Resolve KASM-4031 "Feature/ alpine 317"

2024-11-21 15:43:28 +01:00 · 2023-03-03 11:09:08 +00:00 · 2023-03-03 11:09:08 +00:00 · 20876547a1
commit 20876547a1
parent a2c49f6d89
13 changed files with 424 additions and 7 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -349,6 +349,42 @@ build_oracle_8_arm:
    paths:
      - output/

+build_oracle_9:
+  stage: build
+  allow_failure: true
+  before_script:
+    - *prepare_build
+    - *prepare_www
+  after_script:
+    - *prepare_artfacts
+  script:
+    - bash builder/build-package oracle 9;
+  only:
+    variables:
+      - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+  artifacts:
+    paths:
+      - output/
+
+build_oracle_9_arm:
+  stage: build
+  allow_failure: true
+  tags:
+    - oci-fixed-arm64
+  before_script:
+    - *prepare_build
+    - *prepare_www
+  after_script:
+    - *prepare_artfacts
+  script:
+    - bash builder/build-package oracle 9;
+  only:
+    variables:
+      - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+  artifacts:
+    paths:
+      - output/
+
 build_opensuse_15:
  stage: build
  allow_failure: true
@ -421,6 +457,42 @@ build_fedora_thirtyseven_arm:
    paths:
      - output/

+build_alpine_317:
+  stage: build
+  allow_failure: true
+  before_script:
+    - *prepare_build
+    - *prepare_www
+  after_script:
+    - *prepare_artfacts
+  script:
+    - bash builder/build-package alpine 317;
+  only:
+    variables:
+      - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+  artifacts:
+    paths:
+      - output/
+
+build_alpine_317_arm:
+  stage: build
+  allow_failure: true
+  tags:
+    - oci-fixed-arm64
+  before_script:
+    - *prepare_build
+    - *prepare_www
+  after_script:
+    - *prepare_artfacts
+  script:
+    - bash builder/build-package alpine 317;
+  only:
+    variables:
+      - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+  artifacts:
+    paths:
+      - output/
+
 test:
  stage: test
  before_script:
@ -447,12 +519,12 @@ upload:
      done
    - export S3_BUILD_DIRECTORY="kasmvnc/${CI_COMMIT_SHA}"
    - export RELEASE_VERSION=$(.ci/next_release_version "$CI_COMMIT_REF_NAME")
-    - for package in `find output/ -type f -name '*.deb' -or -name '*.rpm'`; do
+    - for package in `find output/ -type f -name '*.deb' -or -name '*.rpm' -or -name '*.tgz'`; do
        prepare_upload_filename "$package";
        upload_filename="${S3_BUILD_DIRECTORY}/$upload_filename";
        echo;
        echo "File to upload $upload_filename";
        upload_to_s3 "$package" "$upload_filename" "$S3_BUCKET";
-        UPLOAD_NAME=$(basename $upload_filename | sed 's#kasmvncserver_##' | sed -r 's#_([0-9]{1,3}\.){2}[0-9]{1,2}_\S+?([a-f0-9]{6})##' | sed -r 's#\.(deb|rpm)##');
+        UPLOAD_NAME=$(basename $upload_filename | sed 's#kasmvncserver_##' | sed -r 's#_([0-9]{1,3}\.){2}[0-9]{1,2}_\S+?([a-f0-9]{6})##' | sed -r 's#\.(deb|rpm|tgz)##');
        curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=success&name=${UPLOAD_NAME}&target_url=${S3_URL}";
      done
--- a/builder/build-apk
+++ b/builder/build-apk
@ -0,0 +1,17 @@
+#!/bin/bash
+
+set -e
+
+. builder/os_ver_cli.sh
+
+cd "$(dirname "$0")/.."
+
+docker build -t kasmvnc_apkbuilder_${os}:${os_codename} -f \
+  builder/dockerfile.${os}_${os_codename}.apk.build .
