A new workspace image for DTaaS.
We are still very much in the explorative phase. Everything that is working is subject to change.
Pre-built Docker images are available from:
- GitHub Container Registry:
ghcr.io/into-cps-association/workspace:latest - Docker Hub:
intocpsassociation/workspace:latest
You can pull the image directly:
# From GitHub Container Registry
docker pull ghcr.io/into-cps-association/workspace:latest
# From Docker Hub
docker pull intocpsassociation/workspace:latestIf you want to build the image locally instead of using pre-built images:
Either
Using plain docker command:
docker build -t workspace:latest -f Dockerfile .Or
using docker compose:
docker compose buildEither
Using plain docker command:
docker run -d --shm-size=512m \
-p 8080:8080\
-e MAIN_USER=dtaas-user --name workspace workspace:latest👉 You can change the MAIN_USER variable to any other username of your choice.
OR
using docker compose:
docker compose -f compose.yml up -dAn active container provides the following services :warning: please remember to change dtaas-user to the username chosen in the previous command
- Open workspace - http://localhost:8080/dtaas-user/tools/vnc?path=dtaas-user%2Ftools%2Fvnc%2Fwebsockify
- Open VSCode - http://localhost:8080/dtaas-user/tools/vscode
- Open Jupyter Notebook - http://localhost:8080
- Open Jupyter Lab - http://localhost:8080/dtaas-user/lab
Either
Using plain docker command:
docker stop workspace
docker rm workspaceOr
using docker compose:
docker compose -f compose.yml downThis workspace supports multiple deployment configurations depending on your needs:
File: compose.yml
Use case: Local development, single user
Features: Basic workspace without reverse proxy
Documentation: See sections above
File: compose.traefik.yml
Use case: Multi-user development/testing without authentication
Features: Traefik reverse proxy, multiple workspaces
Documentation: TRAEFIK.md
File: compose.traefik.secure.yml
Use case: Development/testing with OAuth2 authentication
Features: Traefik reverse proxy, OAuth2 authentication, HTTP only
Documentation: TRAEFIK_TLS.md
File: compose.traefik.secure.tls.yml
Use case: Production deployment with full security
Features: Traefik reverse proxy, OAuth2 authentication, TLS/HTTPS
Documentation: TRAEFIK_TLS.md
Choose the configuration that best matches your deployment requirements.
| Feature | compose.yml | compose.traefik.yml | compose.traefik.secure.yml | compose.traefik.secure.tls.yml |
|---|---|---|---|---|
| Reverse Proxy | ❌ | ✅ | ✅ | ✅ |
| Multi-user | ❌ | ✅ | ✅ | ✅ |
| OAuth2 Auth | ❌ | ❌ | ✅ | ✅ |
| TLS/HTTPS | ❌ | ❌ | ❌ | ✅ |
| Production Ready | ❌ | ❌ | ❌ | ✅ |
| Use Case | Local dev | Multi-user dev | Secure dev/test | Production |
For information about publishing Docker images to registries, see PUBLISHING.md.
This project enforces strict code quality checks via GitHub Actions:
- Dockerfile: Linted with hadolint - all errors must be fixed
- Shell scripts: Checked with shellcheck - all warnings must be addressed
- Python scripts: Linted with flake8 and pylint - all errors must be resolved
- YAML files: Validated with yamllint - all issues must be corrected
- Markdown files: Checked with markdownlint - all style violations must be fixed
All quality checks must pass before code can be merged. The workflows will fail if any linting errors are detected.
Linting behavior is configured through:
.shellcheckrc- shellcheck configuration.pylintrc- pylint configuration.yamllint.yml- yamllint configuration.markdownlint.yaml- markdownlint configuration