Skip to content

Adds gdal pre-installation #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
xmichele wants to merge 15 commits into
base: main
Choose a base branch
from
Open

Adds gdal pre-installation #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
387762e
gdal 3.12.1 first push
Feb 17, 2026
d436fc1
refine Dockerfile
Feb 18, 2026
80e7bbb
GDAL_VER as parameter
Feb 18, 2026
fa81766
apt-get tuning
Feb 18, 2026
21b354d
added nextcloud integration
liviodonnini Mar 9, 2026
2c91e9f
Merge pull request #8 from EOEPCA/feature/nextcloud
liviodonnini Mar 10, 2026
dba5623
updated sync file with symbolic link
liviodonnini Mar 17, 2026
32e8468
Merge pull request #9 from EOEPCA/feature/nextcloud
liviodonnini Mar 17, 2026
371b2b2
updated sync file with symbolic link
liviodonnini Mar 17, 2026
26206ec
updated sync file with symbolic link
liviodonnini Mar 17, 2026
9c8bb23
Merge pull request #10 from EOEPCA/feature/nextcloud
liviodonnini Mar 17, 2026
ffbbe57
updated check in sync file
liviodonnini Mar 17, 2026
c3ce2a4
Merge pull request #11 from EOEPCA/feature/nextcloud
liviodonnini Mar 17, 2026
0e1c99b
updated to work with sso and oauth2 auth method
liviodonnini Mar 30, 2026
74115cd
Merge pull request #12 from EOEPCA/feature/nextcloud
liviodonnini Mar 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 16 additions & 2 deletions .github/workflows/build-image.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,12 @@ on:
branches: [develop, main]
tags:
- 'v*'

workflow_dispatch:
inputs:
GDAL_VER:
description: "GDAL version to use for Docker build"
required: false
default: "3.12.1"
jobs:
# ------------------------------------------------------------
# Resolve release tag from ref
Expand Down Expand Up @@ -77,7 +82,15 @@ jobs:
}
EOF
fi

- name: Resolve GDAL version
id: gdal
run: |
if [[ -n "${{ github.event.inputs.GDAL_VER }}" ]]; then
GDAL_VER="${{ github.event.inputs.GDAL_VER }}"
else
GDAL_VER="3.12.1"
fi
echo "GDAL_VER=${GDAL_VER}" >> $GITHUB_ENV
- name: Build image with Kaniko (to tar)
uses: docker://gcr.io/kaniko-project/executor:debug
env:
Expand All @@ -86,6 +99,7 @@ jobs:
args: >
--context .
--dockerfile Dockerfile
--build-arg GDAL_VER=${{ env.GDAL_VER }}
--no-push
--tar-path image.tar

Expand Down
69 changes: 51 additions & 18 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
FROM docker.io/library/python:3.12.11-bookworm@sha256:bea386df48d7ee07eed0a1f3e6f9d5c0292c228b8d8ed2ea738b7a57b29c4470
FROM quay.io/jupyter/base-notebook:python-3.12

ENV DEBIAN_FRONTEND=noninteractive \
USER=jovyan \
UID=1000 \
GID=100 \
HOME=/workspace

USER root

# -------------------------------------------------------------------
# Base system packages (runtime only)
# -------------------------------------------------------------------
Expand All @@ -24,15 +26,8 @@ RUN apt-get update && apt-get install -y \
tree \
podman \
skopeo \
&& apt-get remove -y yq \
&& rm -rf /var/lib/apt/lists/*
Copy link
Copy Markdown
Contributor

@fabricebrito fabricebrito Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@xmichele can you add this line after gdal installation

Copy link
Copy Markdown
Collaborator Author

@xmichele xmichele Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fabricebrito added with last develop commit.
Introduced also an optional parameter GDAL_VER propagated till the docker build command to chose the gdal version to pre-install


# -------------------------------------------------------------------
# Create user
# -------------------------------------------------------------------
#RUN groupadd -g ${GID} ${USER} && \
RUN useradd -m -u ${UID} -g ${GID} -s /bin/bash ${USER} && \
echo "${USER} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/${USER}
nextcloud-desktop-cmd=3.11.0-1.1build4 \
&& rm -rf /var/lib/apt/lists/*

# -------------------------------------------------------------------
# code-server
Expand All @@ -46,7 +41,7 @@ RUN mkdir -p /opt/code-server && \
ENV PATH="/opt/code-server/bin:${PATH}"

# -------------------------------------------------------------------
# Kubernetes / Dev tooling (pinned, glibc-safe)
# Kubernetes / Dev tooling (pinned)
# -------------------------------------------------------------------
ARG KUBECTL_VERSION=v1.29.3
RUN curl -fsSL \
Expand All @@ -68,15 +63,14 @@ RUN curl -fsSL \
https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz \
| tar -xz -C /usr/local/bin oras && chmod +x /usr/local/bin/oras


# -------------------------------------------------------------------
# Python tooling
# -------------------------------------------------------------------
ARG CALRISSIAN_VERSION=0.18.1
RUN pip install --no-cache-dir \
awscli \
awscli-plugin-endpoint \
jhsingle-native-proxy>=0.0.9 \
"jhsingle-native-proxy>=0.0.9" \
bash_kernel \
tomlq \
uv \
Expand All @@ -86,40 +80,79 @@ RUN pip install --no-cache-dir \
python -m bash_kernel.install

