mirror of
https://github.com/kasmtech/workspaces-images.git
synced 2024-11-21 23:53:10 +01:00
Merge branch 'feature/KASM-3188-vivaldi-image' into 'develop'
KASM-3188 adding vivaldi image See merge request kasm-technologies/internal/workspaces-images!83
This commit is contained in:
commit
174cb168ab
139
.gitlab-ci.yml
139
.gitlab-ci.yml
@ -4,7 +4,7 @@ services:
|
||||
variables:
|
||||
DOCKER_AUTH_CONFIG: ${_DOCKER_AUTH_CONFIG}
|
||||
PLATFORM: "linux/amd64"
|
||||
ARM_BUILDS: ",chromium,firefox,gimp,rdesktop,remmina,terminal,ubuntu-bionic-desktop,ubuntu-focal-desktop,ubuntu-jammy-desktop,vlc,vs-code,doom,sublime-text,tor-browser,java-dev,telegram,opensuse-15-desktop,oracle-8-desktop,libre-office,thunderbird,audacity,deluge,filezilla,inkscape,pinta,qbittorrent,"
|
||||
ARM_BUILDS: ",chromium,firefox,gimp,rdesktop,remmina,terminal,ubuntu-bionic-desktop,ubuntu-focal-desktop,ubuntu-jammy-desktop,vlc,vs-code,doom,sublime-text,tor-browser,java-dev,telegram,opensuse-15-desktop,oracle-8-desktop,libre-office,thunderbird,audacity,deluge,filezilla,inkscape,pinta,qbittorrent,vivaldi,"
|
||||
CORE_IMAGE_TAG: "develop"
|
||||
CORE_IMAGE: "core-ubuntu-focal"
|
||||
USE_PRIVATE_IMAGES: 0
|
||||
@ -37,6 +37,9 @@ variables:
|
||||
- vlc
|
||||
- vs-code
|
||||
|
||||
.MULTI_ARCH_BUILDS2: &MULTI_ARCH_BUILDS2
|
||||
- vivaldi
|
||||
|
||||
.SINGLE_ARCH_BUILDS: &SINGLE_ARCH_BUILDS
|
||||
- atom
|
||||
- blender
|
||||
@ -104,7 +107,7 @@ build_browser_images:
|
||||
- aws-autoscale
|
||||
parallel:
|
||||
matrix:
|
||||
- KASM_IMAGE: [chrome, chromium, firefox, firefox-mobile, tor-browser, edge, brave]
|
||||
- KASM_IMAGE: [chrome, chromium, firefox, firefox-mobile, tor-browser, edge, brave, vivaldi]
|
||||
|
||||
build_app_images:
|
||||
stage: build
|
||||
@ -235,6 +238,39 @@ build_multi_arch_dev:
|
||||
- TAG: [ aws-autoscale, aws-autoscale-arm64 ]
|
||||
KASM_IMAGE: *MULTI_ARCH_BUILDS
|
||||
|
||||
build_multi_arch_dev2:
|
||||
stage: build
|
||||
image: ${ORG_NAME}/docker-buildx-private:develop
|
||||
script:
|
||||
# Ensure readme and description files are present
|
||||
- ls docs/$KASM_IMAGE/README.md
|
||||
- ls docs/$KASM_IMAGE/description.txt
|
||||
# Set core image names
|
||||
- if [[ $KASM_IMAGE =~ 'centos-7-desktop' ]]; then CORE_IMAGE=core-centos-7; fi
|
||||
- if [[ $KASM_IMAGE =~ 'tracelabs' ]]; then CORE_IMAGE=core-kali-rolling; fi
|
||||
- if [[ $KASM_IMAGE =~ 'oracle-7-desktop' ]]; then CORE_IMAGE=core-oracle-7; fi
|
||||
- if [[ $KASM_IMAGE =~ 'oracle-8-desktop' ]]; then CORE_IMAGE=core-oracle-8; fi
|
||||
- if [[ $KASM_IMAGE =~ 'opensuse-15-desktop' ]]; then CORE_IMAGE=core-opensuse-15; fi
|
||||
- if [[ $KASM_IMAGE =~ 'ubuntu-jammy-desktop' ]]; then CORE_IMAGE=core-ubuntu-jammy; fi
|
||||
# Check for private variable to build against private core images
|
||||
- if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi;
|
||||
- >
|
||||
docker build
|
||||
-t ${ORG_NAME}/$KASM_IMAGE-private:$(arch)-$SANITIZED_BRANCH
|
||||
--build-arg BASE_IMAGE=$CORE_IMAGE
|
||||
--build-arg BASE_TAG=$CORE_IMAGE_TAG
|
||||
-f dockerfile-kasm-$KASM_IMAGE .
