From 4f60cb7033dc3c4abd50dc52de1470120a49582a Mon Sep 17 00:00:00 2001
From: Melissa Avery-Weir <averymd@irrsinn.net>
Date: Wed, 17 Dec 2025 23:00:03 -0500
Subject: [PATCH] Set Dockerfile to what's actually preferred

---
 Dockerfile | 60 +++++++++++++++++++++++++++++++++++++++---------------
 1 file changed, 44 insertions(+), 16 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 887fda5..6efa52a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,12 +1,39 @@
-FROM jenkins/inbound-agent:latest-jdk17 AS jnlp
-
-FROM python:3.13.2-alpine
+FROM jenkins/inbound-agent:latest-bookworm-jdk17 AS jnlp
 
 # USER jenkins
-RUN apk --no-cache -U add openjdk17-jre python3 postgresql-client git python3-dev openssh mysql-client build-base curl \
-  && apk cache clean
-RUN python3 -m ensurepip \
-  && pip3 install --no-cache-dir --upgrade pip setuptools
+USER root
+RUN apt-get update && \
+  apt-get install -y python3.11 python3-dev python3-pip python3-setuptools python3.11-venv ca-certificates curl pkg-config
+
+RUN curl -O https://www.princexml.com/download/prince_20240704-1_debian12_amd64.deb
+RUN apt-get install -y ./prince_20240704-1_debian12_amd64.deb
+
+ARG DOCKER_VERSION=24.0.6
+ARG DOCKER_COMPOSE_VERSION=1.21.0
+ARG DOCKER_BUILDX_VERSION=0.30.1
+RUN curl -fsSL https://download.docker.com/linux/static/stable/`uname -m`/docker-$DOCKER_VERSION.tgz | tar --strip-components=1 -xz -C /usr/local/bin docker/docker
+RUN curl -fsSL https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose && chmod +x /usr/local/bin/docker-compose
+
+# Enable buildx plugin
+## buildx is released as amd64, and uname calls it x86_64
+RUN uname -m > /tmp/arch \
+    && sed -i 's/x86_64/amd64/g' /tmp/arch \
+    && mkdir -p /usr/libexec/docker/cli-plugins/
+
+RUN curl -fsSL https://github.com/docker/buildx/releases/download/v$DOCKER_BUILDX_VERSION/buildx-v$DOCKER_BUILDX_VERSION.linux-`cat /tmp/arch` > /usr/libexec/docker/cli-plugins/docker-buildx
+RUN chmod +x /usr/libexec/docker/cli-plugins/docker-buildx \
+    && docker buildx install \
+    && rm /tmp/arch
+
+RUN docker buildx create \
+  --name jenkinsbuilder \
+  --driver docker-container \
+  --bootstrap --use
+
+RUN groupadd docker
+RUN usermod -aG docker jenkins
+# RUN python3 -m ensurepip --upgrade
+# RUN pip3 install --no-cache --upgrade pytz
 
 # USER root
 # ADD ca-chain.der .
@@ -17,15 +44,16 @@ RUN python3 -m ensurepip \
 #   -storepass changeit
 
 # USER jenkins
-COPY --from=jnlp /usr/local/bin/jenkins-agent /usr/local/bin/jenkins-agent
-COPY --from=jnlp /usr/share/jenkins/agent.jar /usr/share/jenkins/agent.jar
+# COPY --from=jnlp /usr/local/bin/jenkins-agent /usr/local/bin/jenkins-agent
+# COPY --from=jnlp /usr/share/jenkins/agent.jar /usr/share/jenkins/agent.jar
 
-RUN mkdir "$HOME/.ssh/" \
-  && touch "$HOME/.ssh/known_hosts" \
-  && ssh-keyscan github.com >> ~/.ssh/known_hosts
+COPY ca-chain.crt /usr/local/share/ca-certificates/ca-chain.crt
+RUN /usr/sbin/update-ca-certificates
 
-# COPY ca-chain.crt "$JAVA_HOME/jre/lib/security"
-# RUN cd "$JAVA_HOME/jre/lib/security" \
-#   && keytool -import -alias homeca -storepass changeit -noprompt -trustcacerts -keystore cacerts -file ca-chain.crt
+USER jenkins
 
-ENTRYPOINT ["/usr/local/bin/jenkins-agent"]
\ No newline at end of file
+RUN mkdir $HOME/.ssh/
+RUN touch $HOME/.ssh/known_hosts
+RUN ssh-keyscan github.com >> ~/.ssh/known_hosts
+
+ENTRYPOINT ["/usr/local/bin/jenkins-agent"]