image: docker services: - docker:dind variables: DOCKER_AUTH_CONFIG: ${_DOCKER_AUTH_CONFIG} PLATFORM: "linux/amd64" ARM_BUILDS: ",chromium,firefox,gimp,rdesktop,remmina,terminal,ubuntu-bionic-desktop,ubuntu-focal-desktop,ubuntu-jammy-desktop,vlc,vs-code,doom,sublime-text,tor-browser,java-dev,telegram,opensuse-15-desktop,oracle-8-desktop,libre-office,thunderbird,audacity,deluge,filezilla,inkscape,pinta,qbittorrent,vivaldi," CORE_IMAGE_TAG: "develop" CORE_IMAGE: "core-ubuntu-focal" USE_PRIVATE_IMAGES: 0 # YAML level anchors .MULTI_ARCH_BUILDS: &MULTI_ARCH_BUILDS - audacity - chromium - deluge - doom - filezilla - firefox - gimp - inkscape - java-dev - libre-office - opensuse-15-desktop - oracle-8-desktop - pinta - qbittorrent - rdesktop - remmina - sublime-text - telegram - terminal - thunderbird - tor-browser - ubuntu-focal-desktop - ubuntu-jammy-desktop - vlc - vs-code .MULTI_ARCH_BUILDS2: &MULTI_ARCH_BUILDS2 - vivaldi - ubuntu-jammy-dind - ubuntu-jammy-dind-rootless .SINGLE_ARCH_BUILDS: &SINGLE_ARCH_BUILDS - atom - blender - brave - centos-7-desktop - chrome - desktop - desktop-deluxe - discord - edge - firefox-mobile - hunchly - insomnia - maltego - only-office - oracle-7-desktop - postman - signal - steam - teams - tracelabs - ubuntu-focal-dind - ubuntu-focal-dind-rootless - unityhub - zoom - zsnes stages: - build - manifest - readme - test - linktests before_script: - docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD - export SANITIZED_BRANCH="$(echo $CI_COMMIT_REF_NAME | sed -r 's#^release/##' | sed 's/\//_/g')" - export SANITIZED_ROLLING_BRANCH=${SANITIZED_BRANCH}-rolling # Jobs for the develop and release branches. They should push to the private and public repos build_browser_images: stage: build image: ${ORG_NAME}/docker-buildx-private:develop script: - BUILD_PLATFORM=$PLATFORM - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - echo "Building ${KASM_IMAGE} based on ${CORE_IMAGE} for platforms ${BUILD_PLATFORM}" # to get qemu ready - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # to prepare the buildx env - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_BRANCH -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_ROLLING_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . only: - develop - /^release\/.*$/ except: - schedules tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: [chrome, chromium, firefox, firefox-mobile, tor-browser, edge, brave, vivaldi] build_app_images: stage: build image: ${ORG_NAME}/docker-buildx-private:develop script: - BUILD_PLATFORM=$PLATFORM - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - echo "Building ${KASM_IMAGE} based on ${CORE_IMAGE} for platforms ${BUILD_PLATFORM}" # to get qemu ready - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # to prepare the buildx env - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_BRANCH -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_ROLLING_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . only: - develop - /^release\/.*$/ except: - schedules tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: [doom, sublime-text, gimp, vs-code, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, maltego, telegram, hunchly, java-dev, terminal, remmina, rdesktop, discord, libre-office, thunderbird, atom, audacity, deluge, filezilla, inkscape, pinta, qbittorrent, blender, unityhub] build_ubuntu_desktop_images: stage: build image: ${ORG_NAME}/docker-buildx-private:develop script: - BUILD_PLATFORM=$PLATFORM - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - echo "Building ${KASM_IMAGE} for platforms ${BUILD_PLATFORM}" # to get qemu ready - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # to prepare the buildx env - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Check for private variable to build against private core images - if [[ $KASM_IMAGE =~ 'ubuntu-jammy-desktop' ]]; then CORE_IMAGE=core-ubuntu-jammy; fi - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_BRANCH -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_ROLLING_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . only: - develop - /^release\/.