From f9e46f5a13edbda715faffdfebf832351164c6ea Mon Sep 17 00:00:00 2001 From: "ryan.kuba" Date: Fri, 2 Jun 2023 14:08:40 -0400 Subject: [PATCH] KASM-4421 update opensuse to 15.5, add bookworm Alpine 3.18 and Fedora 38 --- .gitlab-ci.yml | 110 ++++++++++++++++++ builder/dockerfile.alpine_318.apk.build | 7 ++ builder/dockerfile.alpine_318.build | 82 +++++++++++++ builder/dockerfile.debian_bookworm.build | 38 ++++++ builder/dockerfile.debian_bookworm.deb.build | 19 +++ builder/dockerfile.debian_bookworm.deb.test | 57 +++++++++ ...file.fedora_thirtyeight.barebones.rpm.test | 19 +++ builder/dockerfile.fedora_thirtyeight.build | 86 ++++++++++++++ .../dockerfile.fedora_thirtyeight.rpm.build | 13 +++ .../dockerfile.fedora_thirtyeight.rpm.test | 62 ++++++++++ .../dockerfile.opensuse_15.barebones.rpm.test | 2 +- builder/dockerfile.opensuse_15.build | 2 +- builder/dockerfile.opensuse_15.rpm.build | 2 +- 13 files changed, 496 insertions(+), 3 deletions(-) create mode 100644 builder/dockerfile.alpine_318.apk.build create mode 100644 builder/dockerfile.alpine_318.build create mode 100644 builder/dockerfile.debian_bookworm.build create mode 100644 builder/dockerfile.debian_bookworm.deb.build create mode 100644 builder/dockerfile.debian_bookworm.deb.test create mode 100644 builder/dockerfile.fedora_thirtyeight.barebones.rpm.test create mode 100644 builder/dockerfile.fedora_thirtyeight.build create mode 100644 builder/dockerfile.fedora_thirtyeight.rpm.build create mode 100644 builder/dockerfile.fedora_thirtyeight.rpm.test diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 196d8fa..9021887 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -243,6 +243,43 @@ build_debian_bullseye_arm: paths: - output/ + +build_debian_bookworm: + stage: build + allow_failure: true + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package debian bookworm; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + +build_debian_bookworm_arm: + stage: build + allow_failure: true + tags: + - oci-fixed-arm64 + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package debian bookworm; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + build_kali_rolling: stage: build allow_failure: true @@ -440,6 +477,42 @@ build_fedora_thirtyseven_arm: paths: - output/ +build_fedora_thirtyeight: + stage: build + allow_failure: true + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package fedora thirtyeight; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + +build_fedora_thirtyeight_arm: + stage: build + allow_failure: true + tags: + - oci-fixed-arm64 + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package fedora thirtyeight; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + build_alpine_317: stage: build allow_failure: true @@ -483,6 +556,43 @@ test: script: - bash builder/test-vncserver + +build_alpine_318: + stage: build + allow_failure: true + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package alpine 318; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + +build_alpine_318_arm: + stage: build + allow_failure: true + tags: + - oci-fixed-arm64 + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package alpine 318; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + upload: stage: upload image: ubuntu:focal diff --git a/builder/dockerfile.alpine_318.apk.build b/builder/dockerfile.alpine_318.apk.build new file mode 100644 index 0000000..9504897 --- /dev/null +++ b/builder/dockerfile.alpine_318.apk.build @@ -0,0 +1,7 @@ +FROM alpine:3.18 + +RUN apk add shadow bash + +RUN useradd -m docker && echo "docker:docker" | chpasswd + +USER docker diff --git a/builder/dockerfile.alpine_318.build b/builder/dockerfile.alpine_318.build new file mode 100644 index 0000000..f446764 --- /dev/null +++ b/builder/dockerfile.alpine_318.build @@ -0,0 +1,82 @@ +FROM alpine:3.18 + +ENV KASMVNC_BUILD_OS alpine +ENV KASMVNC_BUILD_OS_CODENAME 318 +ENV XORG_VER 1.20.14 + +RUN \ + echo "**** install build deps ****" && \ + apk add \ + alpine-release \ + alpine-sdk \ + autoconf \ + automake \ + bash \ + ca-certificates \ + cmake \ + coreutils \ + curl \ + eudev-dev \ + font-cursor-misc \ + font-misc-misc \ + font-util-dev \ + git \ + grep \ + jq \ + libdrm-dev \ + libepoxy-dev \ + libjpeg-turbo-dev \ + libjpeg-turbo-static \ + libpciaccess-dev \ + libtool \ + libwebp-dev \ + libx11-dev \ + libxau-dev \ + libxcb-dev \ + libxcursor-dev \ + libxcvt-dev \ + libxdmcp-dev \ + libxext-dev \ + libxfont2-dev \ + libxkbfile-dev \ + libxrandr-dev \ + libxshmfence-dev \ + libxtst-dev \ + mesa-dev \ + mesa-dri-gallium \ + meson \ + nettle-dev \ + openssl-dev \ + pixman-dev \ + procps \ + shadow \ + tar \ + tzdata \ + wayland-dev \ + wayland-protocols \ + xcb-util-dev \ + xcb-util-image-dev \ + xcb-util-keysyms-dev \ + xcb-util-renderutil-dev \ + xcb-util-wm-dev \ + xinit \ + xkbcomp \ + xkbcomp-dev \ + xkeyboard-config \ + xorgproto \ + xorg-server-common \ + xorg-server-dev \ + xtrans + + +ENV SCRIPTS_DIR=/tmp/scripts +COPY builder/scripts $SCRIPTS_DIR +RUN $SCRIPTS_DIR/build-webp +RUN $SCRIPTS_DIR/build-libjpeg-turbo + +RUN useradd -m docker && echo "docker:docker" | chpasswd + +COPY --chown=docker:docker . /src/ + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.debian_bookworm.build b/builder/dockerfile.debian_bookworm.build new file mode 100644 index 0000000..6c9b412 --- /dev/null +++ b/builder/dockerfile.debian_bookworm.build @@ -0,0 +1,38 @@ +FROM debian:bookworm-slim + +ENV KASMVNC_BUILD_OS debian +ENV KASMVNC_BUILD_OS_CODENAME bookworm +ENV XORG_VER 1.20.10 +ENV DEBIAN_FRONTEND noninteractive + +RUN \ + echo "**** add all sources ****" && \ + echo "deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \ + echo "deb-src http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \ + echo "deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \ + echo "deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \ + echo "deb http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \ + echo "deb-src http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \ + echo "deb http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \ + echo "deb-src http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \ + rm -f /etc/apt/sources.list.d/debian.sources + +RUN apt-get update && \ + apt-get -y install sudo + +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev +RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver curl +RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev + +ENV SCRIPTS_DIR=/tmp/scripts +COPY builder/scripts $SCRIPTS_DIR +RUN $SCRIPTS_DIR/build-webp +RUN $SCRIPTS_DIR/build-libjpeg-turbo + +RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo + +COPY --chown=docker:docker . /src/ + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.debian_bookworm.deb.build b/builder/dockerfile.debian_bookworm.deb.build new file mode 100644 index 0000000..2e61fbb --- /dev/null +++ b/builder/dockerfile.debian_bookworm.deb.build @@ -0,0 +1,19 @@ +FROM debian:bookworm + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control + +ARG L_UID +RUN if [ "$L_UID" -eq 0 ]; then \ + useradd -m docker; \ + else \ + useradd -m docker -u $L_UID;\ + fi + +USER docker diff --git a/builder/dockerfile.debian_bookworm.deb.test b/builder/dockerfile.debian_bookworm.deb.test new file mode 100644 index 0000000..4224f7b --- /dev/null +++ b/builder/dockerfile.debian_bookworm.deb.test @@ -0,0 +1,57 @@ +FROM debian:bookworm-slim + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=debian \ + KASMVNC_BUILD_OS_CODENAME=buster + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal dbus-x11 xterm libnss-wrapper gettext wget +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less +RUN apt-get update && apt-get -y install lsb-release + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY builder/startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +COPY ./builder/scripts/ /tmp/scripts/ +COPY ./debian/changelog /tmp + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp/ +RUN /tmp/scripts/install_kasmvncserver_package + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:ssl-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.fedora_thirtyeight.barebones.rpm.test b/builder/dockerfile.fedora_thirtyeight.barebones.rpm.test new file mode 100644 index 0000000..4252609 --- /dev/null +++ b/builder/dockerfile.fedora_thirtyeight.barebones.rpm.test @@ -0,0 +1,19 @@ +FROM fedora:38 + +ENV STARTUPDIR=/dockerstartup + +RUN dnf install -y xterm +RUN dnf install -y vim less +RUN yum install -y redhat-lsb-core + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/ +RUN dnf localinstall -y /tmp/*.rpm + +RUN mkdir -p $STARTUPDIR +COPY startup/vnc_startup_barebones.sh $STARTUPDIR + +RUN useradd -m foo +USER foo:kasmvnc-cert + +ENTRYPOINT "/$STARTUPDIR/vnc_startup_barebones.sh" diff --git a/builder/dockerfile.fedora_thirtyeight.build b/builder/dockerfile.fedora_thirtyeight.build new file mode 100644 