fix: remove problematic packages

* chore: remove intermediate containers
* fix: Update rack to 2.2.3
* fix: import nodejs keyring after plugin update
* fix: install dev packages for C based tools
* fix: remove unnecessary packages and cleanup

7 files changed, 96 insertions, 89 deletions

diff --git a/Dockerfile b/Dockerfile
index 7d8ffb7..3ceb3a1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,11 +1,52 @@
 # syntax = docker/dockerfile:experimental
+FROM debian:stable-slim AS deb-downloader
+RUN apt-get update -q
+RUN apt-get install --no-install-recommends -y apt-transport-https dirmngr gnupg ca-certificates
+RUN apt-get update -q
+RUN rm /etc/apt/apt.conf.d/docker-clean
+RUN apt-get install --download-only -y --no-install-recommends \
+  bison \
+  build-essential \
+  default-libmysqlclient-dev \
+  libbz2-dev \
+  libcurl4 \
+  libcurl4-openssl-dev \
+  libedit-dev \
+  libffi-dev \
+  libicu-dev \
+  libjpeg-dev \
+  libkrb5-dev \
+  liblttng-ctl-dev \
+  liblttng-ctl0 \
+  liblzma-dev \
+  libncurses-dev \
+  libncurses5-dev \
+  libncursesw5-dev \
+  libonig-dev \
+  libpng-dev \
+  libpq-dev \
+  libre2-dev \
+  libreadline-dev \
+  libsqlite3-dev \
+  libssl-dev \
+  libtool \
+  libxml2-dev \
+  libxmlsec1-dev \
+  libxslt-dev \
+  libxslt1-dev \
+  libyaml-dev \
+  libzip-dev \
+  zlib1g \
+  zlib1g-dev
+
 FROM debian:stable-slim
 ENV ASDF_DATA_DIR="/opt/asdf"
 ENV PATH="${ASDF_DATA_DIR}/shims:${ASDF_DATA_DIR}/bin:/opt/gitlab/.local/bin:${PATH}"
 ENV TERM="xterm"
 WORKDIR /opt/gitlab
 COPY config/01_nodoc /etc/dpkg/dpkg.cfg.d/01_nodoc
-RUN mkdir -p /opt/toolcache
+RUN mkdir -p /opt/toolcache/common
+COPY --from=deb-downloader /var/cache/apt/archives/*.deb /opt/toolcache/common/
 ADD https://rubygems.org/downloads/bundler-1.17.3.gem /opt/toolcache/
 ADD https://rubygems.org/downloads/bundler-2.1.4.gem /opt/toolcache/
 COPY pkg/asdf*.deb /opt/toolcache/
diff --git a/Gemfile.lock b/Gemfile.lock
index 1088739..8782cb4 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -124,7 +124,7 @@ GEM
     plist (3.5.0)
     progressbar (1.10.1)
     public_suffix (4.0.3)
-    rack (2.2.2)
+    rack (2.2.3)
     rainbow (3.0.0)
     rspec (3.9.0)
       rspec-core (~> 3.9.0)
diff --git a/bin/docker-build b/bin/docker-build
index abc46c1..263b690 100755
--- a/bin/docker-build
+++ b/bin/docker-build
@@ -9,7 +9,7 @@ IMAGE_NAME=${IMAGE_NAME:-$(basename "$PWD"):latest}
 export DOCKER_BUILDKIT=1
 
 if command -v docker; then
-  docker build --network=host --cache-from "$LATEST_IMAGE" -t "$IMAGE_NAME" .
+  docker build --network=host --pull --force-rm --cache-from "$LATEST_IMAGE" -t "$IMAGE_NAME" .
 else
   echo "Install docker: https://docs.docker.com/engine/installation/"
   exit 1
diff --git a/config/01_nodoc b/config/01_nodoc
index 0f305c3..2175ebd 100644
--- a/config/01_nodoc
+++ b/config/01_nodoc
@@ -1,29 +1,52 @@
 # /etc/dpkg/dpkg.cfg.d/01_nodoc
 
