diff --git a/linux/base.Dockerfile b/linux/base.Dockerfile index 9ebee2bd..76db5aef 100644 --- a/linux/base.Dockerfile +++ b/linux/base.Dockerfile @@ -15,6 +15,8 @@ FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 LABEL org.opencontainers.image.source="https://github.com/Azure/CloudShell" +WORKDIR /usr/cloudshell + SHELL ["/bin/bash","-c"] COPY linux/tdnfinstall.sh . @@ -73,7 +75,6 @@ RUN tdnf update -y --refresh && \ pkg-config \ postgresql-libs \ postgresql \ - powershell \ python3 \ python3-pip \ python3-virtualenv \ @@ -135,9 +136,9 @@ RUN tdnf update -y --refresh && \ rm -rf /var/cache/tdnf/* && \ rm /var/opt/apache-maven/lib/guava-25.1-android.jar -ENV NPM_CONFIG_LOGLEVEL warn -ENV NODE_ENV production -ENV NODE_OPTIONS=--tls-cipher-list='ECDHE-RSA-AES128-GCM-SHA256:!RC4' +ENV NPM_CONFIG_LOGLEVEL=warn \ + NODE_ENV=production \ + NODE_OPTIONS=--tls-cipher-list='ECDHE-RSA-AES128-GCM-SHA256:!RC4' # Get latest version of Terraform. # Customers require the latest version of Terraform. @@ -170,14 +171,13 @@ RUN chmod 755 /usr/local/bin/ansible* \ # Install latest version of Istio -ENV ISTIO_ROOT /usr/local/istio-latest +ENV ISTIO_ROOT=/usr/local/istio-latest RUN curl -sSL https://git.io/getLatestIstio | sh - \ && mv $PWD/istio* $ISTIO_ROOT \ && chmod -R 755 $ISTIO_ROOT -ENV PATH $PATH:$ISTIO_ROOT/bin ENV GOROOT="/usr/lib/golang" -ENV PATH="$PATH:$GOROOT/bin:/opt/mssql-tools18/bin" +ENV PATH=$PATH:$ISTIO_ROOT/bin:$GOROOT/bin:/opt/mssql-tools18/bin RUN gem install bundler --no-document --clear-sources --force \ && bundle config set without 'development test' \ @@ -186,8 +186,8 @@ RUN gem install bundler --no-document --clear-sources --force \ && gem install rspec --no-document --clear-sources --force \ && rm -rf $(gem env gemdir)/cache/*.gem -ENV GEM_HOME=~/bundle -ENV BUNDLE_PATH=~/bundle +ENV GEM_HOME=~/bundle \ + BUNDLE_PATH=~/bundle ENV PATH=$PATH:$GEM_HOME/bin:$BUNDLE_PATH/gems/bin # Install vscode @@ -228,3 +228,62 @@ RUN curl -fsSL https://aka.ms/install-azd.sh | bash && \ cp rootlesskit rootlesskit-docker-proxy /usr/bin/ && \ popd && \ rm -rf $TMP_DIR + +# Add user's home directories to PATH at the front so they can install tools +# which override defaults. Add dotnet tools to PATH so users can install a tool +# using dotnet tools and can execute that command from any directory +ENV PATH=~/.local/bin:~/bin:~/.dotnet/tools:$PATH \ + AZURE_CLIENTS_SHOW_SECRETS_WARNING=True \ + # + # Set AZUREPS_HOST_ENVIRONMENT + AZUREPS_HOST_ENVIRONMENT=cloud-shell/1.0 \ + # + # Powershell telemetry & don't tell users to upgrade since they cannot. + POWERSHELL_DISTRIBUTION_CHANNEL=CloudShell \ + POWERSHELL_UPDATECHECK=Off + +# ------------------------------ Tools Dockerfile ------------------------------ +# Copy and run script to install Powershell modules and setup Powershell machine +# profile +COPY ./linux/powershell/ powershell + +# Install latest Azure CLI package. CLI team drops latest (pre-release) package +# here prior to public release We don't support using this location elsewhere - +# it may be removed or updated without notice. +RUN INSTALLED_VERSION=$(az version --output json 2>/dev/null | jq -r '."azure-cli"') && \ + wget https://azurecliprod.blob.core.windows.net/cloudshell-release/azure-cli-latest-mariner2.0.rpm && \ + # Get the version of the downloaded Azure CLI + DOWNLOADED_VERSION=$(rpm --queryformat="%{VERSION}" -qp ./azure-cli-latest-mariner2.0.rpm) && \ + # + # If the installed Azure CLI and the downloaded Azure CLI are different, then + # install the downloaded Azure CLI. + if [ "$DOWNLOADED_VERSION" != "$INSTALLED_VERSION" ]; then \ + tdnf clean all && \ + tdnf repolist --refresh && \ + tdnf remove powershell -y && \ + rm -rf /opt/microsoft/powershell && \ + rm -rf /usr/local/share/powershell && \ + ACCEPT_EULA=Y tdnf update -y && \ + tdnf install -y ./azure-cli-latest-mariner2.0.rpm && \ + tdnf install -y powershell && \ + tdnf clean all && \ + rm -rf /var/cache/tdnf/* && \ + # + # Install any Azure CLI extensions that should be included by default. + az extension add --system --name ai-examples -y && \ + az extension add --system --name ssh -y && \ + az extension add --system --name ml -y && \ + # + # Install kubectl + az aks install-cli && \ + # + # Powershell installation and setup + /usr/bin/pwsh -File ./powershell/setupPowerShell.ps1 -image Base && \ + cp -r ./powershell/PSCloudShellUtility /usr/local/share/powershell/Modules/PSCloudShellUtility/ && \ + /usr/bin/pwsh -File ./powershell/setupPowerShell.ps1 -image Top && \ + # Install Powershell warmup script + mkdir -p linux/powershell && \ + cp powershell/Invoke-PreparePowerShell.ps1 linux/powershell/Invoke-PreparePowerShell.ps1; \ + fi && \ + rm azure-cli-latest-mariner2.0.rpm && \ + rm -rf ./powershell diff --git a/linux/powershell/setupPowerShell.ps1 b/linux/powershell/setupPowerShell.ps1 index fe6dda13..3a99ddc4 100644 --- a/linux/powershell/setupPowerShell.ps1 +++ b/linux/powershell/setupPowerShell.ps1 @@ -10,7 +10,7 @@ param( $ProgressPreference = 'SilentlyContinue' # Suppresses progress, which doesn't render correctly in docker # PowerShellGallery PROD site -$prodGallery = 'https://www.powershellgallery.com/api/v2' +$prodGallery = 'https://www.powershellgallery.com/api/v2' $script:pscloudshellBlob = $null # Version folder for the pscloudshell blob storage $shareModulePath = ([System.Management.Automation.Platform]::SelectProductNameForDirectory('SHARED_MODULES')) @@ -31,7 +31,7 @@ function Get-DockerfileData { $script:dockerfileDataObject = Microsoft.PowerShell.Management\Get-Content $dockerFileData | Microsoft.PowerShell.Utility\ConvertFrom-Json if (-not $script:dockerfileDataObject) { throw "Error while reading $dockerFileData file." - } + } $pscloudshellVer = $script:dockerfileDataObject.PSCloudShellVersion $script:pscloudshellBlob = "https://pscloudshellbuild.blob.core.windows.net/$pscloudshellVer" Write-Output "pscloudshellVersion= $pscloudshellVer; pscloudshellBlob=$script:pscloudshellBlob" @@ -57,8 +57,8 @@ function Install-LibMIFile { function Install-AzAndAzAdModules { Write-Output "Install-AzAndAdModules.." mkdir temp - curl -o az-cmdlets.tar.gz -sSL "https://azpspackage.blob.core.windows.net/release/Az-Cmdlets-latest.tar.gz" - tar -xf az-cmdlets.tar.gz -C temp + curl -o az-cmdlets.tar.gz -sSL "https://azpspackage.blob.core.windows.net/release/Az-Cmdlets-latest.tar.gz" + tar -xf az-cmdlets.tar.gz -C temp rm az-cmdlets.tar.gz cd temp @@ -118,10 +118,10 @@ try { if ($image -eq "Base") { Write-Output "Installing modules from production gallery" - PowerShellGet\Install-Module -Name SHiPS @prodAllUsers + PowerShellGet\Install-Module -Name SHiPS @prodAllUsers PowerShellGet\Install-Module -Name SQLServer -MaximumVersion $script:dockerfileDataObject.SQLServerModuleMaxVersion @prodAllUsers PowerShellGet\Install-Module -Name MicrosoftPowerBIMgmt -MaximumVersion $script:dockerfileDataObject.PowerBIMaxVersion @prodAllUsers - PowerShellGet\Install-Module -Name MicrosoftTeams @prodAllUsers + PowerShellGet\Install-Module -Name MicrosoftTeams @prodAllUsers # MS Graph packages PowerShellGet\Install-Module -Name Microsoft.Graph.Authentication @prodAllUsers @@ -142,10 +142,10 @@ try { # Installing modules from Azure Powershell and AzureAD Write-Output "Installing modules from Azure Powershell and AzureAD" Install-AzAndAzAdModules - + # Install modules from PSGallery - Write-Output "Installing modules