Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
94 lines (93 sloc) 4.55 KB
<%# Pull in the base image. %>
FROM <%= @image %>
<%# Pass through proxy settings from Test Kitchen or the system. %>
<% http_proxy = @http_proxy || ENV['http_proxy'] || ENV['HTTP_PROXY'] %>
<% https_proxy = @https_proxy || ENV['https_proxy'] || ENV['HTTPS_PROXY'] %>
<% no_proxy = @no_proxy || ENV['no_proxy'] || ENV['NO_PROXY'] %>
<% if http_proxy %>
ENV http_proxy <%= http_proxy %>
ENV HTTP_PROXY <%= http_proxy %>
<% end %>
<% if https_proxy %>
ENV https_proxy <%= https_proxy %>
ENV HTTPS_PROXY <%= https_proxy %>
<% end %>
<% if no_proxy %>
ENV no_proxy <%= no_proxy %>
ENV NO_PROXY <%= no_proxy %>
<% end %>
<%# Per-platform initializations. %>
<% case @platform; when 'debian', 'ubuntu' %>
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update -o dockercachebust=<%= Date.today %> \
<% if @disable_upstart %>
&& dpkg-divert --local --rename --add /sbin/initctl \
&& ln -sf /bin/true /sbin/initctl \
<% end %>
&& apt-get install -y sudo openssh-server curl lsb-release net-tools rsync \
&& apt-get install -y iproute2 || true \ <%# Ubuntu 12.04 doesn't include iproute2 but newer OSes need it for ss (used for port checks). %>
<% when 'rhel', 'centos', 'fedora' %>
RUN yum clean all \
&& yum install -y sudo openssh-server openssh-clients which curl net-tools iproute rsync passwd yum-plugin-ovl \
<%# CentOS 7 does not install hostname by default, but EL6 has no hostname package. %>
&& yum install -y hostname || true \
&& ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' \
&& ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' \
<% when 'arch' %>
RUN pacman -Syu --noconfirm \
&& pacman -S --noconfirm openssh sudo curl \
&& ssh-keygen -A -t rsa -f /etc/ssh/ssh_host_rsa_key \
&& ssh-keygen -A -t dsa -f /etc/ssh/ssh_host_dsa_key \
<% when 'gentoo' %>
RUN emerge sync \
&& emerge net-misc/openssh app-admin/sudo \
&& ssh-keygen -A -t rsa -f /etc/ssh/ssh_host_rsa_key \
&& ssh-keygen -A -t dsa -f /etc/ssh/ssh_host_dsa_key \
<% when 'gentoo-paludis' %>
RUN cave sync \
&& cave resolve -zx net-misc/openssh app-admin/sudo \
&& ssh-keygen -A -t rsa -f /etc/ssh/ssh_host_rsa_key \
&& ssh-keygen -A -t dsa -f /etc/ssh/ssh_host_dsa_key \
<% when 'freebsd' %>
<%# SUPER UN-TESTED BULLSHIT %>
RUN echo "nameserver 8.8.8.8" >> /etc/resolv.conf \
&& env ASSUME_ALWAYS_YES=true pkg install sudo curl bash \
&& ssh-keygen -A -t rsa -f /etc/ssh/ssh_host_rsa_key \
&& ssh-keygen -A -t dsa -f /etc/ssh/ssh_host_dsa_key \
<% else %>
<%# Make sure we start off the RUN directive to match the others. %>
RUN true \
<% end %>
<%# Create the kitchen user, give it sudo, and create and authorized keys. %>
<% homedir = @username == 'root' ? '/root' : "/home/#{@username}" %>
&& if ! getent passwd <%= @username %>; then \
<% if @platform == 'freebsd' %>pw <% end %>useradd <%= @username %> -d <%= homedir %> -m -s /bin/<%= @platform == 'freebsd' ? 'csh' : 'bash' %>; \
fi \
<% if @password && !@password.empty? %>
&& echo <%= @username %>:<%= @password %> | chpasswd \
<% else %>
&& passwd -d <%= @username %> \
<% end %>
&& echo '<%= @username %> ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers \
&& mkdir -p /etc/sudoers.d \
&& echo '<%= @username %> ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers.d/<%= @username %> \
&& chmod 0440 /etc/sudoers.d/<%= @username %> \
&& mkdir -p <%= homedir %>/.ssh \
&& chown -R <%= @username %> <%= homedir %>/.ssh \
&& chmod 0700 <%= homedir %>/.ssh \
&& touch <%= homedir %>/.ssh/authorized_keys \
&& chown <%= @username %> <%= homedir %>/.ssh/authorized_keys \
&& chmod 0600 <%= homedir %>/.ssh/authorized_keys
<%# /RUN layer started in the platform initialization %>
<%# Install Chef and Test Kitchen-related gems. %>
RUN curl -L https://chef.io/chef/install.sh | bash -s --<%= ENV['POISE_MASTER_BUILD'] ? " -n -- #{Date.today}" : PoiseBoiler::Kitchen.instance.chef_version ? " -v #{PoiseBoiler::Kitchen.instance.chef_version}" : '' %> && \
env GEM_HOME=/tmp/verifier/gems GEM_PATH=/tmp/verifier/gems GEM_CACHE=/tmp/verifier/gems/cache /opt/chef/embedded/bin/gem install --no-rdoc --no-ri --bindir /tmp/verifier/bin busser busser-serverspec serverspec && \
env GEM_HOME=/tmp/verifier/gems GEM_PATH=/tmp/verifier/gems GEM_CACHE=/tmp/verifier/gems/cache /opt/chef/embedded/bin/gem install --no-rdoc --no-ri bundler && \
chown -R <%= @username %> /tmp/verifier
<%# Custom provisioning commands. %>
<% Array(@provision_command).each do |cmd| %>
RUN <%= cmd %>
<% end %>
<%# Write out the authorized_keys, this happens last because it breaks the
layer cache on each new test run. %>
RUN echo '<%= IO.read(@public_key).strip %>' >> <%= homedir %>/.ssh/authorized_keys
You can’t perform that action at this time.