diff --git a/src/build.sh b/src/build.sh new file mode 100755 index 0000000..10faf12 --- /dev/null +++ b/src/build.sh @@ -0,0 +1,212 @@ +#!/bin/bash +# KNEL-Football Secure OS Docker Build Script +# STRICTLY Docker-only workflow - NO host system modifications + +set -euo pipefail + +echo "=== KNEL-Football Secure OS Build ===" +echo "Environment: Docker Container Only" +echo "Workspace: Docker Volume" + +# Configuration +PROJECT_NAME="knel-football-secure" +VERSION="1.0.0" +DOCKER_IMAGE="knel-football-dev:latest" # Using required knel-football-dev image +BUILD_TIMEOUT="3600" # 1 hour timeout + +# Cleanup function +cleanup() { + echo "Cleaning up Docker resources..." + docker rm -f "$PROJECT_NAME-build" 2>/dev/null || true + echo "✓ Docker cleanup completed" +} + +trap cleanup EXIT + +# Ensure output directory exists (on host) +mkdir -p output tmp +echo "✓ Output directory: $(pwd)/output" +echo "✓ Build directory: $(pwd)/tmp" + +echo "" +echo "=== Starting Docker Build ===" + +# Run entire build process in Docker container +docker run --name "$PROJECT_NAME-build" \ + --rm \ + -v "$(pwd)":/workspace:ro \ + -v "$(pwd)/tmp":/build \ + -v "$(pwd)/output":/output \ + -e TZ="UTC" \ + -e DEBIAN_FRONTEND="noninteractive" \ + -e LC_ALL="C" \ + "$DOCKER_IMAGE" \ + bash -c " +echo '=== Building KNEL-Football Secure OS in Docker ===' +echo 'All operations performed inside container' +echo 'Workspace: /workspace (read-only)' +echo 'Build: /build' +echo 'Output: /output' +echo 'Build Version: $VERSION' +echo '' + +# Install build tools +echo 'Installing build tools...' +apt-get update -qq +apt-get install -y live-build xorriso grub-pc-bin syslinux-utils + +# Create build environment +cd /build +rm -rf ./* + +# Configure live-build +echo 'Configuring live-build...' +lb config \ + --distribution testing \ + --architectures amd64 \ + --archive-areas 'main contrib non-free' \ + --mode debian \ + --chroot-filesystem squashfs \ + --binary-filesystem iso9660 \ + --binary-images iso-hybrid \ + --iso-application 'KNEL-Football Secure OS' \ + --iso-publisher 'KNEL-Football Security Team' \ + --iso-volume 'KNEL-Football Secure' \ + --linux-packages 'linux-image-amd64 linux-headers-amd64' \ + --debian-installer true \ + --debian-installer-gui true \ + --win32-loader true \ + --memtest memtest86+ \ + --source false \ + --apt-indices false \ + --apt-source-archives false + +# Apply configuration from workspace if available +if [ -d /workspace/config ]; then + echo 'Applying custom configuration...' + cp -r /workspace/config/* ./ +fi + +# Build ISO +echo 'Starting ISO build (30-60 minutes)...' +timeout $BUILD_TIMEOUT lb build + +if [ $? -eq 0 ]; then + echo '✓ Build completed successfully!' + + # Find and process ISO + ISO_FILE=$(find . -name '*.iso' -type f | head -1) + if [ -n \"$ISO_FILE\" ]; then + echo \"✓ ISO created: $ISO_FILE\" + + # Generate checksums + sha256sum \"$ISO_FILE\" > \"${ISO_FILE}.sha256\" + md5sum \"$ISO_FILE\" > \"${ISO_FILE}.md5\" + + # Create KNEL-Football branded name + FINAL_ISO=\"${PROJECT_NAME}-v${VERSION}.iso\" + mv \"$ISO_FILE\" \"$FINAL_ISO\" + mv \"${ISO_FILE}.sha256\" \"${FINAL_ISO}.sha256\" + mv \"${ISO_FILE}.md5\" \"${FINAL_ISO}.md5\" + + # Copy artifacts to output volume (host accessible) + cp \"$FINAL_ISO\" \"${FINAL_ISO}.sha256\" \"${FINAL_ISO}.md5\" /output/ + + # Create build report + cat > /output/BUILD-REPORT.txt << REPORT +KNEL-Football Secure OS Build Report +================================= +Build Date: $(date) +Build Environment: Docker Container ($DOCKER_IMAGE) +Version: $VERSION +Architecture: x86_64 + +Files Created: +- $PROJECT_NAME-v$VERSION.iso (bootable ISO) +- $PROJECT_NAME-v$VERSION.sha256 (SHA256 checksum) +- $PROJECT_NAME-v$VERSION.md5 (MD5 checksum) + +Technical Specifications: +- Base Distribution: Debian Testing +- Boot Support: Hybrid UEFI/Legacy BIOS +- Filesystem: SquashFS + ISO9660 +- Package Manager: apt +- Init System: systemd + +Features: +- Debian Installer with GUI +- Full firmware support +- Security configurations +- Memtest86+ memory testing + +Build Status: SUCCESSFUL + +Next Steps: +1. Test ISO on target hardware +2. Validate installation process +3. Apply KNEL-Football security configurations +4. Deploy to production environment + +ISO Information: +Type: Hybrid (UEFI + Legacy BIOS compatible) +Checksum: SHA256 (see .sha256 file) + +Contact: KNEL-Football IT Security Team +Generated: $(date) +REPORT + + echo '✓ Build report created' + echo '✓ All artifacts copied to /output/' + + echo '' + echo '=== BUILD RESULTS ===' + ls -la /output/ + + # Display ISO info + if [ -f \"/output/$FINAL_ISO\" ]; then + echo '' + echo 'ISO Details:' + echo \"File: $FINAL_ISO\" + echo \"Size: $(du -h \"/output/$FINAL_ISO\" | cut -f1)\" + echo \"SHA256: $(cat \"/output/${FINAL_ISO}.sha256\" | cut -d' ' -f1)\" + fi + + else + echo '✗ No ISO file found' + exit 1 + fi +else + echo '✗ Build failed or timed out' + exit 1 +fi +" + +# Check if build succeeded +echo "" +echo "=== BUILD COMPLETION CHECK ===" + +if [ -f "output/$PROJECT_NAME-v$VERSION.iso" ]; then + echo "✓ BUILD SUCCESSFUL!" + echo "✓ ISO created: $PROJECT_NAME-v$VERSION.iso" + echo "✓ Size: $(du -h "output/$PROJECT_NAME-v$VERSION.iso" | cut -f1)" + echo "✓ SHA256: $(cat "output/$PROJECT_NAME-v$VERSION.sha256" | cut -d' ' -f1)" + + echo "" + echo "=== FINAL ARTIFACTS ===" + ls -lah output/ + + echo "" + echo "=== SUCCESS ===" + echo "KNEL-Football Secure OS built successfully in Docker!" + echo "All artifacts available in ./output/" + echo "No host system modifications were performed." + + exit 0 +else + echo "✗ BUILD FAILED" + echo "Check Docker container output for errors" + echo "Artifacts in output:" + ls -lah output/ 2>/dev/null || echo "No artifacts created" + + exit 1 +fi diff --git a/src/run-new.sh b/src/run-new.sh new file mode 100755 index 0000000..713991f --- /dev/null +++ b/src/run-new.sh @@ -0,0 +1,291 @@ +#!/bin/bash +# Enhanced version of the original run.sh script with explicit container management +set -euo pipefail + +# Project metadata +readonly PROJECT_NAME="KNEL Football" +readonly VERSION="1.0.0" + +# Configuration +readonly DOCKER_IMAGE="${DOCKER_IMAGE:-knel-football-dev:latest}" # Using required knel-football-dev image +readonly CONTAINER_PREFIX="knel-football" +readonly PROXY_ENABLED="${PROXY_ENABLED:-true}" +readonly PROXY_URL="${PROXY_URL:-http://10.0.0.1:3128}" + +# Source utility functions +source "$(dirname "$0")/lib/docker.sh" + +# Logging function +log() { + echo "[$(date +'%Y-%m-%d %H:%M:%S')] $*" +} + +# Usage information +usage() { + cat <&2 +} + +log_debug() { + if [ "$VERBOSE" = true ]; then + log "DEBUG: $*" + fi +} + +# Container management +run_with_container() { + local cmd="$1" + local container_name="${CONTAINER_PREFIX}-${cmd}" + shift + + log_info "Starting container: $container_name" + log_debug "Command: $*" + + # Build environment arguments + local env_args=() + for env_var in "${ENV_VARS[@]}"; do + env_args+=("-e" "$env_var") + done + + if [ "$USE_PROXY" = true ]; then + env_args+=("-e" "http_proxy=$PROXY_URL") + env_args+=("-e" "https_proxy=$PROXY_URL") + fi + + # Run container with explicit name and environment + docker run --name "$container_name" \ + --env-file <(grep -v '^#' "$(dirname "$0")/.env" 2>/dev/null || true) \ + "${env_args[@]}" \ + -v "$(pwd)":/workspace:ro \ + -v "$(pwd)/tmp":/build \ + -v "$(pwd)/output":/output \ + -e TZ="UTC" \ + -e DEBIAN_FRONTEND="noninteractive" \ + -e LC_ALL="C" \ + --rm \ + "$DOCKER_IMAGE" \ + "$@" +} + +# Main command handlers +cmd_build() { + log_info "Building Docker image: $DOCKER_IMAGE" + + local build_args=() + if [ "$NO_CACHE" = true ]; then + build_args+=("--no-cache") + fi + + if [ "$USE_PROXY" = true ]; then + build_args+=("--build-arg" "http_proxy=$PROXY_URL") + build_args+=("--build-arg" "https_proxy=$PROXY_URL") + fi + + docker build "${build_args[@]}" -t "$DOCKER_IMAGE" "$(dirname "$0")" +} + +cmd_lint() { + log_info "Running lint checks" + run_with_container "lint" make lint +} + +cmd_test() { + log_info "Running all tests" + run_with_container "test" make test +} + +cmd_test_unit() { + log_info "Running unit tests" + run_with_container "test-unit" make test-unit +} + +cmd_test_integration() { + log_info "Running integration tests" + run_with_container "test-integration" make test-integration +} + +cmd_test_functional() { + log_info "Running functional tests" + run_with_container "test-functional" make test-functional +} + +cmd_shell() { + log_info "Starting interactive shell" + run_with_container "shell" /bin/bash +} + +cmd_clean() { + log_info "Cleaning build artifacts" + rm -rf "$(dirname "$0")/tmp" + mkdir -p "$(dirname "$0")/tmp" + log_info "Cleanup completed" +} + +cmd_iso() { + log_info "Building ISO image" + run_with_container "iso" make iso +} + +cmd_secure() { + log_info "Generating security configuration" + run_with_container "secure" make secure +} + +cmd_deploy() { + log_info "Preparing deployment package" + run_with_container "deploy" make deploy +} + +# Execute command +case "$COMMAND" in +build) + cmd_build + ;; +lint) + cmd_lint + ;; +test) + cmd_test + ;; +test:unit) + cmd_test_unit + ;; +test:integration) + cmd_test_integration + ;; +test:functional) + cmd_test_functional + ;; +shell) + cmd_shell + ;; +clean) + cmd_clean + ;; +iso) + cmd_iso + ;; +secure) + cmd_secure + ;; +deploy) + cmd_deploy + ;; +help) + usage + ;; +*) + log_error "Unknown command: $COMMAND" + usage + exit 1 + ;; +esac diff --git a/src/run.sh b/src/run.sh new file mode 100755 index 0000000..eeb603d --- /dev/null +++ b/src/run.sh @@ -0,0 +1,85 @@ +#!/bin/bash +# KNEL-Football ISO Builder - Host Wrapper +# This script orchestrates the Docker-based build process +# Copyright © 2026 Known Element Enterprises LLC + +set -euo pipefail + +# Configuration variables +readonly DOCKER_IMAGE="knel-football-dev:latest" # Using required knel-football-dev image +readonly SCRIPT_DIR +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +readonly OUTPUT_DIR="${SCRIPT_DIR}/output" +readonly BUILD_DIR="${SCRIPT_DIR}/tmp" + +# Create output and build directories if they don't exist +mkdir -p "${OUTPUT_DIR}" "${BUILD_DIR}" + +# Function to show usage +usage() { + echo "Usage: $0 [command]" + echo "Commands:" + echo " build Build the secure ISO" + echo " test Run all tests" + echo " lint Run linting checks" + echo " clean Clean build artifacts" + echo " shell Interactive shell in build container" + exit 1 +} + +# Main execution logic +main() { + local command="${1:-build}" + + case "${command}" in + build) + echo "Building KNEL-Football secure ISO..." + docker run --rm \ + -v "${SCRIPT_DIR}:/workspace:ro" \ + -v "${OUTPUT_DIR}:/output" \ + -v "${BUILD_DIR}:/build" \ + -e TZ="UTC" \ + -e DEBIAN_FRONTEND="noninteractive" \ + -e LC_ALL="C" \ + "${DOCKER_IMAGE}" \ + /workspace/src/build-iso.sh + ;; + test) + echo "Running KNEL-Football test suite..." + docker run --rm \ + -v "${SCRIPT_DIR}:/workspace:ro" \ + -v "${BUILD_DIR}:/tmp" \ + "${DOCKER_IMAGE}" \ + bats -r /workspace/tests/ + ;; + lint) + echo "Running linting checks..." + docker run --rm \ + -v "${SCRIPT_DIR}:/workspace:ro" \ + "${DOCKER_IMAGE}" \ + shellcheck /workspace/src/*.sh /workspace/config/hooks/*/*.sh + ;; + clean) + echo "Cleaning build artifacts..." + rm -rf "${OUTPUT_DIR:?}"/* + rm -rf "${BUILD_DIR:?}"/* + ;; + shell) + echo "Starting interactive shell..." + docker run --rm -it \ + -v "${SCRIPT_DIR}:/workspace:ro" \ + -v "${OUTPUT_DIR}:/output" \ + -v "${BUILD_DIR}:/build" \ + -e TZ="UTC" \ + -e DEBIAN_FRONTEND="noninteractive" \ + -e LC_ALL="C" \ + "${DOCKER_IMAGE}" \ + bash + ;; + *) + usage + ;; + esac +} + +main "$@"