq install --no-install-recommends "${packages[@]}"
+apt-get -yq install --no-install-recommends --no-install-suggests "${packages[@]}"
 
 ln -s "$(which python3)" "/usr/local/bin/python"
 
@@ -58,53 +59,65 @@ LSB_OS_VERSION=$(lsb_release -rs | sed 's|\.||g')
 echo "LSB_OS_VERSION=${LSB_OS_VERSION}" | tee -a "/etc/environment"
 
 wget -qO "/imagegeneration/toolset.json" "https://raw.githubusercontent.com/actions/virtual-environments/main/images/linux/toolsets/toolset-${LSB_OS_VERSION}.json"
+wget -qO "/imagegeneration/LICENSE" "https://raw.githubusercontent.com/actions/virtual-environments/main/LICENSE"
 
-wget -qO "/usr/bin/jq" "https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64"
-chmod +x "/usr/bin/jq"
+ARCH=$(uname -m)
+if [ "$ARCH" = x86_64 ]; then
+  ARCH=x64
+  wget -qO "/usr/bin/jq" "https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64"
+  chmod +x "/usr/bin/jq"
+fi
+if [ "$ARCH" = aarch64 ]; then ARCH=arm64; fi
 
 if [[ "${FROM_TAG}" == "16.04" ]]; then
   printf 'git-lfs not available for Xenial'
 else
-  apt-get -yq install --no-install-recommends git-lfs
+  apt-get -yq install --no-install-recommends --no-install-suggests git-lfs
 fi
 
 printf "\n\t🐋 Updated apt lists and upgraded packages 🐋\t\n"
 
 printf "\n\t🐋 Creating ~/.ssh and adding 'github.com' 🐋\t\n"
 mkdir -m 0700 -p ~/.ssh
-ssh-keyscan -t rsa github.com >>/etc/ssh/ssh_known_hosts
-ssh-keyscan -t rsa ssh.dev.azure.com >>/etc/ssh/ssh_known_hosts
+{
+  ssh-keyscan -t rsa github.com
+  ssh-keyscan -t rsa ssh.dev.azure.com
+} >>/etc/ssh/ssh_known_hosts
 
 printf "\n\t🐋 Installed base utils 🐋\t\n"
 
 printf "\n\t🐋 Installing docker cli 🐋\t\n"
-curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
-apt-add-repository "https://packages.microsoft.com/ubuntu/${FROM_TAG}/prod"
+curl "https://packages.microsoft.com/config/ubuntu/${FROM_TAG}/prod.list" | tee /etc/apt/sources.list.d/microsoft-prod.list
+wget -q https://packages.microsoft.com/keys/microsoft.asc
+gpg --dearmor <microsoft.asc >/etc/apt/trusted.gpg.d/microsoft.gpg
+apt-key add - <microsoft.asc
+rm microsoft.asc
 apt-get -yq update
-apt-get -yq install --no-install-recommends moby-cli moby-buildx
+apt-get -yq install --no-install-recommends --no-install-suggests moby-cli moby-buildx moby-compose
 
 printf "\n\t🐋 Installed moby-cli 🐋\t\n"
 docker -v
 
 printf "\n\t🐋 Installed moby-buildx 🐋\t\n"
 docker buildx version
+IFS=' ' read -r -a NODE <<<"$NODE_VERSION"
+for ver in "${NODE[@]}"; do
+  printf "\n\t🐋 Installing Node.JS=%s 🐋\t\n" "${ver}"
+  VER=$(curl https://nodejs.org/download/release/index.json | jq "[.[] | select(.version|test(\"^v${ver}\"))][0].version" -r)
+  NODEPATH="$AGENT_TOOLSDIRECTORY/node/${VER:1}/$ARCH"
+  mkdir -v -m 0777 -p "$NODEPATH"
+  curl -SsL "https://nodejs.org/download/release/latest-v${ver}.x/node-$VER-linux-$ARCH.tar.xz" | tar -Jxf - --strip-components=1 -C "$NODEPATH"
+  if [[ "${ver}" == "16" ]]; then
+    sed "s|^PATH=|PATH=$NODEPATH/bin:|mg" -i /etc/environment
+  fi
+  export PATH="$NODEPATH/bin:$PATH"
 