from production gallery" - PowerShellGet\Install-Module -Name AzurePSDrive @prodAllUsers + Write-Output "Installing modules from production gallery" + PowerShellGet\Install-Module -Name AzurePSDrive @prodAllUsers PowerShellGet\Install-Module -Name GuestConfiguration -MaximumVersion $script:dockerfileDataObject.GuestConfigurationMaxVersion -ErrorAction SilentlyContinue @prodAllUsers PowerShellGet\Install-Module -Force PSReadLine @prodAllUsers PowerShellGet\Install-Module -Name Az.Tools.Predictor @prodAllUsers @@ -153,14 +153,14 @@ try { PowerShellGet\Install-Module -Name Microsoft.PowerShell.SecretManagement @prodAllUsers PowerShellGet\Install-Module -Name Microsoft.PowerShell.SecretStore @prodAllUsers - # With older base image builds, teams 1.1.6 is already installed + # With older base image builds, teams 1.1.6 is already installed if (Get-Module MicrosoftTeams -ListAvailable) { # For some odd reason, Update-Module was creating the MicrosoftTeams module twice with different version numbers. - # Uninstalling and then installing it again was the only way to keep it as one module. + # Uninstalling and then installing it again was the only way to keep it as one module. Uninstall-Module MicrosoftTeams -Force PowerShellGet\Install-Module -Name MicrosoftTeams @prodAllUsers } else { - PowerShellGet\Install-Module -Name MicrosoftTeams @prodAllUsers + PowerShellGet\Install-Module -Name MicrosoftTeams @prodAllUsers } # Install PSCloudShell modules @@ -171,14 +171,14 @@ try { Write-Output ('Temp Directory: {0}' -f $tempDirectory) } - # Copy the startup script to the all-users profile + # Copy the startup script to the all-users profile $psStartupScript = Microsoft.PowerShell.Management\Join-Path $PSHOME 'PSCloudShellStartup.ps1' Microsoft.PowerShell.Management\Copy-Item -Path $PSScriptRoot\PSCloudShellStartup.ps1 -Destination $psStartupScript - + Write-Output "Installing powershell profile to $($PROFILE.AllUsersAllHosts)" Microsoft.PowerShell.Management\Copy-Item -Path $psStartupScript -Destination $PROFILE.AllUsersAllHosts -Verbose Write-Output "Installed powershell profile." - + # Update PowerShell Core help files in the image, ensure any errors that result in help not being updated does not interfere with the build process # We want the image to have latest help files when shipped. Write-Output "Updating help files." @@ -187,7 +187,7 @@ try { } Write-Output "All modules installed:" - Write-Output (Get-InstalledModule | Sort-Object Name | Select-Object Name, Version, Repository) + Write-Output (Get-InstalledModule | Sort-Object Name | Select-Object Name, Version, Repository) } finally { # Clean-up the PowerShell Gallery registration settings diff --git a/linux/tools.Dockerfile b/linux/tools.Dockerfile index 92ebb740..996a7a8f 100644 --- a/linux/tools.Dockerfile +++ b/linux/tools.Dockerfile @@ -10,54 +10,48 @@ FROM ${IMAGE_LOCATION} LABEL org.opencontainers.image.source="https://github.com/Azure/CloudShell" -RUN tdnf clean all && \ - tdnf repolist --refresh && \ - ACCEPT_EULA=Y tdnf update -y && \ - # Install latest Azure CLI package. CLI team drops latest (pre-release) package here prior to public release - # We don't support using this location elsewhere - it may be removed or updated without notice - wget https://azurecliprod.blob.core.windows.net/cloudshell-release/azure-cli-latest-mariner2.0.rpm \ - && tdnf install -y ./azure-cli-latest-mariner2.0.rpm \ - && rm azure-cli-latest-mariner2.0.rpm && \ - tdnf clean all && \ - rm -rf /var/cache/tdnf/* - -# Install any Azure CLI extensions that should be included by default. -RUN az extension add --system --name ai-examples -y \ - && az extension add --system --name ssh -y \ - && az extension add --system --name ml -y - -# Install kubectl -RUN az aks install-cli \ - && chmod +x /usr/local/bin/kubectl \ - && chmod +x /usr/local/bin/kubelogin - -RUN mkdir -p /usr/cloudshell -WORKDIR /usr/cloudshell - -# Powershell telemetry -ENV POWERSHELL_DISTRIBUTION_CHANNEL=CloudShell \ - # don't tell users to upgrade, they can't - POWERSHELL_UPDATECHECK=Off - -# Copy and run script to install Powershell modules and setup Powershell machine profile +# ---------------------- Installation same as base image ---------------------- +# Copy and run script to install Powershell modules and setup Powershell machine +# profile COPY ./linux/powershell/ powershell -RUN /usr/bin/pwsh -File ./powershell/setupPowerShell.ps1 -image Base && \ - cp -r ./powershell/PSCloudShellUtility /usr/local/share/powershell/Modules/PSCloudShellUtility/ && \ - /usr/bin/pwsh -File ./powershell/setupPowerShell.ps1 -image Top && \ - # Install Powershell warmup script - mkdir -p linux/powershell && \ - cp powershell/Invoke-PreparePowerShell.ps1 linux/powershell/Invoke-PreparePowerShell.ps1 && \ - rm -rf ./powershell - -# Remove su so users don't have su access by default. -RUN rm -f ./linux/Dockerfile && rm -f /bin/su - -# Add user's home directories to PATH at the front so they can install tools which -# override defaults -# Add dotnet tools to PATH so users can install a tool using dotnet tools and can execute that command from any directory -ENV PATH ~/.local/bin:~/bin:~/.dotnet/tools:$PATH - -ENV AZURE_CLIENTS_SHOW_SECRETS_WARNING True -# Set AZUREPS_HOST_ENVIRONMENT -ENV AZUREPS_HOST_ENVIRONMENT cloud-shell/1.0 +# Install latest Azure CLI package. CLI team drops latest (pre-release) package +# here prior to public release We don't support using this location elsewhere - +# it may be removed or updated without notice. +RUN INSTALLED_VERSION=$(az version --output json 2>/dev/null | jq -r '."azure-cli"') && \ + wget https://azurecliprod.blob.core.windows.net/cloudshell-release/azure-cli-latest-mariner2.0.rpm && \ + # Get the version of the downloaded Azure CLI + DOWNLOADED_VERSION=$(rpm --queryformat="%{VERSION}" -qp ./azure-cli-latest-mariner2.0.rpm) && \ + # + # If the installed Azure CLI and the downloaded Azure CLI are different, then + # install the downloaded Azure CLI. + if [ "$DOWNLOADED_VERSION" != "$INSTALLED_VERSION" ]; then \ + tdnf clean all && \ + tdnf repolist --refresh && \ + tdnf remove powershell -y && \ + rm -rf /opt/microsoft/powershell && \ + rm -rf /usr/local/share/powershell && \ + ACCEPT_EULA=Y tdnf update -y && \ + tdnf install -y ./azure-cli-latest-mariner2.0.rpm && \ + tdnf install -y powershell && \ + tdnf clean all && \ + rm -rf /var/cache/tdnf/* && \ + # + # Install any Azure CLI extensions that should be included by default. + az extension add --system --name ai-examples -y && \ + az extension add --system --name ssh -y && \ + az extension add --system --name ml -y && \ + # + # Install kubectl + az aks install-cli && \ + # + # Powershell installation and setup + /usr/bin/pwsh -File ./powershell/setupPowerShell.ps1 -image Base && \ + cp -r ./powershell/PSCloudShellUtility /usr/local/share/powershell/Modules/PSCloudShellUtility/ && \ + /usr/bin/pwsh -File ./powershell/setupPowerShell.ps1 -image Top && \ + # Install Powershell warmup script + mkdir -p linux/powershell && \ + cp powershell/Invoke-PreparePowerShell.ps1 linux/powershell/Invoke-PreparePowerShell.ps1; \ + fi && \ + rm azure-cli-latest-mariner2.0.rpm && \ + rm -rf ./powershell diff --git a/tests/command_list b/tests/command_list index c3099156..b0c88167 100644 --- a/tests/command_list +++ b/tests/command_list @@ -1205,6 +1205,7 @@ streamzip strings strip stty +su sudo sudoedit sudo_logsrvd