diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..29e6064 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,83 @@ +FROM d4science/r-full:latest + +LABEL org.d4science.image.licenses="EUPL-1.2" \ + org.d4science.image.source="https://code-repo.d4science.org/gCubeSystem/rstudio-base" \ + org.d4science.image.vendor="D4Science " \ + org.d4science.image.authors="Andrea Dell'Amico , Roberto Cirillo " + +ENV DEBIAN_FRONTEND=noninteractive + +ENV S6_VERSION=v2.1.0.2 +ENV RSTUDIO_VERSION=2023.03.0+386 +ENV DEFAULT_USER=rstudio +ENV PANDOC_VERSION=default +ENV QUARTO_VERSION=default + +ARG NB_USER="jovyan" +ARG NB_UID="1000" +ARG NB_GID="100" +ARG HOME="/home/${NB_USER}" +ENV S6_VERSION=v2.1.0.2 +ENV RSTUDIO_VERSION=2022.02.1+461 +ENV DEFAULT_USER="jovyan" +ENV USERID="1000" +ENV GROUPID="100" +ENV PATH=/usr/lib/rstudio-server/bin:$PATH +ENV R_HOME=/usr/local/lib/R +# Configure environment +ENV SHELL=/bin/bash \ + NB_USER="${NB_USER}" \ + NB_UID=${NB_UID} \ + NB_GID=${NB_GID} \ + LC_ALL=en_US.UTF-8 \ + LANG=en_US.UTF-8 \ + LANGUAGE=en_US.UTF-8 +ENV HOME="/home/${NB_USER}" + +RUN apt-get update --yes +RUN /rocker_scripts/install_rstudio.sh +RUN /rocker_scripts/install_pandoc.sh +RUN /rocker_scripts/install_quarto.sh + +# This part comes from https://github.com/openanalytics/shinyproxy-rstudio-ide-demo/blob/master/Dockerfile +RUN echo "www-frame-origin=same" >> /etc/rstudio/disable_auth_rserver.conf +RUN echo "www-verify-user-agent=0" >> /etc/rstudio/disable_auth_rserver.conf + +RUN mv -f /etc/rstudio/disable_auth_rserver.conf /etc/rstudio/rserver.conf +RUN echo "USER=$NB_USER" >> /etc/environment +COPY rsession.conf /etc/rstudio/rsession.conf +RUN chmod 0644 /etc/rstudio/rsession.conf +RUN curl -o "${R_HOME}/etc/Rprofile.site" "https://code-repo.d4science.org/gCubeSystem/rstudio-rprofile/raw/branch/master/jupyter-Rprofile.site" + +# Copy a script that we will use to correct permissions after running certain commands +COPY fix-permissions /usr/local/bin/fix-permissions +RUN chmod a+rx /usr/local/bin/fix-permissions + +# Create NB_USER with name jovyan user with UID=1000 and in the 'users' group +# and make sure these dirs are writable by the `users` group. +RUN echo "auth requisite pam_deny.so" >> /etc/pam.d/su && \ + sed -i.bak -e 's/^%admin/#%admin/' /etc/sudoers && \ + sed -i.bak -e 's/^%sudo/#%sudo/' /etc/sudoers && \ + userdel -r "${NB_USER}" && \ + useradd -l -m -s /bin/bash -N -u "${NB_UID}" "${NB_USER}" && \ + chmod g+w /etc/passwd && \ + fix-permissions "${HOME}" + +# Install the jupiterhub proxy +RUN pip3 install \ + jsonschema'[format,format-nongpl]' \ + jupyterhub \ + jupyterlab \ + jupyter-rsession-proxy \ + jupyter-server-proxy \ + notebook + +RUN apt-get clean && rm -rf /var/lib/apt/lists/* && \ + echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && \ + locale-gen + +# Enable prompt color in the skeleton .bashrc before creating the default NB_USER +# hadolint ignore=SC2016 +RUN sed -i 's/^#force_color_prompt=yes/force_color_prompt=yes/' /etc/skel/.bashrc + +WORKDIR ${HOME} diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..f253082 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,65 @@ +// REMEMBER TO FILL THE environment section with your values. +// the following filed should be filled: imagename, git_url +// REMEMBER to put your Dockerfile in the root folder of your project +// The related jenkinsjob template is here: + +pipeline { + agent { + label 