-printf "\n\t🐋 Installing Node.JS 🐋\t\n"
-ARCH=$(uname -m)
-if [ "$ARCH" = x86_64 ]; then ARCH=x64; fi
-if [ "$ARCH" = aarch64 ]; then ARCH=arm64; fi
-VER=$(curl https://nodejs.org/download/release/index.json | jq "[.[] | select(.version|test(\"^v${NODE_VERSION}\"))][0].version" -r)
-NODEPATH="$AGENT_TOOLSDIRECTORY/node/${VER:1}/$ARCH"
-mkdir -v -m 0777 -p "$NODEPATH"
-curl -SsL "https://nodejs.org/download/release/latest-v${NODE_VERSION}.x/node-$VER-linux-$ARCH.tar.xz" | tar -Jxf - --strip-components=1 -C "$NODEPATH"
-sed "s|^PATH=|PATH=$NODEPATH/bin:|mg" -i /etc/environment
-export PATH="$NODEPATH/bin:$PATH"
+  printf "\n\t🐋 Installed Node.JS 🐋\t\n"
+  "${NODEPATH}"/bin/node -v
 
-printf "\n\t🐋 Installed Node.JS 🐋\t\n"
-node -v
-
-printf "\n\t🐋 Installed NPM 🐋\t\n"
-npm -v
+  printf "\n\t🐋 Installed NPM 🐋\t\n"
+  "${NODEPATH}"/bin/npm -v
+done
 
 printf "\n\t🐋 Cleaning image 🐋\t\n"
 apt-get clean

linux/ubuntu/scripts/basic.sh

@@ -0,0 +1,13 @@
+#!/bin/bash -e
+################################################################################
+##  File:  basic.sh
+##  Desc:  Installs basic command line utilities and dev packages
+################################################################################
+# source: https://github.com/actions/virtual-environments/blob/5ae2170ebe90a53e1cdc9c507ed3e0f1471d6b66/images/linux/scripts/helpers/install.sh
+
+apt-get update
+common_packages=$(jq -r ".apt.common_packages[]" "/imagegeneration/toolset.json")
+cmd_packages=$(jq -r ".apt.cmd_packages[]" "/imagegeneration/toolset.json")
+# we depend on re-splitting behaviour here
+# shellcheck disable=SC2068
+apt-get install -y --no-install-recommends ${common_packages[@]} ${cmd_packages[@]}

linux/ubuntu/scripts/custom.sh

@@ -0,0 +1,53 @@
+#!/bin/bash -e
+
+#set -Eeuxo pipefail
+
+printf "\n\t🔧 Preparing apt 🔧\t\n"
+
+# Enable retry logic for apt up to 10 times
+echo 'APT::Acquire::Retries "10";' >/etc/apt/apt.conf.d/80-retries
+
+# Configure apt to always assume Y
+echo 'APT::Get::Assume-Yes "true";' >/etc/apt/apt.conf.d/90assumeyes
+
+apt-get update
+apt-get install apt-utils
+
+# Install apt-fast using quick-install.sh
+# https://github.com/ilikenwf/apt-fast
+bash -c "$(curl -sL https://raw.githubusercontent.com/ilikenwf/apt-fast/master/quick-install.sh)"
+
+# echo 'session required pam_limits.so' >>/etc/pam.d/common-session
+# echo 'session required pam_limits.so' >>/etc/pam.d/common-session-noninteractive
+# echo 'DefaultLimitNOFILE=65536' >>/etc/systemd/system.conf
+# echo 'DefaultLimitSTACK=16M:infinity' >>/etc/systemd/system.conf
+
+# {
+#   # Raise Number of File Descriptors
+#   echo '* soft nofile 65536'
+#   echo '* hard nofile 65536'
+
+#   # Double stack size from default 8192KB
+#   echo '* soft stack 16384'
+#   echo '* hard stack 16384'
+# } >>/etc/security/limits.conf
+
+scripts=(
+  basic
+  pwsh
+  java-tools
+  go
+  js
+  rust
+  vcpkg
+)
+
+for SCRIPT in "${scripts[@]}"; do
+  printf "\n\t🧨 Executing %s.sh 🧨\t\n" "${SCRIPT}"
+  "/imagegeneration/installers/${SCRIPT}.sh"
+done
+
+printf "\n\t🐋 Cleaning image 🐋\t\n"
+apt-get clean
+rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories'
+printf "\n\t🐋 Cleaned up image 🐋\t\n"

