Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release Workbench 2024.09.0, including umask changes from dev #844

Merged
merged 16 commits into from
Sep 24, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Justfile
Original file line number Diff line number Diff line change
@@ -9,7 +9,7 @@ BUILDX_PATH := ""

RSC_VERSION := "2024.08.0"
RSPM_VERSION := "2024.08.2-9"
RSW_VERSION := "2024.04.2+764.pro1"
RSW_VERSION := "2024.09.0+375.pro3"

DRIVERS_VERSION := "2023.05.0"
DRIVERS_VERSION_RHEL := DRIVERS_VERSION + "-1"
13 changes: 6 additions & 7 deletions docker-bake.hcl
Original file line number Diff line number Diff line change
@@ -8,7 +8,7 @@ variable PACKAGE_MANAGER_VERSION {
}

variable WORKBENCH_VERSION {
default = "2024.04.2+764.pro1"
default = "2024.09.0+375.pro3"
}

variable DRIVERS_VERSION {
@@ -96,9 +96,8 @@ function get_tags {
variable BASE_BUILD_MATRIX {
default = {
builds = [
{os = "ubuntu2204", r_primary = "4.2.3", r_alternate = "4.1.3", py_primary = "3.9.17", py_alternate = "3.8.17"},
{os = "ubuntu2204", r_primary = "4.2.3", r_alternate = "4.1.3", py_primary = "3.12.1", py_alternate = "3.11.7"},
{os = "ubuntu2204", r_primary = "4.4.0", r_alternate = "4.3.3", py_primary = "3.12.1", py_alternate = "3.11.7"},
{os = "ubuntu2204", r_primary = "4.4.1", r_alternate = "4.3.3", py_primary = "3.12.6", py_alternate = "3.11.10"},
]
}
}
@@ -168,31 +167,31 @@ variable CONTENT_BUILD_MATRIX {
variable R_SESSION_COMPLETE_BUILD_MATRIX {
default = {
builds = [
{os = "ubuntu2204", r_primary = "4.4.0", r_alternate = "4.3.3", py_primary = "3.12.1", py_alternate = "3.11.7"},
{os = "ubuntu2204", r_primary = "4.4.1", r_alternate = "4.3.3", py_primary = "3.12.6", py_alternate = "3.11.10"},
]
}
}

variable WORKBENCH_BUILD_MATRIX {
default = {
builds = [
{os = "ubuntu2204", r_primary = "4.4.0", r_alternate = "4.3.3", py_primary = "3.12.1", py_alternate = "3.11.7"},
{os = "ubuntu2204", r_primary = "4.4.1", r_alternate = "4.3.3", py_primary = "3.12.6", py_alternate = "3.11.10"},
]
}
}

variable WORKBENCH_GOOGLE_CLOUD_WORKSTATION_BUILD_MATRIX {
default = {
builds = [
{os = "ubuntu2204", r_primary = "4.4.0", r_alternate = "4.3.3", py_primary = "3.12.1", py_alternate = "3.11.7"},
{os = "ubuntu2204", r_primary = "4.4.1", r_alternate = "4.3.3", py_primary = "3.12.6", py_alternate = "3.11.10"},
]
}
}

variable WORKBENCH_MICROSOFT_AZURE_ML_BUILD_MATRIX {
default = {
builds = [
{os = "ubuntu2204", r_primary = "4.2.3", r_alternate = "4.1.3", py_primary = "3.9.17", py_alternate = "3.8.17"},
{os = "ubuntu2204", r_primary = "4.4.1", r_alternate = "4.3.3", py_primary = "3.12.6", py_alternate = "3.11.10"},
]
}
}
2 changes: 1 addition & 1 deletion r-session-complete/.env
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
R_VERSION=4.1.0
PYTHON_VERSION=3.9.5
RSW_VERSION=2024.04.2+764.pro1
RSW_VERSION=2024.09.0+375.pro3
DRIVERS_VERSION=2024.03.0-1
6 changes: 1 addition & 5 deletions r-session-complete/Dockerfile.ubuntu2204
Original file line number Diff line number Diff line change
@@ -6,7 +6,7 @@ ARG R_VERSION_ALT=4.3.3
ARG PYTHON_VERSION=3.9.17
ARG PYTHON_VERSION_ALT=3.8.17
ARG JUPYTERLAB_VERSION=3.6.5
ARG RSW_VERSION=2024.04.2+764.pro1
ARG RSW_VERSION=2024.09.0+375.pro3
ARG RSW_NAME=rstudio-workbench
ARG RSW_DOWNLOAD_URL=https://download2.rstudio.org/server/jammy/amd64
ARG SCRIPTS_DIR=/opt/positscripts
@@ -43,10 +43,6 @@ RUN ln -s /lib/rstudio-server/bin/quarto/bin/quarto /usr/local/bin/quarto
### Install TinyTeX using Quarto ###
RUN $SCRIPTS_DIR/install_quarto.sh --install-tinytex --add-path-tinytex