|
||||
- docker push ${ORG_NAME}/$KASM_IMAGE-private:$(arch)-$SANITIZED_BRANCH
|
||||
except:
|
||||
- develop
|
||||
- /^release\/.*$/
|
||||
tags:
|
||||
- ${TAG}
|
||||
parallel:
|
||||
matrix:
|
||||
- TAG: [ aws-autoscale, aws-autoscale-arm64 ]
|
||||
KASM_IMAGE: *MULTI_ARCH_BUILDS2
|
||||
|
||||
build_single_arch_dev:
|
||||
stage: build
|
||||
image: ${ORG_NAME}/docker-buildx-private:develop
|
||||
@ -298,6 +334,37 @@ test_multi_arch_dev:
|
||||
- TAG: [ aws-autoscale, aws-autoscale-arm64 ]
|
||||
KASM_IMAGE: *MULTI_ARCH_BUILDS
|
||||
|
||||
test_multi_arch_dev2:
|
||||
stage: test
|
||||
script:
|
||||
- docker pull kasmweb/kasm-tester:1.11.0
|
||||
- >
|
||||
docker run --rm --privileged
|
||||
-e KASM_PORT=443
|
||||
-e KASM_PATH=/opt/kasm
|
||||
-e KASM_PASSWORD=password123
|
||||
-e PUID=1000
|
||||
-e DOCKERUSER=$DOCKER_HUB_USERNAME
|
||||
-e DOCKERPASS=$DOCKER_HUB_PASSWORD
|
||||
-e TEST_IMAGE="${ORG_NAME}/${KASM_IMAGE}-private:$(arch)-$SANITIZED_BRANCH"
|
||||
-e TEST_WEBFILTER="false"
|
||||
-e AWS_KEY=${KASM_TEST_AWS_KEY}
|
||||
-e AWS_SECRET="${KASM_TEST_AWS_SECRET}"
|
||||
-e SLACK_TOKEN=${SLACK_TOKEN}
|
||||
-e S3_BUCKET=kasm-ci
|
||||
-e COMMIT=${CI_COMMIT_SHA}
|
||||
-e REPO=workspaces-images
|
||||
kasmweb/kasm-tester:1.11.0
|
||||
except:
|
||||
- develop
|
||||
- /^release\/.*$/
|
||||
tags:
|
||||
- ${TAG}
|
||||
parallel:
|
||||
matrix:
|
||||
- TAG: [ aws-autoscale, aws-autoscale-arm64 ]
|
||||
KASM_IMAGE: *MULTI_ARCH_BUILDS2
|
||||
|
||||
test_single_arch_dev:
|
||||
stage: test
|
||||
script:
|
||||
@ -346,6 +413,24 @@ manifest_dev:
|
||||
matrix:
|
||||
- KASM_IMAGE: *MULTI_ARCH_BUILDS
|
||||
|
||||
manifest_dev2:
|
||||
stage: manifest
|
||||
script:
|
||||
- docker pull ${ORG_NAME}/${KASM_IMAGE}-private:x86_64-$SANITIZED_BRANCH
|
||||
- docker pull ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH
|
||||
- "docker manifest push --purge ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH || :"
|
||||
- docker manifest create ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:x86_64-$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH
|
||||
- docker manifest annotate ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH --os linux --arch arm64 --variant v8
|
||||
- docker manifest push --purge ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH
|
||||
except:
|
||||
- develop
|
||||
- /^release\/.*$/
|
||||
tags:
|
||||
- aws-autoscale
|
||||
parallel:
|
||||
matrix:
|
||||
- KASM_IMAGE: *MULTI_ARCH_BUILDS2
|
||||
|
||||
link_tests_single_arch_dev:
|
||||
stage: linktests
|
||||
script:
|
||||
@ -375,6 +460,21 @@ link_tests_multi_arch_dev:
|
||||
- ARCH: [ aarch64, x86_64 ]