+
+source_dir=$(echo $PWD)
+L_UID=$(id -u)
+L_GID=$(id -g)
+docker run --rm -v "$source_dir":/src --user $L_UID:$L_GID \
+  kasmvnc_apkbuilder_${os}:${os_codename} /bin/bash -c \
+  '/src/builder/build-apk-inside-docker'
--- a/builder/build-apk-inside-docker
+++ b/builder/build-apk-inside-docker
@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -e
+
+os=alpine
+os_codename=$(cat /etc/os-release | awk '/VERSION_ID/' | grep -o '[[:digit:]]' | tr -d '\n' | head -c 3)
+
+mkdir -p /src/builder/build/${os}_${os_codename}
+mv \
+  /src/builder/build/kasmvnc.${os}_${os_codename}.tar.gz \
+  /src/builder/build/${os}_${os_codename}/kasmvnc.${os}_${os_codename}_$(uname -m).tgz
--- a/builder/build-package
+++ b/builder/build-package
@ -10,6 +10,8 @@ detect_package_format() {
  package_format=rpm
  if ls builder/dockerfile*"$os"* | grep -q .deb.build; then
    package_format=deb
+  elif ls builder/dockerfile*"$os"* | grep -q .apk.build; then
+    package_format=apk
  fi
 }

--- a/builder/build-rpm-inside-docker
+++ b/builder/build-rpm-inside-docker
@ -8,7 +8,7 @@ prepare_build_env() {
 }

 copy_spec_and_tar_with_binaries() {
-  cp /tmp/kasmvncserver.spec ~/rpmbuild/SPECS/
+  cp /tmp/*.spec ~/rpmbuild/SPECS/
  cp /src/builder/build/kasmvnc.${os}_${os_codename}.tar.gz \
    ~/rpmbuild/SOURCES/
 }
@ -30,6 +30,6 @@ fi
 os_dir="build/${os}_${os_codename}"

 prepare_build_env
-rpmbuild -ba ~/rpmbuild/SPECS/kasmvncserver.spec
+rpmbuild -ba ~/rpmbuild/SPECS/*.spec
 copy_rpm_to_build_dir
 rpmlint "$os_dir"/*.rpm || true
--- a/builder/build.sh
+++ b/builder/build.sh
@ -86,7 +86,7 @@ autoreconf -i
 # components.
 ensure_crashpad_can_fetch_line_number_by_address
 # remove gl check for opensuse
-if [ "${KASMVNC_BUILD_OS}" == "opensuse" ]; then
+if [ "${KASMVNC_BUILD_OS}" == "opensuse" ] || ([ "${KASMVNC_BUILD_OS}" == "oracle" ] && [ "${KASMVNC_BUILD_OS_CODENAME}" == 9 ]); then
  sed -i 's/LIBGL="gl >= 7.1.0"/LIBGL="gl >= 1.1"/g' configure
 fi
 # build X11
@ -95,7 +95,7 @@ fi
 	--with-xkb-output=/var/lib/xkb \
 	--with-xkb-bin-directory=/usr/bin \
 	--with-default-font-path="/usr/share/fonts/X11/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,built-ins" \
-  --with-sha1=libcrypto \
+        --with-sha1=libcrypto \
 	--without-dtrace --disable-dri \
        --disable-static \
 	--disable-xinerama --disable-xvfb --disable-xnest --disable-xorg \
@ -121,6 +121,8 @@ if [ -d /usr/lib/x86_64-linux-gnu/dri ]; then
  ln -s /usr/lib/x86_64-linux-gnu/dri dri
 elif [ -d /usr/lib/aarch64-linux-gnu/dri ]; then
  ln -s /usr/lib/aarch64-linux-gnu/dri dri
+elif [ -d /usr/lib/xorg/modules/dri ]; then
+  ln -s /usr/lib/xorg/modules/dri dri
 else
  ln -s /usr/lib64/dri dri
 fi
--- a/builder/dockerfile.alpine_317.apk.build
+++ b/builder/dockerfile.alpine_317.apk.build
@ -0,0 +1,7 @@
+FROM alpine:3.17
+
