From 1aac7d2790af84fd25c07a01d9193c9e0e032264 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Sun, 23 Apr 2023 16:13:06 +0300 Subject: [PATCH 01/49] security patches --- .../usr/local/lib/web/backend/requirements.txt | 6 +++--- web/package.json | 2 +- web/yarn.lock | 16 +++++++++++----- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/rootfs/usr/local/lib/web/backend/requirements.txt b/rootfs/usr/local/lib/web/backend/requirements.txt index 0590bd4..1dce592 100644 --- a/rootfs/usr/local/lib/web/backend/requirements.txt +++ b/rootfs/usr/local/lib/web/backend/requirements.txt @@ -1,5 +1,5 @@ backports.ssl-match-hostname==3.7.0.1 -certifi==2019.9.11 +certifi==2022.12.7 chardet==3.0.4 Click==7.0 Flask==1.1.1 @@ -14,6 +14,6 @@ MarkupSafe==1.1.1 meld3==2.0.0 requests==2.22.0 six==1.12.0 -urllib3==1.25.6 +urllib3==1.26.5 websocket-client==0.47.0 -Werkzeug==0.16.0 +Werkzeug==2.2.3 diff --git a/web/package.json b/web/package.json index b844f41..91cf3d1 100644 --- a/web/package.json +++ b/web/package.json @@ -13,7 +13,7 @@ "build": "node build/build.js" }, "dependencies": { - "axios": "^0.21.1", + "axios": "^0.21.3", "vue": "^2.5.2", "vue-material": "^1.0.0-beta-10.2", "vue-router": "^3.0.1" diff --git a/web/yarn.lock b/web/yarn.lock index 60581fe..3f8673e 100644 --- a/web/yarn.lock +++ b/web/yarn.lock @@ -374,11 +374,12 @@ aws4@^1.8.0: version "1.8.0" resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.8.0.tgz#f0e003d9ca9e7f59c7a508945d7b2ef9a04a542f" -axios@^0.21.1: - version "0.21.1" - resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.1.tgz#22563481962f4d6bde9a76d516ef0e5d3c09b2b8" +axios@^0.21.3: + version "0.21.4" + resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575" + integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg== dependencies: - follow-redirects "^1.10.0" + follow-redirects "^1.14.0" babel-code-frame@^6.22.0, babel-code-frame@^6.26.0: version "6.26.0" @@ -3023,10 +3024,15 @@ flush-write-stream@^1.0.0: inherits "^2.0.3" readable-stream "^2.3.6" -follow-redirects@^1.0.0, follow-redirects@^1.10.0: +follow-redirects@^1.0.0: version "1.13.3" resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.13.3.tgz#e5598ad50174c1bc4e872301e82ac2cd97f90267" +follow-redirects@^1.14.0: + version "1.15.2" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.2.tgz#b460864144ba63f2681096f274c4e57026da2c13" + integrity sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA== + for-in@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80" From 43af2d97c477744d83bf39908d5598922e165b58 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Sun, 23 Apr 2023 16:16:57 +0300 Subject: [PATCH 02/49] update ubuntu image --- Dockerfile.amd64 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index f36e07d..1e9b93f 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -1,10 +1,10 @@ -# Built with arch: amd64 flavor: lxde image: ubuntu:20.04 +# Built with arch: amd64 flavor: lxde image: ubuntu:22.04 # ################################################################################ # base system ################################################################################ -FROM ubuntu:20.04 as system +FROM ubuntu:22.04 as system @@ -82,7 +82,7 @@ RUN apt-get update \ ################################################################################ # builder ################################################################################ -FROM ubuntu:20.04 as builder +FROM ubuntu:22.04 as builder RUN sed -i 's#http://archive.ubuntu.com/ubuntu/#mirror://mirrors.ubuntu.com/mirrors.txt#' /etc/apt/sources.list; From 8b52133b8f86f109347c9eb094fe7e10ddd6d54a Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 13:58:49 +0300 Subject: [PATCH 03/49] revert version --- Dockerfile.amd64 | 6 +-- SEC_README.md | 132 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 135 insertions(+), 3 deletions(-) create mode 100644 SEC_README.md diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 1e9b93f..f36e07d 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -1,10 +1,10 @@ -# Built with arch: amd64 flavor: lxde image: ubuntu:22.04 +# Built with arch: amd64 flavor: lxde image: ubuntu:20.04 # ################################################################################ # base system ################################################################################ -FROM ubuntu:22.04 as system +FROM ubuntu:20.04 as system @@ -82,7 +82,7 @@ RUN apt-get update \ ################################################################################ # builder ################################################################################ -FROM ubuntu:22.04 as builder +FROM ubuntu:20.04 as builder RUN sed -i 's#http://archive.ubuntu.com/ubuntu/#mirror://mirrors.ubuntu.com/mirrors.txt#' /etc/apt/sources.list; diff --git a/SEC_README.md b/SEC_README.md new file mode 100644 index 0000000..c9bf776 --- /dev/null +++ b/SEC_README.md @@ -0,0 +1,132 @@ +

Snyk has created this PR to fix one or more vulnerable packages in the `pip` dependencies of this project.

+ + + +#### Changes included in this PR + +- Changes to the following files to upgrade the vulnerable dependencies to a fixed version: + - rootfs/usr/local/lib/web/backend/requirements.txt + + +
+⚠️ Warning + +``` +Werkzeug 2.2.3 has requirement MarkupSafe>=2.1.1, but you have MarkupSafe 1.1.1. +requests 2.22.0 has requirement urllib3!=1.25.0,!=1.25.1,<1.26,>=1.21.1, but you have urllib3 1.26.5. + +``` +
+ + +#### Vulnerabilities that will be fixed + + + + + +##### By pinning: +Severity | Priority Score (*) | Issue | Upgrade | Breaking Change | Exploit Maturity +:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------|:------------------------- +![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **554/1000**
**Why?** Has a fix available, CVSS 6.8 | Insufficient Verification of Data Authenticity
[SNYK-PYTHON-CERTIFI-3164749](https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749) | `certifi:`
`2019.9.11 -> 2022.12.7`
| No | No Known Exploit +![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **599/1000**
**Why?** Has a fix available, CVSS 7.7 | HTTP Header Injection
[SNYK-PYTHON-URLLIB3-1014645](https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1014645) | `urllib3:`
`1.25.6 -> 1.26.5`
| No | No Known Exploit +![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **479/1000**
**Why?** Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-PYTHON-URLLIB3-1533435](https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435) | `urllib3:`
`1.25.6 -> 1.26.5`
| No | No Known Exploit +![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **509/1000**
**Why?** Has a fix available, CVSS 5.9 | Denial of Service (DoS)
[SNYK-PYTHON-URLLIB3-559452](https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-559452) | `urllib3:`
`1.25.6 -> 1.26.5`
| No | No Known Exploit +![low severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png "low severity") | **344/1000**
**Why?** Has a fix available, CVSS 2.6 | Access Restriction Bypass
[SNYK-PYTHON-WERKZEUG-3319935](https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935) | `werkzeug:`
`0.16.0 -> 2.2.3`
| No | No Known Exploit +![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Denial of Service (DoS)
[SNYK-PYTHON-WERKZEUG-3319936](https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936) | `werkzeug:`
`0.16.0 -> 2.2.3`