|
||||
KASM_IMAGE: *MULTI_ARCH_BUILDS
|
||||
|
||||
link_tests_multi_arch_dev2:
|
||||
stage: linktests
|
||||
script:
|
||||
- apk add curl
|
||||
- STATUS=$(curl -sL https://kasm-ci.s3.amazonaws.com/${CI_COMMIT_SHA}/${ARCH}/kasmweb/${KASM_IMAGE}-private/${ARCH}-${SANITIZED_BRANCH}/ci-status.yml | awk -F'"' '{print $2}')
|
||||
- if [ "${STATUS}" == "PASS" ]; then STATE=success; else STATE=failed; fi;
|
||||
- curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=${STATE}&name=${KASM_IMAGE}-private_${ARCH}&target_url=https://kasm-ci.s3.amazonaws.com/${CI_COMMIT_SHA}/${ARCH}/kasmweb/${KASM_IMAGE}-private/${ARCH}-${SANITIZED_BRANCH}/index.html"
|
||||
except:
|
||||
- develop
|
||||
- /^release\/.*$/
|
||||
parallel:
|
||||
matrix:
|
||||
- ARCH: [ aarch64, x86_64 ]
|
||||
KASM_IMAGE: *MULTI_ARCH_BUILDS2
|
||||
|
||||
# These jobs are for the "rolling" release of the images. They should only run for scheduled jobs and should only push the rolling tags
|
||||
build_schedules_browser_images:
|
||||
image: ${ORG_NAME}/docker-buildx-private:develop
|
||||
@ -402,7 +502,7 @@ build_schedules_browser_images:
|
||||
- aws-autoscale
|
||||
parallel:
|
||||
matrix:
|
||||
- KASM_IMAGE: [chrome, chromium, firefox, firefox-mobile, tor-browser, edge, brave]
|
||||
- KASM_IMAGE: [chrome, chromium, firefox, firefox-mobile, tor-browser, edge, brave, vivaldi]
|
||||
|
||||
build_schedules_app_images:
|
||||
image: ${ORG_NAME}/docker-buildx-private:develop
|
||||
@ -577,3 +677,36 @@ update_readmes:
|
||||
- vs-code
|
||||
- zoom
|
||||
- zsnes
|
||||
|
||||
update_readmes2:
|
||||
stage: readme
|
||||
script:
|
||||
- apk add git
|
||||
- git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@${README_TEMPLATE_REPO}
|
||||
- sed -e "/{about}/r docs/$KASM_IMAGE/README.md" -e "/{about}/d" dockerhub-readme-template/TEMPLATE.md > docs/$KASM_IMAGE/FULL_README.md
|
||||
- cat docs/$KASM_IMAGE/FULL_README.md
|
||||
- >
|
||||
docker run -v $PWD:/workspace
|
||||
-e DOCKER_USERNAME="$README_USERNAME"
|
||||
-e DOCKER_PASSWORD="$README_PASSWORD"
|
||||
-e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE-private"
|
||||
-e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md"
|
||||
-e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt"
|
||||
${ORG_NAME}/dockerhub-updater:latest
|
||||
- >
|
||||
docker run -v $PWD:/workspace
|
||||
-e DOCKER_USERNAME="$README_USERNAME"
|
||||
-e DOCKER_PASSWORD="$README_PASSWORD"
|
||||
-e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE"
|
||||
-e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md"
|
||||
-e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt"
|
||||