'docker' + } + environment { + imagename = "d4science/rstudio-base" + registryCredential = 'e348bfab-5580-4db6-b0e0-d854966bde08' + dockerImage = '' + git_url='https://code-repo.d4science.org/gCubeSystem/rstudio-base.git' + } + stages { + stage('Cloning Git') { + steps { + git([url: git_url, branch: 'master', credentialsId: '88b54962-1c0e-49cb-8155-22276860f346']) + + } + } + stage('Building image') { + steps{ + script { + dockerImage = docker.build imagename + } + } + } + stage('Deploy Image') { + steps{ + script { + docker.withRegistry( '', registryCredential ) { + dockerImage.push("$BUILD_NUMBER") + dockerImage.push('latest') + + } + } + } + } + stage('Remove Unused docker image') { + steps{ + sh "docker rmi $imagename:$BUILD_NUMBER" + sh "docker rmi $imagename:latest" + + } + } + } + // post-build actions + post { + success { + echo 'The docker pipeline worked!' + emailext to: 'jenkinsbuilds@d4science.org', + subject: "[Jenkins DockerPipeline D4S] build ${currentBuild.fullDisplayName} worked", + body: "Build time: ${currentBuild.durationString}. See ${env.BUILD_URL}" + } + failure { + echo 'The docker pipeline has failed' + emailext attachLog: true, + to: 'jenkinsbuilds@d4science.org', + subject: "[Jenkins DockerPipeline D4S] build ${currentBuild.fullDisplayName} failed for image ${imagename}", + body: "Something is wrong with ${env.BUILD_URL}" + } + } +} diff --git a/README.md b/README.md index b8489a2..89e477e 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,6 @@ # rstudio-base -Rstudio image that builds from "r-full" \ No newline at end of file +Rstudio image that builds from "r-full" + +* One branch for each corresponding *major.minor* `R` version +* Customizations will be done in rstudio-custom-X diff --git a/fix-permissions b/fix-permissions new file mode 100644 index 0000000..08436da --- /dev/null +++ b/fix-permissions @@ -0,0 +1,36 @@ +#!/bin/bash +# From https://github.com/jupyter/docker-stacks/blob/main/docker-stacks-foundation/fix-permissions +# set permissions on a directory +# after any installation, if a directory needs to be (human) user-writable, +# run this script on it. +# It will make everything in the directory owned by the group ${NB_GID} +# and writable by that group. +# Deployments that want to set a specific user id can preserve permissions +# by adding the `--group-add users` line to `docker run`. + +# uses find to avoid touching files that already have the right permissions, +# which would cause massive image explosion + +# right permissions are: +# group=${NB_GID} +# AND permissions include group rwX (directory-execute) +# AND directories have setuid,setgid bits set + +set -e + +for d in "$@"; do + find "${d}" \ + ! \( \ + -group "${NB_GID}" \ + -a -perm -g+rwX \ + \) \ + -exec chgrp "${NB_GID}" -- {} \+ \ + -exec chmod g+rwX -- {} \+ + # setuid, setgid *on directories only* + find "${d}" \ + \( \ + -type d \ + -a ! -perm -6000 \ + \) \ + -exec chmod +6000 -- {} \+ +done diff --git a/rsession.conf b/rsession.conf new file mode 100644 index 0000000..a9c5aab --- /dev/null +++ b/rsession.conf @@ -0,0 +1,11 @@ +session-timeout-minutes=7200 +session-disconnected-timeout-minutes=1440 +session-quit-child-processes-on-exit=0 +session-default-working-dir=~ +session-default-new-project-dir=~ +# session-save-action-default=yes +allow-shell=1 +#allow-terminal-websockets=1 +limit-cpu-time-minutes=0 +limit-file-upload-size-mb=0 +#limit-xfs-disk-quota=no