LAB-linuxserver/docker-baseimage-debian
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-baseimage-debian.git synced 2026-03-23 00:01:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

add kali variant of debian base

Browse Source
This commit is contained in:
thelamer 2024-07-18 17:15:04 -04:00
parent 8c8d587ef0
commit ce41349585
11 changed files with 145 additions and 127 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/CONTRIBUTING.md vendored
View File

@ -24,7 +24,7 @@
## Readme
If you would like to change our readme, please __**do not**__ directly edit the readme, as it is auto-generated on each commit.
Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-baseimage-debian/edit/master/readme-vars.yml).
Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-baseimage-debian/edit/kali/readme-vars.yml).
These variables are used in a template for our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) as part of an ansible play.
Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io)
@ -115,7 +115,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Update the changelog
If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-baseimage-debian/tree/master/root), add an entry to the changelog
If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-baseimage-debian/tree/kali/root), add an entry to the changelog
```yml
changelogs:

2
.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@ -21,7 +21,7 @@
------------------------------
- [ ] I have read the [contributing](https://github.com/linuxserver/docker-baseimage-debian/blob/master/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications
- [ ] I have read the [contributing](https://github.com/linuxserver/docker-baseimage-debian/blob/kali/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications
------------------------------

4
.github/workflows/external_trigger.yml vendored
View File

@ -4,13 +4,13 @@ on:
workflow_dispatch:
jobs:
external-trigger-master:
external-trigger-kali:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4.1.1
- name: External Trigger
if: github.ref == 'refs/heads/master'
if: github.ref == 'refs/heads/kali'
run: |
echo "**** No external release, exiting ****"
echo "No external release, exiting" >> $GITHUB_STEP_SUMMARY

2
.github/workflows/greetings.yml vendored
View File

@ -9,5 +9,5 @@ jobs:
- uses: actions/first-interaction@v1
with:
issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.'
pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-baseimage-debian/blob/master/.github/PULL_REQUEST_TEMPLATE.md)!'
pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-baseimage-debian/blob/kali/.github/PULL_REQUEST_TEMPLATE.md)!'
repo-token: ${{ secrets.GITHUB_TOKEN }}

18
.github/workflows/package_trigger.yml vendored
View File

@ -4,28 +4,28 @@ on:
workflow_dispatch:
jobs:
package-trigger-master:
package-trigger-kali:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4.1.1
- name: Package Trigger
if: github.ref == 'refs/heads/master'
if: github.ref == 'refs/heads/kali'
run: |
if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_MASTER }}" ]; then
echo "**** Github secret PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_MASTER is set; skipping trigger. ****"
echo "Github secret \`PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_MASTER\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_KALI }}" ]; then
echo "**** Github secret PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_KALI is set; skipping trigger. ****"
echo "Github secret \`PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_KALI\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
exit 0
fi
if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-baseimage-debian/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-baseimage-debian/job/kali/lastBuild/api/json | jq -r '.building') == "true" ]; then
echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****"
echo "There already seems to be an active build on Jenkins; skipping package trigger" >> $GITHUB_STEP_SUMMARY
exit 0
fi
echo "**** Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_MASTER\". ****"
echo "Package trigger running off of master branch. To disable, set a Github secret named \`PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_MASTER\`" >> $GITHUB_STEP_SUMMARY
echo "**** Package trigger running off of kali branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_KALI\". ****"
echo "Package trigger running off of kali branch. To disable, set a Github secret named \`PAUSE_PACKAGE_TRIGGER_BASEIMAGE_DEBIAN_KALI\`" >> $GITHUB_STEP_SUMMARY
response=$(curl -iX POST \
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-baseimage-debian/job/master/buildWithParameters?PACKAGE_CHECK=true \
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-baseimage-debian/job/kali/buildWithParameters?PACKAGE_CHECK=true \