| No | No Known Exploit + +(*) Note that the real score may have changed since the PR was raised. + + + + +Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded. + + +Check the changes in this PR to ensure they won't cause issues with your project. + + + +------------ + + + +**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* + +For more information: +🧐 [View latest project report](https://app.snyk.io/org/dannielshalev/project/2d42f184-efd7-4f3b-a34b-39b7fd0e450d?utm_source=github&utm_medium=referral&page=fix-pr) + +🛠 [Adjust project settings](https://app.snyk.io/org/dannielshalev/project/2d42f184-efd7-4f3b-a34b-39b7fd0e450d?utm_source=github&utm_medium=referral&page=fix-pr/settings) + +📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) + +[//]: # (snyk:metadata:{"prId":"50e79aa3-c4ad-4624-9632-249206290dc3","prPublicId":"50e79aa3-c4ad-4624-9632-249206290dc3","dependencies":[{"name":"certifi","from":"2019.9.11","to":"2022.12.7"},{"name":"urllib3","from":"1.25.6","to":"1.26.5"},{"name":"werkzeug","from":"0.16.0","to":"2.2.3"}],"packageManager":"pip","projectPublicId":"2d42f184-efd7-4f3b-a34b-39b7fd0e450d","projectUrl":"https://app.snyk.io/org/dannielshalev/project/2d42f184-efd7-4f3b-a34b-39b7fd0e450d?utm_source=github&utm_medium=referral&page=fix-pr","type":"user-initiated","patch":[],"vulns":["SNYK-PYTHON-CERTIFI-3164749","SNYK-PYTHON-URLLIB3-1014645","SNYK-PYTHON-URLLIB3-1533435","SNYK-PYTHON-URLLIB3-559452","SNYK-PYTHON-WERKZEUG-3319935","SNYK-PYTHON-WERKZEUG-3319936"],"upgrade":[],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["pr-warning-shown","priorityScore"],"priorityScoreList":[554,599,479,509,344,589],"remediationStrategy":"vuln"}) + +--- + +**Learn how to fix vulnerabilities with free interactive lessons:** + + 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr) + 🦉 [Access Restriction Bypass](https://learn.snyk.io/lessons/broken-access-control/python/?loc=fix-pr) + 🦉 [Denial of Service (DoS)](https://learn.snyk.io/lessons/no-rate-limiting/python/?loc=fix-pr) + + +

Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

+ + + +#### Changes included in this PR + +- Changes to the following files to upgrade the vulnerable dependencies to a fixed version: + - web/package.json + - web/yarn.lock + + +#### Note for [zero-installs](https://yarnpkg.com/features/zero-installs) users + +If you are using the Yarn feature [zero-installs](https://yarnpkg.com/features/zero-installs) that was introduced in Yarn V2, note that this PR does not update the `.yarn/cache/` directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run `yarn` to update the contents of the `./yarn/cache` directory. +If you are not using zero-install you can ignore this as your flow should likely be unchanged. + + +#### Vulnerabilities that will be fixed +##### With an upgrade: +Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity +:-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- +![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-AXIOS-1579269](https://snyk.io/vuln/SNYK-JS-AXIOS-1579269) | No | Proof of Concept + +(*) Note that the real score may have changed since the PR was raised. + + + + + + + + + + + +Check the changes in this PR to ensure they won't cause issues with your project. + + + +------------ + + + +**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* + +For more information: +🧐 [View latest project report](https://app.snyk.io/org/dannielshalev/project/1f02abc0-324a-411b-ba42-2a338069ae7d?utm_source=github&utm_medium=referral&page=fix-pr) + +🛠 [Adjust project settings](https://app.snyk.io/org/dannielshalev/project/1f02abc0-324a-411b-ba42-2a338069ae7d?utm_source=github&utm_medium=referral&page=fix-pr/settings) + +📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) + +[//]: # (snyk:metadata:{"prId":"5ffbe3be-d303-4ab9-acd2-b873b01f7cdb","prPublicId":"5ffbe3be-d303-4ab9-acd2-b873b01f7cdb","dependencies":[{"name":"axios","from":"0.21.1","to":"0.21.3"}],"packageManager":"yarn","projectPublicId":"1f02abc0-324a-411b-ba42-2a338069ae7d","projectUrl":"https://app.snyk.io/org/dannielshalev/project/1f02abc0-324a-411b-ba42-2a338069ae7d?utm_source=github&utm_medium=referral&page=fix-pr","type":"user-initiated","patch":[],"vulns":["SNYK-JS-AXIOS-1579269"],"upgrade":["SNYK-JS-AXIOS-1579269"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[696],"remediationStrategy":"vuln"}) + +--- + +**Learn how to fix vulnerabilities with free interactive lessons:** + + 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr) From dce2da8804b314b76550ceb984891f68721234d7 Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 14:19:48 +0300 Subject: [PATCH 04/49] fix novnc --- rootfs/usr/local/lib/web/backend/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootfs/usr/local/lib/web/backend/requirements.txt b/rootfs/usr/local/lib/web/backend/requirements.txt index 1dce592..e04a691 100644 --- a/rootfs/usr/local/lib/web/backend/requirements.txt +++ b/rootfs/usr/local/lib/web/backend/requirements.txt @@ -16,4 +16,4 @@ requests==2.22.0 six==1.12.0 urllib3==1.26.5 websocket-client==0.47.0 -Werkzeug==2.2.3 +Werkzeug==2.0.3 From 50238ff46e3773a19550f606d075119aa49b237a Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 14:31:16 +0300 Subject: [PATCH 05/49] update release process --- .github/workflows/main.yaml | 45 ++++++++++++++++++++++++++++ .github/workflows/pull_requests.yaml | 38 +++++++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100644 .github/workflows/main.yaml create mode 100644 .github/workflows/pull_requests.yaml diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml new file mode 100644 index 0000000..5d2fb4d --- /dev/null +++ b/.github/workflows/main.yaml @@ -0,0 +1,45 @@ +name: Build and push Docker Image to ECR + +on: + push: + branches: + - main + +env: + AWS_REGISTRY: "230690759643.dkr.ecr.eu-west-1.amazonaws.com" + REPOSITORY_NAME: "uv-system-consts-updater" + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Python 3 + uses: actions/setup-python@v2 + with: + python-version: 3.8 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: eu-west-1 + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Install dependencies + run: | + pip install -r requirements.txt + + - name: Build Docker Image + uses: docker/build-push-action@v3 + with: + context: . + push: true + tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:v${{ github.run_number }}" \ No newline at end of file diff --git a/.github/workflows/pull_requests.yaml b/.github/workflows/pull_requests.yaml new file mode 100644 index 0000000..14e6a58 --- /dev/null +++ b/.github/workflows/pull_requests.yaml @@ -0,0 +1,38 @@ +name: Pull Request + +on: + pull_request: + types: [opened, synchronize, reopened] + +env: + SYSTEM_CONSTS: system_consts.cfg + CALIBRATION_FILE: calibrationFile + KEYS_TO_COMPARE: HARDWARE_FINGERPRINT + DEFAULT: default + AUTHENTICATOR: http://uv-authenticator.uveye.svc.cluster.local:3000/auth-data + +jobs: + tests: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Python 3.9 + uses: actions/setup-python@v2 + with: + python-version: 3.9 + + - name: Install dependencies + run: | + python -m venv venv + source venv/bin/activate + pip install -r requirements.txt + pip install -r requirements-dev.txt + + + - name: Run tests + run: | + python -m unittest discover -p '*_test.py' + From f6aa2b2f26baadb4157d2f318c5196b1fc39e246 Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 14:31:45 +0300 Subject: [PATCH 06/49] update release --- .github/workflows/main.yaml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 5d2fb4d..80aabd4 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -4,10 +4,11 @@ on: push: branches: - main + - 'releases/**' env: AWS_REGISTRY: "230690759643.dkr.ecr.eu-west-1.amazonaws.com" - REPOSITORY_NAME: "uv-system-consts-updater" + REPOSITORY_NAME: "docker-ubuntu-vnc-desktop" jobs: build: @@ -17,11 +18,6 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - - name: Set up Python 3 - uses: actions/setup-python@v2 - with: - python-version: 3.8 - - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1-node16 with: @@ -33,13 +29,10 @@ jobs: id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Install dependencies - run: | - pip install -r requirements.txt - name: Build Docker Image uses: docker/build-push-action@v3 with: context: . push: true - tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:v${{ github.run_number }}" \ No newline at end of file + tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ env.BRANCH }}${{ github.run_number }}" \ No newline at end of file From 4118a2181519d220eaaad500ba3db8a64af80240 Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 14:33:01 +0300 Subject: [PATCH 07/49] clean --- .github/workflows/pull_requests.yaml | 38 ---------------------------- 1 file changed, 38 deletions(-) delete mode 100644 .github/workflows/pull_requests.yaml diff --git a/.github/workflows/pull_requests.yaml b/.github/workflows/pull_requests.yaml deleted file mode 100644 index 14e6a58..0000000 --- a/.github/workflows/pull_requests.yaml +++ /dev/null @@ -1,38 +0,0 @@ -name: Pull Request - -on: - pull_request: - types: [opened, synchronize, reopened] - -env: - SYSTEM_CONSTS: system_consts.cfg - CALIBRATION_FILE: calibrationFile - KEYS_TO_COMPARE: HARDWARE_FINGERPRINT - DEFAULT: default - AUTHENTICATOR: http://uv-authenticator.uveye.svc.cluster.local:3000/auth-data - -jobs: - tests: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v2 - - - name: Set up Python 3.9 - uses: actions/setup-python@v2 - with: - python-version: 3.9 - - - name: Install dependencies - run: | - python -m venv venv - source venv/bin/activate - pip install -r requirements.txt - pip install -r requirements-dev.txt - - - - name: Run tests - run: | - python -m unittest discover -p '*_test.py' - From fa91ee5bfef64965278ae733009e169e94eb361a Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 15:41:39 +0300 Subject: [PATCH 08/49] Update main.yaml --- .github/workflows/main.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 80aabd4..ccd9eef 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -4,11 +4,11 @@ on: push: branches: - main - - 'releases/**' + - 'release/**' env: AWS_REGISTRY: "230690759643.dkr.ecr.eu-west-1.amazonaws.com" - REPOSITORY_NAME: "docker-ubuntu-vnc-desktop" + REPOSITORY_NAME: "vnc-desktop" jobs: build: @@ -17,6 +17,8 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v2 + with: + submodules: recursive - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1-node16 @@ -35,4 +37,4 @@ jobs: with: context: . push: true - tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ env.BRANCH }}${{ github.run_number }}" \ No newline at end of file + tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:v${{ github.run_number }}" From 66b79db3ec350f7e83cd120a2f307daa37ebba6c Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 17:06:42 +0300 Subject: [PATCH 09/49] Update main.yaml Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/workflows/main.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index ccd9eef..c0fe6fa 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -4,8 +4,7 @@ on: push: branches: - main - - 'release/**' - + - 'release_v**' env: AWS_REGISTRY: "230690759643.dkr.ecr.eu-west-1.amazonaws.com" REPOSITORY_NAME: "vnc-desktop" @@ -37,4 +36,4 @@ jobs: with: context: . push: true - tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:v${{ github.run_number }}" + tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:v{{ github.ref_name }}.${{ github.run_number }}" From f3e7ce89d3adfc68267d94b403c77bf54b64db03 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 17:09:29 +0300 Subject: [PATCH 10/49] Update main.yaml Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/workflows/main.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index c0fe6fa..c22ab72 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -36,4 +36,4 @@ jobs: with: context: . push: true - tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:v{{ github.ref_name }}.${{ github.run_number }}" + tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ github.ref_name }}.${{ github.run_number }}" From c4de97951f2d0f333d22fedbda1678ff96feadc7 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 17:09:46 +0300 Subject: [PATCH 11/49] Update main.yaml Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/workflows/main.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index c0fe6fa..c22ab72 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -36,4 +36,4 @@ jobs: with: context: . push: true - tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:v{{ github.ref_name }}.${{ github.run_number }}" + tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ github.ref_name }}.${{ github.run_number }}" From 17ade1c03330b61540192d598dacd8070c94ce05 Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 18:24:42 +0300 Subject: [PATCH 12/49] update ca-certificate image --- Dockerfile.amd64 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index f36e07d..87527f6 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -19,7 +19,7 @@ RUN apt update \ && apt install -y --no-install-recommends --allow-unauthenticated \ supervisor nginx sudo net-tools zenity xz-utils \ dbus-x11 x11-utils alsa-utils \ - mesa-utils libgl1-mesa-dri \ + mesa-utils libgl1-mesa-dri ca-certificates \ && apt autoclean -y \ && apt autoremove -y \ && rm -rf /var/lib/apt/lists/* From 506ec4b27e2cfff422ff8ac344e53a1c5a412819 Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 18:32:47 +0300 Subject: [PATCH 13/49] update docker image --- Dockerfile.amd64 | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 87527f6..a5841ce 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -19,7 +19,7 @@ RUN apt update \ && apt install -y --no-install-recommends --allow-unauthenticated \ supervisor nginx sudo net-tools zenity xz-utils \ dbus-x11 x11-utils alsa-utils \ - mesa-utils libgl1-mesa-dri ca-certificates \ + mesa-utils libgl1-mesa-dri \ && apt autoclean -y \ && apt autoremove -y \ && rm -rf /var/lib/apt/lists/* @@ -32,14 +32,6 @@ RUN apt update \ && apt autoremove -y \ && rm -rf /var/lib/apt/lists/* -RUN apt update \ - && apt install -y gpg-agent \ - && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ - && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ - && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ - && rm google-chrome-stable_current_amd64.deb \ - && rm -rf /var/lib/apt/lists/* - RUN apt update \ && apt install -y --no-install-recommends --allow-unauthenticated \ lxde gtk2-engines-murrine gnome-themes-standard gtk2-engines-pixbuf gtk2-engines-murrine arc-theme \ @@ -47,6 +39,15 @@ RUN apt update \ && apt autoremove -y \ && rm -rf /var/lib/apt/lists/* +RUN sed -i 's#http://archive.ubuntu.com/ubuntu/#mirror://mirrors.ubuntu.com/mirrors.txt#' /etc/apt/sources.list; + +RUN apt update \ + && apt install -y ca-certificates gnupg patch gpg-agent \ + && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ + && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ + && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ + && rm google-chrome-stable_current_amd64.deb \ + && rm -rf /var/lib/apt/lists/* # Additional packages require ~600MB # libreoffice pinta language-pack-zh-hant language-pack-gnome-zh-hant firefox-locale-zh-hant libreoffice-l10n-zh-tw From f2173f5d27084c4b4a042597e9afb9a720468332 Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 18:35:48 +0300 Subject: [PATCH 14/49] revert --- Dockerfile.amd64 | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index a5841ce..3b282c8 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -32,6 +32,14 @@ RUN apt update \ && apt autoremove -y \ && rm -rf /var/lib/apt/lists/* +RUN apt update \ + && apt install -y gpg-agent \ + && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ + && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ + && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ + && rm google-chrome-stable_current_amd64.deb \ + && rm -rf /var/lib/apt/lists/* + RUN apt update \ && apt install -y --no-install-recommends --allow-unauthenticated \ lxde gtk2-engines-murrine gnome-themes-standard gtk2-engines-pixbuf gtk2-engines-murrine arc-theme \ @@ -39,15 +47,6 @@ RUN apt update \ && apt autoremove -y \ && rm -rf /var/lib/apt/lists/* -RUN sed -i 's#http://archive.ubuntu.com/ubuntu/#mirror://mirrors.ubuntu.com/mirrors.txt#' /etc/apt/sources.list; - -RUN apt update \ - && apt install -y ca-certificates gnupg patch gpg-agent \ - && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ - && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ - && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ - && rm google-chrome-stable_current_amd64.deb \ - && rm -rf /var/lib/apt/lists/* # Additional packages require ~600MB # libreoffice pinta language-pack-zh-hant language-pack-gnome-zh-hant firefox-locale-zh-hant libreoffice-l10n-zh-tw @@ -127,4 +126,4 @@ WORKDIR /root ENV HOME=/home/ubuntu \ SHELL=/bin/bash HEALTHCHECK --interval=30s --timeout=5s CMD curl --fail http://127.0.0.1:6079/api/health -ENTRYPOINT ["/startup.sh"] +ENTRYPOINT ["/startup.sh"] \ No newline at end of file From 11d029295489747196e12d0e30c23073474db772 Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 24 Apr 2023 19:35:33 +0300 Subject: [PATCH 15/49] add code owners --- .github/CODEOWNERS | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..4528fa1 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +.github/** @devops \ No newline at end of file From d49bacb5f6596c6b16754c6e03457357979a8ee0 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:41:23 +0300 Subject: [PATCH 16/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 4528fa1..e60777a 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @devops \ No newline at end of file +.github/** @UVeye/devops From d51638a1a6995b24e976e5ea31fea51d3056da17 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:42:06 +0300 Subject: [PATCH 17/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e60777a..be7af7c 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @UVeye/devops +.github/** @UVeye/dannielshalev From b885be746ad8739cdc7b2dab5170dac904f3f9f6 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:43:26 +0300 Subject: [PATCH 18/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index be7af7c..2b48772 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @UVeye/dannielshalev +.github/** @dannielshalev From bd20fd783b977278e23194718fb735ec0053b9f0 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:43:50 +0300 Subject: [PATCH 19/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 2b48772..7d2f352 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @dannielshalev +.github/** @dannielshalev @uveye/devops From 194f6bd05409f180e2db5d5259cd7be81cdb1c38 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:44:46 +0300 Subject: [PATCH 20/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 7d2f352..5efe0aa 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @dannielshalev @uveye/devops +.github/** @dannielshalev @uveye/* From f7d542085a86f292d030ec599f5840a7a72778ec Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:44:57 +0300 Subject: [PATCH 21/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 5efe0aa..ac9bb5a 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @dannielshalev @uveye/* +.github/** @dannielshalev @uveye From a2bbff0bcd2d896d8bcc05e66af27606d211ba68 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:45:21 +0300 Subject: [PATCH 22/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index ac9bb5a..2b48772 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @dannielshalev @uveye +.github/** @dannielshalev From 9c08979db3f1074d4b87a18d0efc25265382f0b2 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:46:35 +0300 Subject: [PATCH 23/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 2b48772..21369f9 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @dannielshalev +.github/** @dannielshalev @eladso From d5c85ac7bed4ea6bba78f024a14ae6f6f1be47a4 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:49:48 +0300 Subject: [PATCH 24/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 21369f9..b21480d 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @dannielshalev @eladso +.github/** @dannielshalev @eladso @ilchemla @it-uveye From a97022ead3f7c72936b2602bcd79ca96c6ab03e1 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Mon, 24 Apr 2023 19:50:31 +0300 Subject: [PATCH 25/49] Update CODEOWNERS Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 4528fa1..b21480d 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @devops \ No newline at end of file +.github/** @dannielshalev @eladso @ilchemla @it-uveye From e1d5b144331fcc53adb6f1080c8880a7811dcd71 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Thu, 27 Apr 2023 14:31:55 +0300 Subject: [PATCH 26/49] Update main.yaml Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/workflows/main.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index c22ab72..0a5ddc0 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -6,7 +6,6 @@ on: - main - 'release_v**' env: - AWS_REGISTRY: "230690759643.dkr.ecr.eu-west-1.amazonaws.com" REPOSITORY_NAME: "vnc-desktop" jobs: @@ -36,4 +35,4 @@ jobs: with: context: . push: true - tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ github.ref_name }}.${{ github.run_number }}" + tags: "${{ secrets.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ github.ref_name }}.${{ github.run_number }}" From 97b4391c7af4dcb0a86365d90194f0d09d2a6a27 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Thu, 27 Apr 2023 14:32:25 +0300 Subject: [PATCH 27/49] Update main.yaml Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- .github/workflows/main.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index c22ab72..0a5ddc0 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -6,7 +6,6 @@ on: - main - 'release_v**' env: - AWS_REGISTRY: "230690759643.dkr.ecr.eu-west-1.amazonaws.com" REPOSITORY_NAME: "vnc-desktop" jobs: @@ -36,4 +35,4 @@ jobs: with: context: . push: true - tags: "${{ env.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ github.ref_name }}.${{ github.run_number }}" + tags: "${{ secrets.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ github.ref_name }}.