diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index f92e7c7..f78f95a 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,43 +1,38 @@ - +## Description -[linuxserverurl]: https://linuxserver.io -[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl] +Required: Please provide a brief description of what this pull request is trying to accomplish. +> - +## Context, Consequences, & Considerations - - - - - +Required: Please step through the following list, pausing at each item to consider your change in relation to the item's context. +Check the box to mark that it applies, and enter your relevant notes under the item. +- [ ] Security: This has security implications. This includes (but not limited to) adding users, modifying user/app permissions, network rules/policies, changing a system interconnection, or changing an authorization strategy. + - [ ] This PR does not require security review. These changes are part of a project plan that has already undergone security review. The link is provided below. + - [ ] This PR requires security review. Add the `security` label to this PR then request a review from the [Security Code Reviewers Team](https://github.com/orgs/civisanalytics/teams/security-code-reviewers). - - - - - +> ------------------------------- +- [ ] Execution: This change requires commands to be run outside of the normal merge. - - [ ] I have read the [contributing](https://github.com/linuxserver/docker-code-server/blob/master/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications +> ------------------------------- +- [ ] Impact: This change may cause service interruptions. - +> -## Description: - +- [ ] Testing: How did you test this change (unit tests, acceptance tests, etc.)? Did you do any manual testing? -## Benefits of this PR and context: - +> -## How Has This Been Tested? - - - +- [ ] Testing: How will you confirm this change once it's merged? +> -## Source / References: - +- [ ] Documentation: Documentation to reflect this change has been added to Confluence or Zendesk. + +> + +- [ ] **All items of the checklist have been considered and this PR description is complete.** diff --git a/.github/workflows/call_issue_pr_tracker.yml b/.github/workflows/call_issue_pr_tracker.yml deleted file mode 100644 index d07cf12..0000000 --- a/.github/workflows/call_issue_pr_tracker.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Issue & PR Tracker - -on: - issues: - types: [opened,reopened,labeled,unlabeled,closed] - pull_request_target: - types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed] - pull_request_review: - types: [submitted,edited,dismissed] - -permissions: - contents: read - -jobs: - manage-project: - permissions: - issues: write - uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1 - secrets: inherit diff --git a/.github/workflows/call_issues_cron.yml b/.github/workflows/call_issues_cron.yml deleted file mode 100644 index 2031b77..0000000 --- a/.github/workflows/call_issues_cron.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Mark stale issues and pull requests -on: - schedule: - - cron: '31 1 * * *' - workflow_dispatch: - -permissions: - contents: read - -jobs: - stale: - permissions: - issues: write - pull-requests: write - uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1 - secrets: inherit diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml deleted file mode 100644 index f63a55e..0000000 --- a/.github/workflows/greetings.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Greetings - -on: [pull_request_target, issues] - -permissions: - contents: read - -jobs: - greeting: - permissions: - issues: write - pull-requests: write - runs-on: ubuntu-latest - steps: - - uses: actions/first-interaction@v1 - with: - issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.' - pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-code-server/blob/master/.github/PULL_REQUEST_TEMPLATE.md)!' - repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/Dockerfile b/Dockerfile index 9ac98d9..181c658 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,47 @@ # syntax=docker/dockerfile:1 -FROM ghcr.io/linuxserver/baseimage-ubuntu:noble +ARG ECR_ACCOUNT_ID +ARG ECR_REGION=us-east-1 +ARG BASE_IMAGE_NAME=docker-linuxserver-ubuntu-fips +ARG BASE_IMAGE_TAG=jammy +ARG ECR_URI=${ECR_ACCOUNT_ID}.dkr.ecr-fips.${ECR_REGION}.amazonaws.com/${BASE_IMAGE_NAME}:${BASE_IMAGE_TAG} -# set version label +FROM ${ECR_URI} as docker-code-server-python + +ARG DEBIAN_FRONTEND="noninteractive" + +# Install Python 3.12 +RUN echo "**** install Python 3.12 ****" && \ + apt-get update && \ + apt-get install -y \ + software-properties-common \ + gpg-agent && \ + curl -fsSL https://keyserver.ubuntu.com/pks/lookup?op=get\&search=0xF23C5A6CF475977595C89F51BA6932366A755776 | apt-key add - && \ + echo "deb https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy main" > /etc/apt/sources.list.d/deadsnakes.list && \ + apt-get update && \ + apt-get install -y \ + python3.12 \ + python3.12-dev \ + python3.12-venv && \ + update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.12 1 && \ + update-alternatives --install /usr/bin/python python /usr/bin/python3.12 1 && \ + curl -sS https://bootstrap.pypa.io/get-pip.py | python3.12 && \ + pip3 install --upgrade pip setuptools wheel && \ + python3 --version && \ + pip3 --version && \ + echo "**** clean up ****" && \ + apt-get clean && \ + rm -rf \ + /var/lib/apt/lists/* \ + /tmp/* + +FROM docker-code-server-python ARG BUILD_DATE ARG VERSION ARG CODE_RELEASE + LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" -LABEL maintainer="aptalca" +LABEL maintainer="civisanalytics" # environment settings ARG DEBIAN_FRONTEND="noninteractive" @@ -21,6 +55,7 @@ RUN \ libatomic1 \ nano \ net-tools \ + netcat-openbsd \ sudo && \ echo "**** install code-server ****" && \ if [ -z ${CODE_RELEASE+x} ]; then \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 deleted file mode 100644 index 6e05250..0000000 --- a/Dockerfile.aarch64 +++ /dev/null @@ -1,49 +0,0 @@ -# syntax=docker/dockerfile:1 - -FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-noble - -# set version label -ARG BUILD_DATE -ARG VERSION -ARG CODE_RELEASE -LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" -LABEL maintainer="aptalca" - -# environment settings -ARG DEBIAN_FRONTEND="noninteractive" -ENV HOME="/config" - -RUN \ - echo "**** install runtime dependencies ****" && \ - apt-get update && \ - apt-get install -y \ - git \ - libatomic1 \ - nano \ - net-tools \ - sudo && \ - echo "**** install code-server ****" && \ - if [ -z ${CODE_RELEASE+x} ]; then \ - CODE_RELEASE=$(curl -sX GET https://api.github.com/repos/coder/code-server/releases/latest \ - | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); \ - fi && \ - mkdir -p /app/code-server && \ - curl -o \ - /tmp/code-server.tar.gz -L \ - "https://github.com/coder/code-server/releases/download/v${CODE_RELEASE}/code-server-${CODE_RELEASE}-linux-arm64.tar.gz" && \ - tar xf /tmp/code-server.tar.gz -C \ - /app/code-server --strip-components=1 && \ - printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \ - echo "**** clean up ****" && \ - apt-get clean && \ - rm -rf \ - /config/* \ - /tmp/* \ - /var/lib/apt/lists/* \ - /var/tmp/* - -# add local files -COPY /root / - -# ports and volumes -EXPOSE 8443 diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index e6adbe6..0000000 --- a/Jenkinsfile +++ /dev/null @@ -1,1210 +0,0 @@ -pipeline { - agent { - label 'X86-64-MULTI' - } - options { - buildDiscarder(logRotator(numToKeepStr: '10', daysToKeepStr: '60')) - parallelsAlwaysFailFast() - } - // Input to determine if this is a package check - parameters { - string(defaultValue: 'false', description: 'package check run', name: 'PACKAGE_CHECK') - } - // Configuration for the variables used for this specific repo - environment { - BUILDS_DISCORD=credentials('build_webhook_url') - GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab') - GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0') - GITLAB_NAMESPACE=credentials('gitlab-namespace-id') - DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat') - QUAYIO_API_TOKEN=credentials('quayio-repo-api-token') - GIT_SIGNING_KEY=credentials('484fbca6-9a4f-455e-b9e3-97ac98785f5f') - CONTAINER_NAME = 'code-server' - BUILD_VERSION_ARG = 'CODE_RELEASE' - LS_USER = 'linuxserver' - LS_REPO = 'docker-code-server' - DOCKERHUB_IMAGE = 'linuxserver/code-server' - DEV_DOCKERHUB_IMAGE = 'lsiodev/code-server' - PR_DOCKERHUB_IMAGE = 'lspipepr/code-server' - DIST_IMAGE = 'ubuntu' - MULTIARCH='true' - CI='true' - CI_WEB='true' - CI_PORT='8443' - CI_SSL='false' - CI_DELAY='120' - CI_DOCKERENV='' - CI_AUTH='' - CI_WEBPATH='' - } - stages { - stage("Set git config"){ - steps{ - sh '''#!