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
echo "**** Jenkins job queue url: ${response%$'\r'} ****"
echo "**** Sleeping 10 seconds until job starts ****"

2
.github/workflows/permissions.yml vendored
View File

@ -5,6 +5,8 @@ on:
- '**/run'
- '**/finish'
- '**/check'
- 'root/migrations/*'
jobs:
permission_check:
uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1

58
Dockerfile
View File

@ -1,30 +1,47 @@
# syntax=docker/dockerfile:1
FROM alpine:3.18 as rootfs-stage
FROM debian:testing AS rootfs-stage
# environment
ENV REL=bookworm
ENV ARCH=amd64
# install packages
RUN \
apk add --no-cache \
bash \
apt-get update && \
apt-get install -y \
curl \
tzdata \
xz
debootstrap \
xz-utils
# grab base tarball
# create base image with debootstrap
RUN \
mkdir /root-out && \
echo "**** modify repo ****" && \
echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
curl -o \
/rootfs.tar.gz -L \
https://github.com/debuerreotype/docker-debian-artifacts/raw/dist-${ARCH}/${REL}/slim/rootfs.tar.xz && \
tar xf \
/rootfs.tar.gz -C \
/root-out && \
/etc/apt/trusted.gpg.d/kali-archive-keyring.asc -L \
"https://archive.kali.org/archive-key.asc" && \
gpg -o \
/usr/share/keyrings/kali-archive-keyring.gpg --dearmor \
/etc/apt/trusted.gpg.d/kali-archive-keyring.asc && \
rm -f /etc/apt/sources.list.d/debian.sources && \
apt-get update && \
mkdir /root-out && \
debootstrap \
--variant=minbase \
--components=main,contrib,non-free,non-free-firmware \
--arch="${ARCH}" \
--include=kali-archive-keyring \
kali-rolling /root-out http://http.kali.org/kali && \
rm -rf \
/root-out/var/log/*
/root-out/tmp/* \
/root-out/var/lib/apt/lists/* \
/root-out/var/cache/* \
/root-out/var/tmp/* \
/root-out/var/log/* && \
echo "**** modify layer repo ****" && \
echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" >> /root-out/etc/apt/sources.list && \
echo "deb-src http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" >> /root-out/etc/apt/sources.list
# set version for s6 overlay
ARG S6_OVERLAY_VERSION="3.1.6.2"
@ -108,24 +125,15 @@ RUN \
apt-utils \
locales && \
echo "**** install packages ****" && \
apt-get install -y \
apt-get install -y --no-install-recommends \
catatonit \
cron \
curl \
gnupg \
jq \
kali-defaults \
netcat-traditional \
tzdata && \
echo "**** add all sources ****" && \
echo "deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
rm -f /etc/apt/sources.list.d/debian.sources && \
echo "**** generate locale ****" && \
locale-gen en_US.UTF-8 && \
echo "**** create abc user and make our folders ****" && \

60
Dockerfile.aarch64
View File

@ -1,30 +1,47 @@
# syntax=docker/dockerfile:1
FROM alpine:3.18 as rootfs-stage
FROM debian:testing AS rootfs-stage
# environment
ENV REL=bookworm
ENV ARCH=arm64v8
ENV ARCH=arm64
# install packages
RUN \
apk add --no-cache \
bash \
apt-get update && \
apt-get install -y \
curl \
tzdata \
xz
debootstrap \
xz-utils
# grab base tarball
# create base image with debootstrap
RUN \
mkdir /root-out && \
echo "**** modify repo ****" && \
echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
curl -o \
/rootfs.tar.gz -L \
https://github.com/debuerreotype/docker-debian-artifacts/raw/dist-${ARCH}/${REL}/slim/rootfs.tar.xz && \
tar xf \
/rootfs.tar.gz -C \
/root-out && \
/etc/apt/trusted.gpg.d/kali-archive-keyring.asc -L \
"https://archive.kali.org/archive-key.asc" && \
gpg -o \
/usr/share/keyrings/kali-archive-keyring.gpg --dearmor \
/etc/apt/trusted.gpg.d/kali-archive-keyring.asc && \
rm -f /etc/apt/sources.list.d/debian.sources && \
apt-get update && \
mkdir /root-out && \
debootstrap \
--variant=minbase \
--components=main,contrib,non-free,non-free-firmware \
--arch="${ARCH}" \
--include=kali-archive-keyring \
kali-rolling /root-out http://http.kali.org/kali && \
rm -rf \
/root-out/var/log/*
/root-out/tmp/* \
/root-out/var/lib/apt/lists/* \
/root-out/var/cache/* \
/root-out/var/tmp/* \
/root-out/var/log/* && \
echo "**** modify layer repo ****" && \
echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" >> /root-out/etc/apt/sources.list && \
echo "deb-src http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" >> /root-out/etc/apt/sources.list
# set version for s6 overlay
ARG S6_OVERLAY_VERSION="3.1.6.2"
@ -108,24 +125,15 @@ RUN \
apt-utils \
locales && \
echo "**** install packages ****" && \
apt-get install -y \
apt-get install -y --no-install-recommends \
catatonit \
cron \
curl \
gnupg \
jq \
kali-defaults \
netcat-traditional \
tzdata && \
echo "**** add all sources ****" && \
echo "deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
rm -f /etc/apt/sources.list.d/debian.sources && \
echo "**** generate locale ****" && \
locale-gen en_US.UTF-8 && \
echo "**** create abc user and make our folders ****" && \

114
Jenkinsfile vendored
View File

