diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f9c08ba..ff51af1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -9,8 +9,57 @@ variables: CORE_IMAGE: "core-ubuntu-focal" USE_PRIVATE_IMAGES: 0 +# YAML level anchors +.MULTI_ARCH_BUILDS: &MULTI_ARCH_BUILDS + - chromium + - doom + - firefox + - gimp + - java-dev + - libre-office + - opensuse-15-desktop + - oracle-8-desktop + - rdesktop + - remmina + - sublime-text + - telegram + - terminal + - thunderbird + - tor-browser + - ubuntu-focal-desktop + - vlc + - vs-code + +.SINGLE_ARCH_BUILDS: &SINGLE_ARCH_BUILDS + - brave + - centos-7-desktop + - chrome + - desktop + - desktop-deluxe + - discord + - edge + - firefox-mobile + - hunchly + - insomnia + - maltego + - only-office + - oracle-7-desktop + - postman + - signal + - slack + - steam + - teams + - tracelabs + - ubuntu-focal-dind + - ubuntu-focal-dind-rootless + - vmware-horizon + - zoom + - zsnes + stages: - build + - manifest + - test - readme before_script: @@ -141,112 +190,15 @@ build_non_ubuntu: matrix: - KASM_IMAGE: [centos-7-desktop, tracelabs, opensuse-15-desktop, oracle-7-desktop, oracle-8-desktop] - - # These jobs should run on the feature/bugfix branches - anything that is not the develop or release branches. It should only push images to the private repos - -build_dev_browser_images: +build_multi_arch_dev: stage: build image: ${ORG_NAME}/docker-buildx-private:develop script: - - BUILD_PLATFORM=$PLATFORM - - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - - echo "Building ${KASM_IMAGE} based on ${CORE_IMAGE} for platforms ${BUILD_PLATFORM}" - # to get qemu ready - - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - # to prepare the buildx env - - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt - # Check for private variable to build against private core images - - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - - # Equivalent to docker build and docker push. Builds amd64 natively uses qemu for arm64. - # The only way to push multiple architectures to the same tag is to use buildx. - - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . - except: - - develop - - /^release\/.*$/ - tags: - - aws-autoscale - parallel: - matrix: - - KASM_IMAGE: [chrome, chromium, firefox, firefox-mobile, tor-browser, edge, brave] - -build_dev_app_images: - stage: build - image: ${ORG_NAME}/docker-buildx-private:develop - script: - - BUILD_PLATFORM=$PLATFORM - - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - - echo "Building ${KASM_IMAGE} based on ${CORE_IMAGE} for platforms ${BUILD_PLATFORM}" - # to get qemu ready - - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - # to prepare the buildx env - - docker buildx create --use - # Ensure readme and description files are present - - ls docs/$KASM_IMAGE/README.md - - ls docs/$KASM_IMAGE/description.txt - # Check for private variable to build against private core images - - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - - # Equivalent to docker build and docker push. Builds amd64 natively uses qemu for arm64. - # The only way to push multiple architectures to the same tag is to use buildx. - - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . - except: - - develop - - /^release\/.*$/ - tags: - - aws-autoscale - parallel: - matrix: - - KASM_IMAGE: [doom, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, maltego, telegram, hunchly, java-dev, terminal, vmware-horizon, remmina, rdesktop, discord, libre-office, thunderbird] - -build_dev_ubuntu_desktop_images: - stage: build - image: ${ORG_NAME}/docker-buildx-private:develop - script: - - BUILD_PLATFORM=$PLATFORM - - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - - echo "Building ${KASM_IMAGE} for platforms ${BUILD_PLATFORM}" - # to get qemu ready - - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - # to prepare the buildx env - - docker buildx create --use - # Ensure readme and description files are present - - ls docs/$KASM_IMAGE/README.md - - ls docs/$KASM_IMAGE/description.txt - # Check for private variable to build against private core images - - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - - # Equivalent to docker build and docker push. Builds amd64 natively uses qemu for arm64. - # The only way to push multiple architectures to the same tag is to use buildx. - - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . - except: - - develop - - /^release\/.