mrva-docker/README.org at master

mrva/mrva-docker

Fork 0

Files

Michael Hohn e74f135494 updated dockerfiles and READMEs to v0.4.0

2025-06-30 16:02:39 -07:00

12 KiB

Raw Permalink Blame History

MRVA VS Code server container
- On the host
- Inside the container

MRVA VS Code server container

On the host

mixed install, pre and post-container build

  # Build the container via 
  cd ~/work-gh/mrva/mrva-docker/containers/vscode/
  docker build --no-cache -t code-server-initialized:0.4.0 .

  # Run the container in standalone mode via 
  cd ~/work-gh/mrva/mrva-docker/containers/vscode/
  docker run -v ~/work-gh/mrva/vscode-codeql:/work-gh/mrva/vscode-codeql \
         -d -p 9080:9080 code-server-initialized:0.4.0 

  # Tag it
  cd ~/work-gh/mrva/mrva-docker/containers/vscode/
  docker tag code-server-initialized:0.4.0 \
         ghcr.io/hohn/code-server-initialized:0.4.0

build vscode-codeql plugin

node build container produces

~/work-gh/mrva/vscode-codeql/dist/vscode-codeql*.vsix

For patching the vscode-codeql extension, edit source there and rebuild; for one-time use, install extension in running code-server container; copy it via

  VSCID=$(docker ps --format "table {{.ID}}\t{{.Image}}\t{{.Names}}" |grep code-server |cut -f1 -d " ")

  cat ~/work-gh/mrva/vscode-codeql/dist/vscode-codeql-1.13.2-dev.2025.3.12.17.37.12.vsix |\
      docker exec -i $VSCID sh -c 'cat > /home/coder/vscode-codeql-1.13.2-dev.2025.3.12.17.37.12.vsix'

install via GUI; the file listing has a right-click entry. Could also use

/bin/code-server --force --install-extension vscode-codeql-*.vsix

pre-container build

  # Collect artifacts
  cd ~/work-gh/mrva/mrva-docker/containers/vscode/
  cp ~/work-gh/mrva/vscode-codeql/dist/vscode-codeql-* artifacts/

  # Build the container via 
  cd ~/work-gh/mrva/mrva-docker/containers/vscode/
  docker build -t code-server-initialized:0.4.0 .
  # # For debugging and significant Dockerfile changes, build from scratch:
  # docker build --no-cache -t code-server-initialized:0.4.0 .

  # Run the container in standalone mode via 
  cd ~/work-gh/mrva/mrva-docker/containers/vscode/
  docker run -v ~/work-gh/mrva/vscode-codeql:/work-gh/mrva/vscode-codeql \
         -d -p 9080:9080 code-server-initialized:0.4.0

  # Connect to it, password is mrva
  open http://localhost:9080/?folder=/home/coder

Connect to it at http://localhost:9080/?folder=/home/coder, password is mrva.

Inside the container

To see changes in container

  docker diff $(docker ps |grep code-server |cut -f1 -d " ")

  # 
  # determine S_relevant = S_install - S_start, where:
  # 
  # S_start: Changes after the container is first run and the VS Code UI is opened.
  # S_install: Changes after additional steps (like installing software).
  # S_relevant: The differences that come specifically from the installation steps.

  # Capture S_start before installation
  docker diff $(docker ps | grep code-server | cut -f1 -d " ") > S_start.txt

  # Perform the installation or modifications

  # Capture S_install after installation
  docker diff $(docker ps | grep code-server | cut -f1 -d " ") > S_install.txt

  # Compute S_relevant using comm
  comm -13 <(sort S_start.txt) <(sort S_install.txt) > S_relevant.txt

  less S_relevant.txt

  # As first step, filter wanted files
  cat S_relevant.txt | \
      grep -ve /home/coder/mrva-qldemo \
           -ve /home/coder/.codeql/packages \
           -ve /home/coder/.local/share/code-server/User/globalStorage/github.vscode-codeql |\
      less

  # list wanted files
  C_wanted=$(cat S_relevant.txt | \
                 grep -e /home/coder/mrva-qldemo \
                      -e /home/coder/.codeql/packages \
                      -e /home/coder/.local/share/code-server/User/globalStorage/github.vscode-codeql|\
                 grep -ve globalStorage/github.vscode-codeql/variant-analyses |\
                 cut -f2 -d " ")
  echo "$C_wanted" |less

  # export from container to host
  VSCID=$(docker ps --format "table {{.ID}}\t{{.Image}}\t{{.Names}}" |grep code-server |cut -f1 -d " ")
  echo "$C_wanted" | docker exec -i $VSCID tar cf - -T - > mrva-docker-installs.tar

  0:$ tar tvf mrva-docker-installs.tar |sort -rn +4 |head
  -rwxr-xr-x  0 coder  coder 58954792 Mar 11 20:37 home/coder/.local/share/code-server/User/globalStorage/github.vscode-codeql/distribution11/codeql/cpp/tools/linux64/extractor
  -rwxr-xr-x  0 coder  coder 58587032 Mar 11 20:37 home/coder/.local/share/code-server/User/globalStorage/github.vscode-codeql/distribution11/codeql/cpp/tools/linux64/cpp-telemetry
  -rwxr-xr-x  0 coder  coder 57264264 Mar 11 20:37 home/coder/.local/share/code-server/User/globalStorage/github.vscode-codeql/distribution11/codeql/cpp/tools/linux64/extractor-static
  -rwxr-xr-x  0 coder  coder 57250624 Mar 11 20:37 home/coder/.local/share/code-server/User/globalStorage/github.vscode-codeql/distribution11/codeql/cpp/tools/linux64/trap-cache-reader

