refactor: move to sh scripts (#17)

2021-07-21 08:43:59 +00:00
parent fc531ee59c
commit c84f165490
27 changed files with 526 additions and 651 deletions
@@ -0,0 +1,38 @@
+ARG FROM_IMAGE
+ARG FROM_TAG
+FROM ${FROM_IMAGE}:${FROM_TAG}
+
+# > automatic buildx ARGs
+ARG TARGETARCH
+
+# > ARGs before FROM are not accessible
+ARG FROM_IMAGE
+ARG FROM_TAG
+
+# > Our custom ARGs
+ARG NODE_VERSION=14
+ARG DISTRO=ubuntu
+ARG TYPE=act
+ARG RUNNER=root
+
+# > Force apt to not be interactive/not ask
+ENV DEBIAN_FRONTEND=noninteractive
+
+SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ]
+
+COPY ./linux/${DISTRO}/scripts /imagegeneration/installers
+RUN /imagegeneration/installers/${TYPE}.sh
+
+ARG BUILD_TAG
+ARG BUILD_REF="master"
+ARG BUILD_TAG_VERSION="dev"
+
+LABEL org.opencontainers.image.vendor="catthehacker"
+LABEL org.opencontainers.image.authors="me@hackerc.at"
+LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${DISTRO}/${TYPE}/"
+LABEL org.opencontainers.image.source="https://github.com/catthehacker/docker_images"
+LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION}
+LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}
+LABEL org.opencontainers.image.revision=${BUILD_REF}
+
+USER ${RUNNER}
@@ -1,88 +0,0 @@
-ARG FROM_IMAGE=buildpack-deps
-ARG FROM_TAG=20.04
-FROM ${FROM_IMAGE}:${FROM_TAG}
-
-# > automatic buildx ARGs
-ARG TARGETARCH
-
-# > ARGs before FROM are not accessible
-ARG FROM_IMAGE=buildpack-deps
-ARG FROM_TAG=20.04
-
-# > NodeJS version
-ARG NODE_VERSION=12
-
-# > Distro
-ARG DISTRO=ubuntu
-ARG TYPE=act
-
-# > Force apt to not be interactive/not ask
-ENV DEBIAN_FRONTEND=noninteractive
-
-SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ]
-
-# > setup environment required for GitHub Actions
-RUN set -Eeuxo pipefail \
-    && printf "\n\n\t🐋 Build started 🐋\t\n\n" \
-    && sed 's|"||g' -i /etc/environment \
-    && echo "USER=$(whoami)" | tee -a /etc/environment \
-    && echo "RUNNER_USER=$(whoami)" | tee -a /etc/environment \
-    && ImageOS=ubuntu$(echo ${FROM_TAG} | cut -d'.' -f 1) \
-    && echo "IMAGE_OS=$ImageOS" | tee -a /etc/environment \
-    && echo "ImageOS=$ImageOS" | tee -a /etc/environment \
-    && echo "LSB_RELEASE=${FROM_TAG}" | tee -a /etc/environment \
-    && AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache \
-    && echo "AGENT_TOOLSDIRECTORY=$AGENT_TOOLSDIRECTORY" | tee -a /etc/environment \
-    && echo "RUN_TOOL_CACHE=$AGENT_TOOLSDIRECTORY" | tee -a /etc/environment \
-    && echo "DEPLOYMENT_BASEPATH=/opt/runner" | tee -a /etc/environment \
-    && echo ". /etc/environment" | tee -a /etc/profile \
-    && mkdir -m 0777 -p $AGENT_TOOLSDIRECTORY \
-    && chown -R 1001:1000 $AGENT_TOOLSDIRECTORY \
-    && mkdir -m 0777 -p /github \
-    && chown -R 1001:1000 /github \
-    && printf "\n\n\t🐋 Installing packages 🐋\t\n\n" \
-    && apt-get -yq update \
-    && apt-get -yq install --no-install-recommends ssh lsb-release gawk jq curl git wget sudo gnupg-agent ca-certificates software-properties-common apt-transport-https libyaml-0-2 zstd unzip xz-utils \
-    && ln -s $(which python3) /usr/local/bin/python \
-    && [[ "${FROM_TAG}" == "16.04" ]] && printf 'git-lfs not available for Xenial' || apt-get -yq install --no-install-recommends git-lfs \
-    && printf "\n\n\t🐋 Updated apt lists and upgraded packages 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Creating ~/.ssh and adding 'github.com' 🐋\t\n\n" \
