save / reuse user data

.dockerignore

@@ -11,3 +11,7 @@ coverage
 .vscode
 Dockerfile
 .archive
+.rootfs
+.unikraft
+initrd
+.tmp

.github/workflows/chromium-headful-image.yaml

@@ -0,0 +1,37 @@
+name: chromium-headful-image
+
+on:
+  workflow_call:
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Compute short SHA
+        id: vars
+        shell: bash
+        run: echo "short_sha=${GITHUB_SHA::7}" >> "$GITHUB_OUTPUT"
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: images/chromium-headful/Dockerfile
+          push: true
+          tags: onkernel/chromium-headful:${{ steps.vars.outputs.short_sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/chromium-headless-image.yaml

@@ -0,0 +1,37 @@
+name: chromium-headless-image
+
+on:
+  workflow_call:
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Compute short SHA
+        id: vars
+        shell: bash
+        run: echo "short_sha=${GITHUB_SHA::7}" >> "$GITHUB_OUTPUT"
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: images/chromium-headless/image/Dockerfile
+          push: true
+          tags: onkernel/chromium-headless:${{ steps.vars.outputs.short_sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/server-test.yaml

@@ -5,21 +5,60 @@ on:
     branches: ["main"]
   pull_request:
     branches: ["main"]
+  workflow_dispatch:
 
 jobs:
+  build-headful:
+    uses: ./.github/workflows/chromium-headful-image.yaml
+    secrets: inherit
+
+  build-headless:
+    uses: ./.github/workflows/chromium-headless-image.yaml
+    secrets: inherit
+
   test:
     runs-on: ubuntu-latest
+    needs: [build-headful, build-headless]
+    permissions:
+      contents: read
 
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      - name: Setup Chrome
+        uses: browser-actions/setup-chrome@v2
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 22
+
+      - name: Set up pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 10
+
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
           go-version-file: "server/go.mod"
           cache: true
 
+      - name: Compute short SHA for images
+        id: vars
+        shell: bash
+        run: echo "short_sha=${GITHUB_SHA::7}" >> "$GITHUB_OUTPUT"
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
       - name: Run server Makefile tests
         run: make test
         working-directory: server
+        env:
+          # Prefer explicit images if passed from the caller; otherwise use the commit short sha
+          E2E_IMAGE_TAG: ${{ steps.vars.outputs.short_sha }}

images/chromium-headful/Dockerfile

@@ -1,9 +1,24 @@
+FROM docker.io/golang:1.25.0 AS server-builder
+WORKDIR /workspace/server
+
+ARG TARGETOS
+ARG TARGETARCH
+ENV CGO_ENABLED=0
+
+COPY server/go.mod ./
+COPY server/go.sum ./
+RUN go mod download
+
+COPY server/ .
+RUN GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH:-amd64} \
+    go build -ldflags="-s -w" -o /out/kernel-images-api ./cmd/api
+
 # webrtc client
 FROM node:22-bullseye-slim AS client
 WORKDIR /src
-COPY client/package*.json ./
+COPY images/chromium-headful/client/package*.json ./
 RUN npm install
-COPY client/ .
+COPY images/chromium-headful/client/ .
 RUN npm run build
 
 # xorg dependencies
@@ -15,7 +30,7 @@ RUN set -eux; \
     apt-get install -y \
     git gcc pkgconf autoconf automake libtool make xorg-dev xutils-dev \
     && rm -rf /var/lib/apt/lists/*;
-COPY xorg-deps/ /xorg/
+COPY images/chromium-headful/xorg-deps/ /xorg/
 # build xf86-video-dummy v0.3.8 with RandR support
 RUN set -eux; \
     cd xf86-video-dummy/v0.3.8; \
@@ -50,7 +65,6 @@ RUN apt-get update && \
     imagemagick \
     sudo \
     mutter \
-    x11vnc \
     # Python/pyenv reqs
     build-essential \
     libssl-dev  \
@@ -137,37 +151,34 @@ RUN set -eux; \
     apt-get clean -y; \
     rm -rf /var/lib/apt/lists/* /var/cache/apt/
 
