Bot Updating Package Versions

only chown when ownership change or new install detected

.github/CONTRIBUTING.md

@@ -105,10 +105,10 @@ docker build \
   -t linuxserver/code-server:latest .
 ```
 
-The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
+The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static`
 
 ```bash
-docker run --rm --privileged multiarch/qemu-user-static:register --reset
+docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset
 ```
 
 Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`.

.github/workflows/external_trigger.yml

@@ -11,15 +11,17 @@ jobs:
 
       - name: External Trigger
         if: github.ref == 'refs/heads/master'
+        env:
+          SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }}
         run: |
           printf "# External trigger for docker-code-server\n\n" >> $GITHUB_STEP_SUMMARY
-          if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_CODE_SERVER_MASTER }}" ]; then
+          if grep -q "^code-server_master" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
             echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-            echo "> Github secret \`PAUSE_EXTERNAL_TRIGGER_CODE_SERVER_MASTER\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
+            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`code-server_master\`; skipping trigger." >> $GITHUB_STEP_SUMMARY
             exit 0
           fi
           echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
-          echo "> External trigger running off of master branch. To disable this trigger, set a Github secret named \`PAUSE_EXTERNAL_TRIGGER_CODE_SERVER_MASTER\`" >> $GITHUB_STEP_SUMMARY
+          echo "> External trigger running off of master branch. To disable this trigger, add \`code-server_master\` into the Github organizational variable \`SKIP_EXTERNAL_TRIGGER\`." >> $GITHUB_STEP_SUMMARY
           printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY
           EXT_RELEASE=$(curl -u ${{ secrets.CR_USER }}:${{ secrets.CR_PAT }} -sX GET https://api.github.com/repos/coder/code-server/releases/latest | jq -r '.tag_name' | sed 's|^v||')
           echo "Type is \`custom_version_command\`" >> $GITHUB_STEP_SUMMARY
@@ -78,26 +80,38 @@ jobs:
             echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY
             exit 0
           else
-            printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY
+            if [[ "${artifacts_found}" == "false" ]]; then
-            echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY
+              echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-            response=$(curl -iX POST \
+              echo "> New version detected, but not all artifacts are published yet; skipping trigger" >> $GITHUB_STEP_SUMMARY
-              https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-code-server/job/master/buildWithParameters?PACKAGE_CHECK=false \
+              FAILURE_REASON="New version ${EXT_RELEASE} for code-server tag latest is detected, however not all artifacts are uploaded to upstream release yet. Will try again later."
-              --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
+              curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
-            echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY
+                "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}],
-            echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY
+                "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
-            sleep 10
+            else
-            buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
+              printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY
-            buildurl="${buildurl%$'\r'}"
+              echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY
-            echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY
+              if "${artifacts_found}" == "true" ]]; then
-            echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY
+                echo "All artifacts seem to be uploaded." >> $GITHUB_STEP_SUMMARY
-            curl -iX POST \
+              fi
-              "${buildurl}submitDescription" \
+              response=$(curl -iX POST \
-              --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
+                https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-code-server/job/master/buildWithParameters?PACKAGE_CHECK=false \
-              --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
+                --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
-              --data-urlencode "Submit=Submit"
+              echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY
-            echo "**** Notifying Discord ****"
+              echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY
-            TRIGGER_REASON="A version change was detected for code-server tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
+              sleep 10
-            curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
+              buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
-              "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}],
+              buildurl="${buildurl%$'\r'}"
-              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
+              echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY
+              echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY
+              curl -iX POST \
+                "${buildurl}submitDescription" \