/bin/bash - cat ${GIT_SIGNING_KEY} > /config/.ssh/id_sign - chmod 600 /config/.ssh/id_sign - ssh-keygen -y -f /config/.ssh/id_sign > /config/.ssh/id_sign.pub - echo "Using $(ssh-keygen -lf /config/.ssh/id_sign) to sign commits" - git config --global gpg.format ssh - git config --global user.signingkey /config/.ssh/id_sign - git config --global commit.gpgsign true - ''' - } - } - // Setup all the basic environment variables needed for the build - stage("Set ENV Variables base"){ - steps{ - echo "Running on node: ${NODE_NAME}" - sh '''#! /bin/bash - echo "Pruning builder" - docker builder prune -f --builder container || : - containers=$(docker ps -q) - if [[ -n "${containers}" ]]; then - BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit') - for container in ${containers}; do - if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then - echo "skipping buildx container in docker stop" - else - echo "Stopping container ${container}" - docker stop ${container} - fi - done - fi - docker system prune -f --volumes || : - docker image prune -af || : - ''' - script{ - env.EXIT_STATUS = '' - env.LS_RELEASE = sh( - script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:latest 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''', - returnStdout: true).trim() - env.LS_RELEASE_NOTES = sh( - script: '''cat readme-vars.yml | awk -F \\" '/date: "[0-9][0-9].[0-9][0-9].[0-9][0-9]:/ {print $4;exit;}' | sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' ''', - returnStdout: true).trim() - env.GITHUB_DATE = sh( - script: '''date '+%Y-%m-%dT%H:%M:%S%:z' ''', - returnStdout: true).trim() - env.COMMIT_SHA = sh( - script: '''git rev-parse HEAD''', - returnStdout: true).trim() - env.GH_DEFAULT_BRANCH = sh( - script: '''git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||' ''', - returnStdout: true).trim() - env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT - env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/' - env.PULL_REQUEST = env.CHANGE_ID - env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml' - if ( env.SYFT_IMAGE_TAG == null ) { - env.SYFT_IMAGE_TAG = 'latest' - } - } - echo "Using syft image tag ${SYFT_IMAGE_TAG}" - sh '''#! /bin/bash - echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" ''' - script{ - env.LS_RELEASE_NUMBER = sh( - script: '''echo ${LS_RELEASE} |sed 's/^.*-ls//g' ''', - returnStdout: true).trim() - } - script{ - env.LS_TAG_NUMBER = sh( - script: '''#! /bin/bash - tagsha=$(git rev-list -n 1 ${LS_RELEASE} 2>/dev/null) - if [ "${tagsha}" == "${COMMIT_SHA}" ]; then - echo ${LS_RELEASE_NUMBER} - elif [ -z "${GIT_COMMIT}" ]; then - echo ${LS_RELEASE_NUMBER} - else - echo $((${LS_RELEASE_NUMBER} + 1)) - fi''', - returnStdout: true).trim() - } - } - } - /* ####################### - Package Version Tagging - ####################### */ - // Grab the current package versions in Git to determine package tag - stage("Set Package tag"){ - steps{ - script{ - env.PACKAGE_TAG = sh( - script: '''#!/bin/bash - if [ -e package_versions.txt ] ; then - cat package_versions.txt | md5sum | cut -c1-8 - else - echo none - fi''', - returnStdout: true).trim() - } - } - } - /* ######################## - External Release Tagging - ######################## */ - // If this is a custom command to determine version use that command - stage("Set tag custom bash"){ - steps{ - script{ - env.EXT_RELEASE = sh( - script: ''' curl -sX GET https://api.github.com/repos/coder/code-server/releases/latest | jq -r '.tag_name' | sed 's|^v||' ''', - returnStdout: true).trim() - env.RELEASE_LINK = 'custom_command' - } - } - } - // Sanitize the release tag and strip illegal docker or github characters - stage("Sanitize tag"){ - steps{ - script{ - env.EXT_RELEASE_CLEAN = sh( - script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/ ]//g' ''', - returnStdout: true).trim() - - def semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)\.(\d+)/ - if (semver.find()) { - env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${semver[0][3]}" - } else { - semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)(?:\.(\d+))?(.*)/ - if (semver.find()) { - if (semver[0][3]) { - env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${semver[0][3]}" - } else if (!semver[0][3] && !semver[0][4]) { - env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${(new Date()).format('YYYYMMdd')}" - } - } - } - - if (env.SEMVER != null) { - if (BRANCH_NAME != "${env.GH_DEFAULT_BRANCH}") { - env.SEMVER = "${env.SEMVER}-${BRANCH_NAME}" - } - println("SEMVER: ${env.SEMVER}") - } else { - println("No SEMVER detected") - } - - } - } - } - // If this is a master build use live docker endpoints - stage("Set ENV live build"){ - when { - branch "master" - environment name: 'CHANGE_ID', value: '' - } - steps { - script{ - env.IMAGE = env.DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/' + env.CONTAINER_NAME - env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME - env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME - if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - } else { - env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - } - env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - env.META_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN - env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' - } - } - } - // If this is a dev build use dev docker endpoints - stage("Set ENV dev build"){ - when { - not {branch "master"} - environment name: 'CHANGE_ID', value: '' - } - steps { - script{ - env.IMAGE = env.DEV_DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/lsiodev-' + env.CONTAINER_NAME - env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME - env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME - if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA - } else { - env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA - } - env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA - env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA - env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN - env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/' - env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' - } - } - } - // If this is a pull request build use dev docker endpoints - stage("Set ENV PR build"){ - when { - not {environment name: 'CHANGE_ID', value: ''} - } - steps { - script{ - env.IMAGE = env.PR_DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/lspipepr-' + env.CONTAINER_NAME - env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME - env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME - if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST - } else { - env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST - } - env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST - env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST - env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN - env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST - env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/' - env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' - } - } - } - // Run ShellCheck - stage('ShellCheck') { - when { - environment name: 'CI', value: 'true' - } - steps { - withCredentials([ - string(credentialsId: 'ci-tests-s3-key-id', variable: 'S3_KEY'), - string(credentialsId: 'ci-tests-s3-secret-access-key', variable: 'S3_SECRET') - ]) { - script{ - env.SHELLCHECK_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/shellcheck-result.xml' - } - sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-jenkins-builder/master/checkrun.sh | /bin/bash''' - sh '''#! /bin/bash - docker run --rm \ - -v ${WORKSPACE}:/mnt \ - -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \ - -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \ - ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\ - apk add --no-cache python3 && \ - python3 -m venv /lsiopy && \ - pip install --no-cache-dir -U pip && \ - pip install --no-cache-dir s3cmd && \ - s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :''' - } - } - } - // Use helper containers to render templated files - stage('Update-Templates') { - when { - branch "master" - environment name: 'CHANGE_ID', value: '' - expression { - env.CONTAINER_NAME != null - } - } - steps { - sh '''#! /bin/bash - set -e - TEMPDIR=$(mktemp -d) - docker pull ghcr.io/linuxserver/jenkins-builder:latest - # Cloned repo paths for templating: - # ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch master of ${LS_USER}/${LS_REPO} for running the jenkins builder on - # ${TEMPDIR}/repo/${LS_REPO}: Cloned branch master of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github - # ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github - # ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos - # ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github - git clone --branch master --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME} - docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true -e PUID=$(id -u) -e PGID=$(id -g) ghcr.io/linuxserver/jenkins-builder:latest - echo "Starting Stage 1 - Jenkinsfile update" - if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f master - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/ - git add Jenkinsfile - git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "Jenkinsfile is up to date." - fi - echo "Starting Stage 2 - Delete old templates" - OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml .github/workflows/package_trigger.yml" - for i in ${OLD_TEMPLATES}; do - if [[ -f "${i}" ]]; then - TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}" - fi - done - if [[ -n "${TEMPLATES_TO_DELETE}" ]]; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f master - for i in ${TEMPLATES_TO_DELETE}; do - git rm "${i}" - done - git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "No templates to delete" - fi - echo "Starting Stage 2.5 - Update init diagram" - if ! grep -q 'init_diagram:' readme-vars.yml; then - echo "Adding the key 'init_diagram' to readme-vars.yml" - sed -i '\\|^#.