${{ github.run_number }}" From 1e2fcf9003fff784cd5bbca89cff9fe617c727c6 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Sun, 16 Jul 2023 14:08:10 +0300 Subject: [PATCH 28/49] Update Dockerfile.amd64 Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- Dockerfile.amd64 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 3b282c8..d0f27ac 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -34,9 +34,8 @@ RUN apt update \ RUN apt update \ && apt install -y gpg-agent \ - && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ - && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ - && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ + && wget -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ + && sudo dpkg -i google-chrome-stable_current_amd64.deb \ && rm google-chrome-stable_current_amd64.deb \ && rm -rf /var/lib/apt/lists/* @@ -126,4 +125,4 @@ WORKDIR /root ENV HOME=/home/ubuntu \ SHELL=/bin/bash HEALTHCHECK --interval=30s --timeout=5s CMD curl --fail http://127.0.0.1:6079/api/health -ENTRYPOINT ["/startup.sh"] \ No newline at end of file +ENTRYPOINT ["/startup.sh"] From e16c7da35c99a6d335802453ed1b3827abfac142 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Sun, 16 Jul 2023 19:53:29 +0300 Subject: [PATCH 29/49] Update Dockerfile.amd64 Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- Dockerfile.amd64 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 3b282c8..6a78a04 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -34,9 +34,9 @@ RUN apt update \ RUN apt update \ && apt install -y gpg-agent \ - && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ - && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ - && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ + && apt install -y wget \ + && wget -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ + && sudo dpkg -i google-chrome-stable_current_amd64.deb \ && rm google-chrome-stable_current_amd64.deb \ && rm -rf /var/lib/apt/lists/* @@ -126,4 +126,4 @@ WORKDIR /root ENV HOME=/home/ubuntu \ SHELL=/bin/bash HEALTHCHECK --interval=30s --timeout=5s CMD curl --fail http://127.0.0.1:6079/api/health -ENTRYPOINT ["/startup.sh"] \ No newline at end of file +ENTRYPOINT ["/startup.sh"] From df389a2ba68519e9c78d09f0b740598849432bdf Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Sun, 16 Jul 2023 20:24:40 +0300 Subject: [PATCH 30/49] Update Dockerfile.amd64 Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- Dockerfile.amd64 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 6a78a04..f36e07d 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -34,9 +34,9 @@ RUN apt update \ RUN apt update \ && apt install -y gpg-agent \ - && apt install -y wget \ - && wget -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ - && sudo dpkg -i google-chrome-stable_current_amd64.deb \ + && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ + && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ + && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ && rm google-chrome-stable_current_amd64.deb \ && rm -rf /var/lib/apt/lists/* From 99f1d0723d678e16cac473ff6b61df9d8fd34500 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Sun, 16 Jul 2023 20:25:27 +0300 Subject: [PATCH 31/49] Update Dockerfile.amd64 Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- Dockerfile.amd64 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 6a78a04..f36e07d 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -34,9 +34,9 @@ RUN apt update \ RUN apt update \ && apt install -y gpg-agent \ - && apt install -y wget \ - && wget -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ - && sudo dpkg -i google-chrome-stable_current_amd64.deb \ + && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ + && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ + && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ && rm google-chrome-stable_current_amd64.deb \ && rm -rf /var/lib/apt/lists/* From 4a2023aa8d33a8f3d44384faf3ebca9c93607f09 Mon Sep 17 00:00:00 2001 From: danniel Date: Sun, 3 Sep 2023 17:17:13 +0300 Subject: [PATCH 32/49] add icon --- .github/CODEOWNERS | 2 +- Dockerfile.amd64 | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 4528fa1..aca9579 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @devops \ No newline at end of file +.github/** @UVeye/devops \ No newline at end of file diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 3b282c8..6ec4f11 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -121,6 +121,29 @@ COPY rootfs / RUN ln -sf /usr/local/lib/web/frontend/static/websockify /usr/local/lib/web/frontend/static/novnc/utils/websockify && \ chmod +x /usr/local/lib/web/frontend/static/websockify/run +# Create application Icon + +RUN cat << eof >> /usr/share/applications/uvportal.desktop +[Desktop Entry] +Name=UVportal +Type=Application +Icon=google-chrome +Exec=/usr/bin/google-chrome http://uvportal.uveye.local +Terminal=false +eof + + +RUN cat << eof >> portal.desktop +[Desktop Entry] +Type=Link +Name=UVportal +Icon=google-chrome +URL=/usr/share/applications/uvportal.desktop +eof + + + +eof EXPOSE 80 WORKDIR /root ENV HOME=/home/ubuntu \ From fe0982ed506f62295c96c1f9242de128afe1698c Mon Sep 17 00:00:00 2001 From: danniel Date: Sun, 3 Sep 2023 17:26:00 +0300 Subject: [PATCH 33/49] revert change --- Dockerfile.amd64 | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 5952fc4..0528899 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -34,9 +34,9 @@ RUN apt update \ RUN apt update \ && apt install -y gpg-agent \ - && curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ - && (dpkg -i ./google-chrome-stable_current_amd64.deb || apt-get install -fy) \ - && curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add \ + && apt install -y wget \ + && wget -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ + && sudo dpkg -i google-chrome-stable_current_amd64.deb \ && rm google-chrome-stable_current_amd64.deb \ && rm -rf /var/lib/apt/lists/* @@ -141,9 +141,6 @@ Icon=google-chrome URL=/usr/share/applications/uvportal.desktop eof - - -eof EXPOSE 80 WORKDIR /root ENV HOME=/home/ubuntu \ From 0ae75a56f357ba50e50a6e86c3187505b810bbaf Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 4 Sep 2023 10:03:21 +0300 Subject: [PATCH 34/49] revert change --- Dockerfile.amd64 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 0528899..9b655bd 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -133,7 +133,7 @@ Terminal=false eof -RUN cat << eof >> portal.desktop +RUN cat << eof >> /home/uvdesk/Desktop/portal.desktop [Desktop Entry] Type=Link Name=UVportal @@ -141,6 +141,8 @@ Icon=google-chrome URL=/usr/share/applications/uvportal.desktop eof +RUN chown uvdesk:uvdesk /home/uvdesk/Desktop/portal.desktop + EXPOSE 80 WORKDIR /root ENV HOME=/home/ubuntu \ From ee7843391f2fe5292c7f510c945602e33fc4a895 Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 4 Sep 2023 10:35:52 +0300 Subject: [PATCH 35/49] Fix eof statement --- Dockerfile.amd64 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index fccf8b8..3da3780 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -123,23 +123,23 @@ RUN ln -sf /usr/local/lib/web/frontend/static/websockify /usr/local/lib/web/fron # Create application Icon -RUN cat << eof >> /usr/share/applications/uvportal.desktop +RUN <> /usr/share/applications/uvportal.desktop [Desktop Entry] Name=UVportal Type=Application Icon=google-chrome Exec=/usr/bin/google-chrome http://uvportal.uveye.local Terminal=false -eof +EOF -RUN cat << eof >> /home/uvdesk/Desktop/portal.desktop +RUN <> /home/uvdesk/Desktop/portal.desktop [Desktop Entry] Type=Link Name=UVportal Icon=google-chrome URL=/usr/share/applications/uvportal.desktop -eof +EOF RUN chown uvdesk:uvdesk /home/uvdesk/Desktop/portal.desktop From f78501297c1499e5f7330586ba1bb13c1a5d5f6b Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 4 Sep 2023 11:11:12 +0300 Subject: [PATCH 36/49] fix icon --- Dockerfile.amd64 | 22 +++------------------- icons/uvportal.desktop | 5 +++++ icons/uvportal_applications.desktop | 6 ++++++ 3 files changed, 14 insertions(+), 19 deletions(-) create mode 100644 icons/uvportal.desktop create mode 100644 icons/uvportal_applications.desktop diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 3da3780..345cf5a 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -121,25 +121,9 @@ COPY rootfs / RUN ln -sf /usr/local/lib/web/frontend/static/websockify /usr/local/lib/web/frontend/static/novnc/utils/websockify && \ chmod +x /usr/local/lib/web/frontend/static/websockify/run -# Create application Icon - -RUN <> /usr/share/applications/uvportal.desktop -[Desktop Entry] -Name=UVportal -Type=Application -Icon=google-chrome -Exec=/usr/bin/google-chrome