+RUN apk add shadow bash
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+USER docker
--- a/builder/dockerfile.alpine_317.build
+++ b/builder/dockerfile.alpine_317.build
@ -0,0 +1,76 @@
+FROM alpine:3.17
+
+ENV KASMVNC_BUILD_OS alpine
+ENV KASMVNC_BUILD_OS_CODENAME 317
+ENV XORG_VER 1.20.7
+
+RUN \
+  echo "**** install build deps ****" && \
+  apk add \
+    alpine-release \
+    alpine-sdk \
+    autoconf \
+    automake \
+    bash \
+    ca-certificates \
+    cmake \
+    coreutils \
+    curl \
+    eudev-dev \
+    font-cursor-misc \
+    font-misc-misc \
+    font-util-dev \
+    git \
+    grep \
+    jq \
+    libdrm-dev \
+    libepoxy-dev \
+    libjpeg-turbo-dev \
+    libjpeg-turbo-static \
+    libpciaccess-dev \
+    libtool \
+    libwebp-dev \
+    libx11-dev \
+    libxau-dev \
+    libxcb-dev \
+    libxcursor-dev \
+    libxcvt-dev \
+    libxdmcp-dev \
+    libxext-dev \
+    libxfont2-dev \
+    libxkbfile-dev \
+    libxrandr-dev \
+    libxshmfence-dev \
+    libxtst-dev \
+    mesa-dev \
+    mesa-dri-gallium \
+    meson \
+    nettle-dev \
+    openssl-dev \
+    pixman-dev \
+    procps \
+    shadow \
+    tar \
+    tzdata \
+    wayland-dev \
+    wayland-protocols \
+    xcb-util-dev \
+    xcb-util-image-dev \
+    xcb-util-keysyms-dev \
+    xcb-util-renderutil-dev \
+    xcb-util-wm-dev \
+    xinit \
+    xkbcomp \
+    xkbcomp-dev \
+    xkeyboard-config \
+    xorgproto \
+    xorg-server-common \
+    xorg-server-dev \
+    xtrans
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
--- a/builder/dockerfile.oracle_8.rpm.build
+++ b/builder/dockerfile.oracle_8.rpm.build
@ -13,7 +13,7 @@ RUN dnf install -y \
  tree \
  vim

-COPY oracle/*.spec /tmp
+COPY oracle/kasmvncserver.spec /tmp
 RUN dnf builddep -y /tmp/*.spec

 RUN useradd -m docker && echo "docker:docker" | chpasswd
--- a/builder/dockerfile.oracle_9.barebones.rpm.test
+++ b/builder/dockerfile.oracle_9.barebones.rpm.test
@ -0,0 +1,23 @@
+FROM oraclelinux:9
+
+ENV STARTUPDIR=/dockerstartup
+
+RUN dnf install -y \
+  less \
+  redhat-lsb-core \
+  vim \
+  xterm
+RUN dnf config-manager --set-enabled ol9_codeready_builder
+RUN dnf install -y oracle-epel-release-el9
+
+ARG KASMVNC_PACKAGE_DIR
+COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp
+RUN dnf localinstall -y /tmp/*.rpm
+
+RUN mkdir -p $STARTUPDIR
+COPY startup/vnc_startup_barebones.sh $STARTUPDIR
+
+RUN useradd -m foo
+USER foo:kasmvnc-cert
+
+ENTRYPOINT "/$STARTUPDIR/vnc_startup_barebones.sh"
--- a/builder/dockerfile.oracle_9.build
+++ b/builder/dockerfile.oracle_9.build
@ -0,0 +1,61 @@
+FROM oraclelinux:9
+
+ENV KASMVNC_BUILD_OS oracle
+ENV KASMVNC_BUILD_OS_CODENAME 9
+ENV XORG_VER 1.20.10
+
+# Install from stock repos
+RUN dnf config-manager --set-enabled ol9_distro_builder
+RUN dnf install -y \
+  bzip2-devel \