# -------------------------------------------------------------------
# yq / jq (single source of truth)
# yq / jq
# -------------------------------------------------------------------
ARG YQ_VERSION=v4.45.1
RUN curl -fsSL \
https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 \
-o /usr/local/bin/yq && chmod +x /usr/local/bin/yq


ARG JQ_VERSION=jq-1.8.1
RUN curl -fsSL \
https://github.com/jqlang/jq/releases/download/${JQ_VERSION}/jq-linux-amd64 \
-o /usr/local/bin/jq && chmod +x /usr/local/bin/jq

# hatch (binary)
# -------------------------------------------------------------------
# hatch
# -------------------------------------------------------------------
ARG HATCH_VERSION=1.16.2
RUN curl -fsSL \
https://github.com/pypa/hatch/releases/download/hatch-v${HATCH_VERSION}/hatch-x86_64-unknown-linux-gnu.tar.gz \
| tar -xz -C /usr/local/bin hatch && chmod +x /usr/local/bin/hatch

# trivy
ARG TRIVY_VERSION=0.68.2
# -------------------------------------------------------------------
# trivy
# -------------------------------------------------------------------
ARG TRIVY_VERSION=0.69.3
RUN curl -fsSL \
https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.deb \
-o /tmp/trivy.deb && \
dpkg -i /tmp/trivy.deb && \
rm /tmp/trivy.deb

# -------------------------------------------------------------------
# GDAL
# -------------------------------------------------------------------
ARG GDAL_VER=3.12.1
RUN apt-get update && apt-get install -y \
cmake ninja-build libproj-dev proj-data proj-bin && \
rm -rf /var/lib/apt/lists/* && \
set -e && \
cd /tmp && \
curl -fsSL -o gdal-${GDAL_VER}.tar.xz https://download.osgeo.org/gdal/${GDAL_VER}/gdal-${GDAL_VER}.tar.xz \
|| curl -fsSL -o gdal-${GDAL_VER}.tar.gz https://download.osgeo.org/gdal/${GDAL_VER}/gdal-${GDAL_VER}.tar.gz && \
if [ -f gdal-${GDAL_VER}.tar.xz ]; then \
tar -xJf gdal-${GDAL_VER}.tar.xz; \
else \
tar -xzf gdal-${GDAL_VER}.tar.gz; \
fi && \
cd gdal-${GDAL_VER} && \
mkdir build && cd build && \
cmake -G Ninja ../ \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_INSTALL_PREFIX=/usr/local && \
cmake --build . -- -j"$(nproc)" && \
cmake --install . && \
ldconfig && \
rm -rf /tmp/gdal-${GDAL_VER}* && \
gdal-config --version

# -------------------------------------------------------------------
# Entrypoint
# -------------------------------------------------------------------
COPY nc-sync /usr/local/bin/nc-sync
RUN chmod 755 /usr/local/bin/nc-sync

COPY entrypoint.sh /opt/entrypoint.sh
RUN chmod +x /opt/entrypoint.sh

USER ${USER}

ENV GDAL_CONFIG=/usr/local/bin/gdal-config
ENV GDAL_DATA=/usr/local/share/gdal
ENV GDAL_DRIVER_PATH=/usr/local/lib/gdalplugins
ENV GDAL_OVERWRITE=YES

WORKDIR /workspace

EXPOSE 8888
Expand Down
4 changes: 4 additions & 0 deletions entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
#!/bin/bash

if [ -x /usr/local/bin/nc-sync ]; then
/usr/local/bin/nc-sync &
fi

collect_port=0
port="8888"
delim='='
Expand Down
59 changes: 59 additions & 0 deletions nc-sync
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
#!/bin/bash
rmdir --ignore-fail-on-non-empty /home/jovyan/work

workdir='/home/jovyan/drive'
mkdir -p ${workdir}

cd /workspace
if [ ! -L drive ]; then
ln -s /home/jovyan/drive/
fi

server="http://${NEXTCLOUD_HOST:-localhost:8081}"
json_file="${workdir}/.access_token.json"

function refresh_token {
json="$(curl --header "Authorization: token ${JUPYTERHUB_API_TOKEN}" http://${JUPYTER_HOST}/services/refresh-token/tokens)"
if [[ -z "${json}" ]]; then
token="${NEXTCLOUD_ACCESS_TOKEN}"
json="{ \"access_token\": \"${token}\", \"token_expires\": $(date -d "10 min" +%s).0000000 }"
fi
echo "${json}" > "${json_file}"
token=$(jq -r '.access_token' "${json_file}")
echo "${token}"
}

function get_token {
if [[ -f "${json_file}" ]]; then
now=$(date +%s)
token=$(jq -r '.access_token' "${json_file}")
expires_at=$(jq -r '.token_expires' "${json_file}"| sed 's/\..*//')
if [[ "${expires_at}" -lt ${now} ]]; then
token=$(refresh_token)
fi
else
token=$(refresh_token)
fi
echo "${token}"
}

function ncsync {
while true; do
token="$(get_token)"

if [[ -n "${token}" && "${token}" != "null" && -n "${JUPYTERHUB_USER}" ]]; then
nextcloudcmd -n -s \
--user "${JUPYTERHUB_USER}" \
--password "${token}" \
--path / \
"${workdir}" \
"${server}" || true
else
echo "[nc-sync] missing token or user, skipping sync"
fi

sleep 5s
done
}

ncsync &
2 changes: 1 addition & 1 deletion release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
image_name: pde-code-server
image_prefix: eoepca
image_version: 1.2.0
image_version: 1.3.0
image_registry: ghcr.io
Loading