*$/ except: - schedules tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: [desktop, desktop-deluxe, ubuntu-focal-desktop, ubuntu-jammy-desktop, ubuntu-focal-dind, ubuntu-focal-dind-rootless, ubuntu-jammy-dind, ubuntu-jammy-dind-rootless] build_non_ubuntu: stage: build image: ${ORG_NAME}/docker-buildx-private:develop script: - BUILD_PLATFORM=$PLATFORM - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - echo "Building ${KASM_IMAGE} for platforms ${BUILD_PLATFORM}" # to get qemu ready - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # to prepare the buildx env - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Set base image based on kasm_image variable - if [[ $KASM_IMAGE =~ 'centos-7-desktop' ]]; then CORE_IMAGE=core-centos-7; fi - if [[ $KASM_IMAGE =~ 'tracelabs' ]]; then CORE_IMAGE=core-kali-rolling; fi - if [[ $KASM_IMAGE =~ 'oracle-7-desktop' ]]; then CORE_IMAGE=core-oracle-7; fi - if [[ $KASM_IMAGE =~ 'oracle-8-desktop' ]]; then CORE_IMAGE=core-oracle-8; fi - if [[ $KASM_IMAGE =~ 'opensuse-15-desktop' ]]; then CORE_IMAGE=core-opensuse-15; fi - if [[ $KASM_IMAGE =~ 'ubuntu-jammy-desktop' ]]; then CORE_IMAGE=core-ubuntu-jammy; fi # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_BRANCH -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_ROLLING_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . only: - develop - /^release\/.*$/ except: - schedules tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: [centos-7-desktop, tracelabs, opensuse-15-desktop, oracle-7-desktop, oracle-8-desktop] # These jobs should run on the feature/bugfix branches - anything that is not the develop or release branches. It should only push images to the private repos build_multi_arch_dev: stage: build image: ${ORG_NAME}/docker-buildx-private:develop script: # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Set core image names - if [[ $KASM_IMAGE =~ 'centos-7-desktop' ]]; then CORE_IMAGE=core-centos-7; fi - if [[ $KASM_IMAGE =~ 'tracelabs' ]]; then CORE_IMAGE=core-kali-rolling; fi - if [[ $KASM_IMAGE =~ 'oracle-7-desktop' ]]; then CORE_IMAGE=core-oracle-7; fi - if [[ $KASM_IMAGE =~ 'oracle-8-desktop' ]]; then CORE_IMAGE=core-oracle-8; fi - if [[ $KASM_IMAGE =~ 'opensuse-15-desktop' ]]; then CORE_IMAGE=core-opensuse-15; fi - if [[ $KASM_IMAGE =~ 'ubuntu-jammy-desktop' ]]; then CORE_IMAGE=core-ubuntu-jammy; fi # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - > docker build -t ${ORG_NAME}/$KASM_IMAGE-private:$(arch)-$SANITIZED_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . - docker push ${ORG_NAME}/$KASM_IMAGE-private:$(arch)-$SANITIZED_BRANCH except: - develop - /^release\/.*$/ tags: - ${TAG} parallel: matrix: - TAG: [ aws-autoscale, aws-autoscale-arm64 ] KASM_IMAGE: *MULTI_ARCH_BUILDS build_multi_arch_dev2: stage: build image: ${ORG_NAME}/docker-buildx-private:develop script: # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Set core image names - if [[ $KASM_IMAGE =~ 'centos-7-desktop' ]]; then CORE_IMAGE=core-centos-7; fi - if [[ $KASM_IMAGE =~ 'tracelabs' ]]; then CORE_IMAGE=core-kali-rolling; fi - if [[ $KASM_IMAGE =~ 'oracle-7-desktop' ]]; then CORE_IMAGE=core-oracle-7; fi - if [[ $KASM_IMAGE =~ 'oracle-8-desktop' ]]; then CORE_IMAGE=core-oracle-8; fi - if [[ $KASM_IMAGE =~ 'opensuse-15-desktop' ]]; then CORE_IMAGE=core-opensuse-15; fi - if [[ $KASM_IMAGE =~ 'ubuntu-jammy-desktop' ]]; then CORE_IMAGE=core-ubuntu-jammy; fi # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - > docker build -t ${ORG_NAME}/$KASM_IMAGE-private:$(arch)-$SANITIZED_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . - docker push ${ORG_NAME}/$KASM_IMAGE-private:$(arch)-$SANITIZED_BRANCH except: - develop - /^release\/.