COPY maybe_install_vs_code.sh /tmp/maybe_install_vs_code.sh
RUN /tmp/maybe_install_vs_code.sh \
&& rm /tmp/maybe_install_vs_code.sh

RUN /opt/python/"${PYTHON_VERSION}"/bin/pip install \
jupyter \
jupyterlab=="${JUPYTERLAB_VERSION}" \
2 changes: 1 addition & 1 deletion r-session-complete/README.md
Original file line number Diff line number Diff line change
@@ -7,7 +7,7 @@

# Supported tags and respective Dockerfile links

* [`jammy`, `ubuntu2204`, `jammy-2024.04.2`, `ubuntu2204-2024.04.2`](https://github.com/rstudio/rstudio-docker-products/blob/main/r-session-complete/Dockerfile.ubuntu2204)
* [`jammy`, `ubuntu2204`, `jammy-2024.09.0`, `ubuntu2204-2024.09.0`](https://github.com/rstudio/rstudio-docker-products/blob/main/r-session-complete/Dockerfile.ubuntu2204)

# What are the r-session-complete images?

13 changes: 0 additions & 13 deletions r-session-complete/maybe_install_vs_code.sh

This file was deleted.

4 changes: 2 additions & 2 deletions workbench-for-google-cloud-workstations/.env
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
RSW_VERSION=2024.04.2+764.pro1
RSW_TAG_VERSION=2024.04.2-764.pro1
RSW_VERSION=2024.09.0+375.pro3
RSW_TAG_VERSION=2024.09.0-375.pro3
RSW_DOWNLOAD_URL=https://download2.rstudio.org/server/jammy/amd64
RSW_NAME=rstudio-workbench
PYTHON_VERSION=3.11.9
Original file line number Diff line number Diff line change
@@ -10,7 +10,7 @@ ARG PYTHON_VERSION_ALT=3.10.14
ARG PYTHON_VERSION_JUPYTER=3.10.14
ARG JUPYTERLAB_VERSION=3.6.7
ARG DRIVERS_VERSION=2023.05.0
ARG RSW_VERSION=2024.04.2+764.pro1
ARG RSW_VERSION=2024.09.0+375.pro3
ARG RSW_NAME=rstudio-workbench
ARG RSW_DOWNLOAD_URL=https://download2.rstudio.org/server/jammy/amd64
ARG SCRIPTS_DIR=/opt/positscripts
@@ -141,7 +141,7 @@ ADD --chmod=755 https://raw.githubusercontent.com/rstudio/wait-for-it/master/wai
RUN mkdir -p /var/lib/rstudio-server/monitor/log \
&& chown -R rstudio-server:rstudio-server /var/lib/rstudio-server/monitor \
&& mkdir -p /startup/custom/ \
&& printf '\n# allow home directory creation\nsession required pam_mkhomedir.so skel=/etc/skel umask=0027' >> /etc/pam.d/common-session
&& printf '\n# allow home directory creation\nsession required pam_mkhomedir.so skel=/etc/skel umask=0077' >> /etc/pam.d/common-session

COPY --chmod=755 TurboActivate.dat /opt/rstudio-license/license-manager.conf
COPY --chmod=755 license-manager-shim /opt/rstudio-license/license-manager
Original file line number Diff line number Diff line change
@@ -4,7 +4,6 @@ port=5559
server-user=rstudio-server
admin-group=rstudio-server
authorization-enabled=1
enable-debug-logging=1

[cluster]
name=Local
4 changes: 2 additions & 2 deletions workbench-for-google-cloud-workstations/conf/vscode.conf
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
enabled=1
args=--verbose --host=0.0.0.0
args=--host=0.0.0.0

# exe=/usr/lib/rstudio-server/bin/code-server/bin/code-server
# exe=/usr/lib/rstudio-server/bin/pwb-code-server/bin/code-server
Original file line number Diff line number Diff line change
@@ -17,7 +17,7 @@ password sufficient pam_sss.so use_authtok
password required pam_unix.so try_first_pass nullok sha512 shadow
password optional pam_permit.so