  # snapshot again
  VSCID=$(docker ps --format "table {{.ID}}\t{{.Image}}\t{{.Names}}" |grep code-server |cut -f1 -d " ")
  docker commit $VSCID mrva-client-vscode:0.3.4

XX:

plain
add shar
open Fprintf, installs codeql cli
install pack dependencies
S_crth.txt

paste variant analysis repo file

get vscode-selection from hepc

~/work-gh/mrva/mrvahepc/db-collection.tmp/metadata.json::{"git_branch": "HEAD", "git_commit_id": "2b41915dac8966e95f9e63638d30769b0d69ad68", "git_repo": "aircrack-ng", "ingestion_datetime_utc": "2024-06-07 16:57:47.683012+00:00", "result_url": "http://hepc/db/db-collection.tmp/aircrack-ng-aircrack-ng-ctsj-41ebbe.zip", "tool_id": "9f2f9642-febb-4435-9204-fb50bbd43de4", "tool_name": "codeql-cpp", "tool_version": "2.17.4", "projname": "aircrack-ng/aircrack-ng"}
```
  jq '.projname' < ~/work-gh/mrva/mrvahepc/db-collection.tmp/metadata.json |sort -u
```
Set up 'variant analysis repositories', continuing from the scratch/vscode-selection.json file formed via jq:
Select '{}' and open db selection file

paste

  {
      "version": 1,
      "databases": {
          "variantAnalysis": {
              "repositoryLists": [
                  {
                      "name": "mirva-list",
                      "repositories": [
                          "Serial-Studio/Serial-Studio",
                          "UEFITool/UEFITool",
                          "aircrack-ng/aircrack-ng",
                          "bulk-builder/bulk-builder",
                          "tesseract/tesseract"
                      ]
                  }
              ],
              "owners": [],
              "repositories": []
          }
      },
      "selected": {
          "kind": "variantAnalysisUserDefinedList",
          "listName": "mirva-list"
      }
  }

run variant analysis to see if more downloads happen

open Fprintf.ql
right click > 'run variant analysis'

XX:

  Unhandled error: Error saving query history to
  /home/coder/.local/share/code-server/User/workspaceStorage/579340b4/GitHub.vscode-codeql/workspace-query-history.json:
  Internal error: exhaustivity checking failure Error: Error saving query history to
  /home/coder/.local/share/code-server/User/workspaceStorage/579340b4/GitHub.vscode-codeql/workspace-query-history.json:
  Internal error: exhaustivity checking failure

all actual runs successful

snapshot container Update Container Images

  #* Get the container IDs

  docker ps --format "table {{.ID}}\t{{.Image}}\t{{.Names}}"
  # 0:$ docker ps --format "table {{.ID}}\t{{.Image}}\t{{.Names}}"

  VSCID=$(docker ps --format "table {{.ID}}\t{{.Image}}\t{{.Names}}" |grep code-server |cut -f1 -d " ")
  docker commit $VSCID mrva-client-vscode:0.4.0

Setup inside the container XX: Add one for C++

  cd 
  export PATH=/opt/codeql:$PATH
  codeql pack init qldemo
  cd qldemo
  codeql pack add codeql/python-all@1.0.6

Create a new file qldemo/simple.ql with this query. Open it in VS Code. The plugin will download the CodeQL binaries (but never use them – the configuration redirects) XX: c++
```
  cd
  cat > qldemo/simple.ql <<eof
  import python
  select 42
  eof
```

Create database.

  cd ~/qldemo

  cat > short.py <<EOF
  print('hello world')
  EOF
  export PATH=/opt/codeql:$PATH  
  codeql database create --language=python -s . -v short-db

Set the database as default and run the query simple.ql

Add the customized VS Code plugin On the host, build the vscode-codeql plugin

  cd ~/work-gh/mrva/vscode-codeql
  git checkout mrva-standalone

  # Install nvm
  curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash

  # Install correct node version 
  cd ./extensions/ql-vscode
  nvm install

  # Build the extension
  cd ~/work-gh/mrva/vscode-codeql/extensions/ql-vscode
  npm install
  npm run build

In the container

  # Install extension
  cd /work-gh/mrva/vscode-codeql/dist

  /bin/code-server --force --install-extension vscode-codeql-*.vsix

Capture the state of this container and create a new image from it.

  docker ps
  # Check id column.  Use it below.
  docker commit 2f3df413ae3b code-server-initialized:0.4.0
  # Keep the sha
  # sha256:1b382a721d8f3892ed22861701f19d3ed4b42a2db8d6d96b6f89fcb6e9c4161e
  docker kill 2f3df413ae3b

  # Make sure the image tag matches the sha
  docker inspect code-server-initialized:0.4.0 |grep Id

  # Run the image and check content
  docker run --rm -d -p 9080:9080 --name test-code-server-codeql \
         code-server-initialized:0.4.0

Again connect to it at http://localhost:9080/?folder=/home/coder, password is mrva.

Push this container

  # Common
  export CSI_TARGET=code-server-initialized:0.4.0

  # Push container
  docker tag ${CSI_TARGET} ghcr.io/hohn/${CSI_TARGET}
  docker push ghcr.io/hohn/${CSI_TARGET}

Test the registry image

  # Test pushed container
  docker pull ghcr.io/hohn/${CSI_TARGET}
  docker run --rm -d -p 9080:9080 --name test-code-server-codeql\
         ghcr.io/hohn/${CSI_TARGET}

In the container, inside the running vs code:

Check the plugin version number via the command
```
codeql: copy version information
```

12 KiB Raw Permalink Blame History Unescape Escape

MRVA VS Code server container

On the host

Inside the container

12 KiB

Raw Permalink Blame History