http://uvportal.uveye.local -Terminal=false -EOF - - -RUN <> /home/uvdesk/Desktop/portal.desktop -[Desktop Entry] -Type=Link -Name=UVportal -Icon=google-chrome -URL=/usr/share/applications/uvportal.desktop -EOF +# Copy +COPY icons/uvportal_applications.desktop /usr/share/applications/uvportal.desktop +COPY icons/uvportal.desktop /home/uvdesk/Desktop/portal.desktop RUN chown uvdesk:uvdesk /home/uvdesk/Desktop/portal.desktop diff --git a/icons/uvportal.desktop b/icons/uvportal.desktop new file mode 100644 index 0000000..3c45e0c --- /dev/null +++ b/icons/uvportal.desktop @@ -0,0 +1,5 @@ +[Desktop Entry] +Type=Link +Name=UVportal +Icon=google-chrome +URL=/usr/share/applications/uvportal.desktop \ No newline at end of file diff --git a/icons/uvportal_applications.desktop b/icons/uvportal_applications.desktop new file mode 100644 index 0000000..2c37057 --- /dev/null +++ b/icons/uvportal_applications.desktop @@ -0,0 +1,6 @@ +[Desktop Entry] +Name=UVportal +Type=Application +Icon=google-chrome +Exec=/usr/bin/google-chrome http://uvportal.uveye.local +Terminal=false \ No newline at end of file From 425feadb8592a3f16637781f4a2f88e4ad33f90e Mon Sep 17 00:00:00 2001 From: danniel Date: Mon, 4 Sep 2023 13:16:10 +0300 Subject: [PATCH 37/49] fix icon --- Dockerfile.amd64 | 2 -- 1 file changed, 2 deletions(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 345cf5a..d936f66 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -125,8 +125,6 @@ RUN ln -sf /usr/local/lib/web/frontend/static/websockify /usr/local/lib/web/fron COPY icons/uvportal_applications.desktop /usr/share/applications/uvportal.desktop COPY icons/uvportal.desktop /home/uvdesk/Desktop/portal.desktop -RUN chown uvdesk:uvdesk /home/uvdesk/Desktop/portal.desktop - EXPOSE 80 WORKDIR /root ENV HOME=/home/ubuntu \ From ea8a661fac967af9a924bb4c2e1f3f7472ac6f72 Mon Sep 17 00:00:00 2001 From: danniel Date: Sun, 5 Nov 2023 14:58:22 +0200 Subject: [PATCH 38/49] add lpr icon --- .gitignore | 1 + Dockerfile.amd64 | 4 ++-- icons/applications/lpr_applications.desktop | 6 ++++++ icons/{ => applications}/uvportal_applications.desktop | 0 icons/lpr.desktop | 5 +++++ 5 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 icons/applications/lpr_applications.desktop rename icons/{ => applications}/uvportal_applications.desktop (100%) create mode 100644 icons/lpr.desktop diff --git a/.gitignore b/.gitignore index 1580e0c..c80e949 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ *.pyc tags cscope* +.idea \ No newline at end of file diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index d936f66..9035b25 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -122,8 +122,8 @@ RUN ln -sf /usr/local/lib/web/frontend/static/websockify /usr/local/lib/web/fron chmod +x /usr/local/lib/web/frontend/static/websockify/run # Copy -COPY icons/uvportal_applications.desktop /usr/share/applications/uvportal.desktop -COPY icons/uvportal.desktop /home/uvdesk/Desktop/portal.desktop +COPY icons/applications/* /usr/share/applications/uvportal.desktop +COPY icons/*.desktop /home/uvdesk/Desktop/ EXPOSE 80 WORKDIR /root diff --git a/icons/applications/lpr_applications.desktop b/icons/applications/lpr_applications.desktop new file mode 100644 index 0000000..bb01ff5 --- /dev/null +++ b/icons/applications/lpr_applications.desktop @@ -0,0 +1,6 @@ +[Desktop Entry] +Name=lpr +Type=Application +Icon=google-chrome +Exec=/usr/bin/google-chrome http://192.168.5.245 +Terminal=false \ No newline at end of file diff --git a/icons/uvportal_applications.desktop b/icons/applications/uvportal_applications.desktop similarity index 100% rename from icons/uvportal_applications.desktop rename to icons/applications/uvportal_applications.desktop diff --git a/icons/lpr.desktop b/icons/lpr.desktop new file mode 100644 index 0000000..78ddc92 --- /dev/null +++ b/icons/lpr.desktop @@ -0,0 +1,5 @@ +[Desktop Entry] +Type=Link +Name=lpr +Icon=google-chrome +URL=/usr/share/applications/lpr.desktop \ No newline at end of file From 542d43294a14962f5e0cc55b9e3ef0a7701fdc0e Mon Sep 17 00:00:00 2001 From: danniel Date: Sun, 5 Nov 2023 15:51:28 +0200 Subject: [PATCH 39/49] add lpr icon --- Dockerfile.amd64 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 9035b25..2ec0c29 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -122,7 +122,7 @@ RUN ln -sf /usr/local/lib/web/frontend/static/websockify /usr/local/lib/web/fron chmod +x /usr/local/lib/web/frontend/static/websockify/run # Copy -COPY icons/applications/* /usr/share/applications/uvportal.desktop +COPY icons/applications/* /usr/share/applications/ COPY icons/*.desktop /home/uvdesk/Desktop/ EXPOSE 80 From ef9bf81efd1d61dda0590ec34ae9593ec5be2fb3 Mon Sep 17 00:00:00 2001 From: danniel Date: Sun, 5 Nov 2023 19:54:02 +0200 Subject: [PATCH 40/49] fix icon namming --- icons/applications/{lpr_applications.desktop => lpr.desktop} | 0 .../{uvportal_applications.desktop => uvportal.desktop} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename icons/applications/{lpr_applications.desktop => lpr.desktop} (100%) rename icons/applications/{uvportal_applications.desktop => uvportal.desktop} (100%) diff --git a/icons/applications/lpr_applications.desktop b/icons/applications/lpr.desktop similarity index 100% rename from icons/applications/lpr_applications.desktop rename to icons/applications/lpr.desktop diff --git a/icons/applications/uvportal_applications.desktop b/icons/applications/uvportal.desktop similarity index 100% rename from icons/applications/uvportal_applications.desktop rename to icons/applications/uvportal.desktop From bb2af1416d65e59bdb1cef281b5f15ec614c390f Mon Sep 17 00:00:00 2001 From: stav-uveye Date: Sun, 26 Jan 2025 16:17:08 +0200 Subject: [PATCH 41/49] RND-18206 create helm chart (#10) * RND-18206 create helm chart * Update CODEOWNERS Signed-off-by: stav-uveye --------- Signed-off-by: stav-uveye --- .github/CODEOWNERS | 2 +- helm/.helmignore | 23 +++++++ helm/Chart.yaml | 6 ++ helm/templates/NOTES.txt | 1 + helm/templates/_helpers.tpl | 71 ++++++++++++++++++++++ helm/templates/cm.yaml | 9 +++ helm/templates/deploy.yaml | 87 ++++++++++++++++++++++++++ helm/templates/svc.yaml | 29 +++++++++ helm/values.yaml | 118 ++++++++++++++++++++++++++++++++++++ 9 files changed, 345 insertions(+), 1 deletion(-) create mode 100644 helm/.helmignore create mode 100644 helm/Chart.yaml create mode 100644 helm/templates/NOTES.txt create mode 100644 helm/templates/_helpers.tpl create mode 100644 helm/templates/cm.yaml create mode 100644 helm/templates/deploy.yaml create mode 100644 helm/templates/svc.yaml create mode 100644 helm/values.yaml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index b21480d..fff2691 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @dannielshalev @eladso @ilchemla @it-uveye +.github/** @dannielshalev @eladso @stav-uveye @it-uveye diff --git a/helm/.helmignore b/helm/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/Chart.yaml b/helm/Chart.yaml new file mode 100644 index 0000000..ee40f7e --- /dev/null +++ b/helm/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: uv-portal-desktop +description: A Helm chart for Kubernetes +type: application +version: 0.0.1 +appVersion: "0.0.1" diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt new file mode 100644 index 0000000..7d790da --- /dev/null +++ b/helm/templates/NOTES.txt @@ -0,0 +1 @@ +1. Get the application URL by running these commands: diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl new file mode 100644 index 0000000..d91acb7 --- /dev/null +++ b/helm/templates/_helpers.tpl @@ -0,0 +1,71 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "uv-portal-desktop.name" -}} +uv-portal-desktop +{{- end }} + +{{- define "uv-portal-desktop.db.name" -}} +uvportal-postgres +{{- end }} + +{{- define "uv-portal-desktop.namespace" -}} + {{- default .Release.Namespace .Values.namespace -}} +{{- end }} + +{{- define "uv-portal-desktop.matchLabels" -}} +k8s-app: {{ include "uv-portal-desktop.name" . }} +app.kubernetes.io/name: {{ include "uv-portal-desktop.