mirror of
https://github.com/kasmtech/workspaces-core-images.git
synced 2024-11-07 16:14:04 +01:00
Merge branch 'feature/KASM-2779-jammy-images' into 'develop'
Resolve KASM-2779 "Feature/ jammy images" Closes KASM-2779 See merge request kasm-technologies/internal/workspaces-core-images!72
This commit is contained in:
Justin Travis
commit
b69853a061
@ -58,6 +58,26 @@ build_ubuntu_focal:
|
|||||||
tags:
|
tags:
|
||||||
- aws-autoscale
|
- aws-autoscale
|
||||||
|
|
||||||
|
build_ubuntu_jammy:
|
||||||
|
stage: build
|
||||||
|
image: ${ORG_NAME}/docker-buildx-private:develop
|
||||||
|
variables:
|
||||||
|
BUILD_PLATFORMS: "linux/amd64,linux/arm64"
|
||||||
|
script:
|
||||||
|
# get qemu ready
|
||||||
|
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||||
|
# prep the buildx env
|
||||||
|
- docker buildx create --use
|
||||||
|
# build for multiple architectures
|
||||||
|
- docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-ubuntu-jammy-private:$SANITIZED_BRANCH -t ${ORG_NAME}/core-ubuntu-jammy-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-ubuntu-jammy:$SANITIZED_BRANCH -t ${ORG_NAME}/core-ubuntu-jammy:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg BASE_IMAGE="ubuntu:22.04" --build-arg START_XFCE4=1 --build-arg BG_IMG=bg_jammy.png -f dockerfile-kasm-core .
|
||||||
|
only:
|
||||||
|
- develop
|
||||||
|
- /^release\/.*$/
|
||||||
|
except:
|
||||||
|
- schedules
|
||||||
|
tags:
|
||||||
|
- aws-autoscale
|
||||||
|
|
||||||
build_cuda_focal:
|
build_cuda_focal:
|
||||||
stage: build
|
stage: build
|
||||||
script:
|
script:
|
||||||
@ -186,7 +206,7 @@ build_opensuse_15:
|
|||||||
# prep the buildx env
|
# prep the buildx env
|
||||||
- docker buildx create --use
|
- docker buildx create --use
|
||||||
# build for multiple architectures
|
# build for multiple architectures
|
||||||
- docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_BRANCH -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BASE_IMAGE="opensuse/leap:15" --build-arg DISTRO="opensuse" -f dockerfile-kasm-core-suse .
|
- docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_BRANCH -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BASE_IMAGE="opensuse/leap:15.3" --build-arg DISTRO="opensuse" -f dockerfile-kasm-core-suse .
|
||||||
only:
|
only:
|
||||||
- develop
|
- develop
|
||||||
- /^release\/.*$/
|
- /^release\/.*$/
|
||||||
@ -238,6 +258,27 @@ build_ubuntu_focal_dev:
|
|||||||
matrix:
|
matrix:
|
||||||
- TAG: [ aws-autoscale, aws-autoscale-arm64 ]
|
- TAG: [ aws-autoscale, aws-autoscale-arm64 ]
|
||||||
|
|
||||||
|
build_ubuntu_jammy_dev:
|
||||||
|
stage: build
|
||||||
|
script:
|
||||||
|
- >
|
||||||
|
docker build
|
||||||
|
-t ${ORG_NAME}/core-ubuntu-jammy-private:$(arch)-$SANITIZED_BRANCH
|
||||||
|
--build-arg START_PULSEAUDIO=1
|
||||||
|
--build-arg BASE_IMAGE="ubuntu:22.04"
|
||||||
|
--build-arg START_XFCE4=1
|
||||||
|
--build-arg BG_IMG=bg_jammy.png
|
||||||
|
-f dockerfile-kasm-core .