linux/ubuntu/scripts/gh.sh

@@ -0,0 +1,12 @@
+#!/bin/bash -e
+################################################################################
+##  File:  github-cli.sh
+##  Desc:  Installs GitHub CLI
+##         Must be run as non-root user after homebrew
+################################################################################
+# source: https://github.com/actions/virtual-environments/blob/be27ebfdb31aece2c90fbe1984c1749cbd1b464c/images/linux/scripts/installers/github-cli.sh
+
+# Install GitHub CLI
+url=$(curl -s https://api.github.com/repos/cli/cli/releases/latest | jq -r ".assets[].browser_download_url|select(contains(\"linux\") and contains(\"$(arch)\") and contains(\".deb\"))")
+wget -q "$url" -O "/tmp/gh.deb"
+apt install /tmp/gh.deb

linux/ubuntu/scripts/go.sh

@@ -1,15 +1,9 @@
 #!/bin/bash
 
-# disable warning about 'mkdir -m -p'
-# shellcheck disable=SC2174
-
-# source environment because Linux is beautiful and not really confusing like Windows, also you are apparently not supposed to source that file because it's not conforming to standard shell format but we already fix that in base image
-# yes, this is sarcasm
 # shellcheck disable=SC1091
 . /etc/environment
 
-# no -x because big json
-set -Eeuo pipefail
+set -Eeuxo pipefail
 
 printf "\n\t🐋 Installing Go(lang) 🐋\t\n"
 
@@ -20,6 +14,7 @@ for V in $(jq -r '.toolcache[] | select(.name == "go") | .versions[]' "/imagegen
   VER=$(echo "${JSON}" | jq "[.[] | select(.version|test(\"^${V}\"))][0].version" -r)
   GOPATH="$AGENT_TOOLSDIRECTORY/go/${VER}/x64"
 
+  # shellcheck disable=SC2174
   mkdir -v -m 0777 -p "$GOPATH"
   ARCH=$(uname -m)
   if [ "$ARCH" = x86_64 ]; then ARCH=amd64; fi

