Merge pull request #12 from dduportal/master

Batch of updates for the image
jenkinsci · Mar 30, 2017 · 8633848 · 8633848
2 parents 0375772 + 41aafca
commit 8633848
Show file tree

Hide file tree

Showing 8 changed files with 73 additions and 43 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,6 @@
+tests
+README.md
+.git
+.gitignore
+.gitattributes
+.DS_Store
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,2 @@
+# Force checkout as Unix endline style
+text eol=lf
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+.DS_Store
diff --git a/Dockerfile b/Dockerfile
@@ -20,24 +20,34 @@
 #  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 #  THE SOFTWARE.
 
-FROM java:8-jdk
-MAINTAINER Nicolas De Loof <[email protected]>
+FROM openjdk:8-jdk
+LABEL MAINTAINER="Nicolas De Loof <[email protected]>"
 
-ENV HOME /home/jenkins
-RUN useradd -c "Jenkins user" -d $HOME -m jenkins
+ARG user=jenkins
+ARG group=jenkins
+ARG uid=1000
+ARG gid=1000
+ARG JENKINS_AGENT_HOME=/home/${user}
 
-RUN curl --create-dirs -sSLo /usr/share/jenkins/slave.jar http://repo.jenkins-ci.org/public/org/jenkins-ci/main/remoting/2.52/remoting-2.52.jar \
-  && chmod 755 /usr/share/jenkins \
-  && chmod 644 /usr/share/jenkins/slave.jar 
+ENV JENKINS_AGENT_HOME ${JENKINS_AGENT_HOME}
 
-VOLUME /home/jenkins
-WORKDIR /home/jenkins
+RUN groupadd -g ${gid} ${group} \
+    && useradd -d "${JENKINS_AGENT_HOME}" -u "${uid}" -g "${gid}" -m -s /bin/bash "${user}"
 
 # setup SSH server
-RUN apt-get update && apt-get install -y openssh-server
-RUN sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
+RUN apt-get update \
+    && apt-get install --no-install-recommends -y openssh-server \
+    && apt-get clean
+RUN sed -i 's/#PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
+RUN sed -i 's/#RSAAuthentication.*/RSAAuthentication yes/' /etc/ssh/sshd_config
+RUN sed -i 's/#PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config
+RUN sed -i 's/#SyslogFacility.*/SyslogFacility AUTH/' /etc/ssh/sshd_config
+RUN sed -i 's/#LogLevel.*/LogLevel INFO/' /etc/ssh/sshd_config
 RUN mkdir /var/run/sshd
 
+VOLUME "${JENKINS_AGENT_HOME}" "/tmp" "/run" "/var/run"
+WORKDIR "${JENKINS_AGENT_HOME}"
+
 COPY setup-sshd /usr/local/bin/setup-sshd
 
 EXPOSE 22

diff --git a/README.md b/README.md
@@ -10,7 +10,9 @@ See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Dis
 
 To run a Docker container
 
-    docker run jenkinsci/ssh-slave "<public key>"
+```bash
+docker run jenkinsci/ssh-slave "<public key>"
+```
 
 You'll then be able to connect this slave using ssh-slaves-plugin as "jenkins" with the matching private key.
 
@@ -24,4 +26,3 @@ In _Environment_ field of the Docker Template (advanced section), just add:
     JENKINS_SLAVE_SSH_PUBKEY=<YOUR PUBLIC SSH KEY HERE>
 
 Don't put quotes around the public key. You should be all set.
-
diff --git a/setup-sshd b/setup-sshd
@@ -1,5 +1,7 @@
 #!/bin/bash
 