+                --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
+                --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
+                --data-urlencode "Submit=Submit"
+              echo "**** Notifying Discord ****"
+              TRIGGER_REASON="A version change was detected for code-server tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
+              curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
+                "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}],
+                "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
+            fi
           fi

.github/workflows/package_trigger.yml

@@ -1,42 +0,0 @@
-name: Package Trigger Main
-
-on:
-  workflow_dispatch:
-
-jobs:
-  package-trigger-master:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4.1.1
-
-      - name: Package Trigger
-        if: github.ref == 'refs/heads/master'
-        run: |
-          printf "# Package trigger for docker-code-server\n\n" >> $GITHUB_STEP_SUMMARY
-          if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_CODE_SERVER_MASTER }}" ]; then
-            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-            echo "> Github secret \`PAUSE_PACKAGE_TRIGGER_CODE_SERVER_MASTER\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
-            exit 0
-          fi
-          if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-code-server/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
-            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-            echo "> There already seems to be an active build on Jenkins; skipping package trigger" >> $GITHUB_STEP_SUMMARY
-            exit 0
-          fi
-          echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
-          echo "> Package trigger running off of master branch. To disable, set a Github secret named \`PAUSE_PACKAGE_TRIGGER_CODE_SERVER_MASTER\`" >> $GITHUB_STEP_SUMMARY
-          response=$(curl -iX POST \
-            https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-code-server/job/master/buildWithParameters?PACKAGE_CHECK=true \
-            --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
-          echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY
-          echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY
-          sleep 10
-          buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
-          buildurl="${buildurl%$'\r'}"
-          echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY
-          echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY
-          curl -iX POST \
-            "${buildurl}submitDescription" \
-            --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
-            --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
-            --data-urlencode "Submit=Submit"

.github/workflows/package_trigger_scheduler.yml

@@ -14,6 +14,8 @@ jobs:
           fetch-depth: '0'
 
       - name: Package Trigger Scheduler
+        env:
+          SKIP_PACKAGE_TRIGGER: ${{ vars.SKIP_PACKAGE_TRIGGER }}
         run: |
           printf "# Package trigger scheduler for docker-code-server\n\n" >> $GITHUB_STEP_SUMMARY
           printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY
@@ -24,27 +26,58 @@ jobs:
               continue
             fi
             printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY
-            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-code-server/${br}/jenkins-vars.yml | yq -r '.ls_branch')
+            JENKINS_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-code-server/${br}/jenkins-vars.yml)
-            if [ "${br}" == "${ls_branch}" ]; then
+            if [[ "${br}" == $(yq -r '.ls_branch' <<< "${JENKINS_VARS}") ]]; then
               echo "Branch appears to be live; checking workflow." >> $GITHUB_STEP_SUMMARY
-              if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-code-server/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then
+              if [[ $(yq -r '.skip_package_check' <<< "${JENKINS_VARS}") == "true" ]]; then
-                echo "Triggering package trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY
+                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-                triggered_branches="${triggered_branches}${br} "
+                echo "> Skipping branch ${br} due to \`skip_package_check\` being set in \`jenkins-vars.yml\`." >> $GITHUB_STEP_SUMMARY
-                curl -iX POST \
+                skipped_branches="${skipped_branches}${br} "
-                  -H "Authorization: token ${{ secrets.CR_PAT }}" \
+              elif grep -q "^code-server_${br}" <<< "${SKIP_PACKAGE_TRIGGER}"; then
-                  -H "Accept: application/vnd.github.v3+json" \
+                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-                  -d "{\"ref\":\"refs/heads/${br}\"}" \
+                echo "> Github organizational variable \`SKIP_PACKAGE_TRIGGER\` contains \`code-server_${br}\`; skipping trigger." >> $GITHUB_STEP_SUMMARY
-                  https://api.github.com/repos/linuxserver/docker-code-server/actions/workflows/package_trigger.yml/dispatches
+                skipped_branches="${skipped_branches}${br} "
-                sleep 30
+              elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-code-server/job/${br}/lastBuild/api/json | jq -r '.building') == "true" ]; then
+                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+                echo "> There already seems to be an active build on Jenkins; skipping package trigger for ${br}" >> $GITHUB_STEP_SUMMARY