linux/ubuntu/scripts/helpers/install.sh

@@ -0,0 +1,69 @@
+#!/bin/bash -e
+################################################################################
+##  File:  install.sh
+##  Desc:  Helper functions for installing tools
+################################################################################
+
+download_with_retries() {
+  # Due to restrictions of bash functions, positional arguments are used here.
+  # In case if you using latest argument NAME, you should also set value to all previous parameters.
+  # Example: download_with_retries $ANDROID_SDK_URL "." "android_sdk.zip"
+  local URL="$1"
+  local DEST="${2:-.}"
+  local NAME="${3:-${URL##*/}}"
+  local COMPRESSED="${4:-}"
+
+  if [[ $COMPRESSED == "compressed" ]]; then
+    local COMMAND="curl $URL -4 -sL --compressed -o '$DEST/$NAME' -w '%{http_code}'"
+  else
+    local COMMAND="curl $URL -4 -sL -o '$DEST/$NAME' -w '%{http_code}'"
+  fi
+
+  echo "Downloading '$URL' to '${DEST}/${NAME}'..."
+  retries=20
+  interval=30
+  while [ $retries -gt 0 ]; do
+    ((retries--))
+    # Temporary disable exit on error to retry on non-zero exit code
+    set +e
+    http_code=$(eval "$COMMAND")
+    exit_code=$?
+    if [ "$http_code" -eq 200 ] && [ $exit_code -eq 0 ]; then
+      echo "Download completed"
+      return 0
+    else
+      echo "Error — Either HTTP response code for '$URL' is wrong - '$http_code' or exit code is not 0 - '$exit_code'. Waiting $interval seconds before the next attempt, $retries attempts left"
+      sleep 30
+    fi
+    # Enable exit on error back
+    set -e
+  done
+
+  echo "Could not download $URL"
+  return 1
+}
+
+## Use dpkg to figure out if a package has already been installed
+## Example use:
+## if ! IsPackageInstalled packageName; then
+##     echo "packageName is not installed!"
+## fi
+IsPackageInstalled() {
+  dpkg -S "$1" &>/dev/null
+}
+
+verlte() {
+  sortedVersion=$(echo -e "$1\n$2" | sort -V | head -n1)
+  [ "$1" = "$sortedVersion" ]
+}
+
+get_toolset_path() {
+  echo "/imagegeneration/toolset.json"
+}
+
+get_toolset_value() {
+  local toolset_path
+  toolset_path=$(get_toolset_path)
+  local query=$1
+  jq -r "$query" "$toolset_path"
+}

linux/ubuntu/scripts/helpers/os.sh

@@ -0,0 +1,17 @@
+#!/bin/bash -e
+################################################################################
+##  File:  install-helpers.sh
+##  Desc:  Helper functions for installing tools
+################################################################################
+
+function isUbuntu18() {
+  lsb_release -d | grep -q 'Ubuntu 18'
+}
+
+function isUbuntu20() {
+  lsb_release -d | grep -q 'Ubuntu 20'
+}
+
+function getOSVersionLabel() {
+  lsb_release -cs
+}