${ORG_NAME}/dockerhub-updater:latest
|
||||
|
||||
only:
|
||||
variables:
|
||||
- $README_USERNAME
|
||||
- $README_PASSWORD
|
||||
parallel:
|
||||
matrix:
|
||||
- KASM_IMAGE:
|
||||
- vivaldi
|
||||
|
47
dockerfile-kasm-vivaldi
Normal file
47
dockerfile-kasm-vivaldi
Normal file
@ -0,0 +1,47 @@
|
||||
ARG BASE_TAG="develop"
|
||||
ARG BASE_IMAGE="core-ubuntu-focal"
|
||||
FROM kasmweb/$BASE_IMAGE:$BASE_TAG
|
||||
USER root
|
||||
|
||||
ENV HOME /home/kasm-default-profile
|
||||
ENV STARTUPDIR /dockerstartup
|
||||
ENV INST_SCRIPTS $STARTUPDIR/install
|
||||
WORKDIR $HOME
|
||||
|
||||
######### Customize Container Here ###########
|
||||
|
||||
|
||||
# Install Vivaldi
|
||||
COPY ./src/ubuntu/install/vivaldi $INST_SCRIPTS/vivaldi/
|
||||
RUN bash $INST_SCRIPTS/vivaldi/install_vivaldi.sh && rm -rf $INST_SCRIPTS/vivaldi/
|
||||
|
||||
# Update the desktop environment to be optimized for a single application
|
||||
RUN cp $HOME/.config/xfce4/xfconf/single-application-xfce-perchannel-xml/* $HOME/.config/xfce4/xfconf/xfce-perchannel-xml/
|
||||
RUN cp /usr/share/extra/backgrounds/bg_kasm.png /usr/share/extra/backgrounds/bg_default.png
|
||||
RUN apt-get remove -y xfce4-panel
|
||||
|
||||
# Setup the custom startup script that will be invoked when the container starts
|
||||
#ENV LAUNCH_URL http://kasmweb.com
|
||||
|
||||
COPY ./src/ubuntu/install/vivaldi/custom_startup.sh $STARTUPDIR/custom_startup.sh
|
||||
RUN chmod +x $STARTUPDIR/custom_startup.sh
|
||||
|
||||
# Install Custom Certificate Authority
|
||||
# COPY ./src/ubuntu/install/certificates $INST_SCRIPTS/certificates/
|
||||
# RUN bash $INST_SCRIPTS/certificates/install_ca_cert.sh && rm -rf $INST_SCRIPTS/certificates/
|
||||
|
||||
ENV KASM_RESTRICTED_FILE_CHOOSER=1
|
||||
COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/
|
||||
RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh
|
||||
|
||||
|
||||
######### End Customizations ###########
|
||||
|
||||
RUN chown 1000:0 $HOME
|
||||
RUN $STARTUPDIR/set_user_permission.sh $HOME
|
||||
|
||||
ENV HOME /home/kasm-user
|
||||
WORKDIR $HOME
|
||||
RUN mkdir -p $HOME && chown -R 1000:0 $HOME
|
||||
|
||||
USER 1000
|
14
docs/vivaldi/README.md
Normal file
14
docs/vivaldi/README.md
Normal file
@ -0,0 +1,14 @@
|
||||
# About This Image
|
||||
|
||||
This Image contains a browser-accessible version of [Vivaldi](https://vivaldi.com/).
|
||||
|
||||
![Screenshot][Image_Screenshot]
|
||||
|
||||
[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/vivaldi.png "Image Screenshot"
|
||||
|
||||
# Environment Variables
|
||||
|
||||
* `LAUNCH_URL` - The default URL the browser launches to when created.