-    && mkdir -m 0700 -p ~/.ssh \
-    && ssh-keyscan github.com | tee ~/.ssh/known_hosts \
-    && printf "\n\n\t🐋 Installed base utils 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Installing docker cli 🐋\t\n\n" \
-    && curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add - \
-    && sudo apt-add-repository https://packages.microsoft.com/ubuntu/${FROM_TAG}/prod \
-    && apt-get -yq update \
-    && apt-get -yq install --no-install-recommends moby-cli moby-buildx \
-    && printf "\n\n\t🐋 Installed moby-cli 🐋\t\n\n" \
-    && docker -v \
-    && printf "\n\n\t🐋 Installed moby-buildx 🐋\t\n\n" \
-    && docker buildx version \
-    && printf "\n\n\t🐋 Installing Node.JS 🐋\t\n\n" \
-    && VER=$(curl https://nodejs.org/download/release/index.json | jq "[.[] | select(.version|test(\"^v${NODE_VERSION}\"))][0].version" -r) \
-    && NODEPATH="$AGENT_TOOLSDIRECTORY/node/${VER:1}/x64" \
-    && mkdir -v -m 0777 -p $NODEPATH \
-    && curl "https://nodejs.org/download/release/latest-v${NODE_VERSION}.x/node-$VER-linux-x64.tar.xz" | tar -Jxf - --strip-components=1 -C $NODEPATH \
-    && sed "s|^PATH=|PATH=$NODEPATH/bin:|mg" -i /etc/environment \
-    && export PATH="$NODEPATH/bin:$PATH" \
-    && printf "\n\n\t🐋 Installed Node.JS $(node -v) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Installed NPM $(npm -v) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Cleaning image 🐋\t\n\n" \
-    && apt-get clean \
-    && rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' \
-    && printf "\n\n\t🐋 Cleaned up image 🐋\t\n\n"
-
-ARG BUILD_TAG_VERSION="dev"
-ARG BUILD_TAG="act"
-ARG BUILD_REF="master"
-
-LABEL org.opencontainers.image.vendor="catthehacker"
-LABEL org.opencontainers.image.authors="me@hackerc.at"
-LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${DISTRO}/${TYPE}/"
-LABEL org.opencontainers.image.source="https://github.com/catthehacker/docker_images"
-LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION}
-LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}
-LABEL org.opencontainers.image.revision=${BUILD_REF}
-
-USER root
@@ -1,21 +0,0 @@
-ARG IMAGE=ghcr.io/catthehacker/alpine
-ARG TAG=act-latest
-FROM ${IMAGE}:${TAG}
-
-ARG TARGETARCH
-ARG TARGETVARIANT
-
-SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ]
-
-RUN set -Eeuxo pipefail \
-    && printf "Installing Go(lang)\n" \
-    && sudo apk add --no-cache go
-
-ARG BUILD_TAG_VERSION="dev"
-ARG BUILD_TAG="go"
-ARG BUILD_REF="master"
-
-LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/"
-LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION}
-LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}-${TARGETVARIANT}
-LABEL org.opencontainers.image.revision=${BUILD_REF}
@@ -1,41 +0,0 @@
-ARG FROM_IMAGE=ghcr.io/catthehacker/ubuntu
-ARG FROM_TAG=act-latest
-FROM ${FROM_IMAGE}:${FROM_TAG}
-
-ARG TARGETARCH
-ARG TARGETVARIANT
-
-SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ]
-
-RUN set -Eeuxo pipefail \
-    && printf "\n\n\t🐋 Installing JS tools 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Installed NPM $(npm -v) 🐋\t\n\n" \
-    && npm install -g npm \
-    && npm install -g pnpm \
-    && npm install -g yarn \
-    && printf "\n\n\t🐋 Installed NPM $(npm -v) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Installed PNPM $(pnpm -v) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Installed YARN $(yarn -v) 🐋\t\n\n" \