+  ca-certificates \
+  cmake \
+  dnf-plugins-core \
+  gcc \
+  gcc-c++ \
+  git \
+  gnutls-devel \
+  libjpeg-turbo-devel \
+  libpng-devel \
+  libtiff-devel \
+  make \
+  mesa-dri-drivers \
+  mesa-libGL-devel \
+  openssl-devel \
+  openssl-devel \
+  patch \
+  tigervnc-server \
+  wget \
+  xorg-x11-font-utils \
+  zlib-devel
+
+# Enable additional repos (epel, powertools, and fusion)
+RUN dnf config-manager --set-enabled ol9_codeready_builder
+RUN dnf install -y oracle-epel-release-el9
+RUN dnf install -y --nogpgcheck https://mirrors.rpmfusion.org/free/el/rpmfusion-free-release-9.noarch.rpm
+
+# Install from new repos
+RUN dnf install -y \
+  giflib-devel \
+  lbzip2 \
+  libXfont2-devel \
+  libxkbfile-devel \
+  xorg-x11-server-devel \
+  xorg-x11-xtrans-devel \
+  libXrandr-devel \
+  libXtst-devel \
+  libXcursor-devel
+
+# Additions for webp
+RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
+RUN cd /tmp && tar -xzf /tmp/libwebp-*
+RUN cd /tmp/libwebp-1.0.2 && \
+    ./configure --enable-static --disable-shared && \
+    make && make install
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
--- a/builder/dockerfile.oracle_9.rpm.build
+++ b/builder/dockerfile.oracle_9.rpm.build
@ -0,0 +1,23 @@
+FROM oraclelinux:9
+
+ENV KASMVNC_BUILD_OS oracle
+ENV KASMVNC_BUILD_OS_CODENAME 9
+
+RUN dnf config-manager --set-enabled ol9_codeready_builder
+RUN dnf config-manager --set-enabled ol9_distro_builder
+RUN dnf install -y \
+  gpg* \
+  less \
+  redhat-lsb-core \
+  rng-tools \
+  rpm* \
+  rpmlint \
+  rsync \
+  tree \
+  vim
+
+COPY oracle/kasmvncserver9.spec /tmp
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+USER docker
--- a/oracle/kasmvncserver9.spec
+++ b/oracle/kasmvncserver9.spec
@ -0,0 +1,123 @@
+Name:           kasmvncserver
+Version:        1.0.0
+Release:        1%{?dist}
+Summary:        VNC server accessible from a web browser
+
+License: GPLv2+
+URL: https://github.com/kasmtech/KasmVNC
+
+BuildRequires: rsync
+Requires: xorg-x11-xauth, xkeyboard-config, xorg-x11-server-utils, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, hostname
+Conflicts: tigervnc-server, tigervnc-server-minimal
+
+%description
+KasmVNC provides remote web-based access to a Desktop or application. 
+While VNC is in the name, KasmVNC differs from other VNC variants such 
+as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB 
+specification which defines VNC, in order to support modern technologies 
+and increase security. KasmVNC is accessed by users from any modern 
+browser and does not support legacy VNC viewer applications. KasmVNC 
+uses a modern YAML based configuration at the server and user level, 
+allowing for ease of management. KasmVNC is maintained by Kasm 
+Technologies Corp, www.kasmweb.com.
+
+WARNING: this package requires EPEL and CodeReady builder.