*$/ - tags: - - aws-autoscale - parallel: - matrix: - - KASM_IMAGE: [desktop, desktop-deluxe, ubuntu-focal-desktop, ubuntu-focal-dind, ubuntu-focal-dind-rootless] - -build_dev_non_ubuntu: - stage: build - image: ${ORG_NAME}/docker-buildx-private:develop - script: - - BUILD_PLATFORM=$PLATFORM - - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - - echo "Building ${KASM_IMAGE} for platforms ${BUILD_PLATFORM}" - # to get qemu ready - - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes - # to prepare the buildx env - - docker buildx create --use - # Ensure readme and description files are present - - ls docs/$KASM_IMAGE/README.md - - ls docs/$KASM_IMAGE/description.txt - # Set base image based on kasm_image variable + # Set core image names - if [[ $KASM_IMAGE =~ 'centos-7-desktop' ]]; then CORE_IMAGE=core-centos-7; fi - if [[ $KASM_IMAGE =~ 'tracelabs' ]]; then CORE_IMAGE=core-kali-rolling; fi - if [[ $KASM_IMAGE =~ 'oracle-7-desktop' ]]; then CORE_IMAGE=core-oracle-7; fi @@ -254,10 +206,45 @@ build_dev_non_ubuntu: - if [[ $KASM_IMAGE =~ 'opensuse-15-desktop' ]]; then CORE_IMAGE=core-opensuse-15; fi # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; + - > + docker build + -t ${ORG_NAME}/$KASM_IMAGE-private:$(arch)-$SANITIZED_BRANCH + --build-arg BASE_IMAGE=$CORE_IMAGE + --build-arg BASE_TAG=$CORE_IMAGE_TAG + -f dockerfile-kasm-$KASM_IMAGE . + - docker push ${ORG_NAME}/$KASM_IMAGE-private:$(arch)-$SANITIZED_BRANCH + except: + - develop + - /^release\/.*$/ + tags: + - ${TAG} + parallel: + matrix: + - TAG: [ aws-autoscale, aws-autoscale-arm64 ] + KASM_IMAGE: *MULTI_ARCH_BUILDS - # Equivalent to docker build and docker push. Builds amd64 natively uses qemu for arm64. - # The only way to push multiple architectures to the same tag is to use buildx. - - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . +build_single_arch_dev: + stage: build + image: ${ORG_NAME}/docker-buildx-private:develop + script: + # Ensure readme and description files are present + - ls docs/$KASM_IMAGE/README.md + - ls docs/$KASM_IMAGE/description.txt + # Set core image names + - if [[ $KASM_IMAGE =~ 'centos-7-desktop' ]]; then CORE_IMAGE=core-centos-7; fi + - if [[ $KASM_IMAGE =~ 'tracelabs' ]]; then CORE_IMAGE=core-kali-rolling; fi + - if [[ $KASM_IMAGE =~ 'oracle-7-desktop' ]]; then CORE_IMAGE=core-oracle-7; fi + - if [[ $KASM_IMAGE =~ 'oracle-8-desktop' ]]; then CORE_IMAGE=core-oracle-8; fi + - if [[ $KASM_IMAGE =~ 'opensuse-15-desktop' ]]; then CORE_IMAGE=core-opensuse-15; fi + # Check for private variable to build against private core images + - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; + - > + docker build + -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH + --build-arg BASE_IMAGE=$CORE_IMAGE + --build-arg BASE_TAG=$CORE_IMAGE_TAG + -f dockerfile-kasm-$KASM_IMAGE . + - docker push ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH except: - develop - /^release\/.*$/ @@ -265,8 +252,86 @@ build_dev_non_ubuntu: - aws-autoscale parallel: matrix: - - KASM_IMAGE: [centos-7-desktop, tracelabs, opensuse-15-desktop, oracle-7-desktop, oracle-8-desktop] + - KASM_IMAGE: *SINGLE_ARCH_BUILDS +test_multi_arch_dev: + stage: test + script: + - docker pull kasmweb/kasm-tester:1.10.0 + - > + docker run --rm --privileged + -e KASM_PORT=443 + -e KASM_PATH=/opt/kasm + -e KASM_PASSWORD=password123 + -e PUID=1000 + -e DOCKERUSER=$DOCKER_HUB_USERNAME + -e DOCKERPASS=$DOCKER_HUB_PASSWORD + -e TEST_IMAGE="${ORG_NAME}/${KASM_IMAGE}-private:$(arch)-$SANITIZED_BRANCH" + -e TEST_WEBFILTER="false" + -e AWS_KEY=${KASM_TEST_AWS_KEY} + -e AWS_SECRET="${KASM_TEST_AWS_SECRET}" + -e SLACK_TOKEN=${SLACK_TOKEN} + -e S3_BUCKET=kasm-ci + -e COMMIT=${CI_COMMIT_SHA} + -e REPO=workspaces-images + kasmweb/kasm-tester:1.10.0 + except: + - develop + - /^release\/.