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{- define "uv-portal-desktop.common.metaLabels" -}} +app.kubernetes.io/version: {{ .Chart.AppVersion }} +helm.sh/chart: {{ include "uv-portal-desktop.chart" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/part-of: {{ include "uv-portal-desktop.name" . }} +{{- with .Values.commonMetaLabels}} +{{ toYaml . }} +{{- end }} +{{- end -}} + +{{- define "uv-portal-desktop.labels" -}} +{{ include "uv-portal-desktop.matchLabels" . }} +{{ include "uv-portal-desktop.common.metaLabels" . }} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "uv-portal-desktop.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "uv-portal-desktop.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "uv-portal-desktop.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "uv-portal-desktop.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/templates/cm.yaml b/helm/templates/cm.yaml new file mode 100644 index 0000000..692ab21 --- /dev/null +++ b/helm/templates/cm.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "uv-portal-desktop.labels" . | nindent 4 }} + name: system-consts + namespace: {{ include "uv-portal-desktop.namespace" . }} +data: +{{- .Values.systemConsts.configMapData | toYaml | nindent 2 }} diff --git a/helm/templates/deploy.yaml b/helm/templates/deploy.yaml new file mode 100644 index 0000000..f22413e --- /dev/null +++ b/helm/templates/deploy.yaml @@ -0,0 +1,87 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "uv-portal-desktop.labels" . | nindent 4 }} + {{- if .Values.labels }} + {{ toYaml .Values.labels | nindent 4 }} + {{- end}} + name: {{ include "uv-portal-desktop.name" . }} + namespace: {{ include "uv-portal-desktop.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "uv-portal-desktop.matchLabels" . | nindent 6 }} + serviceName: {{ include "uv-portal-desktop.name" . }} + template: + metadata: + labels: + {{- include "uv-portal-desktop.matchLabels" . | nindent 8 }} + name: {{ include "uv-portal-desktop.name" . }} + spec: + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + hostAliases: + - ip: 10.43.100.100 + hostnames: + - uvportal.uveye.local + containers: + - name: {{ include "uv-portal-desktop.name" . }} + ports: + - containerPort: 5900 + name: vnc + - containerPort: 6080 + name: http + env: + {{- toYaml .Values.env | nindent 10 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: IfNotPresent + {{- with .Values.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: x11-unix + mountPath: /tmp/.X11-unix + - name: x11-xkb + mountPath: /usr/share/X11/xkb + - name: xserver + mountPath: /root/.Xauthority + - name: {{ include "uv-portal-desktop.name" . }} + mountPath: /etc/supervisor/conf.d/ + - name: cache-volume + mountPath: /dev/shm + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccount: {{ include "uv-portal-desktop.name" . }} + volumes: + - name: x11-unix + hostPath: + path: /tmp/.X11-unix + - name: x11-xkb + hostPath: + path: /usr/share/X11/xkb + - configMap: + name: {{ include "uv-portal-desktop.name" . }} + name: {{ include "uv-portal-desktop.name" . }} + - name: xserver + hostPath: + path: /home/uvadmin/.Xauthority + type: File + - name: cache-volume + emptyDir: + medium: Memory + sizeLimit: 512Mi diff --git a/helm/templates/svc.yaml b/helm/templates/svc.yaml new file mode 100644 index 0000000..7b2dd9b --- /dev/null +++ b/helm/templates/svc.yaml @@ -0,0 +1,29 @@ +{{- if .Values.service.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} + labels: + {{- include "uv-portal-desktop.labels" . | nindent 4 }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4 }} +{{- end }} + name: {{ include "uv-portal-desktop.name" . }} + namespace: {{ include "uv-portal-desktop.namespace" . }} +spec: + ports: + - name: http + port: 30080 + nodePort: 30080 + targetPort: http + - name: vnc + port: 5900 + nodePort: 30590 + targetPort: vnc + selector: + {{- include "uv-portal-desktop.matchLabels" . | nindent 4 }} + type: "{{ .Values.service.type }}" +{{- end -}} diff --git a/helm/values.yaml b/helm/values.yaml new file mode 100644 index 0000000..eb662c2 --- /dev/null +++ b/helm/values.yaml @@ -0,0 +1,118 @@ +replicaCount: 1 + +imagePullSecrets: + - name: regcred + +image: + repository: 230690759643.dkr.ecr.eu-west-1.amazonaws.com/vnc-desktop + tag: '' + +namespace: uveye + +resources: + limits: + memory: 4096Mi + cpu: "2" + requests: + memory: 512Mi + cpu: "0.4" + +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: In + values: + - "true" + +service: + enabled: true + type: LoadBalancer + +env: + - name: USER + value: uvdesk + - name: VNC_PASSWORD + valueFrom: + secretKeyRef: + name: secrets-uv-portal-vnc-desktop + key: password + - name: HTTP_PASSWORD + valueFrom: + secretKeyRef: + name: secrets-uv-portal-vnc-desktop + key: password + - name: PASSWORD + valueFrom: + secretKeyRef: + name: secrets-uv-portal-vnc-desktop + key: password + - name: DISPLAY + value: ":1.0" + +livenessProbe: {} +readinessProbe: {} + +systemConsts: + configMapData: + supervisord.conf: |- + [supervisord] + redirect_stderr=true + stopsignal=QUIT + autorestart=true + directory=/root + # + [program:nginx] + priority=10 + command=nginx -c /etc/nginx/nginx.conf -g 'daemon off;' + # + [program:web] + priority=10 + directory=/usr/local/lib/web/backend + command=/usr/local/lib/web/backend/run.py + stdout_logfile=/dev/fd/1 + stdout_logfile_maxbytes=0 + stderr_logfile=/dev/fd/1 + stderr_logfile_maxbytes=0 + # + # + [group:x] + programs=xvfb,wm,lxpanel,pcmanfm,x11vnc,novnc + # + [program:wm] + priority=15 + command=/usr/bin/openbox + environment=DISPLAY=":1",HOME="/root",USER="root" + # + [program:lxpanel] + priority=15 + directory=/home/uvdesk + command=/usr/bin/lxpanel --profile LXDE + user=uvdesk + environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk" + # + [program:pcmanfm] + priority=15 + directory=/home/uvdesk + command=/usr/bin/pcmanfm --desktop --profile LXDE + user=uvdesk + environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk" + # + [program:xvfb] + priority=10 + command=/usr/local/bin/xvfb.sh + stopsignal=KILL + # + [program:x11vnc] + priority=20 + command=x11vnc -display :1 -xkb -forever -shared -repeat -capslock -rfbauth /.password2 + # + [program:novnc] + priority=25 + directory=/usr/local/lib/web/frontend/static/novnc + command=bash /usr/local/lib/web/frontend/static/novnc/utils/launch.sh --listen 6081 + stopasgroup=true + # + From bfe42f16bb3a9b89fdac80b68f1a09600c118019 Mon Sep 17 00:00:00 2001 From: Stav Ben Simchon Date: Thu, 6 Feb 2025 02:49:39 +0200 Subject: [PATCH 42/49] update helm chart --- helm/templates/deploy.