From 432d4041b572d14cfaca6f76658f21a9c8e84987 Mon Sep 17 00:00:00 2001 From: Huan Truong Date: Fri, 1 Aug 2025 12:46:41 -0500 Subject: [PATCH] QA-136 staggering builds for 1.16.0 --- .gitlab-ci.yml | 27 ++- ci-scripts/gitlab-ci.template | 303 +++++++++++++++++++++------------- ci-scripts/template-vars.yaml | 76 +++++++++ ci-scripts/weekly-manifest.sh | 62 +++++++ 4 files changed, 341 insertions(+), 127 deletions(-) create mode 100644 ci-scripts/weekly-manifest.sh diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2cf9870..dae1b81 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -21,28 +21,37 @@ before_script: ####################### template: stage: template + rules: + - when: always script: - apk add py3-jinja2 py3-yaml - cd ci-scripts - python3 template-gitlab.py tags: - - oci-fixed-amd + - oci-amd-scheduled artifacts: paths: - gitlab-ci.yml + pipeline: stage: run - except: - variables: - - $README_USERNAME_RUN - - $README_PASSWORD_RUN - - $QUAY_API_KEY_RUN - - $DOCKERHUB_REVERT_RUN - - $REVERT_IS_ROLLING_RUN + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + - when: on_success + variables: + PARENT_PIPELINE_SOURCE: "$CI_PIPELINE_SOURCE" + RUN_SET: "$RUN_SET" trigger: include: - artifact: gitlab-ci.yml job: template + pipeline_readme: stage: run only: @@ -56,6 +65,7 @@ pipeline_readme: include: - artifact: gitlab-ci.yml job: template + pipeline_readme_quay: stage: run only: @@ -67,6 +77,7 @@ pipeline_readme_quay: include: - artifact: gitlab-ci.yml job: template + pipeline_revert: stage: run only: diff --git a/ci-scripts/gitlab-ci.template b/ci-scripts/gitlab-ci.template index d0507b7..9c0ec57 100644 --- a/ci-scripts/gitlab-ci.template +++ b/ci-scripts/gitlab-ci.template @@ -23,7 +23,6 @@ before_script: - if [ "$CI_COMMIT_REF_PROTECTED" == "true" ]; then docker login --username $QUAY_USERNAME --password $QUAY_PASSWORD quay.io; fi - if [ "$CI_COMMIT_REF_PROTECTED" == "true" ]; then docker login --username $GHCR_USERNAME --password $GHCR_PASSWORD ghcr.io; fi - export SANITIZED_BRANCH="$(echo $CI_COMMIT_REF_NAME | sed -r 's#^release/##' | sed 's/\//_/g')" - - export BASE_TAG="{{ BASE_TAG }}" ############################################### # Build Containers and push to cache endpoint # @@ -31,49 +30,55 @@ before_script: {% for IMAGE in multiImages %} build_{{ IMAGE.name }}: stage: build - script: - - apk add bash - - bash ci-scripts/build.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" - {% if FILE_LIMITS %}only: - changes: + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + {% if FILE_LIMITS %}- changes: {% for FILE in files %}- {{ FILE }} {% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }} {% endfor %}{% endif %} - except: - variables: - - $README_USERNAME - - $README_PASSWORD - - $QUAY_API_KEY - - $DOCKERHUB_REVERT - - $REVERT_IS_ROLLING + - if: $PARENT_PIPELINE_SOURCE == "schedule" && $RUN_SET != "{{ IMAGE.runset }}" + when: never + - when: on_success + script: + - apk add bash + - bash ci-scripts/build.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" tags: - ${TAG} retry: 1 parallel: matrix: - - TAG: [ oci-fixed-amd, oci-fixed-arm ] + - TAG: [ oci-amd-scheduled, oci-arm-scheduled ] {% endfor %} {% for IMAGE in singleImages %} build_{{ IMAGE.name }}: stage: build - script: - - apk add bash - - bash ci-scripts/build.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" - {% if FILE_LIMITS %}only: - changes: + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + {% if FILE_LIMITS %}- changes: {% for FILE in files %}- {{ FILE }} {% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }} {% endfor %}{% endif %} - except: - variables: - - $README_USERNAME - - $README_PASSWORD - - $QUAY_API_KEY - - $DOCKERHUB_REVERT - - $REVERT_IS_ROLLING + - if: $PARENT_PIPELINE_SOURCE == "schedule" && $RUN_SET != "{{ IMAGE.runset }}" + when: never + - when: on_success + script: + - apk add bash + - bash ci-scripts/build.