-    && npm install -g grunt gulp n parcel-bundler typescript newman vercel webpack webpack-cli lerna \
-    && npm install -g --unsafe-perm netlify-cli \
-    && printf "\n\n\t🐋 Installing NVM tools 🐋\t\n\n" \
-    && VERSION=$(curl -s https://api.github.com/repos/nvm-sh/nvm/releases/latest | jq -r '.tag_name') \
-    && curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/$VERSION/install.sh | bash \
-    && export NVM_DIR=$HOME/.nvm \
-    && echo 'NVM_DIR=$HOME/.nvm' | tee -a /etc/environment \
-    && echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm' | tee -a /etc/skel/.bash_profile \
-    && [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" \
-    && printf "\n\n\t🐋 Installed NVM $(nvm --version) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Cleaning image 🐋\t\n\n" \
-    && apt-get clean \
-    && rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' \
-    && printf "\n\n\t🐋 Cleaned up image 🐋\t\n\n"
-
-ARG BUILD_TAG_VERSION="dev"
-ARG BUILD_TAG="js"
-ARG BUILD_REF="master"
-
-LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/"
-LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION}
-LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}
-LABEL org.opencontainers.image.revision=${BUILD_REF}
@@ -1,19 +0,0 @@
-ARG IMAGE=ghcr.io/catthehacker/alpine
-ARG TAG=act-latest
-FROM ${IMAGE}:${TAG}
-
-ARG TARGETARCH
-ARG TARGETVARIANT
-
-SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ]
-
-RUN #TODO
-
-ARG BUILD_TAG_VERSION="dev"
-ARG BUILD_TAG="rust"
-ARG BUILD_REF="master"
-
-LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/"
-LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION}
-LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}-${TARGETVARIANT}
-LABEL org.opencontainers.image.revision=${BUILD_REF}
@@ -1,53 +0,0 @@
-ARG FROM_IMAGE=ghcr.io/catthehacker/ubuntu
-ARG FROM_TAG=act-latest
-FROM ${FROM_IMAGE}:${FROM_TAG}
-
-ARG TARGETARCH
-ARG TARGETVARIANT
-
-# > ARGs before FROM are not accessible
-ARG FROM_IMAGE=catthehacker/ubuntu
-ARG FROM_TAG=act-latest
-
-# > non-root user
-ARG RUNNER=runner
-
-SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ]
-
-# > Create non-root user
-RUN set -Eeuxo pipefail \
-    && printf "\n\n\t🐋 Creating runner users 🐋\t\n\n" \
-    && groupadd -g 1001 ${RUNNER} \
-    && groupadd -g 1000 ${RUNNER}admin \
-    && useradd -u 1001 -g ${RUNNER} -G sudo -m -s /bin/bash ${RUNNER} \
-    && useradd -u 1000 -g ${RUNNER}admin -G sudo -m -s /bin/bash ${RUNNER}admin \
-    && echo "${RUNNER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \
-    && echo "${RUNNER}admin ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \
-    && printf "\n\n\t🐋 Runner user: $(su - ${RUNNER} -c id) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Runner admin: $(su - ${RUNNER}admin -c id) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Created non-root user $(grep ${RUNNER} /etc/passwd) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Created non-root admin $(grep ${RUNNER}admin /etc/passwd) 🐋\t\n\n" \
-    && sed -i /etc/environment -e "s/USER=root/USER=${RUNNER}/g" \
-    && echo "RUNNER_TEMP=/home/${RUNNER}/work/_temp" | tee -a /etc/environment \
-    && mkdir -p "/home/${RUNNER}/work/_temp" \
-    && chown -R ${RUNNER}:${RUNNER} "/home/${RUNNER}/work" \
-    && mkdir -m 0700 -p "/home/${RUNNER}/.ssh" \
-    && ssh-keyscan github.com | tee "/home/${RUNNER}/.ssh/known_hosts" \
-    && chmod 644 "/home/${RUNNER}/.ssh/known_hosts" \