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/templates/deploy.yaml b/helm/templates/deploy.yaml index f22413e..6317f12 100644 --- a/helm/templates/deploy.yaml +++ b/helm/templates/deploy.yaml @@ -13,7 +13,6 @@ spec: selector: matchLabels: {{- include "uv-portal-desktop.matchLabels" . | nindent 6 }} - serviceName: {{ include "uv-portal-desktop.name" . }} template: metadata: labels: From 51a7ce74b8f265fd10dc59f4a4f7075ad88178af Mon Sep 17 00:00:00 2001 From: Stav Ben Simchon Date: Thu, 6 Feb 2025 03:26:02 +0200 Subject: [PATCH 43/49] update helm chart --- helm/templates/cm.yaml | 4 +- helm/values.yaml | 120 ++++++++++++++++++++--------------------- 2 files changed, 61 insertions(+), 63 deletions(-) diff --git a/helm/templates/cm.yaml b/helm/templates/cm.yaml index 692ab21..e1cde37 100644 --- a/helm/templates/cm.yaml +++ b/helm/templates/cm.yaml @@ -3,7 +3,7 @@ kind: ConfigMap metadata: labels: {{- include "uv-portal-desktop.labels" . | nindent 4 }} - name: system-consts + name: {{ include "uv-portal-desktop.name" . }} namespace: {{ include "uv-portal-desktop.namespace" . }} data: -{{- .Values.systemConsts.configMapData | toYaml | nindent 2 }} +{{- .Values.configMapData | toYaml | nindent 2 }} diff --git a/helm/values.yaml b/helm/values.yaml index eb662c2..40f0395 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -55,64 +55,62 @@ env: livenessProbe: {} readinessProbe: {} -systemConsts: - configMapData: - supervisord.conf: |- - [supervisord] - redirect_stderr=true - stopsignal=QUIT - autorestart=true - directory=/root - # - [program:nginx] - priority=10 - command=nginx -c /etc/nginx/nginx.conf -g 'daemon off;' - # - [program:web] - priority=10 - directory=/usr/local/lib/web/backend - command=/usr/local/lib/web/backend/run.py - stdout_logfile=/dev/fd/1 - stdout_logfile_maxbytes=0 - stderr_logfile=/dev/fd/1 - stderr_logfile_maxbytes=0 - # - # - [group:x] - programs=xvfb,wm,lxpanel,pcmanfm,x11vnc,novnc - # - [program:wm] - priority=15 - command=/usr/bin/openbox - environment=DISPLAY=":1",HOME="/root",USER="root" - # - [program:lxpanel] - priority=15 - directory=/home/uvdesk - command=/usr/bin/lxpanel --profile LXDE - user=uvdesk - environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk" - # - [program:pcmanfm] - priority=15 - directory=/home/uvdesk - command=/usr/bin/pcmanfm --desktop --profile LXDE - user=uvdesk - environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk" - # - [program:xvfb] - priority=10 - command=/usr/local/bin/xvfb.sh - stopsignal=KILL - # - [program:x11vnc] - priority=20 - command=x11vnc -display :1 -xkb -forever -shared -repeat -capslock -rfbauth /.password2 - # - [program:novnc] - priority=25 - directory=/usr/local/lib/web/frontend/static/novnc - command=bash /usr/local/lib/web/frontend/static/novnc/utils/launch.sh --listen 6081 - stopasgroup=true - # - +configMapData: + supervisord.conf: |- + [supervisord] + redirect_stderr=true + stopsignal=QUIT + autorestart=true + directory=/root + # + [program:nginx] + priority=10 + command=nginx -c /etc/nginx/nginx.conf -g 'daemon off;' + # + [program:web] + priority=10 + directory=/usr/local/lib/web/backend + command=/usr/local/lib/web/backend/run.py + stdout_logfile=/dev/fd/1 + stdout_logfile_maxbytes=0 + stderr_logfile=/dev/fd/1 + stderr_logfile_maxbytes=0 + # + # + [group:x] + programs=xvfb,wm,lxpanel,pcmanfm,x11vnc,novnc + # + [program:wm] + priority=15 + command=/usr/bin/openbox + environment=DISPLAY=":1",HOME="/root",USER="root" + # + [program:lxpanel] + priority=15 + directory=/home/uvdesk + command=/usr/bin/lxpanel --profile LXDE + user=uvdesk + environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk" + # + [program:pcmanfm] + priority=15 + directory=/home/uvdesk + command=/usr/bin/pcmanfm --desktop --profile LXDE + user=uvdesk + environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk" + # + [program:xvfb] + priority=10 + command=/usr/local/bin/xvfb.sh + stopsignal=KILL + # + [program:x11vnc] + priority=20 + command=x11vnc -display :1 -xkb -forever -shared -repeat -capslock -rfbauth /.password2 + # + [program:novnc] + priority=25 + directory=/usr/local/lib/web/frontend/static/novnc + command=bash /usr/local/lib/web/frontend/static/novnc/utils/launch.sh --listen 6081 + stopasgroup=true + # \ No newline at end of file From 84d7c9f8f0c795b07aaa5923a7186335dda2c3ed Mon Sep 17 00:00:00 2001 From: Stav Ben Simchon Date: Thu, 6 Feb 2025 03:33:35 +0200 Subject: [PATCH 44/49] update helm chart --- helm/templates/deploy.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/templates/deploy.yaml b/helm/templates/deploy.yaml index 6317f12..b0bc113 100644 --- a/helm/templates/deploy.yaml +++ b/helm/templates/deploy.yaml @@ -65,7 +65,6 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccount: {{ include "uv-portal-desktop.name" . }} volumes: - name: x11-unix hostPath: From 7d73bd4764eee3484daa1abe395bfdadb7407f19 Mon Sep 17 00:00:00 2001 From: Stav Ben Simchon Date: Tue, 18 Feb 2025 12:23:44 +0200 Subject: [PATCH 45/49] helm add hook weight --- helm/templates/cm.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/helm/templates/cm.yaml b/helm/templates/cm.yaml index e1cde37..235bb45 100644 --- a/helm/templates/cm.yaml +++ b/helm/templates/cm.yaml @@ -1,6 +1,10 @@ apiVersion: v1 kind: ConfigMap metadata: + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + "helm.sh/hook-weight": "-5" labels: {{- include "uv-portal-desktop.labels" . | nindent 4 }} name: {{ include "uv-portal-desktop.name" . }} From d43ca6595391d5d89d2f91aca7eb391b9111fd62 Mon Sep 17 00:00:00 2001 From: Stav Ben Simchon Date: Tue, 18 Feb 2025 12:57:00 +0200 Subject: [PATCH 46/49] RND-19076 change helm hooks --- helm/templates/cm.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/helm/templates/cm.yaml b/helm/templates/cm.yaml index 235bb45..125a74d 100644 --- a/helm/templates/cm.yaml +++ b/helm/templates/cm.yaml @@ -2,8 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: annotations: - "helm.sh/hook": pre-install, pre-upgrade - "helm.sh/hook-delete-policy": before-hook-creation "helm.sh/hook-weight": "-5" labels: {{- include "uv-portal-desktop.labels" . | nindent 4 }} From 38c92ebed0229f17c68f49ad8ea5ba739d2dd34d Mon Sep 17 00:00:00 2001 From: Stav Ben Simchon Date: Fri, 28 Feb 2025 13:23:06 +0200 Subject: [PATCH 47/49] RND-19245 fix helm chart --- helm/templates/deploy.yaml | 2 +- helm/values.yaml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/helm/templates/deploy.yaml b/helm/templates/deploy.yaml index b0bc113..e404a72 100644 --- a/helm/templates/deploy.yaml +++ b/helm/templates/deploy.yaml @@ -36,7 +36,7 @@ spec: name: http env: {{- toYaml .Values.env | nindent 10 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: IfNotPresent {{- with .Values.livenessProbe }} livenessProbe: diff --git a/helm/values.yaml b/helm/values.yaml index 40f0395..000f0a5 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,8 @@ imagePullSecrets: - name: regcred image: - repository: 230690759643.dkr.ecr.eu-west-1.amazonaws.com/vnc-desktop + repository: 230690759643.dkr.ecr.eu-west-1.amazonaws.com + name: vnc-desktop tag: '' namespace: uveye From 79a66ea4750a568ef3e590694644ec0831e17ab7 Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Thu, 28 Aug 2025 16:15:34 +0300 Subject: [PATCH 48/49] Update values.yaml Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- helm/values.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/helm/values.yaml b/helm/values.yaml index 000f0a5..5cabd52 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -10,6 +10,7 @@ image: namespace: uveye + resources: limits: memory: 4096Mi @@ -114,4 +115,4 @@ configMapData: directory=/usr/local/lib/web/frontend/static/novnc command=bash /usr/local/lib/web/frontend/static/novnc/utils/launch.sh --listen 6081 stopasgroup=true - # \ No newline at end of file + # From 47d7154576f9c87c31a05eb1e67a9409b90d1faf Mon Sep 17 00:00:00 2001 From: dannielshalev <44364077+dannielshalev@users.noreply.github.com> Date: Thu, 28 Aug 2025 16:16:00 +0300 Subject: [PATCH 49/49] Update values.yaml Signed-off-by: dannielshalev <44364077+dannielshalev@users.noreply.github.com> --- helm/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/values.yaml b/helm/values.yaml index 5cabd52..50ac6e9 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -10,7 +10,6 @@ image: namespace: uveye - resources: limits: memory: 4096Mi