|
||||||
|
- docker push ${ORG_NAME}/core-ubuntu-jammy-private:$(arch)-$SANITIZED_BRANCH
|
||||||
|
except:
|
||||||
|
- develop
|
||||||
|
- /^release\/.*$/
|
||||||
|
tags:
|
||||||
|
- ${TAG}
|
||||||
|
parallel:
|
||||||
|
matrix:
|
||||||
|
- TAG: [ aws-autoscale, aws-autoscale-arm64 ]
|
||||||
|
|
||||||
build_cuda_focal_dev:
|
build_cuda_focal_dev:
|
||||||
stage: build
|
stage: build
|
||||||
script:
|
script:
|
||||||
@ -389,7 +430,7 @@ build_opensuse_15_dev:
|
|||||||
-t ${ORG_NAME}/core-opensuse-15-private:$(arch)-$SANITIZED_BRANCH
|
-t ${ORG_NAME}/core-opensuse-15-private:$(arch)-$SANITIZED_BRANCH
|
||||||
--build-arg START_PULSEAUDIO=1
|
--build-arg START_PULSEAUDIO=1
|
||||||
--build-arg START_XFCE4=1
|
--build-arg START_XFCE4=1
|
||||||
--build-arg BASE_IMAGE="opensuse/leap:15"
|
--build-arg BASE_IMAGE="opensuse/leap:15.3"
|
||||||
--build-arg DISTRO="opensuse"
|
--build-arg DISTRO="opensuse"
|
||||||
-f dockerfile-kasm-core-suse .
|
-f dockerfile-kasm-core-suse .
|
||||||
- docker push ${ORG_NAME}/core-opensuse-15-private:$(arch)-$SANITIZED_BRANCH
|
- docker push ${ORG_NAME}/core-opensuse-15-private:$(arch)-$SANITIZED_BRANCH
|
||||||
@ -436,6 +477,7 @@ test_multi_arch_dev:
|
|||||||
- core-kali-rolling-private
|
- core-kali-rolling-private
|
||||||
- core-oracle-8-private
|
- core-oracle-8-private
|
||||||
- core-opensuse-15-private
|
- core-opensuse-15-private
|
||||||
|
- core-ubuntu-jammy-private
|
||||||
|
|
||||||
test_single_arch_dev:
|
test_single_arch_dev:
|
||||||
stage: test
|
stage: test
|
||||||
@ -493,6 +535,7 @@ manifest_dev:
|
|||||||
- core-kali-rolling-private
|
- core-kali-rolling-private
|
||||||
- core-oracle-8-private
|
- core-oracle-8-private
|
||||||
- core-opensuse-15-private
|
- core-opensuse-15-private
|
||||||
|
- core-ubuntu-jammy-private
|
||||||
|
|
||||||
link_tests_single_arch_dev:
|
link_tests_single_arch_dev:
|
||||||
stage: linktests
|
stage: linktests
|
||||||
@ -526,6 +569,7 @@ link_tests_multi_arch_dev:
|
|||||||
- core-kali-rolling-private
|
- core-kali-rolling-private
|
||||||
- core-oracle-8-private
|
- core-oracle-8-private
|
||||||
- core-opensuse-15-private
|
- core-opensuse-15-private
|
||||||
|
- core-ubuntu-jammy-private
|
||||||
|
|
||||||
# These jobs are for the "rolling" release of the images. They should only run for scheduled jobs and should only push the rolling tags
|
# These jobs are for the "rolling" release of the images. They should only run for scheduled jobs and should only push the rolling tags
|
||||||
build_ubuntu_bionic_scheduled:
|
build_ubuntu_bionic_scheduled:
|
||||||
@ -562,6 +606,23 @@ build_ubuntu_focal_scheduled:
|
|||||||
tags:
|
tags:
|
||||||
- aws-autoscale
|
- aws-autoscale
|
||||||
|
|
||||||
|
build_ubuntu_jammy_scheduled:
|
||||||
|
stage: build
|
||||||
|
image: ${ORG_NAME}/docker-buildx-private:develop
|
||||||
|
variables:
|
||||||
|
BUILD_PLATFORMS: "linux/amd64,linux/arm64"
|
||||||
|
script:
|
||||||
|
# get qemu ready
|
||||||
|
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||||
|
# prep the buildx env
|
||||||
|
- docker buildx create --use
|
||||||
|
# build for multiple architectures
|
||||||
|
- docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-ubuntu-jammy-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-ubuntu-jammy:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg BASE_IMAGE="ubuntu:22.04" --build-arg START_XFCE4=1 --build-arg BG_IMG=bg_jammy.png -f dockerfile-kasm-core .