+                skipped_branches="${skipped_branches}${br} "
               else
-                echo "Skipping branch ${br} due to no package trigger workflow present." >> $GITHUB_STEP_SUMMARY
+                echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
+                echo "> Triggering package trigger for branch ${br}" >> $GITHUB_STEP_SUMMARY
+                printf "> To disable, add \`code-server_%s\` into the Github organizational variable \`SKIP_PACKAGE_TRIGGER\`.\n\n" "${br}" >> $GITHUB_STEP_SUMMARY
+                triggered_branches="${triggered_branches}${br} "
+                response=$(curl -iX POST \
+                  https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-code-server/job/${br}/buildWithParameters?PACKAGE_CHECK=true \
+                  --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
+                echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY
+                echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY
+                sleep 10
+                buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
+                buildurl="${buildurl%$'\r'}"
+                echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY
+                echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY
+                curl -iX POST \
+                  "${buildurl}submitDescription" \
+                  --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
+                  --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
+                  --data-urlencode "Submit=Submit"
+                sleep 20
               fi
             else
               echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY
             fi
           done
-          echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"
+          if [[ -n "${triggered_branches}" ]] || [[ -n "${skipped_branches}" ]]; then
-          echo "**** Notifying Discord ****"
+            if [[ -n "${triggered_branches}" ]]; then
-          curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
+              NOTIFY_BRANCHES="**Triggered:** ${triggered_branches} \n"
-            "description": "**Package Check Build(s) Triggered for code-server** \n**Branch(es):** '"${triggered_branches}"' \n**Build URL:** '"https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-code-server/activity/"' \n"}],
+              NOTIFY_BUILD_URL="**Build URL:** https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-code-server/activity/ \n"
-            "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
+              echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"
+            fi
+            if [[ -n "${skipped_branches}" ]]; then
+              NOTIFY_BRANCHES="${NOTIFY_BRANCHES}**Skipped:** ${skipped_branches} \n"
+            fi
+            echo "**** Notifying Discord ****"
+            curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
+              "description": "**Package Check Build(s) for code-server** \n'"${NOTIFY_BRANCHES}"''"${NOTIFY_BUILD_URL}"'"}],
+              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
+          fi

Dockerfile

@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-ubuntu:jammy
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-ubuntu:noble
 
 # set version label
 ARG BUILD_DATE
@@ -16,11 +18,9 @@ RUN \
   apt-get update && \
   apt-get install -y \
     git \
-    jq \
     libatomic1 \
     nano \
     net-tools \
-    netcat \
     sudo && \
   echo "**** install code-server ****" && \
   if [ -z ${CODE_RELEASE+x} ]; then \
@@ -33,6 +33,7 @@ RUN \
     "https://github.com/coder/code-server/releases/download/v${CODE_RELEASE}/code-server-${CODE_RELEASE}-linux-amd64.tar.gz" && \
   tar xf /tmp/code-server.tar.gz -C \
     /app/code-server --strip-components=1 && \
+  printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
   echo "**** clean up ****" && \
   apt-get clean && \
   rm -rf \

Dockerfile.aarch64

@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-jammy
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-noble
 
 # set version label
 ARG BUILD_DATE
@@ -16,11 +18,9 @@ RUN \
   apt-get update && \
   apt-get install -y \
     git \
-    jq \
     libatomic1 \
     nano \
     net-tools \
-    netcat \
     sudo && \
   echo "**** install code-server ****" && \
   if [ -z ${CODE_RELEASE+x} ]; then \
@@ -33,6 +33,7 @@ RUN \
     "https://github.com/coder/code-server/releases/download/v${CODE_RELEASE}/code-server-${CODE_RELEASE}-linux-arm64.tar.gz" && \
   tar xf /tmp/code-server.tar.gz -C \
     /app/code-server --strip-components=1 && \
+  printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
   echo "**** clean up ****" && \
   apt-get clean && \
   rm -rf \

Jenkinsfile

@@ -33,8 +33,8 @@ pipeline {
     CI_PORT='8443'
     CI_SSL='false'
     CI_DELAY='120'
-    CI_DOCKERENV='TZ=US/Pacific'
+    CI_DOCKERENV=''
-    CI_AUTH='user:password'
+    CI_AUTH=''
     CI_WEBPATH=''
   }
   stages {
@@ -81,7 +81,7 @@ pipeline {
           env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
           env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
           env.PULL_REQUEST = env.CHANGE_ID
-          env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml'
+          env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml'
         }
         sh '''#! /bin/bash
               echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" '''
@@ -311,7 +311,7 @@ pipeline {
                 echo "Jenkinsfile is up to date."