-    && chown -R ${RUNNER}:${RUNNER} "/home/${RUNNER}/.ssh" \
-    && . /etc/environment \
-    && chown -R ${RUNNER}:${RUNNER}admin $AGENT_TOOLSDIRECTORY \
-    && printf "\n\n\t🐋 Finished building 🐋\t\n\n"
-
-ARG BUILD_TAG_VERSION="dev"
-ARG BUILD_TAG="runner"
-ARG BUILD_REF="master"
-
-LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/"
-LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION}
-LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}
-LABEL org.opencontainers.image.revision=${BUILD_REF}
-
-USER ${RUNNER}
-
-WORKDIR /home/runner
@@ -1,47 +0,0 @@
-ARG FROM_IMAGE=ghcr.io/catthehacker/ubuntu
-ARG FROM_TAG=act-latest
-FROM ${FROM_IMAGE}:${FROM_TAG}
-
-ARG TARGETARCH
-ARG TARGETVARIANT
-
-ARG DISTRO=ubuntu
-
-ARG RUSTUP_HOME=/usr/share/rust/.rustup
-ARG CARGO_HOME=/usr/share/rust/.cargo
-
-SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ]
-
-RUN set -Eeuxo pipefail \
-    && printf "\n\n\t🐋 Installing dependencies 🐋\t\n\n" \
-    && apt-get -yq update \
-    && apt-get -yq install build-essential llvm \
-    && printf "\n\n\t🐋 Installing Rust 🐋\t\n\n" \
-    && curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain=stable --profile=minimal \
-    && source ${CARGO_HOME}/env \
-    && rustup component add rustfmt clippy \
-    && cargo install --locked bindgen cbindgen cargo-audit cargo-outdated \
-    && chmod -R 777 $(dirname ${RUSTUP_HOME}) \
-    && rm -rf ${CARGO_HOME}/registry/* \
-    && sed "s|PATH=|PATH=${CARGO_HOME}/bin:|g" -i /etc/environment \
-    && cd /root \
-    && ln -sf ${CARGO_HOME} .cargo \
-    && ln -sf ${RUSTUP_HOME} .rustup \
-    && echo "RUSTUP_HOME=${RUSTUP_HOME}" | tee -a /etc/environment \
-    && echo "CARGO_HOME=${CARGO_HOME}" | tee -a /etc/environment \
-    && printf "\n\n\t🐋 Installed RUSTUP $(rustup -V) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Installed CARGO $(cargo -V) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Installed RUSTC $(rustc -V) 🐋\t\n\n" \
-    && printf "\n\n\t🐋 Cleaning image 🐋\t\n\n" \
-    && apt-get clean \
-    && rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' \
-    && printf "\n\n\t🐋 Cleaned up image 🐋\t\n\n"
-
-ARG BUILD_TAG_VERSION="dev"
-ARG BUILD_TAG="rust"
-ARG BUILD_REF="master"
-
-LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${DISTRO}/${BUILD_TAG}/"
-LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION}
-LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}
-LABEL org.opencontainers.image.revision=${BUILD_REF}
@@ -0,0 +1,110 @@
+#!/bin/bash
+
+# disable warning about 'mkdir -m -p'
+# shellcheck disable=SC2174
+
+set -Eeuxo pipefail
+
+printf "\n\t🐋 Build started 🐋\t\n"
+
+sed 's|"||g' -i "/etc/environment"
+
+echo "USER=$(whoami)" | tee -a "/etc/environment"
+echo "RUNNER_USER=$(whoami)" | tee -a "/etc/environment"
+
+ImageOS=ubuntu$(echo "${FROM_TAG}" | cut -d'.' -f 1)
+echo "IMAGE_OS=$ImageOS" | tee -a "/etc/environment"
+echo "ImageOS=$ImageOS" | tee -a "/etc/environment"
+echo "LSB_RELEASE=${FROM_TAG}" | tee -a "/etc/environment"
+
+AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache
+echo "AGENT_TOOLSDIRECTORY=${AGENT_TOOLSDIRECTORY}" | tee -a "/etc/environment"
+echo "RUN_TOOL_CACHE=${AGENT_TOOLSDIRECTORY}" | tee -a "/etc/environment"
+echo "DEPLOYMENT_BASEPATH=/opt/runner" | tee -a "/etc/environment"
+echo ". /etc/environment" | tee -a /etc/profile
+
+mkdir -m 0777 -p "${AGENT_TOOLSDIRECTORY}"