*changelog.*$|d' readme-vars.yml - sed -i 's|^changelogs:|# init diagram\\ninit_diagram:\\n\\n# changelog\\nchangelogs:|' readme-vars.yml - fi - mkdir -p ${TEMPDIR}/d2 - docker run --rm -v ${TEMPDIR}/d2:/output -e PUID=$(id -u) -e PGID=$(id -g) -e RAW="true" ghcr.io/linuxserver/d2-builder:latest ${CONTAINER_NAME}:latest - ls -al ${TEMPDIR}/d2 - yq -ei ".init_diagram |= load_str(\\"${TEMPDIR}/d2/${CONTAINER_NAME}-latest.d2\\")" readme-vars.yml - if [[ $(md5sum readme-vars.yml | cut -c1-8) != $(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/readme-vars.yml | cut -c1-8) ]]; then - echo "'init_diagram' has been updated. Updating repo and exiting build, new one will trigger based on commit." - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f master - cp ${WORKSPACE}/readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/readme-vars.yml - git add readme-vars.yml - git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Updating templates and exiting build, new one will trigger based on commit" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Init diagram is unchanged" - fi - echo "Starting Stage 3 - Update templates" - CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) - cd ${TEMPDIR}/docker-${CONTAINER_NAME} - NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) - if [[ "${CURRENTHASH}" != "${NEWHASH}" ]] || ! grep -q '.jenkins-external' "${WORKSPACE}/.gitignore" 2>/dev/null; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f master - cd ${TEMPDIR}/docker-${CONTAINER_NAME} - mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows - mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE - cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || : - cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || : - cd ${TEMPDIR}/repo/${LS_REPO}/ - if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then - echo ".jenkins-external" >> .gitignore - git add .gitignore - fi - git add readme-vars.yml ${TEMPLATED_FILES} - git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Updating templates and exiting build, new one will trigger based on commit" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "No templates to update" - fi - echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub" - mkdir -p ${TEMPDIR}/docs - git clone --depth=1 https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation - if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/ - cd ${TEMPDIR}/docs/docker-documentation - GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') - git add docs/images/docker-${CONTAINER_NAME}.md - echo "Updating docs repo" - git commit -m 'Bot Updating Documentation' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} || \ - (MAXWAIT="10" && echo "Push to docs failed, trying again in ${MAXWAIT} seconds" && \ - sleep $((RANDOM % MAXWAIT)) && \ - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase && \ - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH}) - else - echo "Docs update not needed, skipping" - fi - mkdir -p ${TEMPDIR}/unraid - git clone --depth=1 https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates - git clone --depth=1 https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates - if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then - sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml - elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then - sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml - fi - if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then - echo "Updating Unraid template" - cd ${TEMPDIR}/unraid/templates/ - GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') - if grep -wq "^${CONTAINER_NAME}$" ${TEMPDIR}/unraid/templates/unraid/ignore.list && [[ -f ${TEMPDIR}/unraid/templates/unraid/deprecated/${CONTAINER_NAME}.xml ]]; then - echo "Image is on the ignore list, and already in the deprecation folder." - elif grep -wq "^${CONTAINER_NAME}$" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then - echo "Image is on the ignore list, marking Unraid template as deprecated" - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ - git add -u unraid/${CONTAINER_NAME}.xml - git mv unraid/${CONTAINER_NAME}.xml unraid/deprecated/${CONTAINER_NAME}.xml || : - git commit -m 'Bot Moving Deprecated Unraid Template' || : - else - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ - git add unraid/${CONTAINER_NAME}.xml - git commit -m 'Bot Updating Unraid Template' - fi - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} || \ - (MAXWAIT="10" && echo "Push to unraid templates failed, trying again in ${MAXWAIT} seconds" && \ - sleep $((RANDOM % MAXWAIT)) && \ - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase && \ - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH}) - else - echo "No updates to Unraid template needed, skipping" - fi - if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then - if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) -gt 25000 ]]; then - echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub" - DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite" - else - echo "Syncing readme to Docker Hub" - DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md" - fi - if curl -s https://hub.docker.com/v2/namespaces/${DOCKERHUB_IMAGE%%/*}/repositories/${DOCKERHUB_IMAGE##*/}/tags | jq -r '.message' | grep -q 404; then - echo "Docker Hub endpoint doesn't exist. Creating endpoint first." - DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') - curl -s \ - -H "Authorization: JWT ${DH_TOKEN}" \ - -H "Content-Type: application/json" \ - -X POST \ - -d '{"name":"'${DOCKERHUB_IMAGE##*/}'", "namespace":"'${DOCKERHUB_IMAGE%%/*}'"}' \ - https://hub.docker.com/v2/repositories/ || : - fi - DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') - curl -s \ - -H "Authorization: JWT ${DH_TOKEN}" \ - -H "Content-Type: application/json" \ - -X PATCH \ - -d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \ - https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || : - else - echo "Not the default Github branch. Skipping readme sync to Docker Hub." - fi - rm -Rf ${TEMPDIR}''' - script{ - env.FILES_UPDATED = sh( - script: '''cat /tmp/${COMMIT_SHA}-${BUILD_NUMBER}''', - returnStdout: true).trim() - } - } - } - // Exit the build if the Templated files were just updated - stage('Template-exit') { - when { - branch "master" - environment name: 'CHANGE_ID', value: '' - environment name: 'FILES_UPDATED', value: 'true' - expression { - env.CONTAINER_NAME != null - } - } - steps { - script{ - env.EXIT_STATUS = 'ABORTED' - } - } - } - // If this is a master build check the S6 service file perms - stage("Check S6 Service file Permissions"){ - when { - branch "master" - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - script{ - sh '''#! /bin/bash - WRONG_PERM=$(find ./ -path "./.git" -prune -o \\( -name "run" -o -name "finish" -o -name "check" \\) -not -perm -u=x,g=x,o=x -print) - if [[ -n "${WRONG_PERM}" ]]; then - echo "The following S6 service files are missing the executable bit; canceling the faulty build: ${WRONG_PERM}" - exit 1 - else - echo "S6 service file perms look good." - fi ''' - } - } - } - /* ####################### - GitLab Mirroring and Quay.io Repo Visibility - ####################### */ - // Ping into Gitlab to mirror this repo and have a registry endpoint & mark this repo on Quay.io as public - stage("GitLab Mirror and Quay.io Visibility"){ - when { - environment name: 'EXIT_STATUS', value: '' - } - steps{ - sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \ - -d '{"namespace_id":'${GITLAB_NAMESPACE}',\ - "name":"'${LS_REPO}'", - "mirror":true,\ - "import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\ - "issues_access_level":"disabled",\ - "merge_requests_access_level":"disabled",\ - "repository_access_level":"enabled",\ - "visibility":"public"}' ''' - sh '''curl -H "Private-Token: ${GITLAB_TOKEN}" -X PUT "https://gitlab.com/api/v4/projects/Linuxserver.io%2F${LS_REPO}" \ - -d "mirror=true&import_url=https://github.com/linuxserver/${LS_REPO}.git" ''' - sh '''curl -H "Content-Type: application/json" -H "Authorization: Bearer ${QUAYIO_API_TOKEN}" -X POST "https://quay.io/api/v1/repository${QUAYIMAGE/quay.io/}/changevisibility" \ - -d '{"visibility":"public"}' ||: ''' - } - } - /* ############### - Build Container - ############### */ - // Build Docker container for push to LS Repo - stage('Build-Single') { - when { - expression { - env.MULTIARCH == 'false' || params.PACKAGE_CHECK == 'true' - } - environment name: 'EXIT_STATUS', value: '' - } - steps { - echo "Running on node: ${NODE_NAME}" - sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile" - sh "docker buildx build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-code-server/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-code-server\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-code-server\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Code-server\" \ - --label \"org.opencontainers.image.description=[Code-server](https://coder.com) is VS Code running on a remote server, accessible through the browser. - Code on your Chromebook, tablet, and laptop with a consistent dev environment. - If you have a Windows or Mac workstation, more easily develop for Linux. - Take advantage of large cloud servers to speed up tests, compilations, downloads, and more. - Preserve battery life when you're on the go. - All intensive computation runs on your server. - You're no longer running excess instances of Chrome. \" \ - --no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \ - --provenance=true --sbom=true --builder=container --load \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh '''#! /bin/bash - set -e - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker tag ${IMAGE}:${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} - done - ''' - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - if [[ "${PACKAGE_CHECK}" != "true" ]]; then - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} & - done - for p in $(jobs -p); do - wait "$p" || { echo "job $p failed" >&2; exit 1; } - done - fi - ''' - } - } - } - } - // Build MultiArch Docker containers for push to LS Repo - stage('Build-Multi') { - when { - allOf { - environment name: 'MULTIARCH', value: 'true' - expression { params.PACKAGE_CHECK == 'false' } - } - environment name: 'EXIT_STATUS', value: '' - } - parallel { - stage('Build X86') { - steps { - echo "Running on node: ${NODE_NAME}" - sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile" - sh "docker buildx build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-code-server/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-code-server\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-code-server\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Code-server\" \ - --label \"org.opencontainers.image.description=[Code-server](https://coder.com) is VS Code running on a remote server, accessible through the browser. - Code on your Chromebook, tablet, and laptop with a consistent dev environment. - If you have a Windows or Mac workstation, more easily develop for Linux. - Take advantage of large cloud servers to speed up tests, compilations, downloads, and more. - Preserve battery life when you're on the go. - All intensive computation runs on your server. - You're no longer running excess instances of Chrome. \" \ - --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \ - --provenance=true --sbom=true --builder=container --load \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh '''#! /bin/bash - set -e - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker tag ${IMAGE}:amd64-${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} - done - ''' - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - if [[ "${PACKAGE_CHECK}" != "true" ]]; then - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} & - done - for p in $(jobs -p); do - wait "$p" || { echo "job $p failed" >&2; exit 1; } - done - fi - ''' - } - } - } - } - stage('Build ARM64') { - agent { - label 'ARM64' - } - steps { - echo "Running on node: ${NODE_NAME}" - sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.aarch64" - sh "docker buildx build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-code-server/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-code-server\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-code-server\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Code-server\" \ - --label \"org.opencontainers.image.description=[Code-server](https://coder.com) is VS Code running on a remote server, accessible through the browser. - Code on your Chromebook, tablet, and laptop with a consistent dev environment. - If you have a Windows or Mac workstation, more easily develop for Linux. - Take advantage of large cloud servers to speed up tests, compilations, downloads, and more. - Preserve battery life when you're on the go. - All intensive computation runs on your server. - You're no longer running excess instances of Chrome. \" \ - --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \ - --provenance=true --sbom=true --builder=container --load \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh '''#! /bin/bash - set -e - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker tag ${IMAGE}:arm64v8-${META_TAG} ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - done - ''' - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - if [[ "${PACKAGE_CHECK}" != "true" ]]; then - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker push ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} & - done - for p in $(jobs -p); do - wait "$p" || { echo "job $p failed" >&2; exit 1; } - done - fi - ''' - } - } - sh '''#! /bin/bash - containers=$(docker ps -aq) - if [[ -n "${containers}" ]]; then - docker stop ${containers} - fi - docker system prune -f --volumes || : - docker image prune -af || : - ''' - } - } - } - } - // Take the image we just built and dump package versions for comparison - stage('Update-packages') { - when { - branch "master" - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - sh '''#! /bin/bash - set -e - TEMPDIR=$(mktemp -d) - if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" != "true" ]; then - LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG} - else - LOCAL_CONTAINER=${IMAGE}:${META_TAG} - fi - touch ${TEMPDIR}/package_versions.txt - docker run --rm \ - -v /var/run/docker.sock:/var/run/docker.sock:ro \ - -v ${TEMPDIR}:/tmp \ - ghcr.io/anchore/syft:${SYFT_IMAGE_TAG} \ - ${LOCAL_CONTAINER} -o table=/tmp/package_versions.txt - NEW_PACKAGE_TAG=$(md5sum ${TEMPDIR}/package_versions.txt | cut -c1-8 ) - echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github" - if [ "${NEW_PACKAGE_TAG}" != "${PACKAGE_TAG}" ]; then - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/${LS_REPO} - git --git-dir ${TEMPDIR}/${LS_REPO}/.git checkout -f master - cp ${TEMPDIR}/package_versions.txt ${TEMPDIR}/${LS_REPO}/ - cd ${TEMPDIR}/${LS_REPO}/ - wait - git add package_versions.txt - git commit -m 'Bot Updating Package Versions' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master - echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER} - echo "Package tag updated, stopping build process" - else - echo "false" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER} - echo "Package tag is same as previous continue with build process" - fi - rm -Rf ${TEMPDIR}''' - script{ - env.PACKAGE_UPDATED = sh( - script: '''cat /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER}''', - returnStdout: true).trim() - } - } - } - // Exit the build if the package file was just updated - stage('PACKAGE-exit') { - when { - branch "master" - environment name: 'CHANGE_ID', value: '' - environment name: 'PACKAGE_UPDATED', value: 'true' - environment name: 'EXIT_STATUS', value: '' - } - steps { - script{ - env.EXIT_STATUS = 'ABORTED' - } - } - } - // Exit the build if this is just a package check and there are no changes to push - stage('PACKAGECHECK-exit') { - when { - branch "master" - environment name: 'CHANGE_ID', value: '' - environment name: 'PACKAGE_UPDATED', value: 'false' - environment name: 'EXIT_STATUS', value: '' - expression { - params.PACKAGE_CHECK == 'true' - } - } - steps { - script{ - env.EXIT_STATUS = 'ABORTED' - } - } - } - /* ####### - Testing - ####### */ - // Run Container tests - stage('Test') { - when { - environment name: 'CI', value: 'true' - environment name: 'EXIT_STATUS', value: '' - } - steps { - withCredentials([ - string(credentialsId: 'ci-tests-s3-key-id', variable: 'S3_KEY'), - string(credentialsId: 'ci-tests-s3-secret-access-key ', variable: 'S3_SECRET') - ]) { - script{ - env.CI_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/index.html' - env.CI_JSON_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/report.json' - } - sh '''#! /bin/bash - set -e - if grep -q 'docker-baseimage' <<< "${LS_REPO}"; then - echo "Detected baseimage, setting LSIO_FIRST_PARTY=true" - if [ -n "${CI_DOCKERENV}" ]; then - CI_DOCKERENV="LSIO_FIRST_PARTY=true|${CI_DOCKERENV}" - else - CI_DOCKERENV="LSIO_FIRST_PARTY=true" - fi - fi - docker pull ghcr.io/linuxserver/ci:latest - if [ "${MULTIARCH}" == "true" ]; then - docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64 - docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} - fi - docker run --rm \ - --shm-size=1gb \ - -v /var/run/docker.sock:/var/run/docker.sock \ - -e IMAGE=\"${IMAGE}\" \ - -e DOCKER_LOGS_TIMEOUT=\"${CI_DELAY}\" \ - -e TAGS=\"${CI_TAGS}\" \ - -e META_TAG=\"${META_TAG}\" \ - -e RELEASE_TAG=\"latest\" \ - -e PORT=\"${CI_PORT}\" \ - -e SSL=\"${CI_SSL}\" \ - -e BASE=\"${DIST_IMAGE}\" \ - -e SECRET_KEY=\"${S3_SECRET}\" \ - -e ACCESS_KEY=\"${S3_KEY}\" \ - -e DOCKER_ENV=\"${CI_DOCKERENV}\" \ - -e WEB_SCREENSHOT=\"${CI_WEB}\" \ - -e WEB_AUTH=\"${CI_AUTH}\" \ - -e WEB_PATH=\"${CI_WEBPATH}\" \ - -e NODE_NAME=\"${NODE_NAME}\" \ - -e SYFT_IMAGE_TAG=\"${CI_SYFT_IMAGE_TAG:-${SYFT_IMAGE_TAG}}\" \ - -t ghcr.io/linuxserver/ci:latest \ - python3 test_build.py''' - } - } - } - /* ################## - Release Logic - ################## */ - // If this is an amd64 only image only push a single image - stage('Docker-Push-Single') { - when { - environment name: 'MULTIARCH', value: 'false' - environment name: 'EXIT_STATUS', value: '' - } - steps { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - for PUSHIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - [[ ${PUSHIMAGE%%/*} =~ \\. ]] && PUSHIMAGEPLUS="${PUSHIMAGE}" || PUSHIMAGEPLUS="docker.io/${PUSHIMAGE}" - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - if [[ "${PUSHIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then - CACHEIMAGE=${i} - fi - done - docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} - if [ -n "${SEMVER}" ]; then - docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} - fi - done - ''' - } - } - } - // If this is a multi arch release push all images and define the manifest - stage('Docker-Push-Multi') { - when { - environment name: 'MULTIARCH', value: 'true' - environment name: 'EXIT_STATUS', value: '' - } - steps { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - [[ ${MANIFESTIMAGE%%/*} =~ \\. ]] && MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" || MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}" - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - if [[ "${MANIFESTIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then - CACHEIMAGE=${i} - fi - done - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - if [ -n "${SEMVER}" ]; then - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - fi - done - for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest - docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} - - docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} - if [ -n "${SEMVER}" ]; then - docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} - fi - done - ''' - } - } - } - // If this is a public release tag it in the LS Github - stage('Github-Tag-Push-Release') { - when { - branch "master" - expression { - env.LS_RELEASE != env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - } - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - echo "Pushing New tag for current commit ${META_TAG}" - sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \ - -d '{"tag":"'${META_TAG}'",\ - "object": "'${COMMIT_SHA}'",\ - "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to master",\ - "type": "commit",\ - "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' ''' - echo "Pushing New release for Tag" - sh '''#! /bin/bash - echo "Updating to ${EXT_RELEASE_CLEAN}" > releasebody.json - echo '{"tag_name":"'${META_TAG}'",\ - "target_commitish": "master",\ - "name": "'${META_TAG}'",\ - "body": "**CI Report:**\\n\\n'${CI_URL:-N/A}'\\n\\n**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start - printf '","draft": false,"prerelease": false}' >> releasebody.json - paste -d'\\0' start releasebody.json > releasebody.json.done - curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done''' - } - } - // Add protection to the release branch - stage('Github-Release-Branch-Protection') { - when { - branch "master" - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - echo "Setting up protection for release branch master" - sh '''#! /bin/bash - curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://api.github.com/repos/${LS_USER}/${LS_REPO}/branches/master/protection \ - -d $(jq -c . << EOF - { - "required_status_checks": null, - "enforce_admins": false, - "required_pull_request_reviews": { - "dismiss_stale_reviews": false, - "require_code_owner_reviews": false, - "require_last_push_approval": false, - "required_approving_review_count": 1 - }, - "restrictions": null, - "required_linear_history": false, - "allow_force_pushes": false, - "allow_deletions": false, - "block_creations": false, - "required_conversation_resolution": true, - "lock_branch": false, - "allow_fork_syncing": false, - "required_signatures": false - } -EOF - ) ''' - } - } - // If this is a Pull request send the CI link as a comment on it - stage('Pull Request Comment') { - when { - not {environment name: 'CHANGE_ID', value: ''} - environment name: 'EXIT_STATUS', value: '' - } - steps { - sh '''#! /bin/bash - # Function to retrieve JSON data from URL - get_json() { - local url="$1" - local response=$(curl -s "$url") - if [ $? -ne 0 ]; then - echo "Failed to retrieve JSON data from $url" - return 1 - fi - local json=$(echo "$response" | jq .) - if [ $? -ne 0 ]; then - echo "Failed to parse JSON data from $url" - return 1 - fi - echo "$json" - } - - build_table() { - local data="$1" - - # Get the keys in the JSON data - local keys=$(echo "$data" | jq -r 'to_entries | map(.key) | .[]') - - # Check if keys are empty - if [ -z "$keys" ]; then - echo "JSON report data does not contain any keys or the report does not exist." - return 1 - fi - - # Build table header - local header="| Tag | Passed |\\n| --- | --- |\\n" - - # Loop through the JSON data to build the table rows - local rows="" - for build in $keys; do - local status=$(echo "$data" | jq -r ".[\\"$build\\"].test_success") - if [ "$status" = "true" ]; then - status="✅" - else - status="❌" - fi - local row="| "$build" | "$status" |\\n" - rows="${rows}${row}" - done - - local table="${header}${rows}" - local escaped_table=$(echo "$table" | sed 's/\"/\\\\"/g') - echo "$escaped_table" - } - - if [[ "${CI}" = "true" ]]; then - # Retrieve JSON data from URL - data=$(get_json "$CI_JSON_URL") - # Create table from JSON data - table=$(build_table "$data") - echo -e "$table" - - curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ - -H "Accept: application/vnd.github.v3+json" \ - "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ - -d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}" - else - curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ - -H "Accept: application/vnd.github.v3+json" \ - "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ - -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" - fi - ''' - - } - } - } - /* ###################### - Send status to Discord - ###################### */ - post { - always { - sh '''#!/bin/bash - rm -rf /config/.ssh/id_sign - rm -rf /config/.ssh/id_sign.pub - git config --global --unset gpg.format - git config --global --unset user.signingkey - git config --global --unset commit.gpgsign - ''' - script{ - env.JOB_DATE = sh( - script: '''date '+%Y-%m-%dT%H:%M:%S%:z' ''', - returnStdout: true).trim() - if (env.EXIT_STATUS == "ABORTED"){ - sh 'echo "build aborted"' - }else{ - if (currentBuild.currentResult == "SUCCESS"){ - if (env.GITHUBIMAGE =~ /lspipepr/){ - env.JOB_WEBHOOK_STATUS='Success' - env.JOB_WEBHOOK_COLOUR=3957028 - env.JOB_WEBHOOK_FOOTER='PR Build' - }else if (env.GITHUBIMAGE =~ /lsiodev/){ - env.JOB_WEBHOOK_STATUS='Success' - env.JOB_WEBHOOK_COLOUR=3957028 - env.JOB_WEBHOOK_FOOTER='Dev Build' - }else{ - env.JOB_WEBHOOK_STATUS='Success' - env.JOB_WEBHOOK_COLOUR=1681177 - env.JOB_WEBHOOK_FOOTER='Live Build' - } - }else{ - if (env.GITHUBIMAGE =~ /lspipepr/){ - env.JOB_WEBHOOK_STATUS='Failure' - env.JOB_WEBHOOK_COLOUR=12669523 - env.JOB_WEBHOOK_FOOTER='PR Build' - }else if (env.GITHUBIMAGE =~ /lsiodev/){ - env.JOB_WEBHOOK_STATUS='Failure' - env.JOB_WEBHOOK_COLOUR=12669523 - env.JOB_WEBHOOK_FOOTER='Dev Build' - }else{ - env.JOB_WEBHOOK_STATUS='Failure' - env.JOB_WEBHOOK_COLOUR=16711680 - env.JOB_WEBHOOK_FOOTER='Live Build' - } - } - sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"'color'": '${JOB_WEBHOOK_COLOUR}',\ - "footer": {"text" : "'"${JOB_WEBHOOK_FOOTER}"'"},\ - "timestamp": "'${JOB_DATE}'",\ - "description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** '${JOB_WEBHOOK_STATUS}'\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\ - "username": "Jenkins"}' ${BUILDS_DISCORD} ''' - } - } - } - cleanup { - sh '''#! /bin/bash - echo "Pruning builder!!" - docker builder prune -f --builder container || : - containers=$(docker ps -q) - if [[ -n "${containers}" ]]; then - BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit') - for container in ${containers}; do - if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then - echo "skipping buildx container in docker stop" - else - echo "Stopping container ${container}" - docker stop ${container} - fi - done - fi - docker