|
||||||
|
only:
|
||||||
|
- schedules
|
||||||
|
tags:
|
||||||
|
- aws-autoscale
|
||||||
|
|
||||||
build_cuda_focal_schedules:
|
build_cuda_focal_schedules:
|
||||||
stage: build
|
stage: build
|
||||||
script:
|
script:
|
||||||
@ -658,7 +719,7 @@ build_opensuse_15_scheduled:
|
|||||||
# prep the buildx env
|
# prep the buildx env
|
||||||
- docker buildx create --use
|
- docker buildx create --use
|
||||||
# build for multiple architectures
|
# build for multiple architectures
|
||||||
- docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BASE_IMAGE="opensuse/leap:15" --build-arg DISTRO="opensuse" -f dockerfile-kasm-core-suse .
|
- docker buildx build --push --platform $BUILD_PLATFORMS -t ${ORG_NAME}/core-opensuse-15-private:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/core-opensuse-15:$SANITIZED_ROLLING_BRANCH --build-arg START_PULSEAUDIO=1 --build-arg START_XFCE4=1 --build-arg BASE_IMAGE="opensuse/leap:15.3" --build-arg DISTRO="opensuse" -f dockerfile-kasm-core-suse .
|
||||||
only:
|
only:
|
||||||
- schedules
|
- schedules
|
||||||
tags:
|
tags:
|
||||||
@ -705,3 +766,4 @@ update_readmes:
|
|||||||
- core-cuda-focal
|
- core-cuda-focal
|
||||||
- core-ubuntu-bionic
|
- core-ubuntu-bionic
|
||||||
- core-ubuntu-focal
|
- core-ubuntu-focal
|
||||||
|
- core-ubuntu-jammy
|
||||||
|
|||||||
@ -161,7 +161,8 @@ RUN touch $STARTUPDIR/wm.log \
|
|||||||
&& mkdir -p $STARTUPDIR/kasmrx/Downloads \
|
&& mkdir -p $STARTUPDIR/kasmrx/Downloads \
|
||||||
&& chown 1000:1000 $STARTUPDIR/kasmrx/Downloads \
|
&& chown 1000:1000 $STARTUPDIR/kasmrx/Downloads \
|
||||||
&& chown -R root:root /usr/local/bin \
|
&& chown -R root:root /usr/local/bin \
|
||||||
&& chown 1000:root /var/run/pulse
|
&& chown 1000:root /var/run/pulse \
|
||||||
|
&& rm -Rf /home/kasm-default-profile/.launchpadlib
|
||||||
|
|
||||||
USER 1000
|
USER 1000
|
||||||
|
|
||||||
|
|||||||
7
docs/core-ubuntu-jammy/README.md
Normal file
7
docs/core-ubuntu-jammy/README.md
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
# About This Image
|
||||||
|
|
||||||
|
This image contains a browser-accessible version of Ubuntu Jammy.