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" tags: - - oci-fixed-amd + - oci-amd-scheduled retry: 1 {% endfor %} @@ -83,27 +88,28 @@ build_{{ IMAGE.name }}: {% for IMAGE in multiImages %} test_{{ IMAGE.name }}: stage: test - when: always - script: - - apk add bash - - bash ci-scripts/test.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" "${ARCH}" "${EC2_LAUNCHER_ID}" "${EC2_LAUNCHER_SECRET}" - {% if FILE_LIMITS %}only: - changes: + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + - if: $PARENT_PIPELINE_SOURCE == "schedule" && $RUN_SET != "{{ IMAGE.runset }}" + when: never + {% if FILE_LIMITS %}- changes: {% for FILE in files %}- {{ FILE }} {% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }} {% endfor %}{% endif %} - except: - variables: - - $README_USERNAME - - $README_PASSWORD - - $QUAY_API_KEY - - $DOCKERHUB_REVERT - - $REVERT_IS_ROLLING + - when: on_success + script: + - apk add bash + - bash ci-scripts/test.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" "${ARCH}" "${EC2_LAUNCHER_ID}" "${EC2_LAUNCHER_SECRET}" needs: - build_{{ IMAGE.name }} - when: on_success tags: - - oci-fixed-amd + - oci-amd-scheduled retry: 1 parallel: matrix: @@ -113,27 +119,28 @@ test_{{ IMAGE.name }}: {% for IMAGE in singleImages %} test_{{ IMAGE.name }}: stage: test - when: always - script: - - apk add bash - - bash ci-scripts/test.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" "x86_64" "${EC2_LAUNCHER_ID}" "${EC2_LAUNCHER_SECRET}" - {% if FILE_LIMITS %}only: - changes: + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + - if: $PARENT_PIPELINE_SOURCE == "schedule" && $RUN_SET != "{{ IMAGE.runset }}" + when: never + {% if FILE_LIMITS %}- changes: {% for FILE in files %}- {{ FILE }} {% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }} {% endfor %}{% endif %} - except: - variables: - - $README_USERNAME - - $README_PASSWORD - - $QUAY_API_KEY - - $DOCKERHUB_REVERT - - $REVERT_IS_ROLLING + - when: on_success + script: + - apk add bash + - bash ci-scripts/test.sh "{{ IMAGE.name }}" "{{ IMAGE.base }}" "{{ IMAGE.dockerfile }}" "x86_64" "${EC2_LAUNCHER_ID}" "${EC2_LAUNCHER_SECRET}" needs: - build_{{ IMAGE.name }} - when: on_success tags: - - oci-fixed-amd + - oci-amd-scheduled retry: 1 {% endfor %} @@ -143,63 +150,117 @@ test_{{ IMAGE.name }}: {% for IMAGE in multiImages %} manifest_{{ IMAGE.name }}: stage: manifest - when: always + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + - if: $PARENT_PIPELINE_SOURCE == "schedule" && $RUN_SET != "{{ IMAGE.runset }}" + when: never + {% if FILE_LIMITS %}- changes: + {% for FILE in files %}- {{ FILE }} + {% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }} + {% endfor %}{% endif %} + - when: on_success variables: SCHEDULED: "{{ SCHEDULED }}" SCHEDULE_NAME: "{{ SCHEDULE_NAME }}" script: - apk add bash tar - - bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "multi"{% if IMAGE.singleapp %} - - bash ci-scripts/app-layer.sh "{{ IMAGE.name }}" "multi" "{{ IMAGE.base }}"{% endif %} - {% if FILE_LIMITS %}only: - changes: - {% for FILE in files %}- {{ FILE }} - {% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }} - {% endfor %}{% endif %} - except: - variables: - - $README_USERNAME - - $README_PASSWORD - - $QUAY_API_KEY - - $DOCKERHUB_REVERT - - $REVERT_IS_ROLLING + - bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "multi" + # Disabling app layer build