+chown -R 1001:1000 "${AGENT_TOOLSDIRECTORY}"
+
+mkdir -m 0777 -p /github
+chown -R 1001:1000 /github
+
+printf "\n\t🐋 Installing packages 🐋\t\n"
+packages=(
+  ssh
+  lsb-release
+  gawk
+  curl
+  git
+  wget
+  sudo
+  gnupg-agent
+  ca-certificates
+  software-properties-common
+  apt-transport-https
+  libyaml-0-2
+  zstd
+  zip
+  unzip
+  xz-utils
+)
+
+apt-get -yq update
+apt-get -yq install --no-install-recommends "${packages[@]}"
+
+ln -s "$(which python3)" "/usr/local/bin/python"
+
+LSB_OS_VERSION=$(lsb_release -rs | sed 's|\.||g')
+echo "LSB_OS_VERSION=${LSB_OS_VERSION}" | tee -a "/etc/environment"
+
+wget -qO "/imagegeneration/toolset.json" "https://raw.githubusercontent.com/actions/virtual-environments/main/images/linux/toolsets/toolset-${LSB_OS_VERSION}.json"
+
+wget -qO "/usr/bin/jq" "https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64"
+chmod +x "/usr/bin/jq"
+
+if [[ "${FROM_TAG}" == "16.04" ]]; then
+  printf 'git-lfs not available for Xenial'
+else
+  apt-get -yq install --no-install-recommends git-lfs
+fi
+
+printf "\n\t🐋 Updated apt lists and upgraded packages 🐋\t\n"
+
+printf "\n\t🐋 Creating ~/.ssh and adding 'github.com' 🐋\t\n"
+mkdir -m 0700 -p ~/.ssh
+ssh-keyscan -t rsa github.com >>/etc/ssh/ssh_known_hosts
+ssh-keyscan -t rsa ssh.dev.azure.com >>/etc/ssh/ssh_known_hosts
+
+printf "\n\t🐋 Installed base utils 🐋\t\n"
+
+printf "\n\t🐋 Installing docker cli 🐋\t\n"
+curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
+apt-add-repository "https://packages.microsoft.com/ubuntu/${FROM_TAG}/prod"
+apt-get -yq update
+apt-get -yq install --no-install-recommends moby-cli moby-buildx
+
+printf "\n\t🐋 Installed moby-cli 🐋\t\n"
+docker -v
+
+printf "\n\t🐋 Installed moby-buildx 🐋\t\n"
+docker buildx version
+
+printf "\n\t🐋 Installing Node.JS 🐋\t\n"
+VER=$(curl https://nodejs.org/download/release/index.json | jq "[.[] | select(.version|test(\"^v${NODE_VERSION}\"))][0].version" -r)
+NODEPATH="$AGENT_TOOLSDIRECTORY/node/${VER:1}/x64"
+mkdir -v -m 0777 -p "$NODEPATH"
+curl -SsL "https://nodejs.org/download/release/latest-v${NODE_VERSION}.x/node-$VER-linux-x64.tar.xz" | tar -Jxf - --strip-components=1 -C "$NODEPATH"
+sed "s|^PATH=|PATH=$NODEPATH/bin:|mg" -i /etc/environment
+export PATH="$NODEPATH/bin:$PATH"
+
+printf "\n\t🐋 Installed Node.JS 🐋\t\n"
+node -v
+
+printf "\n\t🐋 Installed NPM 🐋\t\n"
+npm -v
+
+printf "\n\t🐋 Cleaning image 🐋\t\n"
+apt-get clean
+rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories'
+
+printf "\n\t🐋 Cleaned up image 🐋\t\n"
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# disable warning about 'mkdir -m -p'
+# shellcheck disable=SC2174
+
+# source environment because Linux is beautiful and not really confusing like Windows, also you are apparently not supposed to source that file because it's not conforming to standard shell format but we already fix that in base image
+# yes, this is sarcasm
+# shellcheck disable=SC1091
+. /etc/environment
+
+# no -x because big json
+set -Eeuo pipefail
+
+printf "\n\t🐋 Installing Go(lang) 🐋\t\n"
+
+JSON=$(wget -qO- "$(jq -r '.toolcache[] | select(.name == "go") | .url' "/imagegeneration/toolset.json")" | jq --compact-output)
+
+for V in $(jq -r '.toolcache[] | select(.name == "go") | .versions[]' "/imagegeneration/toolset.json"); do
+  printf "\n\t🐋 Installing GO=%s 🐋\t\n" "${V}"
+  VER=$(echo "${JSON}" | jq "[.[] | select(.version|test(\"^${V}\"))][0].version" -r)