|
||||||
|
|
||||||
|
![Screenshot][Image_Screenshot]
|
||||||
|
|
||||||
|
[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/image-screenshots/core-ubuntu-jammy.png "Image Screenshot"
|
||||||
1
docs/core-ubuntu-jammy/description.txt
Normal file
1
docs/core-ubuntu-jammy/description.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
Ubuntu Jammy base image for Kasm Workspaces
|
||||||
BIN
src/common/resources/images/bg_jammy.png
Normal file
BIN
src/common/resources/images/bg_jammy.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 2.0 MiB |
@ -18,24 +18,3 @@ apt-get install -y p11-kit-modules
|
|||||||
|
|
||||||
rm -rf /usr/lib/firefox-esr/libnssckbi.so
|
rm -rf /usr/lib/firefox-esr/libnssckbi.so
|
||||||
ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox-esr/libnssckbi.so
|
ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox-esr/libnssckbi.so
|
||||||
|
|
||||||
|
|
||||||
# Kali includes chromium by default.
|
|
||||||
CHROME_ARGS="--password-store=basic --no-sandbox --disable-gpu --user-data-dir --no-first-run"
|
|
||||||
|
|
||||||
mv /usr/bin/chromium /usr/bin/chromium-orig
|
|
||||||
cat >/usr/bin/chromium <<EOL
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
/usr/bin/chromium-orig ${CHROME_ARGS} "\$@"
|
|
||||||
EOL
|
|
||||||
chmod +x /usr/bin/chromium
|
|
||||||
|
|
||||||
mkdir -p /etc/chromium/policies/managed
|
|
||||||
cat >> /etc/chromium/policies/managed/default_managed_policy.json <<EOL
|
|
||||||
{"CommandLineFlagSecurityWarningsEnabled": false, "DefaultBrowserSettingEnabled": false}
|
|
||||||
EOL
|
|
||||||
|
|
||||||
# Vanilla Chrome looks for policies in /etc/opt/chrome/policies/managed which is used by web filtering.
|
|
||||||
# Create a symlink here so filter is applied to chromium as well.
|
|
||||||
mkdir -p /etc/opt/chrome/policies/
|
|
||||||
ln -s /etc/chromium/policies/managed /etc/opt/chrome/policies/
|
|
||||||
|
|||||||
@ -13,7 +13,7 @@ cd /tmp
|
|||||||
|
|
||||||
BUILD_ARCH=$(uname -p)
|
BUILD_ARCH=$(uname -p)
|
||||||
UBUNTU_CODENAME=""
|
UBUNTU_CODENAME=""
|
||||||
COMMIT_ID="ac7605f3163354251e37353758b2feda40311078"
|
COMMIT_ID="61f08d4986affeb5bd1c1f6dfe949f77f7bbbfd4"
|
||||||
BRANCH="master"
|
BRANCH="master"
|
||||||
COMMIT_ID_SHORT=$(echo "${COMMIT_ID}" | cut -c1-6)
|
COMMIT_ID_SHORT=$(echo "${COMMIT_ID}" | cut -c1-6)
|
||||||
|
|
||||||
@ -93,7 +93,7 @@ else
|
|||||||
wget "${BUILD_URL}" -O kasmvncserver.deb
|
wget "${BUILD_URL}" -O kasmvncserver.deb
|
||||||
|
|
||||||
apt-get update
|
apt-get update
|
||||||
apt-get install -y gettext ssl-cert
|
apt-get install -y gettext ssl-cert libxfont2
|
||||||
dpkg -i /tmp/kasmvncserver.deb
|
dpkg -i /tmp/kasmvncserver.deb
|
||||||
apt-get -yf install
|
apt-get -yf install
|
||||||
rm -f /tmp/kasmvncserver.deb
|
rm -f /tmp/kasmvncserver.deb
|
||||||
|
|||||||
@ -19,8 +19,14 @@ elif [ "${DISTRO}" == "oracle8" ]; then
|
|||||||
elif [ "${DISTRO}" == "opensuse" ]; then
|
elif [ "${DISTRO}" == "opensuse" ]; then
|
||||||
SQUID_DISTRO=opensuse