linux/ubuntu/scripts/java-tools.sh

@@ -0,0 +1,83 @@
+#!/bin/bash -e
+################################################################################
+##  File:  java-tools.sh
+##  Desc:  Installs Java and related tooling (Ant, Gradle, Maven)
+################################################################################
+
+set -Eeuxo pipefail
+
+# shellcheck disable=SC1091
+. /etc/environment
+# shellcheck disable=SC1091
+. /imagegeneration/installers/helpers/os.sh
+# shellcheck disable=SC1091
+. /imagegeneration/installers/helpers/install.sh
+
+JAVA_VERSIONS_LIST=$(get_toolset_value '.java.versions | .[]')
+DEFAULT_JDK_VERSION=$(get_toolset_value '.java.default')
+JAVA_TOOLCACHE_PATH="$AGENT_TOOLSDIRECTORY/Java_Adopt_jdk"
+
+# Install GPG Key for Adopt Open JDK. See https://adoptopenjdk.net/installation.html
+wget -qO - "https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public" | apt-key add -
+add-apt-repository --yes https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/
+
+if isUbuntu18; then
+  # Install GPG Key for Azul Open JDK. See https://www.azul.com/downloads/azure-only/zulu/
+  apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0xB1998361219BD9C9
+  apt-add-repository "deb https://repos.azul.com/azure-only/zulu/apt stable main"
+fi
+
+apt-get update
+
+# shellcheck disable=SC2068
+for JAVA_VERSION in ${JAVA_VERSIONS_LIST[@]}; do
+  apt-get -y install adoptopenjdk-"$JAVA_VERSION"-hotspot=\*
+  javaVersionPath="/usr/lib/jvm/adoptopenjdk-${JAVA_VERSION}-hotspot-amd64"
+  echo "JAVA_HOME_${JAVA_VERSION}_X64=$javaVersionPath" | tee -a /etc/environment
+  fullJavaVersion=$(grep "^SEMANTIC" <"$javaVersionPath/release" | cut -d "=" -f 2 | tr -d "\"" | tr "+" "-")
+
+  # If there is no semver in java release, then extract java version from -fullversion
+  if [[ -z $fullJavaVersion ]]; then
+    fullJavaVersion=$(java -fullversion 2>&1 | tr -d "\"" | tr "+" "-" | awk '{print $4}')
+  fi
+
+  javaToolcacheVersionPath="$JAVA_TOOLCACHE_PATH/$fullJavaVersion"
+  mkdir -p "$javaToolcacheVersionPath"
+
+  # Create a complete file
+  touch "$javaToolcacheVersionPath/x64.complete"
+
+  # Create symlink for Java
+  ln -s "$javaVersionPath" "$javaToolcacheVersionPath/x64"
+done
+
+# Set Default Java version
+update-java-alternatives -s /usr/lib/jvm/adoptopenjdk-"${DEFAULT_JDK_VERSION}"-hotspot-amd64
+
+echo "JAVA_HOME=/usr/lib/jvm/adoptopenjdk-${DEFAULT_JDK_VERSION}-hotspot-amd64" | tee -a /etc/environment
+
+# add extra permissions to be able execute command without sudo
+chmod -R 777 /usr/lib/jvm
+# Install Ant
+apt-fast install -y --no-install-recommends ant ant-optional
+echo "ANT_HOME=/usr/share/ant" | tee -a /etc/environment
+
+# Install Maven
+mavenVersion=$(get_toolset_value '.java.maven')
+mavenDownloadUrl="https://www-eu.apache.org/dist/maven/maven-3/${mavenVersion}/binaries/apache-maven-${mavenVersion}-bin.zip"
+download_with_retries "${mavenDownloadUrl}" "/tmp" "maven.zip"
+unzip -qq -d /usr/share /tmp/maven.zip
+ln -s /usr/share/apache-maven-"${mavenVersion}"/bin/mvn /usr/bin/mvn
+
+# Install Gradle
+# This script founds the latest gradle release from https://services.gradle.org/versions/all
+# The release is downloaded, extracted, a symlink is created that points to it, and GRADLE_HOME is set.
+gradleJson=$(curl -s https://services.gradle.org/versions/all)
+gradleLatestVersion=$(echo "$gradleJson" | jq -r '.[] | select(.version | contains("-") | not).version' | sort -V | tail -n1)
+gradleDownloadUrl=$(echo "$gradleJson" | jq -r ".[] | select(.version==\"$gradleLatestVersion\") | .downloadUrl")
+echo "gradleUrl=$gradleDownloadUrl"
+echo "gradleVersion=$gradleLatestVersion"
+download_with_retries "$gradleDownloadUrl" "/tmp" "gradleLatest.zip"
+unzip -qq -d /usr/share /tmp/gradleLatest.zip
+ln -s /usr/share/gradle-"${gradleLatestVersion}"/bin/gradle /usr/bin/gradle
+echo "GRADLE_HOME=$(find /usr/share -depth -maxdepth 1 -name "gradle*")" | tee -a /etc/environment

linux/ubuntu/scripts/js.sh

@@ -2,17 +2,28 @@
 
 set -Eeuo pipefail
 
-# source environment because Linux is beautiful and not really confusing like Windows
-# also you are apparently not supposed to source that file because it's not conforming to standard shell envvar
-# format but we already fix that in base image
-# yes, this is sarcasm
 # shellcheck disable=SC1091
 . /etc/environment
 
-printf "\n\t🐋 Installed NPM 🐋\t\n"
-npm -v
+printf "\n\t🐋 Installing NVM tools 🐋\t\n"
+VERSION=$(curl -s https://api.github.com/repos/nvm-sh/nvm/releases/latest | jq -r '.tag_name')
+curl -o- "https://raw.githubusercontent.com/nvm-sh/nvm/$VERSION/install.sh" | bash
+export NVM_DIR=$HOME/.nvm
+echo "NVM_DIR=$HOME/.nvm" | tee -a /etc/environment
 