-# Delete locales
-path-exclude=/usr/share/locale/*
-
-# Delete man pages
-path-exclude=/usr/share/man/*
-
-# Delete docs
-path-exclude=/usr/share/doc/*
-path-include=/usr/share/doc/*/copyright
-
-path-exclude=/etc/dbus-1/system.d/*
+path-exclude=/etc/X11/*/*
+path-exclude=/etc/bash_completion.d/*
+path-exclude=/etc/calendar/*
 path-exclude=/etc/cron.daily/*
+path-exclude=/etc/dbus-1/system.d/*
+path-exclude=/etc/emacs/*/*
+path-exclude=/etc/fonts/*/*
 path-exclude=/etc/init.d/*
 path-exclude=/etc/logcheck/*
 path-exclude=/etc/logrotate.d/*
 path-exclude=/etc/sysctl.d/*
 path-exclude=/etc/systemd/*
-
-path-exclude=/lib/systemd/*
-path-exclude=/usr/lib/emacsen-common/*
-path-exclude=/usr/lib/mime/*
-path-exclude=/usr/lib/monodoc/*
-path-exclude=/usr/lib/software-properties/*
-
+path-exclude=/etc/systemd/*/*
+path-exclude=/etc/systemd/*/*/*
+path-exclude=/usr/lib/emacsen-common/*/*
+path-exclude=/usr/lib/emacsen-common/*/*/*
+path-exclude=/usr/lib/systemd/*/*
+path-exclude=/usr/lib/systemd/*/*/*
+path-exclude=/usr/share/bash-completion/*/*
+path-exclude=/usr/share/bug/*
+path-exclude=/usr/share/bug/*/*
+path-exclude=/usr/share/calendar/*
+path-exclude=/usr/share/*/Help/*/*
+path-exclude=/usr/share/*/completions/*/*
+path-exclude=/usr/share/*/editors/*/*
+path-exclude=/usr/share/doc/*
+path-exclude=/usr/share/emacs/*
+path-exclude=/usr/share/emacs/*/*
+path-exclude=/usr/share/emacs/*/*/*
+path-exclude=/usr/share/fonts/*
+path-exclude=/usr/share/fonts/*/*
+path-exclude=/usr/share/fonts/*/*/*
+path-exclude=/usr/share/git-core/*
+path-exclude=/usr/share/git-core/*/*
+path-exclude=/usr/share/git-core/*/*/*
+path-exclude=/usr/share/gitweb/*
+path-exclude=/usr/share/gitweb/*/*
+path-exclude=/usr/share/gnupg/*.txt
+path-exclude=/usr/share/locale/*
+path-exclude=/usr/share/man/*
+path-exclude=/usr/share/mime/*/*
+path-exclude=/usr/share/zsh/*
+path-exclude=/usr/share/zsh/*/*
 path-exclude=/var/cache/*
 path-exclude=/var/lib/systemd/*
+path-exclude=/var/lib/systemd/*/*
 path-exclude=/var/log/*
+path-exclude=/var/log/*/*
+path-exclude=/var/log/*/*/*
+path-include=/usr/share/doc/*/copyright
diff --git a/config/files/.bashrc b/config/files/.bashrc
index 61d4ecf..8349f0b 100644
--- a/config/files/.bashrc
+++ b/config/files/.bashrc
@@ -64,10 +64,7 @@ fi
 inflate /opt/gitlab/.config.tar.zst /opt/gitlab
 inflate /opt/gitlab/.m2.tar.zst /opt/gitlab
 inflate /opt/gitlab/embedded.tar.zst /opt/gitlab
-inflate /usr/include.tar.zst /usr
-inflate /usr/lib/gcc.tar.zst /usr/lib
 inflate /usr/lib/git-core.tar.zst /usr/lib
-inflate /usr/lib/llvm-7.tar.zst /usr/lib
 
 # shellcheck source=/dev/null
 . "$ASDF_DATA_DIR/asdf.sh"
diff --git a/config/install.sh b/config/install.sh
index 98fcc84..2c7a45f 100644
--- a/config/install.sh
+++ b/config/install.sh
@@ -10,53 +10,20 @@ apt-get install -y --no-install-recommends \
   apt-transport-https \
   autoconf \
   automake \
-  bison \
   bsdmainutils \
-  build-essential \
   bzip2 \
   ca-certificates \
   cmake \
   curl \
-  default-libmysqlclient-dev \
   git \
   gnupg2 \
   jq \
-  libbz2-dev \
-  libcurl4 \
-  libcurl4-openssl-dev \
-  libedit-dev \
-  libffi-dev \
-  libicu-dev \
-  libjpeg-dev \
-  libkrb5-dev \
-  liblttng-ctl-dev \
-  liblttng-ctl0 \
-  liblzma-dev \
-  libncurses-dev \
-  libncurses5-dev \
-  libncursesw5-dev \
-  libonig-dev \
-  libpng-dev \
-  libpq-dev \
-  libre2-dev \
-  libreadline-dev \
-  libsqlite3-dev \
-  libssl-dev \
-  libtool \
-  libxml2-dev \
-  libxmlsec1-dev \
-  libxslt-dev \
-  libyaml-dev \
-  libzip-dev \
   make \
   pkg-config \
   re2c \
   rebar \
-  software-properties-common \
   sudo \
   unzip \
-  zlib1g \
-  zlib1g-dev \
   zstd
 
 dpkg --install /opt/toolcache/license*.deb
@@ -65,45 +32,25 @@ ln -s /opt/gitlab /root
 echo -e "section_end:$(date +%s):install_packages\r\e[0K"
 
 echo -e "section_start:$(date +%s):cleanup\r\e[0K==> Beginning cleanup…"
-apt purge -y libx11-6 libwayland-client0
+apt purge -y x11-common libx11-6 libgtk2.0-common libsensors-config ucf
 apt autoremove -y
 