due to feature not being used + #{% if IMAGE.singleapp %} + #- bash ci-scripts/app-layer.sh "{{ IMAGE.name }}" "multi" "{{ IMAGE.base }}"{% endif %} needs: - test_{{ IMAGE.name }} - when: on_success retry: 1 tags: - - oci-fixed-amd + - oci-amd-scheduled {% endfor %} {% for IMAGE in singleImages %} manifest_{{ IMAGE.name }}: stage: manifest - when: always + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + - if: $PARENT_PIPELINE_SOURCE == "schedule" && $RUN_SET != "{{ IMAGE.runset }}" + when: never + {% if FILE_LIMITS %}- changes: + {% for FILE in files %}- {{ FILE }} + {% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }} + {% endfor %}{% endif %} + - when: on_success variables: SCHEDULED: "{{ SCHEDULED }}" SCHEDULE_NAME: "{{ SCHEDULE_NAME }}" script: - apk add bash tar - - bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "single"{% if IMAGE.singleapp %} - - bash ci-scripts/app-layer.sh "{{ IMAGE.name }}" "single" "{{ IMAGE.base }}"{% endif %} - {% if FILE_LIMITS %}only: - changes: - {% for FILE in files %}- {{ FILE }} - {% endfor %}{% for FILE in IMAGE.changeFiles %}- {{ FILE }} - {% endfor %}{% endif %} - except: - variables: - - $README_USERNAME - - $README_PASSWORD - - $QUAY_API_KEY - - $DOCKERHUB_REVERT - - $REVERT_IS_ROLLING + - bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "single" + # Disabling app layer build due to feature not being used + #{% if IMAGE.singleapp %} + #- bash ci-scripts/app-layer.sh "{{ IMAGE.name }}" "single" "{{ IMAGE.base }}"{% endif %} needs: - test_{{ IMAGE.name }} - when: on_success retry: 1 tags: - - oci-fixed-amd + - oci-amd-scheduled +{% endfor %} + +############################# +# Manifest for Weekly Build # +############################# + +{% for IMAGE in multiImages %} +weekly_manifest_{{ IMAGE.name }}: + stage: manifest + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + - if: $PARENT_PIPELINE_SOURCE == "schedule" && $RUN_SET == "schedule" + when: always + - when: never + script: + - apk add bash tar + - bash ci-scripts/weekly-manifest.sh "{{ IMAGE.name }}" "multi" + retry: 1 + tags: + - oci-amd-scheduled +{% endfor %} + +{% for IMAGE in singleImages %} +weekly_manifest_{{ IMAGE.name }}: + stage: manifest + rules: + - if: > + $README_USERNAME || + $README_PASSWORD || + $QUAY_API_KEY || + $DOCKERHUB_REVERT || + $REVERT_IS_ROLLING + when: never + - if: $PARENT_PIPELINE_SOURCE == "schedule" && $RUN_SET == "schedule" + when: always + - when: never + script: + - apk add bash tar + - bash ci-scripts/weekly-manifest.sh "{{ IMAGE.name }}" "single" + retry: 1 + tags: + - oci-amd-scheduled {% endfor %} #################### @@ -210,81 +271,85 @@ manifest_{{ IMAGE.name }}: {% for IMAGE in multiImages %} update_readmes_{{ IMAGE.name }}: stage: readme + rules: + - if: > + $README_USERNAME && + $README_PASSWORD + when: always script: - apk add bash - bash ci-scripts/readme.sh "{{ IMAGE.name }}" - only: - variables: - - $README_USERNAME - - $README_PASSWORD tags: - - oci-fixed-amd + - oci-amd-scheduled {% endfor %} {% for IMAGE in singleImages %} update_readmes_{{ IMAGE.name }}: stage: readme + rules: + - if: > + $README_USERNAME && + $README_PASSWORD + when: always script: - apk add bash - bash ci-scripts/readme.sh "{{ IMAGE.name }}" - only: - variables: - - $README_USERNAME - - $README_PASSWORD tags: - - oci-fixed-amd + - oci-amd-scheduled {% endfor %} ## Update Quay Readmes ## {% for IMAGE in multiImages %} update_quay_readmes_{{ IMAGE.name }}: stage: readme + rules: + - if: $QUAY_API_KEY + when: always script: - apk add bash - bash ci-scripts/quay_readme.sh "{{ IMAGE.name }}" - only: - variables: - - $QUAY_API_KEY tags: - - oci-fixed-amd + - oci-amd-scheduled {% endfor %} {% for IMAGE in singleImages %} update_quay_readmes_{{ IMAGE.name }}: stage: readme + rules: + - if: $QUAY_API_KEY + when: always script: - apk add bash - bash ci-scripts/quay_readme.sh "{{ IMAGE.name }}" - only: - variables: - - $QUAY_API_KEY tags: - - oci-fixed-amd + - oci-amd-scheduled {% endfor %} ## Revert Images to specific build id ## {% for IMAGE in multiImages %} dockerhub_revert_{{ IMAGE.name }}: stage: revert + rules: + - if: > + $DOCKERHUB_REVERT && + $REVERT_IS_ROLLING + when: always script: - /bin/bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "multi" "${DOCKERHUB_REVERT}" "${REVERT_IS_ROLLING}" - only: - variables: - - $DOCKERHUB_REVERT - - $REVERT_IS_ROLLING tags: - - oci-fixed-amd + - oci-amd-scheduled {% endfor %} {% for IMAGE in singleImages %} dockerhub_revert_{{ IMAGE.name }}: stage: revert + rules: + - if: > + $DOCKERHUB_REVERT && + $REVERT_IS_ROLLING + when: always script: - /bin/bash ci-scripts/manifest.sh "{{ IMAGE.name }}" "single" "${DOCKERHUB_REVERT}" "${REVERT_IS_ROLLING}" - only: - variables: - - $DOCKERHUB_REVERT - - $REVERT_IS_ROLLING tags: - - oci-fixed-amd + - oci-amd-scheduled {% endfor %} diff --git a/ci-scripts/template-vars.yaml b/ci-scripts/template-vars.yaml index ac24da5..8b841e9 100644 --- a/ci-scripts/template-vars.yaml +++ b/ci-scripts/template-vars.yaml @@ -5,6 +5,7 @@ files: &UNIVERSAL_CHANGE_FILES multiImages: - name: audacity + runset: set-a singleapp: true base: core-ubuntu-focal dockerfile: dockerfile-kasm-audacity @@ -12,6 +13,7 @@ multiImages: - dockerfile-kasm-audacity - src/ubuntu/install/audacity/** - name: chromium + runset: set-b singleapp: true base: core-ubuntu-focal dockerfile: dockerfile-kasm-chromium @@ -21,6 +23,7 @@ multiImages: - src/ubuntu/install/chromium/** - src/ubuntu/install/certificates/** - name: deluge + runset: set-a singleapp: true base: core-ubuntu-focal dockerfile: dockerfile-kasm-deluge @@ -28,6 +31,7 @@ multiImages: - dockerfile-kasm-deluge - src/ubuntu/install/deluge/** - name: doom + runset: set-b singleapp: true base: core-ubuntu-focal dockerfile: dockerfile-kasm-doom @@ -36,6 +40,7 @@ multiImages: - src/ubuntu/install/doom/** - name: filezilla singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-filezilla changeFiles: @@ -43,6 +48,7 @@ multiImages: - src/ubuntu/install/filezilla/** - name: firefox singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-firefox changeFiles: @@ -52,6 +58,7 @@ multiImages: - src/ubuntu/install/certificates/** - name: gimp singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-gimp changeFiles: @@ -59,6 +66,7 @@ multiImages: - src/ubuntu/install/gimp/** - name: inkscape singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-inkscape changeFiles: @@ -66,6 +74,7 @@ multiImages: - src/ubuntu/install/inkscape/** - name: java-dev singleapp: false + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-java-dev changeFiles: @@ -80,6 +89,7 @@ multiImages: - src/ubuntu/install/eclipse/** - name: libre-office singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-libre-office changeFiles: @@ -87,6 +97,7 @@ multiImages: - src/ubuntu/install/libre_office/** - name: nessus singleapp: false + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-nessus changeFiles: @@ -96,6 +107,7 @@ multiImages: - src/ubuntu/install/cleanup/** - name: opensuse-15-desktop singleapp: false + runset: set-b base: core-opensuse-15 dockerfile: dockerfile-kasm-opensuse-15-desktop changeFiles: @@ -112,6 +124,7 @@ multiImages: - src/opensuse/install/** - name: oracle-8-desktop singleapp: false + runset: set-a base: core-oracle-8 dockerfile: dockerfile-kasm-oracle-8-desktop changeFiles: @@ -126,6 +139,7 @@ multiImages: - src/ubuntu/install/slack/** - name: pinta singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-pinta changeFiles: @@ -133,12 +147,14 @@ multiImages: - src/ubuntu/install/pinta/** - name: qbittorrent singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-qbittorrent changeFiles: - dockerfile-kasm-qbittorrent - src/ubuntu/install/qbittorrent/** - name: redroid + runset: set-b singleapp: false base: core-ubuntu-jammy dockerfile: dockerfile-kasm-redroid @@ -155,6 +171,7 @@ multiImages: - src/ubuntu/install/cleanup/** - name: remmina singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-remmina changeFiles: @@ -162,6 +179,7 @@ multiImages: - src/ubuntu/install/remmina/** - name: spiderfoot singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-spiderfoot changeFiles: @@ -172,6 +190,7 @@ multiImages: - src/ubuntu/install/cleanup/** - name: sublime-text singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-sublime-text changeFiles: @@ -179,6 +198,7 @@ multiImages: - src/ubuntu/install/sublime_text/** - name: telegram singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-telegram changeFiles: @@ -187,6 +207,7 @@ multiImages: - src/ubuntu/install/chrome/** - name: terminal singleapp: false + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-terminal changeFiles: @@ -196,6 +217,7 @@ multiImages: - src/ubuntu/install/terminal/** - name: thunderbird singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-thunderbird changeFiles: @@ -203,6 +225,7 @@ multiImages: - src/ubuntu/install/thunderbird/** - name: tor-browser singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-tor-browser changeFiles: @@ -211,6 +234,7 @@ multiImages: - src/ubuntu/install/torbrowser/** - name: ubuntu-focal-desktop singleapp: false + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-ubuntu-focal-desktop changeFiles: @@ -238,6 +262,7 @@ multiImages: - src/ubuntu/install/slack/** - name: ubuntu-focal-desktop-vpn singleapp: false + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-ubuntu-focal-desktop-vpn changeFiles: @@ -266,6 +291,7 @@ multiImages: - src/ubuntu/install/vpn/** - name: ubuntu-jammy-desktop singleapp: false + runset: set-b base: core-ubuntu-jammy dockerfile: dockerfile-kasm-ubuntu-jammy-desktop changeFiles: @@ -293,6 +319,7 @@ multiImages: - src/ubuntu/install/slack/** - name: ubuntu-noble-desktop singleapp: false + runset: set-a base: core-ubuntu-noble dockerfile: dockerfile-kasm-ubuntu-noble-desktop changeFiles: @@ -320,6 +347,7 @@ multiImages: - src/ubuntu/install/slack/** - name: vlc singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-vlc changeFiles: @@ -327,6 +355,7 @@ multiImages: - src/ubuntu/install/vlc/** - name: vs-code singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-vs-code changeFiles: @@ -335,6 +364,7 @@ multiImages: - src/ubuntu/install/chrome/** - name: almalinux-8-desktop singleapp: false + runset: set-b base: core-almalinux-8 dockerfile: dockerfile-kasm-almalinux-8-desktop changeFiles: @@ -349,6 +379,7 @@ multiImages: - src/ubuntu/install/slack/** - name: almalinux-9-desktop singleapp: false + runset: set-a base: core-almalinux-9 dockerfile: dockerfile-kasm-almalinux-9-desktop changeFiles: @@ -362,6 +393,7 @@ multiImages: - src/ubuntu/install/slack/** - name: alpine-317-desktop singleapp: false + runset: set-b base: core-alpine-317 dockerfile: dockerfile-kasm-alpine-317-desktop changeFiles: @@ -371,6 +403,7 @@ multiImages: - src/alpine/install/** - name: alpine-318-desktop singleapp: false + runset: set-a base: core-alpine-318 dockerfile: dockerfile-kasm-alpine-318-desktop