@ -48,7 +48,7 @@ pipeline {
script{
env.EXIT_STATUS = ''
env.LS_RELEASE = sh(
script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:bookworm 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''',
script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:kali 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''',
returnStdout: true).trim()
env.LS_RELEASE_NOTES = sh(
script: '''cat readme-vars.yml | awk -F \\" '/date: "[0-9][0-9].[0-9][0-9].[0-9][0-9]:/ {print $4;exit;}' | sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' ''',
@ -77,7 +77,7 @@ pipeline {
script{
env.LS_TAG_NUMBER = sh(
script: '''#! /bin/bash
tagsha=$(git rev-list -n 1 bookworm-${LS_RELEASE} 2>/dev/null)
tagsha=$(git rev-list -n 1 kali-${LS_RELEASE} 2>/dev/null)
if [ "${tagsha}" == "${COMMIT_SHA}" ]; then
echo ${LS_RELEASE_NUMBER}
elif [ -z "${GIT_COMMIT}" ]; then
@ -153,10 +153,10 @@ pipeline {
}
}
}
// If this is a master build use live docker endpoints
// If this is a kali build use live docker endpoints
stage("Set ENV live build"){
when {
branch "master"
branch "kali"
environment name: 'CHANGE_ID', value: ''
}
steps {
@ -166,20 +166,20 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-bookworm-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-bookworm-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
env.CI_TAGS = 'amd64-kali-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-kali-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
} else {
env.CI_TAGS = 'bookworm-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
env.CI_TAGS = 'kali-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
}
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
env.META_TAG = 'bookworm-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
env.EXT_RELEASE_TAG = 'bookworm-version-' + env.EXT_RELEASE_CLEAN
env.META_TAG = 'kali-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
env.EXT_RELEASE_TAG = 'kali-version-' + env.EXT_RELEASE_CLEAN
}
}
}
// If this is a dev build use dev docker endpoints
stage("Set ENV dev build"){
when {
not {branch "master"}
not {branch "kali"}
environment name: 'CHANGE_ID', value: ''
}
steps {
@ -189,13 +189,13 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-bookworm-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-bookworm-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
env.CI_TAGS = 'amd64-kali-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-kali-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
} else {
env.CI_TAGS = 'bookworm-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
env.CI_TAGS = 'kali-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
}
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
env.META_TAG = 'bookworm-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
env.EXT_RELEASE_TAG = 'bookworm-version-' + env.EXT_RELEASE_CLEAN
env.META_TAG = 'kali-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
env.EXT_RELEASE_TAG = 'kali-version-' + env.EXT_RELEASE_CLEAN
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/'
}
}
@ -212,13 +212,13 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-bookworm-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-bookworm-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.CI_TAGS = 'amd64-kali-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-kali-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
} else {
env.CI_TAGS = 'bookworm-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.CI_TAGS = 'kali-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
}
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.META_TAG = 'bookworm-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.EXT_RELEASE_TAG = 'bookworm-version-' + env.EXT_RELEASE_CLEAN
env.META_TAG = 'kali-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.EXT_RELEASE_TAG = 'kali-version-' + env.EXT_RELEASE_CLEAN
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
}
@ -243,7 +243,7 @@ pipeline {
-v ${WORKSPACE}:/mnt \
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
ghcr.io/linuxserver/baseimage-alpine:3.19 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
apk add --no-cache python3 && \
python3 -m venv /lsiopy && \
pip install --no-cache-dir -U pip && \
@ -255,7 +255,7 @@ pipeline {
// Use helper containers to render templated files
stage('Update-Templates') {
when {
branch "master"
branch "kali"
environment name: 'CHANGE_ID', value: ''
expression {
env.CONTAINER_NAME != null
@ -267,24 +267,24 @@ pipeline {
TEMPDIR=$(mktemp -d)
docker pull ghcr.io/linuxserver/jenkins-builder:latest