               fi
               echo "Starting Stage 2 - Delete old templates"
-              OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml"
+              OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml .github/workflows/package_trigger.yml"
               for i in ${OLD_TEMPLATES}; do
                 if [[ -f "${i}" ]]; then
                   TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
@@ -719,6 +719,14 @@ pipeline {
           }
           sh '''#! /bin/bash
                 set -e
+                if grep -q 'docker-baseimage' <<< "${LS_REPO}"; then
+                  echo "Detected baseimage, setting LSIO_FIRST_PARTY=true"
+                  if [ -n "${CI_DOCKERENV}" ]; then
+                    CI_DOCKERENV="LSIO_FIRST_PARTY=true|${CI_DOCKERENV}"
+                  else
+                    CI_DOCKERENV="LSIO_FIRST_PARTY=true"
+                  fi
+                fi
                 docker pull ghcr.io/linuxserver/ci:latest
                 if [ "${MULTIARCH}" == "true" ]; then
                   docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
@@ -731,6 +739,7 @@ pipeline {
                 -e DOCKER_LOGS_TIMEOUT=\"${CI_DELAY}\" \
                 -e TAGS=\"${CI_TAGS}\" \
                 -e META_TAG=\"${META_TAG}\" \
+                -e RELEASE_TAG=\"latest\" \
                 -e PORT=\"${CI_PORT}\" \
                 -e SSL=\"${CI_SSL}\" \
                 -e BASE=\"${DIST_IMAGE}\" \
@@ -740,6 +749,7 @@ pipeline {
                 -e WEB_SCREENSHOT=\"${CI_WEB}\" \
                 -e WEB_AUTH=\"${CI_AUTH}\" \
                 -e WEB_PATH=\"${CI_WEBPATH}\" \
+                -e NODE_NAME=\"${NODE_NAME}\" \
                 -t ghcr.io/linuxserver/ci:latest \
                 python3 test_build.py'''
         }
@@ -874,7 +884,7 @@ pipeline {
               echo '{"tag_name":"'${META_TAG}'",\
                      "target_commitish": "master",\
                      "name": "'${META_TAG}'",\
-                     "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
+                     "body": "**CI Report:**\\n\\n'${CI_URL:-N/A}'\\n\\n**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
               printf '","draft": false,"prerelease": false}' >> releasebody.json
               paste -d'\\0' start releasebody.json > releasebody.json.done
               curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
@@ -1007,17 +1017,45 @@ EOF
             git config --global --unset commit.gpgsign
         '''
       script{
+        env.JOB_DATE = sh(
+            script: '''date '+%Y-%m-%dT%H:%M:%S%:z' ''',
+            returnStdout: true).trim()
         if (env.EXIT_STATUS == "ABORTED"){
           sh 'echo "build aborted"'
-        }
+        }else{
-        else if (currentBuild.currentResult == "SUCCESS"){
+          if (currentBuild.currentResult == "SUCCESS"){
-          sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"color": 1681177,\
+            if (env.GITHUBIMAGE =~ /lspipepr/){
-                 "description": "**Build:**  '${BUILD_NUMBER}'\\n**CI Results:**  '${CI_URL}'\\n**ShellCheck Results:**  '${SHELLCHECK_URL}'\\n**Status:**  Success\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\
+              env.JOB_WEBHOOK_STATUS='Success'
-                 "username": "Jenkins"}' ${BUILDS_DISCORD} '''
+              env.JOB_WEBHOOK_COLOUR=3957028
-        }
+              env.JOB_WEBHOOK_FOOTER='PR Build'
-        else {
+            }else if (env.GITHUBIMAGE =~ /lsiodev/){
-          sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"color": 16711680,\
+              env.JOB_WEBHOOK_STATUS='Success'
-                 "description": "**Build:**  '${BUILD_NUMBER}'\\n**CI Results:**  '${CI_URL}'\\n**ShellCheck Results:**  '${SHELLCHECK_URL}'\\n**Status:**  failure\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\