|
SQUID_DISTRO=opensuse
|
||||||
fi
|
fi
|
||||||
|
if grep -q Jammy /etc/os-release; then
|
||||||
if [[ "${SQUID_DISTRO}" != @(centos|oracle7|oracle8|opensuse) ]] ; then
|
apt-get update
|
||||||
|
apt-get install -y squid-openssl
|
||||||
|
mkdir -p /usr/local/squid/sbin
|
||||||
|
mkdir -p /usr/local/squid/var/logs/
|
||||||
|
ln -s /usr/lib/squid/ /usr/local/squid/libexec
|
||||||
|
ln -s /usr/sbin/squid /usr/local/squid/sbin/squid
|
||||||
|
elif [[ "${SQUID_DISTRO}" != @(centos|oracle7|oracle8|opensuse) ]] ; then
|
||||||
wget -qO- "https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/${SQUID_COMMIT}/output/kasm-squid-builder_${SQUID_DISTRO}_${ARCH}.tar.gz" | tar -xzf - -C /
|
wget -qO- "https://kasmweb-build-artifacts.s3.amazonaws.com/kasm-squid-builder/${SQUID_COMMIT}/output/kasm-squid-builder_${SQUID_DISTRO}_${ARCH}.tar.gz" | tar -xzf - -C /
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -84,10 +90,13 @@ if [[ "${DISTRO}" == "centos" ]]; then
|
|||||||
yum install -y nss-tools
|
yum install -y nss-tools
|
||||||
elif [ "${DISTRO}" == "oracle" ]; then
|
elif [ "${DISTRO}" == "oracle" ]; then
|
||||||
dnf install -y nss-tools
|
dnf install -y nss-tools
|
||||||
|
dnf clean all
|
||||||
elif [ "${DISTRO}" == "opensuse" ]; then
|
elif [ "${DISTRO}" == "opensuse" ]; then
|
||||||
zypper install -yn mozilla-nss-tools
|
zypper install -yn mozilla-nss-tools
|
||||||
|
zypper clean --all
|
||||||
else
|
else
|
||||||
apt-get install -y libnss3-tools
|
apt-get install -y libnss3-tools
|
||||||
|
apt-get clean -y
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Create an empty cert9.db. This will be used by applications like Chrome
|
# Create an empty cert9.db. This will be used by applications like Chrome
|
||||||
|
|||||||
@ -25,6 +25,7 @@ chmod +x /etc/X11/xinit/xinitrc.d/disable_screensaver.sh
|
|||||||
|
|
||||||
replace_default_xinit() {
|
replace_default_xinit() {
|
||||||
|
|
||||||
|
mkdir -p /etc/X11/xinit
|
||||||
cat >/etc/X11/xinit/xinitrc <<EOL
|
cat >/etc/X11/xinit/xinitrc <<EOL
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
for file in /etc/X11/xinit/xinitrc.d/* ; do
|
for file in /etc/X11/xinit/xinitrc.d/* ; do
|
||||||
@ -82,6 +83,9 @@ then
|
|||||||
get_rid_of_policykit_error
|
get_rid_of_policykit_error
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if grep -q Jammy /etc/os-release; then
|
||||||
|
apt-get purge -y xfce4-screensaver
|
||||||
|
fi
|
||||||
|
|
||||||
if [[ "${DISTRO}" == @(centos|oracle7) ]]; then
|
if [[ "${DISTRO}" == @(centos|oracle7) ]]; then
|
||||||
yum clean all
|
yum clean all
|
||||||
@ -94,7 +98,6 @@ else
|
|||||||
apt-get clean -y
|
apt-get clean -y
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
if [[ "${DISTRO}" == @(centos|oracle7|oracle8) ]]; then
|
if [[ "${DISTRO}" == @(centos|oracle7|oracle8) ]]; then
|
||||||
config_xinit_disable_screensaver
|
config_xinit_disable_screensaver
|
||||||
else
|
else
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user