+
+%prep
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+TARGET_OS=$KASMVNC_BUILD_OS
+TARGET_OS_CODENAME=$KASMVNC_BUILD_OS_CODENAME
+TARBALL=$RPM_SOURCE_DIR/kasmvnc.${TARGET_OS}_${TARGET_OS_CODENAME}.tar.gz
+TAR_DATA=$(mktemp -d)
+tar -xzf "$TARBALL" -C "$TAR_DATA"
+
+SRC=$TAR_DATA/usr/local
+SRC_BIN=$SRC/bin
+DESTDIR=$RPM_BUILD_ROOT
+DST_MAN=$DESTDIR/usr/share/man/man1
+
+mkdir -p $DESTDIR/usr/bin $DESTDIR/usr/share/man/man1 \
+  $DESTDIR/usr/share/doc/kasmvncserver $DESTDIR/usr/lib \
+  $DESTDIR/usr/share/perl5 $DESTDIR/etc/kasmvnc
+cp $SRC_BIN/Xvnc $DESTDIR/usr/bin;
+cp $SRC_BIN/vncserver $DESTDIR/usr/bin;
+cp -a $SRC_BIN/KasmVNC $DESTDIR/usr/share/perl5
+cp $SRC_BIN/vncconfig $DESTDIR/usr/bin;
+cp $SRC_BIN/kasmvncpasswd $DESTDIR/usr/bin;
+cp $SRC_BIN/kasmxproxy $DESTDIR/usr/bin;
+cp -r $SRC/lib/kasmvnc/ $DESTDIR/usr/lib/kasmvncserver
+cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd;
+cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/
+rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \
+  --exclude www/utils/ --exclude .eslintrc --exclude configure \
+  $SRC/share/kasmvnc $DESTDIR/usr/share
+
+sed -i -e 's!pem_certificate: .\+$!pem_certificate: /etc/pki/tls/private/kasmvnc.pem!' \
+    $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml
+sed -i -e 's!pem_key: .\+$!pem_key: /etc/pki/tls/private/kasmvnc.pem!' \
+    $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml
+sed -e 's/^\([^#]\)/# \1/' $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml > \
+  $DESTDIR/etc/kasmvnc/kasmvnc.yaml
+cp $SRC/man/man1/Xvnc.1 $DESTDIR/usr/share/man/man1/;
+cp $SRC/share/man/man1/vncserver.1 $DST_MAN;
+cp $SRC/share/man/man1/vncconfig.1 $DST_MAN;
+cp $SRC/share/man/man1/vncpasswd.1 $DST_MAN;
+cp $SRC/share/man/man1/kasmxproxy.1 $DST_MAN;
+cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
+
+
+%files
+%config(noreplace) /etc/kasmvnc
+
+/usr/bin/*
+/usr/lib/kasmvncserver
+/usr/share/man/man1/*
+/usr/share/perl5/KasmVNC
+/usr/share/kasmvnc
+
+%license /usr/share/doc/kasmvncserver/LICENSE.TXT
+%doc /usr/share/doc/kasmvncserver/README.md
+
+%changelog
+* Tue Nov 29 2022 KasmTech <info@kasmweb.com> - 1.0.0-1
+- WebRTC UDP transit support with support of STUN servers
+- Lossless compression using multi-threaded WASM QOI decoder client side
+- New yaml based configuration
+- Significantly improved FPS through both client-side and server-side improvements.
+- Support for the admin to define arbitrary http response headers for the built in web server
+- Support for additional mouse buttons
+- Refinement of vncserver checks and user prompts
+- Added send_full_frame to developer API, forces full frame to be sent to all connected users that have at least read permission.
+* Tue Mar 22 2022 KasmTech <info@kasmweb.com> - 0.9.3~beta-1
+* Fri Feb 12 2021 KasmTech <info@kasmweb.com> - 0.9.1~beta-1
+- Initial release of the rpm package.
+
+%post
+  kasmvnc_group="kasmvnc-cert"
+
+  create_kasmvnc_group() {
+    if ! getent group "$kasmvnc_group" >/dev/null; then
+	    groupadd --system "$kasmvnc_group"
+    fi
+  }
+
+  make_self_signed_certificate() {
+    local cert_file=/etc/pki/tls/private/kasmvnc.pem
+    [ -f "$cert_file" ] && return 0
+
+    openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
+      -keyout "$cert_file" \
+      -out "$cert_file" -subj \
+      "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none"
+    chgrp "$kasmvnc_group" "$cert_file"
+    chmod 640 "$cert_file"
+  }
+
+  create_kasmvnc_group
+  make_self_signed_certificate
+
+%postun
+  rm -f /etc/pki/tls/private/kasmvnc.pem