*$/ tags: - ${TAG} parallel: matrix: - TAG: [ aws-autoscale, aws-autoscale-arm64 ] KASM_IMAGE: *MULTI_ARCH_BUILDS2 build_single_arch_dev: stage: build image: ${ORG_NAME}/docker-buildx-private:develop script: # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Set core image names - if [[ $KASM_IMAGE =~ 'centos-7-desktop' ]]; then CORE_IMAGE=core-centos-7; fi - if [[ $KASM_IMAGE =~ 'tracelabs' ]]; then CORE_IMAGE=core-kali-rolling; fi - if [[ $KASM_IMAGE =~ 'oracle-7-desktop' ]]; then CORE_IMAGE=core-oracle-7; fi - if [[ $KASM_IMAGE =~ 'oracle-8-desktop' ]]; then CORE_IMAGE=core-oracle-8; fi - if [[ $KASM_IMAGE =~ 'opensuse-15-desktop' ]]; then CORE_IMAGE=core-opensuse-15; fi - if [[ $KASM_IMAGE =~ 'ubuntu-jammy-desktop' ]]; then CORE_IMAGE=core-ubuntu-jammy; fi # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; - > docker build -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG=$CORE_IMAGE_TAG -f dockerfile-kasm-$KASM_IMAGE . - docker push ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_BRANCH except: - develop - /^release\/.*$/ tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: *SINGLE_ARCH_BUILDS test_multi_arch_dev: stage: test script: - docker pull kasmweb/kasm-tester:1.11.0 - > docker run --rm --privileged -e KASM_PORT=443 -e KASM_PATH=/opt/kasm -e KASM_PASSWORD=password123 -e PUID=1000 -e DOCKERUSER=$DOCKER_HUB_USERNAME -e DOCKERPASS=$DOCKER_HUB_PASSWORD -e TEST_IMAGE="${ORG_NAME}/${KASM_IMAGE}-private:$(arch)-$SANITIZED_BRANCH" -e TEST_WEBFILTER="false" -e AWS_KEY=${KASM_TEST_AWS_KEY} -e AWS_SECRET="${KASM_TEST_AWS_SECRET}" -e SLACK_TOKEN=${SLACK_TOKEN} -e S3_BUCKET=kasm-ci -e COMMIT=${CI_COMMIT_SHA} -e REPO=workspaces-images kasmweb/kasm-tester:1.11.0 except: - develop - /^release\/.*$/ tags: - ${TAG} parallel: matrix: - TAG: [ aws-autoscale, aws-autoscale-arm64 ] KASM_IMAGE: *MULTI_ARCH_BUILDS test_multi_arch_dev2: stage: test script: - docker pull kasmweb/kasm-tester:1.11.0 - > docker run --rm --privileged -e KASM_PORT=443 -e KASM_PATH=/opt/kasm -e KASM_PASSWORD=password123 -e PUID=1000 -e DOCKERUSER=$DOCKER_HUB_USERNAME -e DOCKERPASS=$DOCKER_HUB_PASSWORD -e TEST_IMAGE="${ORG_NAME}/${KASM_IMAGE}-private:$(arch)-$SANITIZED_BRANCH" -e TEST_WEBFILTER="false" -e AWS_KEY=${KASM_TEST_AWS_KEY} -e AWS_SECRET="${KASM_TEST_AWS_SECRET}" -e SLACK_TOKEN=${SLACK_TOKEN} -e S3_BUCKET=kasm-ci -e COMMIT=${CI_COMMIT_SHA} -e REPO=workspaces-images kasmweb/kasm-tester:1.11.0 except: - develop - /^release\/.*$/ tags: - ${TAG} parallel: matrix: - TAG: [ aws-autoscale, aws-autoscale-arm64 ] KASM_IMAGE: *MULTI_ARCH_BUILDS2 test_single_arch_dev: stage: test script: - docker pull kasmweb/kasm-tester:1.11.0 - > docker run --rm --privileged -e KASM_PORT=443 -e KASM_PATH=/opt/kasm -e KASM_PASSWORD=password123 -e PUID=1000 -e DOCKERUSER=$DOCKER_HUB_USERNAME -e DOCKERPASS=$DOCKER_HUB_PASSWORD -e TEST_IMAGE="${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH" -e TEST_WEBFILTER="false" -e AWS_KEY=${KASM_TEST_AWS_KEY} -e AWS_SECRET="${KASM_TEST_AWS_SECRET}" -e SLACK_TOKEN=${SLACK_TOKEN} -e S3_BUCKET=kasm-ci -e COMMIT=${CI_COMMIT_SHA} -e REPO=workspaces-images kasmweb/kasm-tester:1.11.0 except: - develop - /^release\/.