diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000000000000000000000000000000000000..db1c809a848639d3c7528aacd4beebf23907b18c --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/tini +/compat-openssl10.tar.* diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..88e55d6f57b54a3e6317d689b04a89f90fba9ebe --- /dev/null +++ b/Dockerfile @@ -0,0 +1,28 @@ +ARG BASE_REGISTRY=registry1.dso.mil +ARG BASE_IMAGE=ironbank/opensource/r/r-studio +ARG BASE_TAG=latest + +FROM registry1.dso.mil/ironbank/aiml/python/python-r-ai as base + +FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} + +COPY --from=base /usr/local/bin/ /usr/local/bin/ +COPY --from=base /usr/local/lib/ /usr/local/lib/ +COPY --from=base /opt/python/ /opt/python/ + +USER root + +COPY tini /usr/local/bin/tini +RUN chmod +x /usr/local/bin/tini + +RUN chown -R default /var/lib/rstudio-server /var/run/rstudio-server /opt/R/ && \ + chmod -R g=u /var/lib/rstudio-server && \ + chmod -R g=u /etc/rstudio && \ + chmod +t /var/run/rstudio-server + +USER 1001 +EXPOSE 8787 +HEALTHCHECK --start-period=60s CMD rstudio-server status | grep -e "running" + +ENTRYPOINT ["tini", "-g", "--"] +CMD ["rstudio-server", "start"] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/README.md b/README.md index 5dc6fa6db4361c22da2f35edf0544d83ba6001e2..0e65d87304c7cb4511cebfb9360b82fabc6558cf 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,14 @@ # +RStudio -Project template for all Iron Bank container repositories. \ No newline at end of file +RStudio is an integrated development environment (IDE) for the R programming language. Some of its features include: + +Customizable workbench with all of the tools required to work with R in one place (console, source, plots, workspace, help, history, etc.). +Syntax highlighting editor with code completion. +Execute code directly from the source editor (line, selection, or file). +Full support for authoring Sweave and TeX documents. +Runs on Windows, Mac, and Linux, and has a community-maintained FreeBSD port. +Can also be run as a server, enabling multiple users to access the RStudio IDE using a web browser. +For more information on RStudio please visit the project website. + +This artificial intelligenc enhanced version contains relevant AI and machine learning languages inherited from Python-r-A a robust upstream image housing packages, libraries, and tools for AI/ML for both R and Python languages, you can learn more here: https://repo1.dso.mil/dsop/aiml/python/python-r-ai/-/tree/master diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e1f2a0f94343565cccd9dafa049f8922c7061427 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "aiml/r/rstudio" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "1.4.1106" +- "latest" + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "opensource/r/r-studio" + BASE_TAG: "1.4.1717" + +# Docker image labels +labels: + org.opencontainers.image.title: "rstudio" + org.opencontainers.image.description: "JupyterLab is the next-generation web-based user interface for Project Jupyter." + org.opencontainers.image.licenses: "MIT License (MIT)" + org.opencontainers.image.url: " " + org.opencontainers.image.vendor: "rstudio" + org.opencontainers.image.version: "1.4.1106" + mil.dso.ironbank.image.keywords: "jupyter,notebook,terminal,text editor,datascience,ui,data,science" + mil.dso.ironbank.image.type: "opensource" + mil.dso.ironbank.product.name: "jupyterlab" + +resources: +- filename: tini + url: https://github.com/krallin/tini/releases/download/v0.19.0/tini + validation: + type: sha256 + value: 