From 182ae2762b24300e109ba88e7a86b3fbc18a3d63 Mon Sep 17 00:00:00 2001
From: Ruinong Tian <ruinon@dev-dsk-ruinon-2a-ba2bf164.us-west-2.amazon.com>
Date: Tue, 24 Dec 2024 19:22:04 +0000
Subject: [PATCH] reduce RUN commands in Dockerfile

---
 build_artifacts/v1/v1.11/v1.11.1/Dockerfile | 70 +++++++++------------
 1 file changed, 30 insertions(+), 40 deletions(-)

diff --git a/build_artifacts/v1/v1.11/v1.11.1/Dockerfile b/build_artifacts/v1/v1.11/v1.11.1/Dockerfile
index ea41ae69..ae538694 100644
--- a/build_artifacts/v1/v1.11/v1.11.1/Dockerfile
+++ b/build_artifacts/v1/v1.11/v1.11.1/Dockerfile
@@ -48,10 +48,9 @@ RUN echo "source /usr/local/bin/_activate_current_env.sh" | tee --append /etc/pr
 
 # CodeEditor - create server, user data dirs
 RUN mkdir -p /opt/amazon/sagemaker/sagemaker-code-editor-server-data /opt/amazon/sagemaker/sagemaker-code-editor-user-data \
-    && chown $MAMBA_USER:$MAMBA_USER /opt/amazon/sagemaker/sagemaker-code-editor-server-data /opt/amazon/sagemaker/sagemaker-code-editor-user-data
-
-# create dir to store user data files
-RUN mkdir -p /opt/amazon/sagemaker/user-data \
+    && chown $MAMBA_USER:$MAMBA_USER /opt/amazon/sagemaker/sagemaker-code-editor-server-data /opt/amazon/sagemaker/sagemaker-code-editor-user-data \
+    # create dir to store user data files
+    mkdir -p /opt/amazon/sagemaker/user-data \
     && chown $MAMBA_USER:$MAMBA_USER /opt/amazon/sagemaker/user-data
 
 
@@ -85,13 +84,10 @@ RUN micromamba install -y --name base --file /tmp/$ENV_IN_FILENAME && \
 
 
 ARG MAMBA_DOCKERFILE_ACTIVATE=1
-RUN sudo ln -s $(which python3) /usr/bin/python
-
-# Update npm version
-RUN npm update -g npm
-
-# Configure CodeEditor - Install extensions and set preferences
-RUN \
+RUN sudo ln -s $(which python3) /usr/bin/python \
+    # Update npm version
+    npm update -g npm \
+    # Configure CodeEditor - Install extensions and set preferences
     extensionloc=/opt/amazon/sagemaker/sagemaker-code-editor-server-data/extensions && mkdir -p "${extensionloc}" \
     # Loop through all vsix files in /etc/code-editor/extensions and install them
     && for ext in /etc/code-editor/extensions/*.vsix; do \
@@ -99,11 +95,10 @@ RUN \
         sagemaker-code-editor --install-extension "${ext}" --extensions-dir "${extensionloc}" --server-data-dir /opt/amazon/sagemaker/sagemaker-code-editor-server-data --user-data-dir /opt/amazon/sagemaker/sagemaker-code-editor-user-data; \
        done \
     # Copy the settings
-    && cp /etc/code-editor/code_editor_machine_settings.json /opt/amazon/sagemaker/sagemaker-code-editor-server-data/data/Machine/settings.json
-
-# Install glue kernels, and move to shared directory
-# Also patching base kernel so Studio background code doesn't start session silently
-RUN install-glue-kernels && \
+    && cp /etc/code-editor/code_editor_machine_settings.json /opt/amazon/sagemaker/sagemaker-code-editor-server-data/data/Machine/settings.json \
+    # Install glue kernels, and move to shared directory
+    # Also patching base kernel so Studio background code doesn't start session silently
+    install-glue-kernels && \
     SITE_PACKAGES=$(pip show aws-glue-sessions | grep Location | awk '{print $2}') && \
     jupyter-kernelspec install $SITE_PACKAGES/aws_glue_interactive_sessions_kernel/glue_pyspark --user && \
     jupyter-kernelspec install $SITE_PACKAGES/aws_glue_interactive_sessions_kernel/glue_spark --user && \
@@ -129,24 +124,20 @@ RUN HOME_DIR="/home/${NB_USER}/licenses" \
     && chmod +x /usr/local/bin/testOSSCompliance \
     && chmod +x ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh \
     && ${HOME_DIR}/oss_compliance/generate_oss_compliance.sh ${HOME_DIR} python \
-    && rm -rf ${HOME_DIR}/oss_compliance*
-
-# Create logging directories for supervisor
-RUN mkdir -p $SAGEMAKER_LOGGING_DIR && \
+    && rm -rf ${HOME_DIR}/oss_compliance* \
+    # Create logging directories for supervisor
+    mkdir -p $SAGEMAKER_LOGGING_DIR && \
     chmod a+rw $SAGEMAKER_LOGGING_DIR && \
     mkdir -p ${STUDIO_LOGGING_DIR} && \
-    chown ${NB_USER}:${MAMBA_USER} ${STUDIO_LOGGING_DIR}
-
-# Clean up CodeEditor artifacts
-RUN rm -rf /etc/code-editor
-
-# Create supervisord runtime directory
-RUN mkdir -p /var/run/supervisord && \
-    chmod a+rw /var/run/supervisord
-
-# Create root directory for DB
-# Create logging directories for supervisor
-RUN mkdir -p $DB_ROOT_DIR && \
+    chown ${NB_USER}:${MAMBA_USER} ${STUDIO_LOGGING_DIR} \
+    # Clean up CodeEditor artifacts
+    rm -rf /etc/code-editor \
+    # Create supervisord runtime directory
+    mkdir -p /var/run/supervisord && \
+    chmod a+rw /var/run/supervisord \
+    # Create root directory for DB
+    # Create logging directories for supervisor
+    mkdir -p $DB_ROOT_DIR && \
     chmod a+rw $DB_ROOT_DIR
 