# Cloned repo paths for templating:
# ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch master of ${LS_USER}/${LS_REPO} for running the jenkins builder on
# ${TEMPDIR}/repo/${LS_REPO}: Cloned branch master of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github
# ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch kali of ${LS_USER}/${LS_REPO} for running the jenkins builder on
# ${TEMPDIR}/repo/${LS_REPO}: Cloned branch kali of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github
# ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github
# ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos
# ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github
git clone --branch master --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME}
git clone --branch kali --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME}
docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true -e PUID=$(id -u) -e PGID=$(id -g) ghcr.io/linuxserver/jenkins-builder:latest
echo "Starting Stage 1 - Jenkinsfile update"
if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then
mkdir -p ${TEMPDIR}/repo
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
cd ${TEMPDIR}/repo/${LS_REPO}
git checkout -f master
git checkout -f kali
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/
git add Jenkinsfile
git commit -m 'Bot Updating Templated Files'
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git kali
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git kali
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit"
rm -Rf ${TEMPDIR}
@ -303,13 +303,13 @@ pipeline {
mkdir -p ${TEMPDIR}/repo
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
cd ${TEMPDIR}/repo/${LS_REPO}
git checkout -f master
git checkout -f kali
for i in ${TEMPLATES_TO_DELETE}; do
git rm "${i}"
done
git commit -m 'Bot Updating Templated Files'
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git kali
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git kali
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit"
rm -Rf ${TEMPDIR}
@ -325,7 +325,7 @@ pipeline {
mkdir -p ${TEMPDIR}/repo
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
cd ${TEMPDIR}/repo/${LS_REPO}
git checkout -f master
git checkout -f kali
cd ${TEMPDIR}/docker-${CONTAINER_NAME}
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE
@ -338,8 +338,8 @@ pipeline {
fi
git add readme-vars.yml ${TEMPLATED_FILES}
git commit -m 'Bot Updating Templated Files'
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git kali
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git kali
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
echo "Updating templates and exiting build, new one will trigger based on commit"
rm -Rf ${TEMPDIR}
@ -350,7 +350,7 @@ pipeline {
fi
echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub"
mkdir -p ${TEMPDIR}/docs
git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
git clone --depth=1 https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/
cd ${TEMPDIR}/docs/docker-documentation
@ -406,7 +406,7 @@ pipeline {
// Exit the build if the Templated files were just updated
stage('Template-exit') {
when {
branch "master"
branch "kali"
environment name: 'CHANGE_ID', value: ''
environment name: 'FILES_UPDATED', value: 'true'
expression {
@ -419,10 +419,10 @@ pipeline {
}
}
}
// If this is a master build check the S6 service file perms
// If this is a kali build check the S6 service file perms
stage("Check S6 Service file Permissions"){
when {
branch "master"
branch "kali"
environment name: 'CHANGE_ID', value: ''
environment name: 'EXIT_STATUS', value: ''
}
@ -566,7 +566,7 @@ pipeline {
// Take the image we just built and dump package versions for comparison
stage('Update-packages') {
when {
branch "master"
branch "kali"
environment name: 'CHANGE_ID', value: ''
environment name: 'EXIT_STATUS', value: ''
}
@ -589,14 +589,14 @@ pipeline {
echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github"
if [ "${NEW_PACKAGE_TAG}" != "${PACKAGE_TAG}" ]; then
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/${LS_REPO}
git --git-dir ${TEMPDIR}/${LS_REPO}/.git checkout -f master
git --git-dir ${TEMPDIR}/${LS_REPO}/.git checkout -f kali
cp ${TEMPDIR}/package_versions.txt ${TEMPDIR}/${LS_REPO}/
cd ${TEMPDIR}/${LS_REPO}/
wait
git add package_versions.txt
git commit -m 'Bot Updating Package Versions'
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git kali
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git kali
echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER}
echo "Package tag updated, stopping build process"
else
@ -614,7 +614,7 @@ pipeline {
// Exit the build if the package file was just updated
stage('PACKAGE-exit') {
when {
branch "master"
branch "kali"
environment name: 'CHANGE_ID', value: ''
environment name: 'PACKAGE_UPDATED', value: 'true'
environment name: 'EXIT_STATUS', value: ''
@ -628,7 +628,7 @@ pipeline {
// Exit the build if this is just a package check and there are no changes to push
stage('PACKAGECHECK-exit') {
when {
branch "master"
branch "kali"