+  GOPATH="$AGENT_TOOLSDIRECTORY/go/${VER}/x64"
+
+  mkdir -v -m 0777 -p "$GOPATH"
+  wget -qO- "https://golang.org/dl/go${VER}.linux-amd64.tar.gz" | tar -zxf - --strip-components=1 -C "$GOPATH"
+
+  ENVVAR="${V//\./_}"
+  echo "${ENVVAR}=${GOPATH}" >>/etc/environment
+
+  printf "\n\t🐋 Installed GO 🐋\t\n"
+  "$GOPATH/bin/go" version
+
+  if [[ "${V}" == "1.15" ]]; then
+    ln -s "$GOPATH/bin/*" /usr/bin/
+  fi
+done
+
+printf "\n\t🐋 Cleaning image 🐋\t\n"
+apt-get clean
+rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories'
+printf "\n\t🐋 Cleaned up image 🐋\t\n"
@@ -0,0 +1,71 @@
+#!/bin/bash
+
+set -Eeuo pipefail
+
+# source environment because Linux is beautiful and not really confusing like Windows
+# also you are apparently not supposed to source that file because it's not conforming to standard shell envvar
+# format but we already fix that in base image
+# yes, this is sarcasm
+# shellcheck disable=SC1091
+. /etc/environment
+
+printf "\n\t🐋 Installed NPM 🐋\t\n"
+npm -v
+
+versions=("10" "12")
+JSON=$(wget -qO- https://nodejs.org/download/release/index.json | jq --compact-output)
+
+for V in "${versions[@]}"; do
+  printf "\n\t🐋 Installing NODE=%s 🐋\t\n" "${V}"
+  VER=$(echo "${JSON}" | jq "[.[] | select(.version|test(\"^v${V}\"))][0].version" -r)
+  NODEPATH="$AGENT_TOOLSDIRECTORY/node/${VER:1}/x64"
+
+  # disable warning about 'mkdir -m -p'
+  # shellcheck disable=SC2174
+  mkdir -v -m 0777 -p "$NODEPATH"
+  wget -qO- "https://nodejs.org/download/release/latest-v${V}.x/node-$VER-linux-x64.tar.xz" | tar -Jxf - --strip-components=1 -C "$NODEPATH"
+
+  ENVVAR="${V//\./_}"
+  echo "${ENVVAR}=${NODEPATH}" >>/etc/environment
+
+  printf "\n\t🐋 Installed NODE 🐋\t\n"
+  "$NODEPATH/bin/node" -v
+done
+
+printf "\n\t🐋 Installing JS tools 🐋\t\n"
+npm install -g npm
+npm install -g pnpm
+npm install -g yarn
+npm install -g grunt gulp n parcel-bundler typescript newman vercel webpack webpack-cli lerna
+npm install -g --unsafe-perm netlify-cli
+
+printf "\n\t🐋 Installed NPM 🐋\t\n"
+npm -v
+
+printf "\n\t🐋 Installed PNPM 🐋\t\n"
+pnpm -v
+
+printf "\n\t🐋 Installed YARN 🐋\t\n"
+yarn -v
+
+printf "\n\t🐋 Installing NVM tools 🐋\t\n"
+VERSION=$(curl -s https://api.github.com/repos/nvm-sh/nvm/releases/latest | jq -r '.tag_name')
+curl -o- "https://raw.githubusercontent.com/nvm-sh/nvm/$VERSION/install.sh" | bash
+export NVM_DIR=$HOME/.nvm
+echo "NVM_DIR=$HOME/.nvm" | tee -a /etc/environment
+
+# Expressions don't expand in single quotes, use double quotes for that.shellcheck(SC2016)
+# shellcheck disable=SC2016
+echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm' | tee -a /etc/skel/.bash_profile
+
+# Not following: ./nvm.sh was not specified as input (see shellcheck -x).shellcheck(SC1091)
+# shellcheck disable=SC1091
+[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+
+printf "\n\t🐋 Installed NVM 🐋\t\n"
+nvm --version
+
+printf "\n\t🐋 Cleaning image 🐋\t\n"
+apt-get clean
+rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories'
+printf "\n\t🐋 Cleaned up image 🐋\t\n"
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+set -Eeuxo pipefail
+
+printf "\n\t🐋 Installing PowerShell 🐋\t\n"
+sudo apt-get -yq update
+sudo apt-get -yq install powershell
+
+printf "\n\t🐋 Installed PWSH 🐋\t\n"
+pwsh -v
+
+printf "\n\t🐋 Installing PowerShell modules 🐋\t\n"
+modules=("MarkdownPS" "Pester" "PSScriptAnalyzer")
+
+for mod in "${modules[@]}"; do
+    printf "\n\t🐋 Installing %s 🐋\t\n" "${mod}"