*$/ + tags: + - ${TAG} + parallel: + matrix: + - TAG: [ aws-autoscale, aws-autoscale-arm64 ] + KASM_IMAGE: *MULTI_ARCH_BUILDS + +test_single_arch_dev: + stage: test + script: + - docker pull kasmweb/kasm-tester:1.10.0 + - > + docker run --rm --privileged + -e KASM_PORT=443 + -e KASM_PATH=/opt/kasm + -e KASM_PASSWORD=password123 + -e PUID=1000 + -e DOCKERUSER=$DOCKER_HUB_USERNAME + -e DOCKERPASS=$DOCKER_HUB_PASSWORD + -e TEST_IMAGE="${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH" + -e TEST_WEBFILTER="false" + -e AWS_KEY=${KASM_TEST_AWS_KEY} + -e AWS_SECRET="${KASM_TEST_AWS_SECRET}" + -e SLACK_TOKEN=${SLACK_TOKEN} + -e S3_BUCKET=kasm-ci + -e COMMIT=${CI_COMMIT_SHA} + -e REPO=workspaces-images + kasmweb/kasm-tester:1.10.0 + except: + - develop + - /^release\/.*$/ + tags: + - aws-autoscale + parallel: + matrix: + - KASM_IMAGE: *SINGLE_ARCH_BUILDS + +manifest_dev: + stage: manifest + script: + - docker pull ${ORG_NAME}/${KASM_IMAGE}-private:x86_64-$SANITIZED_BRANCH + - docker pull ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH + - "docker manifest push --purge ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH || :" + - docker manifest create ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:x86_64-$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH + - docker manifest annotate ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH --os linux --arch arm64 --variant v8 + - docker manifest push --purge ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH + except: + - develop + - /^release\/.*$/ + tags: + - aws-autoscale + parallel: + matrix: + - KASM_IMAGE: *MULTI_ARCH_BUILDS # These jobs are for the "rolling" release of the images. They should only run for scheduled jobs and should only push the rolling tags build_schedules_browser_images: @@ -397,8 +462,22 @@ update_readmes: - git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@${README_TEMPLATE_REPO} - sed -e "/{about}/r docs/$KASM_IMAGE/README.md" -e "/{about}/d" dockerhub-readme-template/TEMPLATE.md > docs/$KASM_IMAGE/FULL_README.md - cat docs/$KASM_IMAGE/FULL_README.md - - docker run -v $PWD:/workspace -e DOCKER_USERNAME="$README_USERNAME" -e DOCKER_PASSWORD="$README_PASSWORD" -e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE-private" -e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md" -e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt" ${ORG_NAME}/dockerhub-updater:latest - - docker run -v $PWD:/workspace -e DOCKER_USERNAME="$README_USERNAME" -e DOCKER_PASSWORD="$README_PASSWORD" -e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE" -e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md" -e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt" ${ORG_NAME}/dockerhub-updater:latest + - > + docker run -v $PWD:/workspace + -e DOCKER_USERNAME="$README_USERNAME" + -e DOCKER_PASSWORD="$README_PASSWORD" + -e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE-private" + -e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md" + -e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt" + ${ORG_NAME}/dockerhub-updater:latest + - > + docker run -v $PWD:/workspace + -e DOCKER_USERNAME="$README_USERNAME" + -e DOCKER_PASSWORD="$README_PASSWORD" + -e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE" + -e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md" + -e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt" + ${ORG_NAME}/dockerhub-updater:latest only: variables: @@ -406,4 +485,46 @@ update_readmes: - $README_PASSWORD parallel: matrix: - - KASM_IMAGE: [chrome, chromium, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-focal-desktop, maltego, centos-7-desktop, telegram, hunchly, ubuntu-focal-dind, ubuntu-focal-dind-rootless, tracelabs, java-dev, oracle-7-desktop, oracle-8-desktop, opensuse-15-desktop, libre-office, thunderbird ] + - KASM_IMAGE: + - brave + - centos-7-desktop + - chrome + - chromium + - desktop + - desktop-deluxe + - discord + - doom + - edge + - firefox + - firefox-mobile + - gimp + - hunchly + - insomnia + - java-dev + - libre-office + - maltego + - only-office + - opensuse-15-desktop + - oracle-7-desktop + - oracle-8-desktop + - postman + - rdesktop + - remmina + - signal + - slack + - steam + - sublime-text + - teams + - telegram + - terminal + - thunderbird + - tor-browser + - tracelabs + - ubuntu-focal-desktop + - ubuntu-focal-dind + - ubuntu-focal-dind-rootless + - vlc + - vmware-horizon + - vs-code + - zoom + - zsnes diff --git a/src/opensuse/install/zoom/install_zoom.sh b/src/opensuse/install/zoom/install_zoom.sh old mode 100644 new mode 100755