session required pam_mkhomedir.so skel=/etc/skel umask=0027
session required pam_mkhomedir.so skel=/etc/skel umask=0077
session required pam_env.so readenv=1
session required pam_env.so readenv=1 envfile=/etc/default/locale
session required pam_limits.so
7 changes: 5 additions & 2 deletions workbench-for-google-cloud-workstations/test/goss.yaml
Original file line number Diff line number Diff line change
@@ -70,8 +70,11 @@ file:
exists: true
owner: rstudio-server
group: rstudio-server
/usr/lib/rstudio-server/bin/code-server/bin/code-server:
/usr/lib/rstudio-server/bin/pwb-code-server/bin/code-server:
exists: true
# Old code-server location
/usr/lib/rstudio-server/bin/code-server/bin/code-server:
exists: false
/etc/rstudio/vscode.conf:
exists: true
/etc/rstudio/jupyter.conf:
@@ -106,7 +109,7 @@ file:
/etc/pam.d/common-session:
exists: true
contents:
- "/^session required pam_mkhomedir.so skel=/etc/skel umask=0027$/"
- "/^session required pam_mkhomedir.so skel=/etc/skel umask=0077$/"
/etc/sssd/sssd.conf:
exists: true
owner: root
2 changes: 1 addition & 1 deletion workbench-for-microsoft-azure-ml/.env
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
RSW_VERSION=2024.04.2+764.pro1
RSW_VERSION=2024.09.0+375.pro3
RSW_DOWNLOAD_URL=https://download2.rstudio.org/server/bionic/amd64
RSW_NAME=rstudio-workbench
PYTHON_VERSION=3.9.14
4 changes: 2 additions & 2 deletions workbench-for-microsoft-azure-ml/Dockerfile.ubuntu2204
Original file line number Diff line number Diff line change
@@ -7,7 +7,7 @@ ARG PYTHON_VERSION=3.9.17
ARG PYTHON_VERSION_ALT=3.8.17
ARG PYTHON_VERSION_JUPYTER=3.8.17
ARG JUPYTERLAB_VERSION=3.6.7
ARG RSW_VERSION=2024.04.2+764.pro1
ARG RSW_VERSION=2024.09.0+375.pro3
ARG RSW_NAME=rstudio-workbench
ARG RSW_DOWNLOAD_URL=https://download2.rstudio.org/server/jammy/amd64
ARG SCRIPTS_DIR=/opt/positscripts
@@ -187,5 +187,5 @@ LABEL \
azure.ii.endpoints='[{"label":"connect","target":8787,"protocol":"http"}]' \
org.opencontainers.image.description='A professional integrated development environment for data science teams using R and Python' \
org.opencontainers.image.title='RStudio Workbench' \
org.opencontainers.image.version='2024.04.2+764.pro1' \
org.opencontainers.image.version='2024.09.0+375.pro3' \
org.opencontainers.image.url='https://www.rstudio.com/products/workbench/'
1 change: 0 additions & 1 deletion workbench-for-microsoft-azure-ml/conf/launcher.conf
Original file line number Diff line number Diff line change
@@ -5,7 +5,6 @@ server-user=rstudio-server
admin-group=rstudio-server
authorization-enabled=1
thread-pool-size=4
enable-debug-logging=1

[cluster]
name=Local
5 changes: 3 additions & 2 deletions workbench-for-microsoft-azure-ml/conf/vscode.conf
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
enabled=1
exe=/opt/code-server/bin/code-server
args=--verbose --host=0.0.0.0
args=--host=0.0.0.0

# exe=/usr/lib/rstudio-server/bin/pwb-code-server/bin/code-server
5 changes: 4 additions & 1 deletion workbench-for-microsoft-azure-ml/test/goss.yaml
Original file line number Diff line number Diff line change
@@ -78,8 +78,11 @@ file:
exists: true
owner: rstudio-server
group: rstudio-server
/usr/lib/rstudio-server/bin/code-server/bin/code-server:
/usr/lib/rstudio-server/bin/pwb-code-server/bin/code-server:
exists: true
# Old code-server location
/usr/lib/rstudio-server/bin/code-server/bin/code-server:
exists: false
/etc/rstudio/vscode.conf:
exists: true
/tmp/startup.log:
2 changes: 1 addition & 1 deletion workbench/.env
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
RSW_VERSION=2024.04.2+764.pro1
RSW_VERSION=2024.09.0+375.pro3
RSW_DOWNLOAD_URL=https://download2.rstudio.org/server/bionic/amd64
RSW_NAME=rstudio-workbench
PYTHON_VERSION=3.9.17
8 changes: 2 additions & 6 deletions workbench/Dockerfile.ubuntu2204
Original file line number Diff line number Diff line change
@@ -7,7 +7,7 @@ ARG PYTHON_VERSION=3.9.17
ARG PYTHON_VERSION_ALT=3.8.17
ARG PYTHON_VERSION_JUPYTER=3.8.17
ARG JUPYTERLAB_VERSION=3.6.7
ARG RSW_VERSION=2024.04.2+764.pro1
ARG RSW_VERSION=2024.09.0+375.pro3
ARG RSW_NAME=rstudio-workbench
ARG RSW_DOWNLOAD_URL=https://download2.rstudio.org/server/jammy/amd64
ARG SCRIPTS_DIR=/opt/positscripts
@@ -73,10 +73,6 @@ RUN ln -s /lib/rstudio-server/bin/quarto/bin/quarto /usr/local/bin/quarto
### Install TinyTeX using Quarto ###
RUN $SCRIPTS_DIR/install_quarto.sh --install-tinytex --add-path-tinytex