|
||||
* `APP_ARGS` - Additional arguments to pass to the browser when launched.
|
||||
* `KASM_RESTRICTED_FILE_CHOOSER` - Confine "File Upload" and "File Save"
|
||||
dialogs to ~/Desktop. On by default.
|
1
docs/vivaldi/description.txt
Normal file
1
docs/vivaldi/description.txt
Normal file
@ -0,0 +1 @@
|
||||
Vivaldi for Kasm Workspaces
|
84
src/ubuntu/install/vivaldi/custom_startup.sh
Normal file
84
src/ubuntu/install/vivaldi/custom_startup.sh
Normal file
@ -0,0 +1,84 @@
|
||||
#!/usr/bin/env bash
|
||||
set -ex
|
||||
START_COMMAND="vivaldi"
|
||||
PGREP="vivaldi"
|
||||
MAXIMIZE="true"
|
||||
DEFAULT_ARGS=""
|
||||
|
||||
if [[ $MAXIMIZE == 'true' ]] ; then
|
||||
DEFAULT_ARGS+=" --start-maximized"
|
||||
fi
|
||||
ARGS=${APP_ARGS:-$DEFAULT_ARGS}
|
||||
|
||||
options=$(getopt -o gau: -l go,assign,url: -n "$0" -- "$@") || exit
|
||||
eval set -- "$options"
|
||||
|
||||
while [[ $1 != -- ]]; do
|
||||
case $1 in
|
||||
-g|--go) GO='true'; shift 1;;
|
||||
-a|--assign) ASSIGN='true'; shift 1;;
|
||||
-u|--url) OPT_URL=$2; shift 2;;
|
||||
*) echo "bad option: $1" >&2; exit 1;;
|
||||
esac
|
||||
done
|
||||
shift
|
||||
|
||||
# Process non-option arguments.
|
||||
for arg; do
|
||||
echo "arg! $arg"
|
||||
done
|
||||
|
||||
FORCE=$2
|
||||
|
||||
kasm_exec() {
|
||||
if [ -n "$OPT_URL" ] ; then
|
||||
URL=$OPT_URL
|
||||
elif [ -n "$1" ] ; then
|
||||
URL=$1
|
||||
fi
|
||||
|
||||
# Since we are execing into a container that already has the browser running from startup,
|
||||
# when we don't have a URL to open we want to do nothing. Otherwise a second browser instance would open.
|
||||
if [ -n "$URL" ] ; then
|
||||
/usr/bin/filter_ready
|
||||
/usr/bin/desktop_ready
|
||||
$START_COMMAND $ARGS $OPT_URL
|
||||
else
|
||||
echo "No URL specified for exec command. Doing nothing."