index 0000000..dbfae34 --- /dev/null +++ b/builder/dockerfile.fedora_thirtyeight.build @@ -0,0 +1,86 @@ +FROM fedora:38 + +ENV KASMVNC_BUILD_OS fedora +ENV KASMVNC_BUILD_OS_CODENAME thirtyeight +ENV XORG_VER 1.20.14 + +RUN \ + echo "**** install build deps ****" && \ + dnf group install -y \ + "C Development Tools and Libraries" \ + "Development Tools" && \ + dnf install -y \ + autoconf \ + automake \ + bison \ + byacc \ + bzip2 \ + cmake \ + diffutils \ + doxygen \ + file \ + flex \ + fop \ + gcc \ + gcc-c++ \ + git \ + glibc-devel \ + libdrm-devel \ + libepoxy-devel \ + libmd-devel \ + libpciaccess-devel \ + libtool \ + libwebp-devel \ + libX11-devel \ + libXau-devel \ + libxcb-devel \ + libXcursor-devel \ + libxcvt-devel \ + libXdmcp-devel \ + libXext-devel \ + libXfont2-devel \ + libxkbfile-devel \ + libXrandr-devel \ + libxshmfence-devel \ + libXtst-devel \ + mesa-libEGL-devel \ + mesa-libgbm-devel \ + mesa-libGL-devel \ + meson \ + mingw64-binutils \ + mt-st \ + nettle-devel \ + openssl-devel \ + patch \ + pixman-devel \ + wayland-devel \ + wget \ + which \ + xcb-util-devel \ + xcb-util-image-devel \ + xcb-util-keysyms-devel \ + xcb-util-renderutil-devel \ + xcb-util-wm-devel \ + xinit \ + xkbcomp \ + xkbcomp-devel \ + xkeyboard-config \ + xmlto \ + xorg-x11-font-utils \ + xorg-x11-proto-devel \ + xorg-x11-server-common \ + xorg-x11-server-devel \ + xorg-x11-xtrans-devel \ + xsltproc + +ENV SCRIPTS_DIR=/tmp/scripts +COPY builder/scripts $SCRIPTS_DIR +RUN $SCRIPTS_DIR/build-webp +RUN $SCRIPTS_DIR/build-libjpeg-turbo + +RUN useradd -m docker && echo "docker:docker" | chpasswd + +COPY --chown=docker:docker . /src/ + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.fedora_thirtyeight.rpm.build b/builder/dockerfile.fedora_thirtyeight.rpm.build new file mode 100644 index 0000000..8fc556f --- /dev/null +++ b/builder/dockerfile.fedora_thirtyeight.rpm.build @@ -0,0 +1,13 @@ +FROM fedora:38 + +RUN dnf install -y fedora-packager fedora-review +RUN dnf install -y tree vim less +RUN dnf install -y redhat-lsb-core +RUN dnf install -y dnf-plugins-core + +COPY fedora/*.spec /tmp +RUN dnf builddep -y /tmp/*.spec + +RUN useradd -m docker && echo "docker:docker" | chpasswd + +USER docker diff --git a/builder/dockerfile.fedora_thirtyeight.rpm.test b/builder/dockerfile.fedora_thirtyeight.rpm.test new file mode 100644 index 0000000..16975a0 --- /dev/null +++ b/builder/dockerfile.fedora_thirtyeight.rpm.test @@ -0,0 +1,62 @@ +FROM fedora:38 + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=fedora \ + KASMVNC_BUILD_OS_CODENAME=thirtythree + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN dnf install -y openssl xterm gettext wget +RUN dnf install -y nss_wrapper +RUN dnf install -y xorg-x11-xauth xkeyboard-config +# xorg-x11-server-Xorg +# RUN dnf install -y @xfce-desktop-environment +RUN dnf erase -y pm-utils xscreensaver* +RUN dnf install -y redhat-lsb-core +RUN dnf install -y vim less +RUN dnf install -y @xfce-desktop-environment + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY builder/startup/ $STARTUPDIR + +### START CUSTOM STUFF #### +COPY ./builder/scripts/ /tmp/scripts/ +COPY ./fedora/kasmvncserver.spec /tmp + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/ +# RUN dnf remove -y tigervnc-server-minimal +RUN /tmp/scripts/install_kasmvncserver_package + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:kasmvnc-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.opensuse_15.barebones.rpm.test b/builder/dockerfile.opensuse_15.barebones.rpm.test index d30eabb..3501b64 100644 --- a/builder/dockerfile.opensuse_15.barebones.rpm.test +++ b/builder/dockerfile.opensuse_15.barebones.rpm.test @@ -1,4 +1,4 @@ -FROM opensuse/leap:15.3 +FROM opensuse/leap:15.5 ENV STARTUPDIR=/dockerstartup diff --git a/builder/dockerfile.opensuse_15.build b/builder/dockerfile.opensuse_15.build index 1580369..db2f130 100644 --- a/builder/dockerfile.opensuse_15.build +++ b/builder/dockerfile.opensuse_15.build @@ -1,4 +1,4 @@ -FROM opensuse/leap:15.3 +FROM opensuse/leap:15.5 ENV KASMVNC_BUILD_OS opensuse ENV KASMVNC_BUILD_OS_CODENAME 15 diff --git a/builder/dockerfile.opensuse_15.rpm.build b/builder/dockerfile.opensuse_15.rpm.build index d646c8a..35670c4 100644 --- a/builder/dockerfile.opensuse_15.rpm.build +++ b/builder/dockerfile.opensuse_15.rpm.build @@ -1,4 +1,4 @@ -FROM opensuse/leap:15.3 +FROM opensuse/leap:15.5 ENV KASMVNC_BUILD_OS opensuse ENV KASMVNC_BUILD_OS_CODENAME 15