Skip to content

Commit 95f2978

Browse files
Merge upstream/main to sync with kernel/kernel-images
Resolved conflicts keeping both Reclaim-specific features and upstream improvements: - config.go: Kept TEE configuration (TEEKUrl, TEETUrl, AttestorUrl) - openapi.yaml: Kept /reclaim/prove endpoint and ReclaimProve* schemas - go.mod: Kept all Reclaim TEE dependencies and updated to latest versions - log.ts: Kept OpenTelemetry logging wrapper around base loggers - proxy.go: Adopted upstream's improved CDP reconnection logic with dialUpstreamWithRetry - Dockerfiles: Hybrid approach - auto-detect ChromeDriver version with override option Key upstream improvements integrated: - CDP proxy reconnection on Chromium restart (kernel#189, kernel#191) - Improved fonts support (kernel#165) - Better error handling in devtools proxy - Updated dependency versions All conflicts resolved, go.sum regenerated, oapi.go regenerated.
2 parents baf1cf0 + 79a089d commit 95f2978

6 files changed

Lines changed: 897 additions & 26 deletions

File tree

images/chromium-headful/Dockerfile

Lines changed: 39 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -204,13 +204,42 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-ap
204204
wget \
205205
xdg-utils \
206206
libvulkan1 \
207+
fontconfig \
208+
unzip && \
209+
apt-get clean && rm -rf /var/lib/apt/lists/*
210+
211+
# Install fonts to match a realistic Ubuntu 22.04 desktop fingerprint.
212+
# A minimal container has only 3 fonts, which is a strong fingerprinting signal
213+
# used by reCAPTCHA Enterprise and other bot detection vendors.
214+
RUN apt-get update && \
215+
apt-get --no-install-recommends -y install \
207216
fonts-liberation \
217+
fonts-liberation2 \
208218
fonts-noto-cjk \
209219
fonts-noto-color-emoji \
220+
fonts-noto-core \
210221
fonts-nanum \
211-
fontconfig \
212-
unzip && \
213-
fc-cache -f
222+
fonts-dejavu-core \
223+
fonts-dejavu-extra \
224+
fonts-freefont-ttf \
225+
fonts-ubuntu \
226+
fonts-opensymbol \
227+
fonts-roboto \
228+
fonts-croscore \
229+
fonts-smc-chilanka \
230+
fonts-hosny-amiri \
231+
fonts-indic \
232+
fonts-kacst \
233+
fonts-khmeros-core \
234+
fonts-lao \
235+
fonts-lklug-sinhala \
236+
fonts-sil-abyssinica \
237+
fonts-sil-padauk \
238+
fonts-thai-tlwg \
239+
fonts-tibetan-machine \
240+
fonts-droid-fallback && \
241+
fc-cache -f && \
242+
apt-get clean && rm -rf /var/lib/apt/lists/*
214243

215244
# install ffmpeg manually since the version available in apt is from the 4.x branch due to #drama.
216245
COPY --from=ffmpeg-downloader /usr/local/bin/ffmpeg /usr/local/bin/ffmpeg
@@ -262,9 +291,14 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-ap
262291
apt --no-install-recommends -y install sqlite3;
263292

264293
# Install ChromeDriver matching the installed Chromium version
294+
# Chromedriver and Chromium are not necessarily the same version, but we try to match them.
295+
# Override with --build-arg CHROMEDRIVER_VERSION=x.x.x.x if needed.
296+
ARG CHROMEDRIVER_VERSION=
265297
RUN set -eux; \
266-
CHROMIUM_VERSION=$(chromium --version | awk '{print $2}'); \
267-
curl -fsSL "https://storage.googleapis.com/chrome-for-testing-public/${CHROMIUM_VERSION}/linux64/chromedriver-linux64.zip" -o /tmp/cd.zip; \
298+
if [ -z "$CHROMEDRIVER_VERSION" ]; then \
299+
CHROMEDRIVER_VERSION=$(chromium --version | awk '{print $2}'); \
300+
fi; \
301+
curl -fsSL "https://storage.googleapis.com/chrome-for-testing-public/${CHROMEDRIVER_VERSION}/linux64/chromedriver-linux64.zip" -o /tmp/cd.zip; \
268302
unzip /tmp/cd.zip -d /tmp; \
269303
mv /tmp/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver; \
270304
chmod +x /usr/local/bin/chromedriver; \

images/chromium-headless/image/Dockerfile

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -157,9 +157,14 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-ap
157157
apt-get --no-install-recommends -y install sqlite3 unzip;
158158

159159
# Install ChromeDriver matching the installed Chromium version
160+
# Chromedriver and Chromium are not necessarily the same version, but we try to match them.
161+
# Override with --build-arg CHROMEDRIVER_VERSION=x.x.x.x if needed.
162+
ARG CHROMEDRIVER_VERSION=
160163
RUN set -eux; \
161-
CHROMIUM_VERSION=$(chromium --version | awk '{print $2}'); \
162-
curl -fsSL "https://storage.googleapis.com/chrome-for-testing-public/${CHROMIUM_VERSION}/linux64/chromedriver-linux64.zip" -o /tmp/cd.zip; \
164+
if [ -z "$CHROMEDRIVER_VERSION" ]; then \
165+
CHROMEDRIVER_VERSION=$(chromium --version | awk '{print $2}'); \
166+
fi; \
167+
curl -fsSL "https://storage.googleapis.com/chrome-for-testing-public/${CHROMEDRIVER_VERSION}/linux64/chromedriver-linux64.zip" -o /tmp/cd.zip; \
163168
unzip /tmp/cd.zip -d /tmp; \
164169
mv /tmp/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver; \
165170
chmod +x /usr/local/bin/chromedriver; \

server/Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ $(OAPI_CODEGEN): | $(BIN_DIR)
1919
# 2. Run oapi-codegen with our config
2020
# 3. go mod tidy to pull deps
2121
oapi-generate: $(OAPI_CODEGEN)
22-
pnpm i -g @apiture/openapi-down-convert
22+
npm i -g @apiture/openapi-down-convert
2323
openapi-down-convert --input openapi.yaml --output openapi-3.0.yaml
2424
$(OAPI_CODEGEN) -config ./oapi-codegen.yaml ./openapi-3.0.yaml
2525
@echo "Fixing oapi-codegen issue https://github.com/oapi-codegen/oapi-codegen/issues/1764..."

0 commit comments

Comments
 (0)