+              env.JOB_WEBHOOK_COLOUR=3957028
+              env.JOB_WEBHOOK_FOOTER='Dev Build'
+            }else{
+              env.JOB_WEBHOOK_STATUS='Success'
+              env.JOB_WEBHOOK_COLOUR=1681177
+              env.JOB_WEBHOOK_FOOTER='Live Build'
+            }
+          }else{
+            if (env.GITHUBIMAGE =~ /lspipepr/){
+              env.JOB_WEBHOOK_STATUS='Failure'
+              env.JOB_WEBHOOK_COLOUR=12669523
+              env.JOB_WEBHOOK_FOOTER='PR Build'
+            }else if (env.GITHUBIMAGE =~ /lsiodev/){
+              env.JOB_WEBHOOK_STATUS='Failure'
+              env.JOB_WEBHOOK_COLOUR=12669523
+              env.JOB_WEBHOOK_FOOTER='Dev Build'
+            }else{
+              env.JOB_WEBHOOK_STATUS='Failure'
+              env.JOB_WEBHOOK_COLOUR=16711680
+              env.JOB_WEBHOOK_FOOTER='Live Build'
+            }
+          }
+          sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"'color'": '${JOB_WEBHOOK_COLOUR}',\
+                 "footer": {"text" : "'"${JOB_WEBHOOK_FOOTER}"'"},\
+                 "timestamp": "'${JOB_DATE}'",\
+                 "description": "**Build:**  '${BUILD_NUMBER}'\\n**CI Results:**  '${CI_URL}'\\n**ShellCheck Results:**  '${SHELLCHECK_URL}'\\n**Status:**  '${JOB_WEBHOOK_STATUS}'\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\
                  "username": "Jenkins"}' ${BUILDS_DISCORD} '''
         }
       }

README.md

@@ -78,6 +78,7 @@ git config --global user.email "email address"
 
 How to create the [hashed password](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#can-i-store-my-password-hashed).
 
+ 
 ## Usage
 
 To help you get started creating a container from this image you can either use docker-compose or the docker cli.
@@ -101,7 +102,7 @@ services:
       - PROXY_DOMAIN=code-server.my.domain #optional
       - DEFAULT_WORKSPACE=/config/workspace #optional
     volumes:
-      - /path/to/appdata/config:/config
+      - /path/to/code-server/config:/config
     ports:
       - 8443:8443
     restart: unless-stopped
@@ -122,7 +123,7 @@ docker run -d \
   -e PROXY_DOMAIN=code-server.my.domain `#optional` \
   -e DEFAULT_WORKSPACE=/config/workspace `#optional` \
   -p 8443:8443 \
-  -v /path/to/appdata/config:/config \
+  -v /path/to/code-server/config:/config \
   --restart unless-stopped \
   lscr.io/linuxserver/code-server:latest
 ```
@@ -141,7 +142,7 @@ Containers are configured using parameters passed at runtime (such as those abov
 | `-e HASHED_PASSWORD=` | Optional web gui password, overrides `PASSWORD`, instructions on how to create it is below. |
 | `-e SUDO_PASSWORD=password` | If this optional variable is set, user will have sudo access in the code-server terminal with the specified password. |
 | `-e SUDO_PASSWORD_HASH=` | Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`. |
-| `-e PROXY_DOMAIN=code-server.my.domain` | If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#sub-domains) |
+| `-e PROXY_DOMAIN=code-server.my.domain` | If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/coder/code-server/blob/main/docs/guide.md#using-a-subdomain) |
 | `-e DEFAULT_WORKSPACE=/config/workspace` | If this optional variable is set, code-server will open this directory by default |
 | `-v /config` | Contains all relevant configuration files. |
 
@@ -281,7 +282,8 @@ Below are the instructions for updating containers:
 
 ### Image Update Notifications - Diun (Docker Image Update Notifier)
 
-**tip**: We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
+>[!TIP]
+>We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
 
 ## Building locally
 
@@ -296,16 +298,19 @@ docker build \
   -t lscr.io/linuxserver/code-server:latest .