environment name: 'CHANGE_ID', value: ''
environment name: 'PACKAGE_UPDATED', value: 'false'
environment name: 'EXIT_STATUS', value: ''
@ -664,7 +664,7 @@ pipeline {
set -e
docker pull ghcr.io/linuxserver/ci:latest
if [ "${MULTIARCH}" == "true" ]; then
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
fi
docker run --rm \
@ -715,12 +715,12 @@ pipeline {
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
for PUSHIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
docker tag ${IMAGE}:${META_TAG} ${PUSHIMAGE}:${META_TAG}
docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:bookworm
docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:kali
docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:${SEMVER}
fi
docker push ${PUSHIMAGE}:bookworm
docker push ${PUSHIMAGE}:kali
docker push ${PUSHIMAGE}:${META_TAG}
docker push ${PUSHIMAGE}:${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
@ -755,15 +755,15 @@ pipeline {
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
if [ "${CI}" == "false" ]; then
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
fi
for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-bookworm
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-kali
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-bookworm
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-kali
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
@ -771,9 +771,9 @@ pipeline {
fi
docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
docker push ${MANIFESTIMAGE}:amd64-bookworm
docker push ${MANIFESTIMAGE}:amd64-kali
docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker push ${MANIFESTIMAGE}:arm64v8-bookworm
docker push ${MANIFESTIMAGE}:arm64v8-kali
docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
@ -781,7 +781,7 @@ pipeline {
fi
done
for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
docker buildx imagetools create -t ${MANIFESTIMAGE}:bookworm ${MANIFESTIMAGE}:amd64-bookworm ${MANIFESTIMAGE}:arm64v8-bookworm
docker buildx imagetools create -t ${MANIFESTIMAGE}:kali ${MANIFESTIMAGE}:amd64-kali ${MANIFESTIMAGE}:arm64v8-kali
docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
@ -796,7 +796,7 @@ pipeline {
// If this is a public release tag it in the LS Github
stage('Github-Tag-Push-Release') {
when {
branch "master"
branch "kali"
expression {
env.LS_RELEASE != env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
}
@ -808,17 +808,17 @@ pipeline {
sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
-d '{"tag":"'${META_TAG}'",\
"object": "'${COMMIT_SHA}'",\
"message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to master",\
"message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to kali",\
"type": "commit",\
"tagger": {"name": "LinuxServer Jenkins","email": "jenkins@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
echo "Pushing New release for Tag"
sh '''#! /bin/bash
echo "Updating base packages to ${PACKAGE_TAG}" > releasebody.json
echo '{"tag_name":"'${META_TAG}'",\
"target_commitish": "master",\
"target_commitish": "kali",\
"name": "'${META_TAG}'",\
"body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**OS Changes:**\\n\\n' > start
printf '","draft": false,"prerelease": false}' >> releasebody.json
printf '","draft": false,"prerelease": true}' >> releasebody.json
paste -d'\\0' start releasebody.json > releasebody.json.done
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
}
@ -826,14 +826,14 @@ pipeline {
// Add protection to the release branch
stage('Github-Release-Branch-Protection') {
when {
branch "master"
branch "kali"
environment name: 'CHANGE_ID', value: ''
environment name: 'EXIT_STATUS', value: ''
}
steps {
echo "Setting up protection for release branch master"
echo "Setting up protection for release branch kali"
sh '''#! /bin/bash
curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://api.github.com/repos/${LS_USER}/${LS_REPO}/branches/master/protection \
curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://api.github.com/repos/${LS_USER}/${LS_REPO}/branches/kali/protection \
-d $(jq -c . << EOF
{
"required_status_checks": null,

2
README.md
View File

@ -1,5 +1,5 @@
<!-- DO NOT EDIT THIS FILE MANUALLY -->
<!-- Please read https://github.com/linuxserver/docker-baseimage-debian/blob/master/.github/CONTRIBUTING.md -->
<!-- Please read https://github.com/linuxserver/docker-baseimage-debian/blob/kali/.github/CONTRIBUTING.md -->
[linuxserverurl]: https://linuxserver.io
[forumurl]: https://forum.linuxserver.io
[ircurl]: https://www.linuxserver.io/irc/

6
jenkins-vars.yml
View File

@ -3,9 +3,9 @@
# jenkins variables
project_name: docker-baseimage-debian
external_type: os
release_type: stable
release_tag: bookworm
ls_branch: master
release_type: prerelease
release_tag: kali
ls_branch: kali
build_armhf: false
repo_vars:
- BUILD_VERSION_ARG = 'OS'