*$/ tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: *SINGLE_ARCH_BUILDS manifest_dev: stage: manifest script: - docker pull ${ORG_NAME}/${KASM_IMAGE}-private:x86_64-$SANITIZED_BRANCH - docker pull ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH - "docker manifest push --purge ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH || :" - docker manifest create ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:x86_64-$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH - docker manifest annotate ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH --os linux --arch arm64 --variant v8 - docker manifest push --purge ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH except: - develop - /^release\/.*$/ tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: *MULTI_ARCH_BUILDS manifest_dev2: stage: manifest script: - docker pull ${ORG_NAME}/${KASM_IMAGE}-private:x86_64-$SANITIZED_BRANCH - docker pull ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH - "docker manifest push --purge ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH || :" - docker manifest create ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:x86_64-$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH - docker manifest annotate ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH ${ORG_NAME}/${KASM_IMAGE}-private:aarch64-$SANITIZED_BRANCH --os linux --arch arm64 --variant v8 - docker manifest push --purge ${ORG_NAME}/${KASM_IMAGE}-private:$SANITIZED_BRANCH except: - develop - /^release\/.*$/ tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: *MULTI_ARCH_BUILDS2 link_tests_single_arch_dev: stage: linktests script: - apk add curl - STATUS=$(curl -sL https://kasm-ci.s3.amazonaws.com/${CI_COMMIT_SHA}/x86_64/kasmweb/${KASM_IMAGE}-private/${SANITIZED_BRANCH}/ci-status.yml | awk -F'"' '{print $2}') - if [ "${STATUS}" == "PASS" ]; then STATE=success; else STATE=failed; fi; - curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=${STATE}&name=${KASM_IMAGE}-private_x86_64&target_url=https://kasm-ci.s3.amazonaws.com/${CI_COMMIT_SHA}/x86_64/kasmweb/${KASM_IMAGE}-private/${SANITIZED_BRANCH}/index.html" except: - develop - /^release\/.*$/ parallel: matrix: - KASM_IMAGE: *SINGLE_ARCH_BUILDS link_tests_multi_arch_dev: stage: linktests script: - apk add curl - STATUS=$(curl -sL https://kasm-ci.s3.amazonaws.com/${CI_COMMIT_SHA}/${ARCH}/kasmweb/${KASM_IMAGE}-private/${ARCH}-${SANITIZED_BRANCH}/ci-status.yml | awk -F'"' '{print $2}') - if [ "${STATUS}" == "PASS" ]; then STATE=success; else STATE=failed; fi; - curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=${STATE}&name=${KASM_IMAGE}-private_${ARCH}&target_url=https://kasm-ci.s3.amazonaws.com/${CI_COMMIT_SHA}/${ARCH}/kasmweb/${KASM_IMAGE}-private/${ARCH}-${SANITIZED_BRANCH}/index.html" except: - develop - /^release\/.*$/ parallel: matrix: - ARCH: [ aarch64, x86_64 ] KASM_IMAGE: *MULTI_ARCH_BUILDS link_tests_multi_arch_dev2: stage: linktests script: - apk add curl - STATUS=$(curl -sL https://kasm-ci.s3.amazonaws.com/${CI_COMMIT_SHA}/${ARCH}/kasmweb/${KASM_IMAGE}-private/${ARCH}-${SANITIZED_BRANCH}/ci-status.yml | awk -F'"' '{print $2}') - if [ "${STATUS}" == "PASS" ]; then STATE=success; else STATE=failed; fi; - curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=${STATE}&name=${KASM_IMAGE}-private_${ARCH}&target_url=https://kasm-ci.s3.amazonaws.com/${CI_COMMIT_SHA}/${ARCH}/kasmweb/${KASM_IMAGE}-private/${ARCH}-${SANITIZED_BRANCH}/index.html" except: - develop - /^release\/.