 USER $MAMBA_USER
@@ -171,10 +162,10 @@ RUN INSTALLED_SSL=$(micromamba list | grep openssl | tr -s ' ' | cut -d ' ' -f 3
     cp ../openssl-$FIPS_VALIDATED_SSL/providers/fipsmodule.cnf providers/. && \
     make tests && cd ../openssl-$FIPS_VALIDATED_SSL && \
     # After tests pass, install FIPS provider and remove source code
-    make install_fips && cd .. && rm -rf ./openssl-*
-# Create new config file with fips-enabled. Then user can override OPENSSL_CONF to enable FIPS
-# e.g. export OPENSSL_CONF=/opt/conda/ssl/openssl-fips.cnf
-RUN cp /opt/conda/ssl/openssl.cnf /opt/conda/ssl/openssl-fips.cnf && \
+    make install_fips && cd .. && rm -rf ./openssl-* \
+    # Create new config file with fips-enabled. Then user can override OPENSSL_CONF to enable FIPS
+    # e.g. export OPENSSL_CONF=/opt/conda/ssl/openssl-fips.cnf
+    cp /opt/conda/ssl/openssl.cnf /opt/conda/ssl/openssl-fips.cnf && \
     sed -i "s:# .include fipsmodule.cnf:.include /opt/conda/ssl/fipsmodule.cnf:" /opt/conda/ssl/openssl-fips.cnf && \
     sed -i 's:# fips = fips_sect:fips = fips_sect:' /opt/conda/ssl/openssl-fips.cnf
 ENV OPENSSL_MODULES=/opt/conda/lib64/ossl-modules/
@@ -182,10 +173,9 @@ ENV OPENSSL_MODULES=/opt/conda/lib64/ossl-modules/
 # Install Kerberos.
 # Make sure no dependency is added/updated
 RUN pip install "krb5>=0.5.1,<0.6" && \
-    pip show krb5 | grep Require | xargs -i sh -c '[ $(echo {} | cut -d: -f2 | wc -w) -eq 0 ] '
-
-# https://stackoverflow.com/questions/122327
-RUN SYSTEM_PYTHON_PATH=$(python3 -c "from __future__ import print_function;import sysconfig; print(sysconfig.get_paths().get('purelib'))") && \
+    pip show krb5 | grep Require | xargs -i sh -c '[ $(echo {} | cut -d: -f2 | wc -w) -eq 0 ] ' \
+    # https://stackoverflow.com/questions/122327
+    SYSTEM_PYTHON_PATH=$(python3 -c "from __future__ import print_function;import sysconfig; print(sysconfig.get_paths().get('purelib'))") && \
     # Remove SparkRKernel as it's not supported \
     jupyter-kernelspec remove -f -y sparkrkernel && \
     # Patch Sparkmagic lib to support Custom Certificates \