system prune -f --volumes || : - docker image prune -af || : - ''' - cleanWs() - } - } -} - -def retry_backoff(int max_attempts, int power_base, Closure c) { - int n = 0 - while (n < max_attempts) { - try { - c() - return - } catch (err) { - if ((n + 1) >= max_attempts) { - throw err - } - sleep(power_base ** n) - n++ - } - } - return -} diff --git a/buildspec/merge_master.yaml b/buildspec/merge_master.yaml new file mode 100644 index 0000000..78f27df --- /dev/null +++ b/buildspec/merge_master.yaml @@ -0,0 +1,21 @@ +version: 0.2 +phases: + pre_build: + commands: + - export ECR_ACCOUNT_ID="$(echo $FIPS_REPOSITORY_URI | cut -d'.' -f1)" + - export COMMIT_HASH_SHORT="$(echo $COMMIT_HASH | cut -c 1-7)" + - echo Logging in to Amazon ECR... + - aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${FIPS_REPOSITORY_URI} + build: + commands: + - echo Building the Docker image... + - > + docker build + --build-arg ECR_ACCOUNT_ID=${ECR_ACCOUNT_ID} + --tag ${FIPS_REPOSITORY_URI}:latest + . + + - docker image push --all-tags ${FIPS_REPOSITORY_URI} + post_build: + commands: + - echo Build completed! diff --git a/buildspec/push.yaml b/buildspec/push.yaml new file mode 100644 index 0000000..8cdc257 --- /dev/null +++ b/buildspec/push.yaml @@ -0,0 +1,26 @@ +version: 0.2 +phases: + pre_build: + commands: + - export ECR_ACCOUNT_ID="$(echo $FIPS_REPOSITORY_URI | cut -d'.' -f1)" + - export COMMIT_HASH_SHORT="$(echo $COMMIT_HASH | cut -c 1-7)" + - echo Logging in to Amazon ECR... + - aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${FIPS_REPOSITORY_URI} + build: + commands: + - echo Building the Docker image... + - echo $FIPS_REPOSITORY_URI + - echo $COMMIT_HASH_SHORT + - echo $BRANCH_NAME + - > + docker build + --build-arg ECR_ACCOUNT_ID=${ECR_ACCOUNT_ID} + --tag ${FIPS_REPOSITORY_URI}:${COMMIT_HASH_SHORT} + --tag ${FIPS_REPOSITORY_URI}:${BRANCH_NAME} + . + + - docker image push --all-tags ${FIPS_REPOSITORY_URI} + post_build: + commands: + - echo Build completed! + - printf '{"tag":"%s"}' $COMMIT_HASH_SHORT > build.json diff --git a/buildspec/release.yaml b/buildspec/release.yaml new file mode 100644 index 0000000..5794864 --- /dev/null +++ b/buildspec/release.yaml @@ -0,0 +1,26 @@ +version: 0.2 +phases: + pre_build: + commands: + - export ECR_ACCOUNT_ID="$(echo $FIPS_REPOSITORY_URI | cut -d'.' -f1)" + - echo Logging in to Amazon ECR... + - aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${FIPS_REPOSITORY_URI} + build: + commands: + - echo Building the Docker image... + - PATCH_TAG=${TAG_NAME#"v"} + - MINOR_TAG=${PATCH_TAG%.*} + - MAJOR_TAG=${MINOR_TAG%.*} + - > + docker build + --build-arg ECR_ACCOUNT_ID=${ECR_ACCOUNT_ID} + --tag ${FIPS_REPOSITORY_URI}:${PATCH_TAG} + --tag ${FIPS_REPOSITORY_URI}:${MINOR_TAG} + --tag ${FIPS_REPOSITORY_URI}:${MAJOR_TAG} + . + + - docker image push --all-tags ${FIPS_REPOSITORY_URI} + post_build: + commands: + - echo Build completed! + - printf '{"tag":"%s"}' $TAG_NAME > build.json diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..0bf647e --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,24 @@ +--- +services: + docker-code-server: + image: "${ECR_ACCOUNT_ID:-0123456789012}.dkr.ecr-fips.${ECR_REGION}.amazonaws.com/docker-code-server:${IMAGE_TAG:-latest}" + pull_policy: build + build: + context: . + dockerfile: Dockerfile + platforms: + - linux/amd64 + args: + - ECR_ACCOUNT_ID=${ECR_ACCOUNT_ID:-0123456789012} + - BASE_IMAGE_TAG=${BASE_IMAGE_TAG:-latest} + - VERSION=${VERSION:-4.102.1} + - CODE_RELEASE=${CODE_RELEASE:-4.102.1} + environment: + - PUID=${PUID:-0} + - PGID=${PGID:-0} + - TZ=${TZ:-America/Chicago} + - PROXY_DOMAIN=${PROXY_DOMAIN:-} + - DEFAULT_WORKSPACE=${DEFAULT_WORKSPACE:-/workspace} + - PWA_APPNAME=${PWA_APPNAME:-code-server} + ports: + - "${HOST_PORT:-8443}:8443" diff --git a/jenkins-vars.yml b/jenkins-vars.yml deleted file mode 100644 index d9a9058..0000000 --- a/jenkins-vars.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -# jenkins variables -project_name: docker-code-server -external_type: na -custom_version_command: "curl -sX GET https://api.github.com/repos/coder/code-server/releases/latest | jq -r '.tag_name' | sed 's|^v||'" -release_type: stable -release_tag: latest -ls_branch: master -repo_vars: - - CONTAINER_NAME = 'code-server' - - BUILD_VERSION_ARG = 'CODE_RELEASE' - - LS_USER = 'linuxserver' - - LS_REPO = 'docker-code-server' - - DOCKERHUB_IMAGE = 'linuxserver/code-server' - - DEV_DOCKERHUB_IMAGE = 'lsiodev/code-server' - - PR_DOCKERHUB_IMAGE = 'lspipepr/code-server' - - DIST_IMAGE = 'ubuntu' - - MULTIARCH='true' - - CI='true' - - CI_WEB='true' - - CI_PORT='8443' - - CI_SSL='false' - - CI_DELAY='120' - - CI_DOCKERENV='' - - CI_AUTH='' - - CI_WEBPATH='' diff --git a/package_versions.txt b/package_versions.txt deleted file mode 100755 index 3c4b497..0000000 --- a/package_versions.txt +++ /dev/null @@ -1,573 +0,0 @@ -NAME VERSION TYPE -@babel/runtime 7.27.6 npm -@coder/logger 3.0.1 npm -@mapbox/node-pre-gyp 1.0.11 npm -@microsoft/1ds-core-js 3.2.13 npm -@microsoft/1ds-post-js 3.2.13 npm -@microsoft/applicationinsights-core-js 2.8.15 npm -@microsoft/applicationinsights-shims 2.0.2 npm -@microsoft/dynamicproto-js 1.1.9 npm -@parcel/watcher 2.5.1 npm -@parcel/watcher-linux-x64-glibc 2.5.1 npm -@parcel/watcher-linux-x64-musl 2.5.1 npm -@phc/format 1.0.0 npm -@tootallnate/once 3.0.0 npm -@tootallnate/quickjs-emscripten 0.23.0 npm -@vscode/deviceid 0.1.1 npm -@vscode/iconv-lite-umd 0.7.0 npm -@vscode/proxy-agent 0.32.0 npm -@vscode/ripgrep 1.15.14 npm -@vscode/spdlog 0.15.2 npm -@vscode/tree-sitter-wasm 0.1.4 npm -@vscode/vscode-languagedetection 1.0.21 npm -@vscode/windows-process-tree 0.6.0 npm -@vscode/windows-registry 1.1.0 npm -@xterm/addon-clipboard 0.2.0-beta.95 npm -@xterm/addon-image 0.9.0-beta.112 npm -@xterm/addon-ligatures 0.10.0-beta.112 npm -@xterm/addon-progress 0.2.0-beta.18 npm -@xterm/addon-search 0.16.0-beta.112 npm -@xterm/addon-serialize 0.14.0-beta.112 npm -@xterm/addon-unicode11 0.9.0-beta.112 npm -@xterm/addon-webgl 0.19.0-beta.112 npm -@xterm/headless 5.6.0-beta.112 npm -@xterm/xterm 5.6.0-beta.112 npm -OpenConsole.exe 1.22.250204002 binary (+1 duplicate) -abbrev 1.1.1 npm -accepts 2.0.0 npm -adduser 3.137ubuntu1 deb -agent-base 6.0.2 npm -agent-base 7.1.1 npm -agent-base 7.1.3 npm (+3 duplicates) -ansi-regex 5.0.1 npm -aproba 2.0.0 npm -apt 2.8.3 deb -apt-utils 2.8.3 deb -are-we-there-yet 2.0.0 npm -argon2 0.31.2 npm -argparse 2.0.1 npm -ast-types 0.13.4 npm -balanced-match 1.0.2 npm -base-files 13ubuntu10.2 deb -base-passwd 3.6.3build1 deb -base64-js 1.5.1 npm -bash 5.2.21-2ubuntu4 deb -basic-ftp 5.0.5 npm -bat 1.0.0 npm -beep-boop 1.2.3 npm -bindings 1.5.0 npm -bl 4.1.0 npm -body-parser 2.1.0 npm -brace-expansion 1.1.12 npm -braces 3.0.3 npm -bsdutils 1:2.39.3-9ubuntu6.3 deb -buffer 5.7.1 npm -buffer-alloc 1.2.0 npm -buffer-alloc-unsafe 1.1.0 npm -buffer-crc32 0.2.13 npm -buffer-fill 1.0.0 npm -builtin-notebook-renderers 1.0.0 npm -bytes 3.1.2 npm -ca-certificates 20240203 deb -call-bind-apply-helpers 1.0.2 npm -call-bound 1.0.4 npm -catatonit 0.1.7-1 deb -charenc 0.0.2 npm -chownr 1.1.4 npm -chownr 2.0.0 npm -clojure 1.0.0 npm -code-server 1.102.1 npm -code-server 4.102.1 npm -coffeescript 1.0.0 npm -color-support 1.1.3 npm -compressible 2.0.18 npm -compression 1.8.0 npm -concat-map 0.0.1 npm -configuration-editing 1.0.0 npm -conpty.dll 1.22.250204002 binary (+1 duplicate) -console-control-strings 1.1.0 npm -content-disposition 1.0.0 npm -content-type 1.0.5 npm -cookie 0.7.1 npm -cookie 0.7.2 npm (+1 duplicate) -cookie-parser 1.4.7 npm -cookie-signature 1.0.6 npm -cookie-signature 1.2.2 npm -coreutils 9.4-3ubuntu6 deb -cpp 1.0.0 npm -cron 3.0pl1-184ubuntu2 deb -cron-daemon-common 3.0pl1-184ubuntu2 deb -crypt 0.0.2 npm -csharp 1.0.0 npm -css 1.0.0 npm -css-language-features 1.0.0 npm -curl 8.5.0-2ubuntu10.6 deb -dart 1.0.0 npm -dash 0.5.12-6ubuntu5 deb -data-uri-to-buffer 6.0.2 npm -debconf 1.5.86ubuntu1 deb -debianutils 5.17build1 deb -debug 2.6.9 npm -debug 4.3.4 npm -debug 4.3.6 npm -debug 4.4.0 npm -debug-auto-launch 1.0.0 npm -debug-server-ready 1.0.0 npm -decompress-response 6.0.0 npm -deep-extend 0.6.0 npm -degenerator 5.0.1 npm -delegates 1.0.0 npm -depd 2.0.0 npm -destroy 1.2.0 npm -detect-libc 1.0.3 npm -detect-libc 2.0.1 npm -detect-libc 2.0.3 npm -diff 1.0.0 npm -diffutils 1:3.10-1build1 deb -dirmngr 2.4.4-2ubuntu17.3 deb -docker 1.0.0 npm -dpkg 1.22.6ubuntu6.1 deb -dunder-proto 1.0.1 npm -e2fsprogs 1.47.0-2.4~exp1ubuntu4.1 deb -ee-first 1.1.1 npm -emmet 1.0.0 npm -emoji-regex 8.0.0 npm -encodeurl 2.0.0 npm -end-of-stream 1.4.4 npm -env-paths 2.2.1 npm -es-define-property 1.0.1 npm -es-errors 1.3.0 npm -es-object-atoms 1.1.1 npm -es6-promisify 7.0.0 npm -escape-html 1.0.3 npm -escodegen 2.1.0 npm -esprima 4.0.1 npm -estraverse 5.3.0 npm -esutils 2.0.3 npm -etag 1.8.1 npm -eventemitter3 4.0.7 npm -expand-template 2.0.3 npm -express 5.0.1 npm -extension-editing 1.0.0 npm -fd-slicer 1.1.0 npm -file-uri-to-path 1.0.0 npm -fill-range 7.1.1 npm -finalhandler 2.1.0 npm -findutils 