*$/ parallel: matrix: - ARCH: [ aarch64, x86_64 ] KASM_IMAGE: *MULTI_ARCH_BUILDS2 # These jobs are for the "rolling" release of the images. They should only run for scheduled jobs and should only push the rolling tags build_schedules_browser_images: image: ${ORG_NAME}/docker-buildx-private:develop stage: build script: - BUILD_PLATFORM=$PLATFORM - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - echo "Building ${KASM_IMAGE} based on ${CORE_IMAGE} for platforms ${BUILD_PLATFORM}" # to get qemu ready - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # to prepare the buildx env - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE-IMAGE-private; fi; # Equivalent to docker build and docker push. Builds amd64 natively uses qemu for arm64. # The only way to push multiple architectures to the same tag is to use buildx. - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_ROLLING_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG="$SANITIZED_ROLLING_BRANCH" -f dockerfile-kasm-$KASM_IMAGE . only: - schedules tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: [chrome, chromium, firefox, firefox-mobile, tor-browser, edge, brave, vivaldi] build_schedules_app_images: image: ${ORG_NAME}/docker-buildx-private:develop stage: build script: - BUILD_PLATFORM=$PLATFORM - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - echo "Building ${KASM_IMAGE} based on ${CORE_IMAGE} for platforms ${BUILD_PLATFORM}" # to get qemu ready - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # to prepare the buildx env - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; # Equivalent to docker build and docker push. Builds amd64 natively uses qemu for arm64. # The only way to push multiple architectures to the same tag is to use buildx. - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_ROLLING_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG="$SANITIZED_ROLLING_BRANCH" -f dockerfile-kasm-$KASM_IMAGE . only: - schedules tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: [doom, sublime-text, gimp, vs-code, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, maltego, telegram, hunchly, java-dev, terminal, remmina, rdesktop, discord, libre-office, thunderbird, atom, audacity, deluge, filezilla, inkscape, pinta, qbittorrent, blender, unityhub] build_schedules_ubuntu_desktop_images: image: ${ORG_NAME}/docker-buildx-private:develop stage: build script: - BUILD_PLATFORM=$PLATFORM - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - echo "Building ${KASM_IMAGE} for platforms ${BUILD_PLATFORM}" # to get qemu ready - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # to prepare the buildx env - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Check for private variable to build against private core images - if [[ $KASM_IMAGE =~ 'ubuntu-jammy-desktop' ]]; then CORE_IMAGE=core-ubuntu-jammy; fi - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; # Equivalent to docker build and docker push. Builds amd64 natively uses qemu for arm64. # The only way to push multiple architectures to the same tag is to use buildx. - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_ROLLING_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG="$SANITIZED_ROLLING_BRANCH" -f dockerfile-kasm-$KASM_IMAGE . only: - schedules tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: [desktop, desktop-deluxe, ubuntu-focal-desktop, ubuntu-jammy-desktop, ubuntu-focal-dind, ubuntu-focal-dind-rootless, ubuntu-jammy-dind, ubuntu-jammy-dind-rootless] build_schedules_non_ubuntu: image: ${ORG_NAME}/docker-buildx-private:develop stage: build script: - BUILD_PLATFORM=$PLATFORM - if [[ "${ARM_BUILDS}" == *",${KASM_IMAGE},"* ]]; then BUILD_PLATFORM="linux/amd64,linux/arm64"; fi; - echo "Building ${KASM_IMAGE} for platforms ${BUILD_PLATFORM}" # to get qemu ready - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes # to prepare the buildx env - docker buildx create --use # Ensure readme and description files are present - ls docs/$KASM_IMAGE/README.md - ls docs/$KASM_IMAGE/description.txt # Set base image based on kasm_image variable - if [[ $KASM_IMAGE =~ 'centos-7-desktop' ]]; then CORE_IMAGE=core-centos-7; fi - if [[ $KASM_IMAGE =~ 'tracelabs' ]]; then CORE_IMAGE=core-kali-rolling; fi - if [[ $KASM_IMAGE =~ 