|
||||
fi
|
||||
}
|
||||
|
||||
kasm_startup() {
|
||||
if [ -n "$KASM_URL" ] ; then
|
||||
URL=$KASM_URL
|
||||
elif [ -z "$URL" ] ; then
|
||||
URL=$LAUNCH_URL
|
||||
fi
|
||||
|
||||
if [ -z "$DISABLE_CUSTOM_STARTUP" ] || [ -n "$FORCE" ] ; then
|
||||
|
||||
echo "Entering process startup loop"
|
||||
set +x
|
||||
while true
|
||||
do
|
||||
if ! pgrep -x $PGREP > /dev/null
|
||||
then
|
||||
/usr/bin/filter_ready
|
||||
/usr/bin/desktop_ready
|
||||
set +e
|
||||
$START_COMMAND $ARGS $URL
|
||||
set -e
|
||||
fi
|
||||
sleep 1
|
||||
done
|
||||
set -x
|
||||
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
if [ -n "$GO" ] || [ -n "$ASSIGN" ] ; then
|
||||
kasm_exec
|
||||
else
|
||||
kasm_startup
|
||||
fi
|
49
src/ubuntu/install/vivaldi/install_vivaldi.sh
Normal file
49
src/ubuntu/install/vivaldi/install_vivaldi.sh
Normal file
@ -0,0 +1,49 @@
|
||||
#!/usr/bin/env bash
|
||||
set -ex
|
||||
|
||||
VIVALDI_ARGS="--password-store=basic --no-sandbox --ignore-gpu-blocklist --user-data-dir --no-first-run --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'"
|
||||
|
||||
# Install Vivaldi (Ubuntu)
|
||||
wget -qO- https://repo.vivaldi.com/archive/linux_signing_key.pub | gpg --dearmor > /usr/share/keyrings/vivaldi-browser.gpg
|
||||
echo "deb [signed-by=/usr/share/keyrings/vivaldi-browser.gpg arch=$(dpkg --print-architecture)] https://repo.vivaldi.com/archive/deb/ stable main" > /etc/apt/sources.list.d/vivaldi-archive.list
|
||||
apt-get update && apt-get install -y vivaldi-stable
|
||||
/opt/vivaldi/update-ffmpeg
|
||||
|
||||
# Add Desktop Icon
|
||||
cp /usr/share/applications/vivaldi-stable.desktop $HOME/Desktop/
|
||||
chown 1000:1000 $HOME/Desktop/vivaldi-stable.desktop
|
||||
|
||||
# Use wrapper to launch application
|
||||
mv /opt/vivaldi/vivaldi /opt/vivaldi/vivaldi-orig
|
||||
cat >/opt/vivaldi/vivaldi <<EOL
|
||||
#!/usr/bin/env bash
|
||||
sed -i 's/"exited_cleanly":false/"exited_cleanly":true/' ~/.config/vivaldi/Default/Preferences
|
||||
sed -i 's/"exit_type":"Crashed"/"exit_type":"None"/' ~/.config/vivaldi/Default/Preferences
|
||||
if [ -f /opt/VirtualGL/bin/vglrun ] && [ ! -z "\${KASM_EGL_CARD}" ] && [ ! -z "\${KASM_RENDERD}" ] && [ -O "\${KASM_RENDERD}" ] && [ -O "\${KASM_EGL_CARD}" ] ; then
|
||||
echo "Starting Vivaldi with GPU Acceleration on EGL device \${KASM_EGL_CARD}"
|
||||
vglrun -d "\${KASM_EGL_CARD}" /opt/vivaldi/vivaldi-orig ${CHROME_ARGS} "\$@"
|
||||
else
|
||||
echo "Starting Vivaldi"
|
||||
/opt/vivaldi/vivaldi-orig ${VIVALDI_ARGS} "\$@"
|
||||
fi
|
||||
EOL
|
||||
chmod +x /opt/vivaldi/vivaldi
|
||||
|
||||
# Set mime type to launch web content
|
||||
sed -i 's@exec -a "$0" "$HERE/vivaldi" "$\@"@@g' /usr/bin/x-www-browser
|
||||
cat >>/usr/bin/x-www-browser <<EOL
|
||||
exec -a "\$0" "\$HERE/vivaldi" "${VIVALDI_ARGS}" "\$@"
|
||||
EOL
|
||||
|
||||
# Set chrome managed policies for vivaldi
|
||||
mkdir -p /etc/opt/chrome/policies/managed/
|
||||
cat >>/etc/opt/chrome/policies/managed/default_managed_policy.json <<EOL
|
||||
{"CommandLineFlagSecurityWarningsEnabled": false, "DefaultBrowserSettingEnabled": false}
|
||||
EOL
|
||||
|
||||
# Cleanup
|
||||
apt-get autoclean
|
||||
rm -rf \
|
||||
/var/lib/apt/lists/* \
|
||||
/var/tmp/* \
|
||||
/tmp/*
|
Loading…
Reference in New Issue
Block a user