+    pwsh -nol -nop -c "Install-Module -Name ${mod} -Scope AllUsers -SkipPublisherCheck -Force"
+done
+
+printf "\n\t🐋 Cleaning image 🐋\t\n"
+apt-get clean
+rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories'
+
+printf "\n\t🐋 Cleaned up image 🐋\t\n"
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# disable warning about 'mkdir -m -p'
+# shellcheck disable=SC2174
+
+set -Eeuxo pipefail
+
+printf "\n\t🐋 Creating runner users 🐋\t\n"
+groupadd -g 1001 "${RUNNER}"
+groupadd -g 1000 "${RUNNER}admin"
+useradd -u 1001 -g "${RUNNER}" -G sudo -m -s /bin/bash "${RUNNER}"
+useradd -u 1000 -g "${RUNNER}admin" -G sudo -m -s /bin/bash "${RUNNER}admin"
+echo "${RUNNER} ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers
+echo "${RUNNER}admin ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers
+printf "\n\t🐋 Runner user 🐋\t\n"
+su - "${RUNNER}" -c id
+
+printf "\n\t🐋 Runner admin 🐋\t\n"
+su - "${RUNNER}admin" -c id
+
+printf "\n\t🐋 Created non-root user 🐋\t\n"
+grep "${RUNNER}" /etc/passwd
+
+printf "\n\t🐋 Created non-root admin 🐋\t\n"
+grep "${RUNNER}admin" /etc/passwd
+
+sed -i /etc/environment -e "s/USER=root/USER=${RUNNER}/g"
+
+echo "RUNNER_TEMP=/home/${RUNNER}/work/_temp" | tee -a /etc/environment
+mkdir -p "/home/${RUNNER}/work/_temp"
+chown -R "${RUNNER}":"${RUNNER}" "/home/${RUNNER}/work"
+
+mkdir -m 0700 -p "/home/${RUNNER}/.ssh"
+ssh-keyscan -t rsa github.com >>"/home/${RUNNER}/.ssh/known_hosts"
+ssh-keyscan -t rsa ssh.dev.azure.com >>"/home/${RUNNER}/.ssh/known_hosts"
+
+chmod 644 "/home/${RUNNER}/.ssh/known_hosts"
+chown -R "${RUNNER}":"${RUNNER}" "/home/${RUNNER}/.ssh"
+
+# shellcheck disable=SC1091
+. /etc/environment
+
+# Word is of the form "A"B"C" (B indicated). Did you mean "ABC" or "A\"B\"C"?shellcheck(SC2140)
+# shellcheck disable=SC2140
+chown -R "${RUNNER}":"${RUNNER}admin" "$AGENT_TOOLSDIRECTORY"
+
+printf "\n\t🐋 Finished building 🐋\t\n"
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+set -Eeuxo pipefail
+
+# source environment because Linux is beautiful and not really confusing like Windows, also you are apparently not supposed to source that file because it's not conforming to standard shell format but we already fix that in base image
+# yes, this is sarcasm
+# shellcheck disable=SC1091
+. /etc/environment
+
+export RUSTUP_HOME=/usr/share/rust/.rustup
+export CARGO_HOME=/usr/share/rust/.cargo
+
+printf "\n\t🐋 Installing dependencies 🐋\t\n"
+apt-get -yq update
+apt-get -yq install build-essential llvm
+
+printf "\n\t🐋 Installing Rust 🐋\t\n"
+curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain=stable --profile=minimal
+
+# shellcheck disable=SC1091
+source "${CARGO_HOME}/env"
+
+rustup component add rustfmt clippy
+cargo install --locked bindgen cbindgen cargo-audit cargo-outdated
+chmod -R 777 "$(dirname "${RUSTUP_HOME}")"
+
+# cleanup
+rm -rf "${CARGO_HOME}/registry/*"
+
+sed "s|PATH=|PATH=${CARGO_HOME}/bin:|g" -i /etc/environment
+
+cd /root
+ln -sf "${CARGO_HOME}" .cargo
+ln -sf "${RUSTUP_HOME}" .rustup
+echo "RUSTUP_HOME=${RUSTUP_HOME}" >>/etc/environment
+echo "CARGO_HOME=${CARGO_HOME}" >>/etc/environment
+
+printf "\n\t🐋 Installed RUSTUP 🐋\t\n"
+rustup -V
+
+printf "\n\t🐋 Installed CARGO 🐋\t\n"
+cargo -V
+
+printf "\n\t🐋 Installed RUSTC 🐋\t\n"
+rustc -V
+
+printf "\n\t🐋 Cleaning image 🐋\t\n"
+apt-get clean
+rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories'
+
+printf "\n\t🐋 Cleaned up image 🐋\t\n"