-versions=("10" "12")
+# Expressions don't expand in single quotes, use double quotes for that.shellcheck(SC2016)
+# shellcheck disable=SC2016
+echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm' | tee -a /etc/skel/.bash_profile
+
+# Not following: ./nvm.sh was not specified as input (see shellcheck -x).shellcheck(SC1091)
+# shellcheck disable=SC1091
+[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+
+printf "\n\t🐋 Installed NVM 🐋\t\n"
+nvm --version
+
+# node 12 and 16 are installed already in act-*
+versions=("14")
 JSON=$(wget -qO- https://nodejs.org/download/release/index.json | jq --compact-output)
 
 for V in "${versions[@]}"; do
@@ -51,23 +62,6 @@ pnpm -v
 printf "\n\t🐋 Installed YARN 🐋\t\n"
 yarn -v
 
-printf "\n\t🐋 Installing NVM tools 🐋\t\n"
-VERSION=$(curl -s https://api.github.com/repos/nvm-sh/nvm/releases/latest | jq -r '.tag_name')
-curl -o- "https://raw.githubusercontent.com/nvm-sh/nvm/$VERSION/install.sh" | bash
-export NVM_DIR=$HOME/.nvm
-echo "NVM_DIR=$HOME/.nvm" | tee -a /etc/environment
-
-# Expressions don't expand in single quotes, use double quotes for that.shellcheck(SC2016)
-# shellcheck disable=SC2016
-echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm' | tee -a /etc/skel/.bash_profile
-
-# Not following: ./nvm.sh was not specified as input (see shellcheck -x).shellcheck(SC1091)
-# shellcheck disable=SC1091
-[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
-
-printf "\n\t🐋 Installed NVM 🐋\t\n"
-nvm --version
-
 printf "\n\t🐋 Cleaning image 🐋\t\n"
 apt-get clean
 rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories'

linux/ubuntu/scripts/pwsh.sh

@@ -2,6 +2,9 @@
 
 set -Eeuxo pipefail
 
+# shellcheck disable=SC1091
+. /etc/environment
+
 printf "\n\t🐋 Installing PowerShell 🐋\t\n"
 
 # While an linux/amd64 platform installation can use apt-get, the linux/arm64
@@ -12,10 +15,12 @@ printf "\n\t🐋 Installing PowerShell 🐋\t\n"
 # described here:
 # https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux?view=powershell-7.1#linux
 #
+# TODO: think of a more robust installation for multiple architectures
 
 ARCH=$(uname -m)
 if [ "$ARCH" = x86_64 ]; then ARCH=x64; fi
 if [ "$ARCH" = aarch64 ]; then ARCH=arm64; fi
+if [ "$ARCH" = armv7l ]; then ARCH=arm32; fi
 VER=$(curl --silent "https://api.github.com/repos/PowerShell/PowerShell/releases/latest" | jq -r .tag_name)
 curl -L -o /tmp/powershell.tar.gz "https://github.com/PowerShell/PowerShell/releases/download/$VER/powershell-${VER:1}-linux-$ARCH.tar.gz"
 sudo mkdir -p "/opt/microsoft/powershell/${VER:1:1}"
@@ -33,6 +38,6 @@ modules=("MarkdownPS" "Pester" "PSScriptAnalyzer")
 pwsh -nol -nop -c "Set-PSRepository -Name PSGallery -InstallationPolicy Trusted"
 
 for mod in "${modules[@]}"; do
-  printf "\n\t🐋 Installing %s 🐋\t\n" "${mod}"
-  pwsh -nol -nop -c "Install-Module -Name ${mod} -Scope AllUsers -SkipPublisherCheck -Force"
+  printf "\n\t🧨 Installing %s 🧨\t\n" "${mod}"
+  pwsh -nol -nop -c "\$ProgressPreference = \"SilentlyContinue\" ; Install-Module -Name ${mod} -Scope AllUsers -SkipPublisherCheck -Force"
 done