-# install chromium & ncat for proxying the remote debugging port
+# install chromium and sqlite3 for debugging the cookies file
 RUN add-apt-repository -y ppa:xtradeb/apps
-RUN apt update -y && apt install -y chromium ncat
-
-# Install noVNC
-RUN git clone --branch v1.5.0 https://github.com/novnc/noVNC.git /opt/noVNC && \
-    git clone --branch v0.12.0 https://github.com/novnc/websockify /opt/noVNC/utils/websockify && \
-    ln -s /opt/noVNC/vnc.html /opt/noVNC/index.html
+RUN apt update -y && apt install -y chromium sqlite3
 
 # setup desktop env & app
 ENV DISPLAY_NUM=1
 ENV HEIGHT=768
 ENV WIDTH=1024
 ENV WITHDOCKER=true
 
-COPY xorg.conf /etc/neko/xorg.conf
-COPY neko.yaml /etc/neko/neko.yaml
+COPY images/chromium-headful/xorg.conf /etc/neko/xorg.conf
+COPY images/chromium-headful/neko.yaml /etc/neko/neko.yaml
 COPY --from=neko /usr/bin/neko /usr/bin/neko
 COPY --from=client /src/dist/ /var/www
 COPY --from=xorg-deps /usr/local/lib/xorg/modules/drivers/dummy_drv.so /usr/lib/xorg/modules/drivers/dummy_drv.so
 COPY --from=xorg-deps /usr/local/lib/xorg/modules/input/neko_drv.so /usr/lib/xorg/modules/input/neko_drv.so
 
-COPY image-chromium/ /
-COPY ./wrapper.sh /wrapper.sh
+COPY images/chromium-headful/image-chromium/ /
+COPY images/chromium-headful/start-chromium.sh /images/chromium-headful/start-chromium.sh
+RUN chmod +x /images/chromium-headful/start-chromium.sh
+COPY images/chromium-headful/wrapper.sh /wrapper.sh
+COPY images/chromium-headful/supervisord.conf /etc/supervisor/supervisord.conf
+COPY images/chromium-headful/supervisor/services/ /etc/supervisor/conf.d/services/
 
-# copy the kernel-images API binary built externally
-COPY bin/kernel-images-api /usr/local/bin/kernel-images-api
+# copy the kernel-images API binary built in the builder stage
+COPY --from=server-builder /out/kernel-images-api /usr/local/bin/kernel-images-api
 ENV WITH_KERNEL_IMAGES_API=false
 
 RUN useradd -m -s /bin/bash kernel
-RUN cp -r ./user-data /home/kernel/user-data
 
 ENTRYPOINT [ "/wrapper.sh" ]
-

images/chromium-headful/build-docker.sh

@@ -8,8 +8,6 @@ source ../../shared/ensure-common-build-run-vars.sh chromium-headful
 
 source ../../shared/start-buildkit.sh
 
-# Build the kernel-images API binary and place it into ./bin for Docker build context
-source ../../shared/build-server.sh "$(pwd)/bin"
-
-# Build (and optionally push) the Docker image.
-docker build -t "$IMAGE" .
+# Build the Docker image using the repo root as build context
+# so the Dockerfile's first stage can access the server sources
+(cd "$SCRIPT_DIR/../.." && docker build -f images/chromium-headful/Dockerfile -t "$IMAGE" .)

images/chromium-headful/build-unikernel.sh

@@ -17,10 +17,8 @@ set -euo pipefail
 # Build the root file system
 source ../../shared/start-buildkit.sh
 rm -rf ./.rootfs || true
-# Build the API binary
-source ../../shared/build-server.sh "$(pwd)/bin"
 app_name=chromium-headful-build
-docker build --platform linux/amd64 -t "$IMAGE" .
+(cd "$SCRIPT_DIR/../.." && docker build --platform linux/amd64 -f images/chromium-headful/Dockerfile -t "$IMAGE" .)
 docker rm cnt-"$app_name" || true
 docker create --platform linux/amd64 --name cnt-"$app_name" "$IMAGE" /bin/sh
 docker cp cnt-"$app_name":/ ./.rootfs