4.9.0-5build1 deb -follow-redirects 1.15.9 npm -font-finder 1.1.0 npm -font-ligatures 1.4.1 npm -forwarded 0.2.0 npm -fresh 0.5.2 npm -fresh 2.0.0 npm -fs-constants 1.0.0 npm -fs-extra 11.2.0 npm -fs-minipass 2.1.0 npm -fs.realpath 1.0.0 npm -fsharp 1.0.0 npm -function-bind 1.1.2 npm -gauge 3.0.2 npm -gcc-14-base 14.2.0-4ubuntu2~24.04 deb -get-intrinsic 1.3.0 npm -get-proto 1.0.1 npm -get-system-fonts 2.0.2 npm -get-uri 6.0.4 npm -git 1.0.0 npm -git 1:2.43.0-1ubuntu7.3 deb -git-base 1.0.0 npm -git-man 1:2.43.0-1ubuntu7.3 deb -github 0.0.1 npm -github-authentication 0.0.2 npm -github-from-package 0.0.0 npm -glob 7.2.3 npm -gnupg 2.4.4-2ubuntu17.3 deb -gnupg-l10n 2.4.4-2ubuntu17.3 deb -gnupg-utils 2.4.4-2ubuntu17.3 deb -go 1.0.0 npm -gopd 1.2.0 npm -gpg 2.4.4-2ubuntu17.3 deb -gpg-agent 2.4.4-2ubuntu17.3 deb -gpg-wks-client 2.4.4-2ubuntu17.3 deb -gpgconf 2.4.4-2ubuntu17.3 deb -gpgsm 2.4.4-2ubuntu17.3 deb -gpgv 2.4.4-2ubuntu17.3 deb -graceful-fs 4.2.11 npm -grep 3.11-4build1 deb -groovy 1.0.0 npm -grunt 1.0.0 npm -gulp 1.0.0 npm -gzip 1.12-1ubuntu3.1 deb -handlebars 1.0.0 npm -has-symbols 1.1.0 npm -has-unicode 2.0.1 npm -hasown 2.0.2 npm -hlsl 1.0.0 npm -hostname 3.23+nmu2ubuntu2 deb -html 1.0.0 npm -html-language-features 1.0.0 npm -http-errors 2.0.0 npm -http-proxy 1.18.1 npm -http-proxy-agent 7.0.0 npm -http-proxy-agent 7.0.2 npm -httpolyglot 0.1.2 npm -https-proxy-agent 5.0.1 npm -https-proxy-agent 7.0.2 npm -https-proxy-agent 7.0.6 npm (+1 duplicate) -i18next 25.3.0 npm -iconv-lite 0.5.2 npm -iconv-lite 0.6.3 npm -ieee754 1.2.1 npm -inflight 1.0.6 npm -inherits 2.0.4 npm (+1 duplicate) -ini 1.0.0 npm -ini 1.3.8 npm -init-system-helpers 1.66ubuntu1 deb -ip-address 9.0.5 npm (+1 duplicate) -ipaddr.js 1.9.1 npm -ipynb 1.0.0 npm -is-buffer 1.1.6 npm -is-extglob 2.1.1 npm -is-fullwidth-code-point 3.0.0 npm -is-glob 4.0.3 npm -is-number 7.0.0 npm -is-promise 4.0.0 npm -isexe 2.0.0 npm -jake 1.0.0 npm -java 1.0.0 npm -javascript 1.0.0 npm -jq 1.7.1-3build1 deb -js-base64 3.7.7 npm -js-debug 1.102.0 npm -js-debug-companion 1.1.3 npm -js-yaml 4.1.0 npm -jsbn 1.1.0 npm (+1 duplicate) -jschardet 3.1.4 npm -json 1.0.0 npm -json-language-features 1.0.0 npm -jsonfile 6.1.0 npm -julia 1.0.0 npm -just-performance 4.3.0 npm -kerberos 2.1.1 npm -keyboxd 2.4.4-2ubuntu17.3 deb -krb5-locales 1.20.1-6ubuntu2.6 deb -latex 1.0.0 npm -less 1.0.0 npm -less 590-2ubuntu2.1 deb -libacl1 2.3.2-1build1.1 deb -libapparmor1 4.0.1really4.0.1-0ubuntu0.24.04.4 deb -libapt-pkg6.0t64 2.8.3 deb -libassuan0 2.5.6-1build1 deb -libatomic1 14.2.0-4ubuntu2~24.04 deb -libattr1 1:2.5.2-1build1.1 deb -libaudit-common 1:3.1.2-2.1build1.1 deb -libaudit1 1:3.1.2-2.1build1.1 deb -libblkid1 2.39.3-9ubuntu6.3 deb -libbrotli1 1.1.0-2build2 deb -libbsd0 0.12.1-1build1.1 deb -libbz2-1.0 1.0.8-5.1build0.1 deb -libc-bin 2.39-0ubuntu8.5 deb -libc6 2.39-0ubuntu8.5 deb -libcap-ng0 0.8.4-2build2 deb -libcap2 1:2.66-5ubuntu2.2 deb -libcbor0.10 0.10.2-1.2ubuntu2 deb -libcom-err2 1.47.0-2.4~exp1ubuntu4.1 deb -libcrypt1 1:4.4.36-4build1 deb -libcurl3t64-gnutls 8.5.0-2ubuntu10.6 deb -libcurl4t64 8.5.0-2ubuntu10.6 deb -libdb5.3t64 5.3.28+dfsg2-7 deb -libdebconfclient0 0.271ubuntu3 deb -libedit2 3.1-20230828-1build1 deb -liberror-perl 0.17029-2 deb -libexpat1 2.6.1-2ubuntu0.3 deb -libext2fs2t64 1.47.0-2.4~exp1ubuntu4.1 deb -libffi8 3.4.6-1build1 deb -libfido2-1 1.14.0-1build3 deb -libgcc-s1 14.2.0-4ubuntu2~24.04 deb -libgcrypt20 1.10.3-2build1 deb -libgdbm-compat4t64 1.23-5.1build1 deb -libgdbm6t64 1.23-5.1build1 deb -libgmp10 2:6.3.0+dfsg-2ubuntu6.1 deb -libgnutls30t64 3.8.3-1.1ubuntu3.4 deb -libgpg-error0 1.47-3build2.1 deb -libgssapi-krb5-2 1.20.1-6ubuntu2.6 deb -libhogweed6t64 3.9.1-2.2build1.1 deb -libidn2-0 2.3.7-2build1.1 deb -libjq1 1.7.1-3build1 deb -libk5crypto3 1.20.1-6ubuntu2.6 deb -libkeyutils1 1.6.3-3build1 deb -libkrb5-3 1.20.1-6ubuntu2.6 deb -libkrb5support0 1.20.1-6ubuntu2.6 deb -libksba8 1.6.6-1build1 deb -libldap-common 2.6.7+dfsg-1~exp1ubuntu8.2 deb -libldap2 2.6.7+dfsg-1~exp1ubuntu8.2 deb -liblz4-1 1.9.4-1build1.1 deb -liblzma5 5.6.1+really5.4.5-1ubuntu0.2 deb -libmd0 1.1.0-2build1.1 deb -libmount1 2.39.3-9ubuntu6.3 deb -libncursesw6 6.4+20240113-1ubuntu2 deb -libnettle8t64 3.9.1-2.2build1.1 deb -libnghttp2-14 1.59.0-1ubuntu0.2 deb -libnpth0t64 1.6-3.1build1 deb -libonig5 6.9.9-1build1 deb -libp11-kit0 0.25.3-4ubuntu2.1 deb -libpam-modules 1.5.3-5ubuntu5.4 deb -libpam-modules-bin 1.5.3-5ubuntu5.4 deb -libpam-runtime 1.5.3-5ubuntu5.4 deb -libpam0g 1.5.3-5ubuntu5.4 deb -libpcre2-8-0 10.42-4ubuntu2.1 deb -libperl5.38t64 5.38.2-3.2ubuntu0.1 deb -libproc2-0 2:4.0.4-4ubuntu3.2 deb -libpsl5t64 0.21.2-1.1build1 deb -libreadline8t64 8.2-4build1 deb -librtmp1 2.4+20151223.gitfa8646d.1-2build7 deb -libsasl2-2 2.1.28+dfsg1-5ubuntu3.1 deb -libsasl2-modules 2.1.28+dfsg1-5ubuntu3.1 deb -libsasl2-modules-db 2.1.28+dfsg1-5ubuntu3.1 deb -libseccomp2 2.5.5-1ubuntu3.1 deb -libselinux1 3.5-2ubuntu2.1 deb -libsemanage-common 3.5-1build5 deb -libsemanage2 3.5-1build5 deb -libsepol2 3.5-2build1 deb -libsmartcols1 2.39.3-9ubuntu6.3 deb -libsqlite3-0 3.45.1-1ubuntu2.3 deb -libss2 1.47.0-2.4~exp1ubuntu4.1 deb -libssh-4 0.10.6-2ubuntu0.1 deb -libssl3t64 3.0.13-0ubuntu3.5 deb -libstdc++6 14.2.0-4ubuntu2~24.04 deb -libsystemd0 255.4-1ubuntu8.10 deb -libtasn1-6 4.19.0-3ubuntu0.24.04.1 deb -libtinfo6 6.4+20240113-1ubuntu2 deb -libudev1 255.4-1ubuntu8.10 deb -libunistring5 1.1-2build1.1 deb -libuuid1 2.39.3-9ubuntu6.3 deb -libx11-6 2:1.8.7-1build1 deb -libx11-data 2:1.8.7-1build1 deb -libxau6 1:1.0.9-1build6 deb -libxcb1 1.15-1ubuntu2 deb -libxdmcp6 1:1.1.3-0ubuntu6 deb -libxext6 2:1.3.4-1build2 deb -libxmuu1 2:1.1.3-3build2 deb -libxxhash0 0.8.2-2build1 deb -libzstd1 1.5.5+dfsg2-2build1.1 deb -limiter 2.1.0 npm -locales 2.39-0ubuntu8.5 deb -log 1.0.0 npm -login 1:4.13+dfsg1-4ubuntu3.2 deb -logsave 1.47.0-2.4~exp1ubuntu4.1 deb -lru-cache 6.0.0 npm -lru-cache 7.18.3 npm -lua 1.0.0 npm -make 1.0.0 npm -make-dir 3.1.0 npm -markdown 1.0.0 npm -markdown-language-features 1.0.0 npm -markdown-math 1.0.0 npm -math-intrinsics 1.1.0 npm -mawk 1.3.4.20240123-1build1 deb -md5 2.3.0 npm -media-preview 1.0.0 npm -media-typer 1.1.0 npm -merge-conflict 1.0.0 npm -merge-descriptors 2.0.0 npm -methods 1.1.2 npm -micromatch 4.0.8 npm -microsoft-authentication 0.0.1 npm -mime-db 1.52.0 npm -mime-db 1.53.0 npm -mime-types 2.1.35 npm -mime-types 3.0.0 npm -mimic-response 3.1.0 npm -minimatch 3.1.2 npm -minimist 1.2.8 npm -minipass 3.3.6 npm (+1 duplicate) -minipass 5.0.0 npm -minizlib 2.1.2 npm -mkdirp 1.0.4 npm (+1 duplicate) -mkdirp-classic 0.5.3 npm -mount 2.39.3-9ubuntu6.3 deb -ms 2.0.0 npm -ms 2.1.2 npm (+1 duplicate) -ms 2.1.3 npm -nano 7.2-2ubuntu0.1 deb -napi-build-utils 1.0.2 npm -native-watchdog 1.4.2 npm -ncurses-base 6.4+20240113-1ubuntu2 deb -ncurses-bin 6.4+20240113-1ubuntu2 deb -negotiator 0.6.4 npm -negotiator 1.0.0 npm -net-tools 2.10-0.1ubuntu4.4 deb -netbase 6.4 deb -netcat-openbsd 1.226-1ubuntu2 deb -netmask 2.0.2 npm -node 22.15.1 binary -node-abi 3.8.0 npm -node-addon-api 7.1.0 npm -node-addon-api 7.1.1 npm -node-fetch 2.7.0 npm -node-pty 1.1.0-beta33 npm -nopt 5.0.0 npm -npm 1.0.1 npm -npmlog 5.0.1 npm -nw-pre-gyp-module-test 0.0.1 npm -object-assign 4.1.1 npm -object-inspect 1.13.4 npm -objective-c 1.0.0 npm -on-finished 2.4.1 npm -on-headers 1.0.2 npm -once 1.4.0 npm (+1 duplicate) -openssh-client 1:9.6p1-3ubuntu13.12 deb -openssl 3.0.13-0ubuntu3.5 deb -opentype.js 0.8.0 npm -os-tmpdir 1.0.2 npm -pac-proxy-agent 7.2.0 npm -pac-resolver 7.0.1 npm -parseurl 1.3.3 npm -passwd 1:4.13+dfsg1-4ubuntu3.2 deb -patch 2.7.6-7build3 deb -path-is-absolute 1.0.1 npm -path-to-regexp 8.2.0 npm -pem 1.14.8 npm -pend 1.2.0 npm -perl 1.0.0 npm -perl 5.38.2-3.2ubuntu0.1 deb -perl-base 5.38.2-3.2ubuntu0.1 deb -perl-modules-5.38 5.38.2-3.2ubuntu0.1 deb -php 1.0.0 npm -php-language-features 1.0.0 npm -picomatch 2.3.1 npm -pinentry-curses 1.2.1-3ubuntu5 deb -powershell 1.0.0 npm -prebuild-install 7.1.2 npm -procps 2:4.0.4-4ubuntu3.2 deb -promise-stream-reader 1.0.1 npm -prompt 1.0.0 npm -proxy-addr 2.0.7 npm -proxy-agent 6.5.0 npm -proxy-from-env 1.1.0 npm (+1 duplicate) -publicsuffix 20231001.0357-0.1 deb -pug 1.0.0 npm -pump 3.0.0 npm -python 1.0.0 npm -qs 6.13.0 npm -qs 6.14.0 npm -r 1.0.0 npm -range-parser 1.2.1 npm -raw-body 3.0.0 npm -razor 1.0.0 npm -rc 1.2.8 npm -readable-stream 3.6.0 npm -readable-stream 3.6.2 npm -readline-common 8.2-4build1 deb -references-view 1.0.0 npm -requires-port 1.0.0 npm -restructuredtext 1.0.0 npm -rimraf 3.0.2 npm -rotating-file-stream 3.2.5 npm -router 2.1.0 npm -ruby 1.0.0 npm -rust 1.0.0 npm -safe-buffer 5.2.1 npm (+1 duplicate) -safe-compare 1.1.4 npm -safer-buffer 2.1.2 npm -scss 1.0.0 npm -search-result 1.0.0 npm -sed 4.9-2build1 deb -semver 6.3.1 npm -semver 7.5.4 npm -semver 7.7.1 npm -send 1.1.0 npm -sensible-utils 0.0.22 deb -serve-static 2.1.0 npm -set-blocking 2.0.0 npm -setprototypeof 1.2.0 npm -shaderlab 1.0.0 npm -shellscript 1.0.0 npm -side-channel 1.1.0 npm -side-channel-list 1.0.0 npm -side-channel-map 1.0.1 