linux/ubuntu/scripts/runner.sh

@@ -10,8 +10,12 @@ groupadd -g 1001 "${RUNNER}"
 groupadd -g 1000 "${RUNNER}admin"
 useradd -u 1001 -g "${RUNNER}" -G sudo -m -s /bin/bash "${RUNNER}"
 useradd -u 1000 -g "${RUNNER}admin" -G sudo -m -s /bin/bash "${RUNNER}admin"
-echo "${RUNNER} ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers
-echo "${RUNNER}admin ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers
+usermod -aG docker "runner"
+usermod -aG docker "runneradmin"
+{
+  echo "${RUNNER} ALL=(ALL) NOPASSWD: ALL"
+  echo "${RUNNER}admin ALL=(ALL) NOPASSWD: ALL"
+} | tee -a /etc/sudoers
 printf "\n\t🐋 Runner user 🐋\t\n"
 su - "${RUNNER}" -c id
 
@@ -31,8 +35,10 @@ mkdir -p "/home/${RUNNER}/work/_temp"
 chown -R "${RUNNER}":"${RUNNER}" "/home/${RUNNER}/work"
 
 mkdir -m 0700 -p "/home/${RUNNER}/.ssh"
-ssh-keyscan -t rsa github.com >>"/home/${RUNNER}/.ssh/known_hosts"
-ssh-keyscan -t rsa ssh.dev.azure.com >>"/home/${RUNNER}/.ssh/known_hosts"
+{
+  ssh-keyscan -t rsa github.com
+  ssh-keyscan -t rsa ssh.dev.azure.com
+} | tee -a "/home/${RUNNER}/.ssh/known_hosts"
 
 chmod 644 "/home/${RUNNER}/.ssh/known_hosts"
 chown -R "${RUNNER}":"${RUNNER}" "/home/${RUNNER}/.ssh"

linux/ubuntu/scripts/rust.sh

@@ -2,8 +2,6 @@
 
 set -Eeuxo pipefail
 
-# source environment because Linux is beautiful and not really confusing like Windows, also you are apparently not supposed to source that file because it's not conforming to standard shell format but we already fix that in base image
-# yes, this is sarcasm
 # shellcheck disable=SC1091
 . /etc/environment
 
@@ -32,8 +30,10 @@ sed "s|PATH=|PATH=${CARGO_HOME}/bin:|g" -i /etc/environment
 cd /root
 ln -sf "${CARGO_HOME}" .cargo
 ln -sf "${RUSTUP_HOME}" .rustup
-echo "RUSTUP_HOME=${RUSTUP_HOME}" >>/etc/environment
-echo "CARGO_HOME=${CARGO_HOME}" >>/etc/environment
+{
+  echo "RUSTUP_HOME=${RUSTUP_HOME}"
+  echo "CARGO_HOME=${CARGO_HOME}"
+} | tee -a /etc/environment
 
 printf "\n\t🐋 Installed RUSTUP 🐋\t\n"
 rustup -V

linux/ubuntu/scripts/vcpkg.sh

@@ -0,0 +1,18 @@
+#!/bin/bash -e
+################################################################################
+##  File:  vcpkg.sh
+##  Desc:  Installs vcpkg
+################################################################################
+# source: https://github.com/actions/virtual-environments/blob/206a8183190e81d3266084457e619553551c1252/images/linux/scripts/installers/vcpkg.sh
+
+# Set env variable for vcpkg
+VCPKG_INSTALLATION_ROOT=/usr/local/share/vcpkg
+echo "VCPKG_INSTALLATION_ROOT=${VCPKG_INSTALLATION_ROOT}" | tee -a /etc/environment
+
+# Install vcpkg
+git clone https://github.com/Microsoft/vcpkg $VCPKG_INSTALLATION_ROOT
+
+$VCPKG_INSTALLATION_ROOT/bootstrap-vcpkg.sh
+$VCPKG_INSTALLATION_ROOT/vcpkg integrate install
+chmod 0777 -R $VCPKG_INSTALLATION_ROOT
+ln -sf $VCPKG_INSTALLATION_ROOT/vcpkg /usr/local/bin