 ```
 
-The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
+The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static`
 
 ```bash
-docker run --rm --privileged multiarch/qemu-user-static:register --reset
+docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset
 ```
 
 Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`.
 
 ## Versions
 
+* **13.10.24:** - Only chown config folder when change to ownership or new install is detected.
+* **09.10.24:** - Manage permissions in /config/.ssh according to file type
+* **19.08.24:** - Rebase to Ubuntu Noble.
 * **01.07.23:** - Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf)
 * **05.10.22:** - Install recommended deps to maintain parity with the older images.
 * **29.09.22:** - Rebase to jammy, switch to s6v3. Fix chown logic to skip `/config/workspace` contents.

jenkins-vars.yml

@@ -22,6 +22,6 @@ repo_vars:
   - CI_PORT='8443'
   - CI_SSL='false'
   - CI_DELAY='120'
-  - CI_DOCKERENV='TZ=US/Pacific'
+  - CI_DOCKERENV=''
-  - CI_AUTH='user:password'
+  - CI_AUTH=''
   - CI_WEBPATH=''

readme-vars.yml

@@ -10,22 +10,16 @@ project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_
 available_architectures:
   - {arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
   - {arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
-# development version
+
-development_versions: false
-development_versions_items:
-  - {tag: "latest", desc: "Stable releases"}
 # container parameters
 common_param_env_vars_enabled: true
 param_container_name: "{{ project_name }}"
 param_usage_include_vols: true
 param_volumes:
-  - {vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "Contains all relevant configuration files."}
+  - {vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Contains all relevant configuration files."}
 param_usage_include_ports: true
 param_ports:
   - {external_port: "8443", internal_port: "8443", port_desc: "web gui"}
-param_usage_include_env: true
-param_env_vars:
-  - {env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London"}
 # optional container parameters
 opt_param_usage_include_env: true
 opt_param_env_vars:
@@ -33,10 +27,9 @@ opt_param_env_vars:
   - {env_var: "HASHED_PASSWORD", env_value: "", desc: "Optional web gui password, overrides `PASSWORD`, instructions on how to create it is below."}
   - {env_var: "SUDO_PASSWORD", env_value: "password", desc: "If this optional variable is set, user will have sudo access in the code-server terminal with the specified password."}
   - {env_var: "SUDO_PASSWORD_HASH", env_value: "", desc: "Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`."}
-  - {env_var: "PROXY_DOMAIN", env_value: "code-server.my.domain", desc: "If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#sub-domains)"}
+  - {env_var: "PROXY_DOMAIN", env_value: "code-server.my.domain", desc: "If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/coder/code-server/blob/main/docs/guide.md#using-a-subdomain)"}
   - {env_var: "DEFAULT_WORKSPACE", env_value: "/config/workspace", desc: "If this optional variable is set, code-server will open this directory by default"}
-optional_block_1: false
+
-optional_block_1_items: ""
 # application setup block
 app_setup_block_enabled: true
 app_setup_block: |
@@ -54,6 +47,9 @@ app_setup_block: |
   How to create the [hashed password](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#can-i-store-my-password-hashed).