93dcc18adc78c65a028a84799ecf8ad40c936fdfc5f2a57b1acda5a8117fa82c + +# List of project maintainers +maintainers: +- email: "remccarthy@sei.cmu.edu" + name: "Rob McCarthy" + username: "remccarthy" + cht_member: false +- email: "daniel.komnick@gmail.com" + name: "Daniel Komnick" + username: "dkomnick" + cht_member: false diff --git a/scripts/builder/Dockerfile b/scripts/builder/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..bdb571c080e28caaf8071df4b5d938fdf6d7ba80 --- /dev/null +++ b/scripts/builder/Dockerfile @@ -0,0 +1,20 @@ +FROM registry1.dso.mil/ironbank/redhat/ubi/ubi8:latest + +# usage +# build the container: +# docker build --build-arg RHEL_USERNAME='username' --build-arg RHEL_PASSWORD='password' -t rstudio:builder . +# run the container +# docker run -v $(pwd):/outdir +# see tarball in cwd + +ARG RHEL_USERNAME +ARG RHEL_PASSWORD + +RUN subscription-manager register --auto-attach --username $RHEL_USERNAME --password $RHEL_PASSWORD + +RUN subscription-manager repos --enable rhel-8-for-x86_64-appstream-rpms --enable codeready-builder-for-rhel-8-x86_64-rpms +RUN yum install -y createrepo + +COPY entrypoint.sh / +RUN chmod +x /entrypoint.sh +ENTRYPOINT ["/entrypoint.sh"] diff --git a/scripts/builder/entrypoint.sh b/scripts/builder/entrypoint.sh new file mode 100644 index 0000000000000000000000000000000000000000..789913ab3fb2050582899e5af809469bd0d0d8cc --- /dev/null +++ b/scripts/builder/entrypoint.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +yum install -y --downloadonly --downloaddir=/tmp/repo compat-openssl10 +createrepo /tmp/repo +tar cvf compat-openssl10.tar.gz -C /tmp/repo . +mv compat-openssl10.tar.gz /outdir/ + diff --git a/signatures/RPM-GPG-KEY-centosofficial b/signatures/RPM-GPG-KEY-centosofficial new file mode 100644 index 0000000000000000000000000000000000000000..30235a8647634c1706cfde7095c82c5a821e4bab --- /dev/null +++ b/signatures/RPM-GPG-KEY-centosofficial @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.22 (GNU/Linux) + +mQINBFzMWxkBEADHrskpBgN9OphmhRkc7P/YrsAGSvvl7kfu+e9KAaU6f5MeAVyn +rIoM43syyGkgFyWgjZM8/rur7EMPY2yt+2q/1ZfLVCRn9856JqTIq0XRpDUe4nKQ +8BlA7wDVZoSDxUZkSuTIyExbDf0cpw89Tcf62Mxmi8jh74vRlPy1PgjWL5494b3X +5fxDidH4bqPZyxTBqPrUFuo+EfUVEqiGF94Ppq6ZUvrBGOVo1V1+Ifm9CGEK597c +aevcGc1RFlgxIgN84UpuDjPR9/zSndwJ7XsXYvZ6HXcKGagRKsfYDWGPkA5cOL/e +f+yObOnC43yPUvpggQ4KaNJ6+SMTZOKikM8yciyBwLqwrjo8FlJgkv8Vfag/2UR7 +JINbyqHHoLUhQ2m6HXSwK4YjtwidF9EUkaBZWrrskYR3IRZLXlWqeOi/+ezYOW0m +vufrkcvsh+TKlVVnuwmEPjJ8mwUSpsLdfPJo1DHsd8FS03SCKPaXFdD7ePfEjiYk +nHpQaKE01aWVSLUiygn7F7rYemGqV9Vt7tBw5pz0vqSC72a5E3zFzIIuHx6aANry +Gat3aqU3qtBXOrA/dPkX9cWE+UR5wo/A2UdKJZLlGhM2WRJ3ltmGT48V9CeS6N9Y +m4CKdzvg7EWjlTlFrd/8WJ2KoqOE9leDPeXRPncubJfJ6LLIHyG09h9kKQARAQAB +tDpDZW50T1MgKENlbnRPUyBPZmZpY2lhbCBTaWduaW5nIEtleSkgPHNlY3VyaXR5 +QGNlbnRvcy5vcmc+iQI3BBMBAgAhBQJczFsZAhsDBgsJCAcDAgYVCAIJCgsDFgIB +Ah4BAheAAAoJEAW1VbOEg8ZdjOsP/2ygSxH9jqffOU9SKyJDlraL2gIutqZ3B8pl +Gy/Qnb9QD1EJVb4ZxOEhcY2W9VJfIpnf3yBuAto7zvKe/G1nxH4Bt6WTJQCkUjcs +N3qPWsx1VslsAEz7bXGiHym6Ay4xF28bQ9XYIokIQXd0T2rD3/lNGxNtORZ2bKjD +vOzYzvh2idUIY1DgGWJ11gtHFIA9CvHcW+SMPEhkcKZJAO51ayFBqTSSpiorVwTq +a0cB+cgmCQOI4/MY+kIvzoexfG7xhkUqe0wxmph9RQQxlTbNQDCdaxSgwbF2T+gw +byaDvkS4xtR6Soj7BKjKAmcnf5fn4C5Or0KLUqMzBtDMbfQQihn62iZJN6ZZ/4dg +q4HTqyVpyuzMXsFpJ9L/FqH2DJ4exGGpBv00ba/Zauy7GsqOc5PnNBsYaHCply0X +407DRx51t9YwYI/ttValuehq9+gRJpOTTKp6AjZn/a5Yt3h6jDgpNfM/EyLFIY9z +V6CXqQQ/8JRvaik/JsGCf+eeLZOw4koIjZGEAg04iuyNTjhx0e/QHEVcYAqNLhXG +rCTTbCn3NSUO9qxEXC+K/1m1kaXoCGA0UWlVGZ1JSifbbMx0yxq/brpEZPUYm+32 +o8XfbocBWljFUJ+6aljTvZ3LQLKTSPW7TFO+GXycAOmCGhlXh2tlc6iTc41PACqy +yy+mHmSv +=kkH7 +-----END PGP PUBLIC KEY BLOCK-----