'oracle-7-desktop' ]]; then CORE_IMAGE=core-oracle-7; fi - if [[ $KASM_IMAGE =~ 'oracle-8-desktop' ]]; then CORE_IMAGE=core-oracle-8; fi - if [[ $KASM_IMAGE =~ 'opensuse-15-desktop' ]]; then CORE_IMAGE=core-opensuse-15; fi # Check for private variable to build against private core images - if [[ $USE_PRIVATE_IMAGES -eq 1 ]]; then CORE_IMAGE=$CORE_IMAGE-private; fi; # Equivalent to docker build and docker push. Builds amd64 natively uses qemu for arm64. # The only way to push multiple architectures to the same tag is to use buildx. - docker buildx build --push --platform $BUILD_PLATFORM -t ${ORG_NAME}/$KASM_IMAGE:$SANITIZED_ROLLING_BRANCH -t ${ORG_NAME}/$KASM_IMAGE-private:$SANITIZED_ROLLING_BRANCH --build-arg BASE_IMAGE=$CORE_IMAGE --build-arg BASE_TAG="$SANITIZED_ROLLING_BRANCH" -f dockerfile-kasm-$KASM_IMAGE . only: - schedules tags: - aws-autoscale parallel: matrix: - KASM_IMAGE: [centos-7-desktop, tracelabs, opensuse-15-desktop, oracle-7-desktop, oracle-8-desktop] update_readmes: stage: readme script: - apk add git - git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@${README_TEMPLATE_REPO} - sed -e "/{about}/r docs/$KASM_IMAGE/README.md" -e "/{about}/d" dockerhub-readme-template/TEMPLATE.md > docs/$KASM_IMAGE/FULL_README.md - cat docs/$KASM_IMAGE/FULL_README.md - > docker run -v $PWD:/workspace -e DOCKER_USERNAME="$README_USERNAME" -e DOCKER_PASSWORD="$README_PASSWORD" -e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE-private" -e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md" -e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt" ${ORG_NAME}/dockerhub-updater:latest - > docker run -v $PWD:/workspace -e DOCKER_USERNAME="$README_USERNAME" -e DOCKER_PASSWORD="$README_PASSWORD" -e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE" -e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md" -e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt" ${ORG_NAME}/dockerhub-updater:latest only: variables: - $README_USERNAME - $README_PASSWORD parallel: matrix: - KASM_IMAGE: - atom - audacity - blender - brave - centos-7-desktop - chrome - chromium - deluge - desktop - desktop-deluxe - discord - doom - edge - filezilla - firefox - firefox-mobile - gimp - hunchly - inkscape - insomnia - java-dev - libre-office - maltego - only-office - opensuse-15-desktop - oracle-7-desktop - oracle-8-desktop - pinta - postman - qbittorrent - rdesktop - remmina - signal - steam - sublime-text - teams - telegram - terminal - thunderbird - tor-browser - tracelabs - ubuntu-focal-desktop - ubuntu-jammy-desktop - ubuntu-focal-dind - ubuntu-focal-dind-rootless - unityhub - vlc - vs-code - zoom - zsnes update_readmes2: stage: readme script: - apk add git - git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@${README_TEMPLATE_REPO} - sed -e "/{about}/r docs/$KASM_IMAGE/README.md" -e "/{about}/d" dockerhub-readme-template/TEMPLATE.md > docs/$KASM_IMAGE/FULL_README.md - cat docs/$KASM_IMAGE/FULL_README.md - > docker run -v $PWD:/workspace -e DOCKER_USERNAME="$README_USERNAME" -e DOCKER_PASSWORD="$README_PASSWORD" -e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE-private" -e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md" -e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt" ${ORG_NAME}/dockerhub-updater:latest - > docker run -v $PWD:/workspace -e DOCKER_USERNAME="$README_USERNAME" -e DOCKER_PASSWORD="$README_PASSWORD" -e DOCKERHUB_REPOSITORY="${ORG_NAME}/$KASM_IMAGE" -e README_FILEPATH="/workspace/docs/$KASM_IMAGE/FULL_README.md" -e DESCRIPTION_FILEPATH="/workspace/docs/$KASM_IMAGE/description.txt" ${ORG_NAME}/dockerhub-updater:latest only: variables: - $README_USERNAME - $README_PASSWORD parallel: matrix: - KASM_IMAGE: - vivaldi - ubuntu-jammy-dind - ubuntu-jammy-dind-rootless