COPY maybe_install_vs_code.sh /tmp/maybe_install_vs_code.sh
RUN /tmp/maybe_install_vs_code.sh \
&& rm /tmp/maybe_install_vs_code.sh

COPY --chmod=0775 startup.sh /usr/local/bin/startup.sh
COPY startup-launcher/* /startup/launcher/
COPY startup-user-provisioning/* /startup/user-provisioning/
@@ -107,7 +103,7 @@ COPY conf/* /etc/rstudio/
RUN mkdir -p /var/lib/rstudio-server/monitor/log && \
chown -R rstudio-server:rstudio-server /var/lib/rstudio-server/monitor && \
mkdir -p /startup/custom/ && \
printf '\n# allow home directory creation\nsession required pam_mkhomedir.so skel=/etc/skel umask=0027' >> /etc/pam.d/common-session
printf '\n# allow home directory creation\nsession required pam_mkhomedir.so skel=/etc/skel umask=0077' >> /etc/pam.d/common-session

EXPOSE 8787/tcp
EXPOSE 5559/tcp
5 changes: 5 additions & 0 deletions workbench/NEWS.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# 2024.09.0

- Update umask for user home directory from 0022 to 0077 to improve security of directory permissions

# 2023.03.1

- No changes

# 2023.03.0
2 changes: 1 addition & 1 deletion workbench/README.md
Original file line number Diff line number Diff line change
@@ -7,7 +7,7 @@

# Supported tags and respective Dockerfile links

* [`jammy`, `ubuntu2204`, `jammy-2024.04.2`, `ubuntu2204-2024.04.2`](https://github.com/rstudio/rstudio-docker-products/blob/main/workbench/Dockerfile.ubuntu2204)
* [`jammy`, `ubuntu2204`, `jammy-2024.09.0`, `ubuntu2204-2024.09.0`](https://github.com/rstudio/rstudio-docker-products/blob/main/workbench/Dockerfile.ubuntu2204)

# What is RStudio Workbench?

1 change: 0 additions & 1 deletion workbench/conf/launcher.conf
Original file line number Diff line number Diff line change
@@ -5,7 +5,6 @@ server-user=rstudio-server
admin-group=rstudio-server
authorization-enabled=1
thread-pool-size=4
enable-debug-logging=1

[cluster]
name=Local
4 changes: 2 additions & 2 deletions workbench/conf/vscode.conf
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
enabled=1
args=--verbose --host=0.0.0.0
args=--host=0.0.0.0

# exe=/usr/lib/rstudio-server/bin/code-server/bin/code-server
# exe=/usr/lib/rstudio-server/bin/pwb-code-server/bin/code-server
13 changes: 0 additions & 13 deletions workbench/maybe_install_vs_code.sh

This file was deleted.

2 changes: 1 addition & 1 deletion workbench/pam/rstudio-session
Original file line number Diff line number Diff line change
@@ -17,7 +17,7 @@ password sufficient pam_sss.so use_authtok
password required pam_unix.so try_first_pass nullok sha512 shadow
password optional pam_permit.so

session required pam_mkhomedir.so skel=/etc/skel umask=0027
session required pam_mkhomedir.so skel=/etc/skel umask=0077
session required pam_env.so readenv=1
session required pam_env.so readenv=1 envfile=/etc/default/locale
session required pam_limits.so
9 changes: 3 additions & 6 deletions workbench/test/goss.yaml
Original file line number Diff line number Diff line change
@@ -69,14 +69,11 @@ file:
exists: true
owner: rstudio-server
group: rstudio-server
{{ $version_split := split "." .Env.RSW_VERSION }}
{{ if or (ge ($version_split._0 | atoi) 2025) (and (ge ($version_split._0 | atoi) 2024) (ge ($version_split._1 | atoi) 7)) }}
/usr/lib/rstudio-server/bin/pwb-code-server/bin/code-server:
exists: true
{{ else }}
# Old code-server location
/usr/lib/rstudio-server/bin/code-server/bin/code-server:
exists: true
{{ end }}
exists: false
/var/lib/rstudio-launcher/Local/jobs/buildkitsandbox:
exists: false
/etc/rstudio/vscode.conf:
@@ -88,7 +85,7 @@ file:
/etc/pam.d/common-session:
exists: true
contains:
- "/^session required pam_mkhomedir.so skel=/etc/skel umask=0027$/"
- "/^session required pam_mkhomedir.so skel=/etc/skel umask=0077$/"
/etc/sssd/sssd.conf:
exists: true
owner: root