changeFiles: @@ -380,6 +413,7 @@ multiImages: - src/alpine/install/** - name: alpine-319-desktop singleapp: false + runset: set-b base: core-alpine-319 dockerfile: dockerfile-kasm-alpine-319-desktop changeFiles: @@ -389,6 +423,7 @@ multiImages: - src/alpine/install/** - name: alpine-320-desktop singleapp: false + runset: set-a base: core-alpine-320 dockerfile: dockerfile-kasm-alpine-320-desktop changeFiles: @@ -398,6 +433,7 @@ multiImages: - src/alpine/install/** - name: brave singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-brave changeFiles: @@ -406,6 +442,7 @@ multiImages: - src/ubuntu/install/brave/** - name: debian-bullseye-desktop singleapp: false + runset: set-a base: core-debian-bullseye dockerfile: dockerfile-kasm-debian-bullseye-desktop changeFiles: @@ -431,6 +468,7 @@ multiImages: - src/ubuntu/install/slack/** - name: debian-bookworm-desktop singleapp: false + runset: set-b base: core-debian-bookworm dockerfile: dockerfile-kasm-debian-bookworm-desktop changeFiles: @@ -456,6 +494,7 @@ multiImages: - src/ubuntu/install/slack/** - name: fedora-39-desktop singleapp: false + runset: set-a base: core-fedora-39 dockerfile: dockerfile-kasm-fedora-39-desktop changeFiles: @@ -469,6 +508,7 @@ multiImages: - src/ubuntu/install/slack/** - name: fedora-40-desktop singleapp: false + runset: set-b base: core-fedora-40 dockerfile: dockerfile-kasm-fedora-40-desktop changeFiles: @@ -482,6 +522,7 @@ multiImages: - src/ubuntu/install/slack/** - name: kali-rolling-desktop singleapp: false + runset: set-a base: core-kali-rolling dockerfile: dockerfile-kasm-kali-rolling-desktop changeFiles: @@ -491,6 +532,7 @@ multiImages: - src/ubuntu/install/chromium/** - name: maltego singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-maltego changeFiles: @@ -499,6 +541,7 @@ multiImages: - src/ubuntu/install/firefox/** - name: minetest singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-minetest changeFiles: @@ -506,6 +549,7 @@ multiImages: - src/ubuntu/install/minetest/** - name: oracle-9-desktop singleapp: false + runset: set-b base: core-oracle-9 dockerfile: dockerfile-kasm-oracle-9-desktop changeFiles: @@ -519,6 +563,7 @@ multiImages: - src/ubuntu/install/slack/** - name: parrotos-6-desktop singleapp: false + runset: set-a base: core-parrotos-6 dockerfile: dockerfile-kasm-parrotos-6-desktop changeFiles: @@ -529,6 +574,7 @@ multiImages: - src/ubuntu/install/chromium/** - name: retroarch singleapp: true + runset: set-b base: core-ubuntu-jammy dockerfile: dockerfile-kasm-retroarch changeFiles: @@ -536,6 +582,7 @@ multiImages: - src/ubuntu/install/retroarch/** - name: rockylinux-8-desktop singleapp: false + runset: set-a base: core-rockylinux-8 dockerfile: dockerfile-kasm-rockylinux-8-desktop changeFiles: @@ -550,6 +597,7 @@ multiImages: - src/ubuntu/install/slack/** - name: rockylinux-9-desktop singleapp: false + runset: set-b base: core-rockylinux-9 dockerfile: dockerfile-kasm-rockylinux-9-desktop changeFiles: @@ -563,6 +611,7 @@ multiImages: - src/ubuntu/install/slack/** - name: super-tux-kart singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-super-tux-kart changeFiles: @@ -570,6 +619,7 @@ multiImages: - src/ubuntu/install/super_tux_kart/** - name: ubuntu-focal-dind singleapp: false + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-ubuntu-focal-dind changeFiles: @@ -584,6 +634,7 @@ multiImages: - src/ubuntu/install/chrome/** - name: ubuntu-focal-dind-rootless singleapp: false + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-ubuntu-focal-dind-rootless changeFiles: @@ -598,6 +649,7 @@ multiImages: - src/ubuntu/install/chrome/** - name: ubuntu-jammy-dind singleapp: false + runset: set-b base: core-ubuntu-jammy dockerfile: dockerfile-kasm-ubuntu-jammy-dind changeFiles: @@ -612,6 +664,7 @@ multiImages: - src/ubuntu/install/chrome/** - name: ubuntu-jammy-dind-rootless singleapp: false + runset: set-a base: core-ubuntu-jammy dockerfile: dockerfile-kasm-ubuntu-jammy-dind-rootless changeFiles: @@ -627,6 +680,7 @@ multiImages: - src/ubuntu/install/chrome/** - name: ubuntu-noble-dind singleapp: false + runset: set-b base: core-ubuntu-noble dockerfile: dockerfile-kasm-ubuntu-noble-dind changeFiles: @@ -641,6 +695,7 @@ multiImages: - src/ubuntu/install/chrome/** - name: ubuntu-noble-dind-rootless singleapp: false + runset: set-a base: core-ubuntu-noble dockerfile: dockerfile-kasm-ubuntu-noble-dind-rootless changeFiles: @@ -656,6 +711,7 @@ multiImages: - src/ubuntu/install/chrome/** - name: vivaldi singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-vivaldi changeFiles: @@ -666,6 +722,7 @@ multiImages: singleImages: - name: blender singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-blender changeFiles: @@ -673,6 +730,7 @@ singleImages: - src/ubuntu/install/blender/** - name: chrome singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-chrome changeFiles: @@ -682,6 +740,7 @@ singleImages: - src/ubuntu/install/chrome/** - name: desktop singleapp: false + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-desktop changeFiles: @@ -691,6 +750,7 @@ singleImages: - src/ubuntu/install/chrome/** - name: desktop-deluxe singleapp: false + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-desktop-deluxe changeFiles: @@ -714,6 +774,7 @@ singleImages: - src/ubuntu/install/chrome/** - name: discord singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-discord changeFiles: @@ -721,6 +782,7 @@ singleImages: - src/ubuntu/install/discord/** - name: edge singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-edge changeFiles: @@ -729,6 +791,7 @@ singleImages: - src/ubuntu/install/edge/** - name: hunchly singleapp: true + runset: set-a base: core-ubuntu-jammy dockerfile: dockerfile-kasm-hunchly changeFiles: @@ -737,6 +800,7 @@ singleImages: - src/ubuntu/install/hunchly/** - name: insomnia singleapp: true + runset: set-b base: core-ubuntu-jammy dockerfile: dockerfile-kasm-insomnia changeFiles: @@ -744,12 +808,14 @@ singleImages: - src/ubuntu/install/insomnia/** - name: only-office singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-only-office changeFiles: - dockerfile-kasm-only-office - name: kasmos-desktop singleapp: false + runset: set-b base: core-kasmos dockerfile: dockerfile-kasmos-desktop changeFiles: @@ -770,6 +836,7 @@ singleImages: - src/ubuntu/install/cleanup/** - name: postman singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-postman changeFiles: @@ -778,6 +845,7 @@ singleImages: - src/ubuntu/install/postman/** - name: remnux-focal-desktop singleapp: false + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-remnux-focal-desktop changeFiles: @@ -786,6 +854,7 @@ singleImages: - src/ubuntu/install/remnux/** - name: signal singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-signal changeFiles: @@ -793,6 +862,7 @@ singleImages: - src/ubuntu/install/signal/** - name: slack singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-slack changeFiles: @@ -803,6 +873,7 @@ singleImages: - src/ubuntu/install/cleanup/** - name: steam singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-steam changeFiles: @@ -810,6 +881,7 @@ singleImages: - src/ubuntu/install/steam/** - name: tracelabs singleapp: false + runset: set-b base: core-kali-rolling dockerfile: dockerfile-kasm-tracelabs changeFiles: @@ -819,6 +891,7 @@ singleImages: - src/ubuntu/install/tracelabs/** - name: unityhub singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-unityhub changeFiles: @@ -828,6 +901,7 @@ singleImages: - src/ubuntu/install/unityhub/** - name: zoom singleapp: true + runset: set-b base: core-ubuntu-focal dockerfile: dockerfile-kasm-zoom changeFiles: @@ -836,6 +910,7 @@ singleImages: - src/ubuntu/install/chrome/** - name: zsnes singleapp: true + runset: set-a base: core-ubuntu-focal dockerfile: dockerfile-kasm-zsnes changeFiles: @@ -843,6 +918,7 @@ singleImages: - src/ubuntu/install/zsnes/** - name: forensic-osint singleapp: false + runset: set-b base: core-ubuntu-jammy dockerfile: dockerfile-kasm-forensic-osint changeFiles: diff --git a/ci-scripts/weekly-manifest.sh b/ci-scripts/weekly-manifest.sh new file mode 100644 index 0000000..4190637 --- /dev/null +++ b/ci-scripts/weekly-manifest.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +REGISTRY_MIRRORS=("quay.io" "ghcr.io") +NAME=$1 +TYPE=$2 +BASE=$3 +APPS="kasm-apps" +SANITIZED_BRANCH_DAILY=${SANITIZED_BRANCH}-rolling-daily +SANITIZED_BRANCH=${SANITIZED_BRANCH}-rolling-weekly + +tagImage() { + docker pull "$1" + docker tag "$1" "$2" + docker push "$2" +} + +manifest() { + docker manifest push --purge "$1" || : + docker manifest create "$1" "$2":x86_64-"$3" "$2":aarch64-"$3" + docker manifest annotate "$1" "$2":aarch64-"$3" --os linux --arch arm64 --variant v8 + docker manifest push --purge "$1" +} + +# Manifest for multi pull and push for single arch +# Will pull the daily rolling images and retag them to weekly +if [[ "${TYPE}" == "multi" ]]; then + # Pulling and retagging daily image + tagImage "${ORG_NAME}/${NAME}:x86_64-${SANITIZED_BRANCH_DAILY}" "${ORG_NAME}/${NAME}:x86_64-${SANITIZED_BRANCH}" + tagImage "${ORG_NAME}/${NAME}:aarch64-${SANITIZED_BRANCH_DAILY}" "${ORG_NAME}/${NAME}:aarch64-${SANITIZED_BRANCH}" + + # Manifest tag + manifest "${ORG_NAME}/${NAME}:${SANITIZED_BRANCH}" "${ORG_NAME}/${NAME}" "${SANITIZED_BRANCH}" + + for MIRROR in "${REGISTRY_MIRRORS[@]}"; do + tagImage "${ORG_NAME}/${NAME}:x86_64-${SANITIZED_BRANCH_DAILY}" "${MIRROR}/${MIRROR_ORG_NAME}/${NAME}:x86_64-${SANITIZED_BRANCH}" + tagImage "${ORG_NAME}/${NAME}:aarch64-${SANITIZED_BRANCH_DAILY}" "${MIRROR}/${MIRROR_ORG_NAME}/${NAME}:aarch64-${SANITIZED_BRANCH}" + + manifest "${MIRROR}/${MIRROR_ORG_NAME}/${NAME}:${SANITIZED_BRANCH}" "${MIRROR}/${MIRROR_ORG_NAME}/${NAME}" "${SANITIZED_BRANCH}" + done + + # Single App Layer Images + # Disabling Single App Layer due to functionality not being used currently + # if [ ! -z "${BASE}" ];then + # tagImage "${ORG_NAME}/${APPS}:x86_64-${BASE}-${NAME}-${SANITIZED_BRANCH_DAILY}" "${ORG_NAME}/${APPS}:x86_64-${BASE}-${NAME}-${SANITIZED_BRANCH}" + # tagImage "${ORG_NAME}/${APPS}:aarch64-${BASE}-${NAME}-${SANITIZED_BRANCH_DAILY}" "${ORG_NAME}/${APPS}:aarch64-${BASE}-${NAME}-${SANITIZED_BRANCH}" + + # manifest "${ORG_NAME}/${APPS}:${BASE}-${NAME}-${SANITIZED_BRANCH}" "${ORG_NAME}/${APPS}" "${BASE}-${NAME}-${SANITIZED_BRANCH}" + # fi +# Single arch image just pull and push +else + tagImage "${ORG_NAME}/${NAME}:${SANITIZED_BRANCH_DAILY}" "${ORG_NAME}/${NAME}:${SANITIZED_BRANCH}" + + for MIRROR in "${REGISTRY_MIRRORS[@]}"; do + tagImage "${ORG_NAME}/${NAME}:${SANITIZED_BRANCH_DAILY}" "${MIRROR}/${MIRROR_ORG_NAME}/${NAME}:${SANITIZED_BRANCH}" + done + + # Single App Layer Images + # Disabling Single App Layer due to functionality not being used currently + # if [ ! -z "${BASE}" ];then + # tagImage "${ORG_NAME}/${APPS}:${BASE}-${NAME}-${SANITIZED_BRANCH_DAILY}" "${ORG_NAME}/${APPS}:x86_64-${BASE}-${NAME}-${SANITIZED_BRANCH}" + # fi +fi \ No newline at end of file