npm -side-channel-weakmap 1.0.2 npm -signal-exit 3.0.7 npm -simple-browser 1.0.0 npm -simple-concat 1.0.1 npm -simple-get 4.0.1 npm -smart-buffer 4.2.0 npm (+1 duplicate) -socks 2.8.3 npm -socks 2.8.4 npm -socks-proxy-agent 8.0.4 npm -socks-proxy-agent 8.0.5 npm -source-map 0.6.1 npm -sprintf-js 1.1.3 npm (+1 duplicate) -sql 1.0.0 npm -statuses 2.0.1 npm -string-width 4.2.3 npm -string_decoder 1.3.0 npm (+1 duplicate) -strip-ansi 6.0.1 npm -strip-json-comments 2.0.1 npm -sudo 1.9.15p5-3ubuntu5.24.04.1 deb -swift 1.0.0 npm -systemd-standalone-sysusers 255.4-1ubuntu8.10 deb -sysvinit-utils 3.08-6ubuntu3 deb -tar 1.35+dfsg-3build1 deb -tar 6.2.1 npm -tar-fs 2.1.3 npm -tar-stream 2.2.0 npm -tas-client-umd 0.2.0 npm -terminal-suggest 1.0.1 npm -theme-abyss 1.0.0 npm -theme-defaults 1.0.0 npm -theme-kimbie-dark 1.0.0 npm -theme-monokai 1.0.0 npm -theme-monokai-dimmed 1.0.0 npm -theme-quietlight 1.0.0 npm -theme-red 1.0.0 npm -theme-solarized-dark 1.0.0 npm -theme-solarized-light 1.0.0 npm -theme-tomorrow-night-blue 1.0.0 npm -tiny-inflate 1.0.3 npm -to-regex-range 5.0.1 npm -toidentifier 1.0.1 npm -tr46 0.0.3 npm -tslib 2.7.0 npm -tslib 2.8.1 npm -tunnel-agent 0.6.0 npm -tunnel-forwarding 1.0.0 npm -type-is 2.0.0 npm -typescript 1.0.0 npm -typescript 5.8.3 npm (+1 duplicate) -typescript-language-features 1.0.0 npm -tzdata 2025b-0ubuntu0.24.04.1 deb -ubuntu-keyring 2023.11.28.1 deb -undici 7.9.0 npm -universalify 2.0.1 npm -unminimize 0.2.1 deb -unpipe 1.0.0 npm -util-deprecate 1.0.2 npm (+1 duplicate) -util-linux 2.39.3-9ubuntu6.3 deb -utils-merge 1.0.1 npm -uuid 9.0.1 npm -vary 1.1.2 npm -vb 1.0.0 npm -vscode-css-languageserver 1.0.0 npm -vscode-extensions 0.0.1 npm -vscode-html-languageserver 1.0.0 npm -vscode-js-profile-table 1.0.10 npm -vscode-json-languageserver 1.3.4 npm -vscode-oniguruma 1.7.0 npm -vscode-regexpp 3.1.0 npm -vscode-textmate 9.2.0 npm -vscode-theme-seti 1.0.0 npm -webidl-conversions 3.0.1 npm -whatwg-url 5.0.0 npm -which 2.0.2 npm -wide-align 1.1.5 npm -wrappy 1.0.2 npm (+1 duplicate) -ws 8.18.0 npm -xauth 1:1.1.2-1build1 deb -xdg-basedir 4.0.0 npm -xml 1.0.0 npm -yallist 4.0.0 npm (+1 duplicate) -yaml 1.0.0 npm -yauzl 2.10.0 npm -yauzl 3.1.1 npm -yazl 2.4.3 npm -zlib1g 1:1.3.dfsg-3.1ubuntu2.1 deb diff --git a/readme-vars.yml b/readme-vars.yml deleted file mode 100644 index 3a0908f..0000000 --- a/readme-vars.yml +++ /dev/null @@ -1,132 +0,0 @@ ---- - -# project information -project_name: code-server -project_url: "https://coder.com" -project_logo: "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/code-server-banner.png" -project_blurb: | - [{{ project_name|capitalize }}]({{ project_url }}) is VS Code running on a remote server, accessible through the browser. - - Code on your Chromebook, tablet, and laptop with a consistent dev environment. - - If you have a Windows or Mac workstation, more easily develop for Linux. - - Take advantage of large cloud servers to speed up tests, compilations, downloads, and more. - - Preserve battery life when you're on the go. - - All intensive computation runs on your server. - - You're no longer running excess instances of Chrome. -project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}" -project_categories: "Programming" -# supported architectures -available_architectures: - - {arch: "{{ arch_x86_64 }}", tag: "amd64-latest"} - - {arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"} -# container parameters -common_param_env_vars_enabled: true -param_container_name: "{{ project_name }}" -param_usage_include_vols: true -param_volumes: - - {vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Contains all relevant configuration files."} -param_usage_include_ports: true -param_ports: - - {external_port: "8443", internal_port: "8443", port_desc: "web gui"} -# optional container parameters -opt_param_usage_include_env: true -opt_param_env_vars: - - {env_var: "PASSWORD", env_value: "password", desc: "Optional web gui password, if `PASSWORD` or `HASHED_PASSWORD` is not provided, there will be no auth."} - - {env_var: "HASHED_PASSWORD", env_value: "", desc: "Optional web gui password, overrides `PASSWORD`, instructions on how to create it is below."} - - {env_var: "SUDO_PASSWORD", env_value: "password", desc: "If this optional variable is set, user will have sudo access in the code-server terminal with the specified password."} - - {env_var: "SUDO_PASSWORD_HASH", env_value: "", desc: "Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`."} - - {env_var: "PROXY_DOMAIN", env_value: "code-server.my.domain", desc: "If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/coder/code-server/blob/main/docs/guide.md#using-a-subdomain)"} - - {env_var: "DEFAULT_WORKSPACE", env_value: "/config/workspace", desc: "If this optional variable is set, code-server will open this directory by default"} - - {env_var: "PWA_APPNAME", env_value: "code-server", desc: "If this optional variable is set, the PWA app will the specified name."} -readonly_supported: true -readonly_message: | - * `/tmp` must be mounted to tmpfs - * `sudo` will not be available -nonroot_supported: true -nonroot_message: | - * `sudo` will not be available -# application setup block -app_setup_block_enabled: true -app_setup_block: | - Access the webui at `http://:8443`. - For github integration, drop your ssh key in to `/config/.ssh`. - Then open a terminal from the top menu and set your github username and email via the following commands - - ```bash - git config --global user.name "username" - git config --global user.email "email address" - ``` - - ### Hashed code-server password - - How to create the [hashed password](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#can-i-store-my-password-hashed). -# init diagram -init_diagram: | - "code-server:latest": { - docker-mods - base { - fix-attr +\nlegacy cont-init - } - docker-mods -> base - legacy-services - custom services - init-services -> legacy-services - init-services -> custom services - custom services -> legacy-services - legacy-services -> ci-service-check - init-migrations -> init-adduser - init-config -> init-code-server - init-os-end -> init-config - init-code-server -> init-config-end - init-config -> init-config-end - init-crontab-config -> init-config-end - init-config -> init-crontab-config - init-mods-end -> init-custom-files - init-adduser -> init-device-perms - base -> init-envfile - base -> init-migrations - init-config-end -> init-mods - init-mods-package-install -> init-mods-end - init-mods -> init-mods-package-install - init-adduser -> init-os-end - init-device-perms -> init-os-end - init-envfile -> init-os-end - init-custom-files -> init-services - init-services -> svc-code-server - svc-code-server -> legacy-services - init-services -> svc-cron - svc-cron -> legacy-services - } - Base Images: { - "baseimage-ubuntu:noble" - } - "code-server:latest" <- Base Images -# changelog -changelogs: - - {date: "03.06.25:", desc: "Allow setting PWA name using env var `PWA_APPNAME`."} - - {date: "13.10.24:", desc: "Only chown config folder when change to ownership or new install is detected."} - - {date: "09.10.24:", desc: "Manage permissions in /config/.ssh according to file type"} - - {date: "19.08.24:", desc: "Rebase to Ubuntu Noble."} - - {date: "01.07.23:", desc: "Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf)"} - - {date: "05.10.22:", desc: "Install recommended deps to maintain parity with the older images."} - - {date: "29.09.22:", desc: "Rebase to jammy, switch to s6v3. Fix chown logic to skip `/config/workspace` contents."} - - {date: "20.02.22:", desc: "Install using the official tarballs."} - - {date: "29.12.21:", desc: "Add `install-extension` as a helper for mods to install extensions."} - - {date: "06.12.21:", desc: "Add `DEFAULT_WORKSPACE` env var."} - - {date: "29.11.21:", desc: "Rebase to Ubuntu focal."} - - {date: "16.09.21:", desc: "Fix slow `chown` on large workspace (contents of workspace folder no longer chowned)."} - - {date: "11.07.21:", desc: "Bump node to 14 to fix builds"} - - {date: "08.05.21:", desc: "Fix doc link"} - - {date: "04.02.20:", desc: "Allow setting gui password via hash using env var `HASHED_PASSWORD`."} - - {date: "23.12.20:", desc: "Allow setting sudo password via hash using env var `SUDO_PASSWORD_HASH`."} - - {date: "29.05.20:", desc: "Add --domain-proxy support."} - - {date: "21.05.20:", desc: "Shrink images, install via yarn, fix arm32v7 build."} - - {date: "18.05.20:", desc: "Switch to multi-arch images, install via npm."} - - {date: "29.04.20:", desc: "Update start arguments."} - - {date: "01.04.20:", desc: "Structural changes required for v3."} - - {date: "17.01.20:", desc: "Fix artifact url retrieval from github."} - - {date: "24.10.19:", desc: "Upgrade to v2 builds."} - - {date: "28.09.19:", desc: "Update project logo."} - - {date: "21.09.19:", desc: "Add development builds/tag."} - - {date: "09.07.19:", desc: "Add optional sudo access."} - - {date: "01.07.19:", desc: "Add nano."} - - {date: "24.06.19:", desc: "Initial Release."}