-rm -fr /tmp
-mkdir -p /tmp
-chmod 777 /tmp
-chmod +t /tmp
-
 rm -fr /opt/gitlab/.config/configstore/update-notifier-npm.json \
   /opt/gitlab/.config/pip/selfcheck.json \
   /opt/gitlab/.gem \
   /opt/gitlab/.npm \
   /opt/gitlab/.wget-hsts \
-  /etc/apache2/* \
-  /etc/bash_completion.d/* \
-  /etc/calendar/* \
-  /etc/cron.d/* \
-  /etc/cron.daily/* \
   /etc/emacs/* \
   /etc/fonts/* \
   /etc/ldap/* \
-  /etc/mysql/* \
-  /etc/php/*/apache2/* \
-  /etc/profile.d/* \
   /etc/systemd/* \
   /etc/X11/* \
   /lib/systemd/* \
-  /usr/lib/apache2/* \
   /usr/lib/systemd/* \
-  /usr/lib/valgrid/* \
-  /usr/share/applications/* \
-  /usr/share/apps/* \
-  /usr/share/bash-completion/* \
   /usr/share/calendar/* \
   /usr/share/doc-base/* \
   /usr/share/emacs/* \
-  /usr/share/fontconfig/* \
   /usr/share/fonts/* \
-  /usr/share/gtk-doc/* \
   /usr/share/icons/* \
   /usr/share/menu/* \
   /usr/share/pixmaps/* \
@@ -125,22 +72,15 @@ tar --use-compress-program "$zstd_command" -cf /opt/gitlab/.config.tar.zst .conf
 tar --use-compress-program "$zstd_command" -cf /opt/gitlab/.m2.tar.zst .m2 &
 tar --use-compress-program "$zstd_command" -cf /opt/gitlab/embedded.tar.zst embedded &
 
-cd /usr
-tar --use-compress-program "$zstd_command" -cf /usr/include.tar.zst include &
-
 cd /usr/lib
-tar --use-compress-program "$zstd_command" -cf /usr/lib/gcc.tar.zst gcc &
 tar --use-compress-program "$zstd_command" -cf /usr/lib/git-core.tar.zst git-core &
 
 wait
 # shellcheck disable=SC2114
 rm -fr \
-  "$ASDF_DATA_DIR" \
   /opt/gitlab/.m2 \
   /opt/gitlab/.cache \
   /opt/gitlab/.config \
   /opt/gitlab/embedded \
-  /usr/include \
-  /usr/lib/gcc \
   /usr/lib/git-core
 echo -e "section_end:$(date +%s):compress_files\r\e[0K"
diff --git a/lib/license/management/tool_box.rb b/lib/license/management/tool_box.rb
index 9362b5b..0e39a61 100644
--- a/lib/license/management/tool_box.rb
+++ b/lib/license/management/tool_box.rb
@@ -3,6 +3,8 @@
 module License
   module Management
     class ToolBox
+      C_BASED_TOOLS = [:php, :python, :ruby].freeze
+
       attr_reader :project_path, :shell
 
       def initialize(shell, project_path)
@@ -15,18 +17,22 @@ module License
           deb = deb_for(tool, version)
           if deb&.exist?
             shell.execute([:dpkg, '-i', deb])
-          elsif tool == :nodejs
-            shell.execute(['/opt/asdf/plugins/nodejs/bin/import-release-team-keyring'])
+          else
+            shell.execute([:asdf, "plugin-update", tool.to_s], env: env)
+            shell.execute(['/opt/asdf/plugins/nodejs/bin/import-release-team-keyring']) if tool == :nodejs
           end
-          shell.execute([:asdf, "plugin-update", tool.to_s], env: env)
           shell.execute([:asdf, :install, tool.to_s, version], env: env)
           shell.execute([:asdf, :local, tool.to_s, version], env: env)
           shell.execute([:asdf, :reshim], env: env)
         end
-
+        install_common_libraries(env: env) if C_BASED_TOOLS.include?(tool.to_sym)
         install_certificates_into_java_keystore(env) if tool == :java
       end
 
+      def install_common_libraries(env: {})
+        shell.execute(['apt-get', 'install', '-y', '-f', '--no-install-recommends', '/opt/toolcache/common/*.deb'], env: env)
+      end
+
       def version_of(tool, env: ENV)
         Dir.chdir(project_path) do
           case tool