 # changelog
 changelogs:
+  - {date: "13.10.24:", desc: "Only chown config folder when change to ownership or new install is detected."}
+  - {date: "09.10.24:", desc: "Manage permissions in /config/.ssh according to file type"}
+  - {date: "19.08.24:", desc: "Rebase to Ubuntu Noble."}
   - {date: "01.07.23:", desc: "Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf)"}
   - {date: "05.10.22:", desc: "Install recommended deps to maintain parity with the older images."}
   - {date: "29.09.22:", desc: "Rebase to jammy, switch to s6v3. Fix chown logic to skip `/config/workspace` contents."}

root/etc/s6-overlay/s6-rc.d/init-code-server/run

@@ -1,14 +1,15 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
 mkdir -p /config/{extensions,data,workspace,.ssh}
 
-if [ -n "${SUDO_PASSWORD}" ] || [ -n "${SUDO_PASSWORD_HASH}" ]; then
+if [[ -n "${SUDO_PASSWORD}" ]] || [[ -n "${SUDO_PASSWORD_HASH}" ]]; then
     echo "setting up sudo access"
     if ! grep -q 'abc' /etc/sudoers; then
         echo "adding abc to sudoers"
         echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers
     fi
-    if [ -n "${SUDO_PASSWORD_HASH}" ]; then
+    if [[ -n "${SUDO_PASSWORD_HASH}" ]]; then
         echo "setting sudo password using sudo password hash"
         sed -i "s|^abc:\!:|abc:${SUDO_PASSWORD_HASH}:|" /etc/shadow
     else
@@ -17,15 +18,25 @@ if [ -n "${SUDO_PASSWORD}" ] || [ -n "${SUDO_PASSWORD_HASH}" ]; then
     fi
 fi
 
-[[ ! -f /config/.bashrc ]] && \
+if [[ ! -f /config/.bashrc ]]; then
     cp /root/.bashrc /config/.bashrc
-[[ ! -f /config/.profile ]] && \
+fi
-    cp /root/.profile /config/.profile
+
-
+if [[ ! -f /config/.profile ]]; then
-# fix permissions (ignore contents of /config/workspace)
+    cp /root/.profile /config/.profile
-find /config -path /config/workspace -prune -o -exec chown abc:abc {} +
+fi
-chown abc:abc /config/workspace
+
-chmod 700 /config/.ssh
+# fix permissions (ignore contents of workspace)
-if [ -n "$(ls -A /config/.ssh)" ]; then
+PUID=${PUID:-911}
-    chmod 600 /config/.ssh/*
+if [[ ! "$(stat -c %u /config/.profile)" == "${PUID}" ]]; then
+    echo "Change in ownership or new install detected, please be patient while we chown existing files"
+    echo "This could take some time"
+    find /config -path "/config/workspace" -prune -o -exec lsiown abc:abc {} +
+    lsiown abc:abc /config/workspace
+fi
+chmod 700 /config/.ssh
+if [[ -n "$(ls -A /config/.ssh)" ]]; then
+    find /config/.ssh/ -type d -exec chmod 700 '{}' \;
+    find /config/.ssh/ -type f -exec chmod 600 '{}' \;
+    find /config/.ssh/ -type f -iname '*.pub' -exec chmod 644 '{}' \;
 fi

root/etc/s6-overlay/s6-rc.d/init-code-server/type

@@ -1 +1 @@
-oneshot
+oneshot

root/etc/s6-overlay/s6-rc.d/init-code-server/up

@@ -1 +1 @@
-/etc/s6-overlay/s6-rc.d/init-code-server/run
+/etc/s6-overlay/s6-rc.d/init-code-server/run

root/etc/s6-overlay/s6-rc.d/svc-code-server/notification-fd

@@ -1 +1 @@
-3
+3

root/etc/s6-overlay/s6-rc.d/svc-code-server/run

@@ -1,13 +1,14 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
-if [ -n "${PASSWORD}" ] || [ -n "${HASHED_PASSWORD}" ]; then
+if [[ -n "${PASSWORD}" ]] || [[ -n "${HASHED_PASSWORD}" ]]; then
     AUTH="password"
 else
     AUTH="none"
     echo "starting with no password"
 fi
 
-if [ -z ${PROXY_DOMAIN+x} ]; then
+if [[ -z ${PROXY_DOMAIN+x} ]]; then
     PROXY_DOMAIN_ARG=""
 else
     PROXY_DOMAIN_ARG="--proxy-domain=${PROXY_DOMAIN}"

root/etc/s6-overlay/s6-rc.d/svc-code-server/type

@@ -1 +1 @@
-longrun
+longrun

root/usr/local/bin/install-extension

@@ -3,7 +3,7 @@
 
 _install=(/app/code-server/bin/code-server "--extensions-dir" "/config/extensions" "--install-extension")
 
-if [ "$(whoami)" == "abc" ]; then
+if [[ "$(whoami)" == "abc" ]]; then
     "${_install[@]}" "$@"
 else
     s6-setuidgid abc "${_install[@]}" "$@"