+set -ex
+
 # The MIT License
 #
 #  Copyright (c) 2015, CloudBees, Inc.
@@ -28,10 +30,10 @@
 #  docker run -e "JENKINS_SLAVE_SSH_PUBKEY=<public key>" jenkinsci/ssh-slave
 
 write_key() {
-	mkdir -p /home/jenkins/.ssh
-	echo "$1" > /home/jenkins/.ssh/authorized_keys
-	chown -Rf jenkins:jenkins /home/jenkins/.ssh
-	chmod 0700 -R /home/jenkins/.ssh
+	mkdir -p "${JENKINS_AGENT_HOME}/.ssh"
+	echo "$1" > "${JENKINS_AGENT_HOME}/.ssh/authorized_keys"
+	chown -Rf jenkins:jenkins "${JENKINS_AGENT_HOME}/.ssh"
+	chmod 0700 -R "${JENKINS_AGENT_HOME}/.ssh"
 }
 
 if [[ $JENKINS_SLAVE_SSH_PUBKEY == ssh-* ]]; then
@@ -45,5 +47,5 @@ if [[ $# -gt 0 ]]; then
     exec "$@"
   fi
 fi
-exec /usr/sbin/sshd -D $@
-
+ssh-keygen -A
+exec /usr/sbin/sshd -D -e "${@}"
diff --git a/tests/test_helpers.bash b/tests/test_helpers.bash
@@ -1,3 +1,5 @@
+#!/bin/bash -exu
+
 
 # check dependencies
 (
@@ -33,7 +35,7 @@ function retry {
         sleep $delay
     done
 
-    echo "Command \"$@\" failed $attempts times. Status: $status. Output: $output" 
+    echo "Command \"$@\" failed $attempts times. Status: $status. Output: $output"
     false
 }
 

diff --git a/tests/tests.bats b/tests/tests.bats
@@ -7,22 +7,37 @@ load test_helpers
 load keys
 
 @test "build image" {
-	cd "$BATS_TEST_DIRNAME"/..
-	docker build -t $SUT_IMAGE .
+	cd "${BATS_TEST_DIRNAME}"/.. || false
+	docker build -t "${SUT_IMAGE}" .
+}
+
+@test "checking image metadatas" {
+	local VOLUMES_MAP="$(docker inspect -f '{{.Config.Volumes}}' ${SUT_IMAGE})"
+	echo "${VOLUMES_MAP}" | grep '/tmp'
+	echo "${VOLUMES_MAP}" | grep '/home/jenkins'
+	echo "${VOLUMES_MAP}" | grep '/run'
+	echo "${VOLUMES_MAP}" | grep '/var/run'
 }
 
 @test "clean test container" {
-	docker kill $SUT_CONTAINER &>/dev/null ||:
-	docker rm -fv $SUT_CONTAINER &>/dev/null ||:
+	docker kill "${SUT_CONTAINER}" &>/dev/null ||:
+	docker rm -fv "${SUT_CONTAINER}" &>/dev/null ||:
 }
 
 @test "create slave container" {
-	docker run -d --name $SUT_CONTAINER -P $SUT_IMAGE "$PUBLIC_SSH_KEY"
+	docker run -d --name "${SUT_CONTAINER}" -P $SUT_IMAGE "$PUBLIC_SSH_KEY"
+}
+
+@test "image has bash and java installed and in the PATH" {
+	docker exec "${SUT_CONTAINER}" which bash
+	docker exec "${SUT_CONTAINER}" bash --version
+	docker exec "${SUT_CONTAINER}" which java
+	docker exec "${SUT_CONTAINER}" java -version
 }
 
 @test "slave container is running" {
 	sleep 1  # give time to sshd to eventually fail to initialize
-	retry 3 1 assert "true" docker inspect -f {{.State.Running}} $SUT_CONTAINER
+	retry 3 1 assert "true" docker inspect -f {{.State.Running}} "${SUT_CONTAINER}"
 }
 
 @test "connection with ssh + private key" {
@@ -36,19 +51,6 @@ load keys
 		)
 }
 
-@test "slave.jar can be executed" {
-	run_through_ssh java -jar /usr/share/jenkins/slave.jar --help
-
-	[ "$status" = "0" ] \
-		&& [ "${lines[0]}" = '"--help" is not a valid option' ] \
-		&& [ "${lines[1]}" = 'java -jar slave.jar [options...]' ] \
-		|| (\
-			echo "status: $status"; \
-			echo "output: $output"; \
-			false \
-		)
-}
-
 # run a given command through ssh on the test container.
 # Use the $status, $output and $lines variables to make assertions
 function run_through_ssh {
@@ -75,17 +77,17 @@ function run_through_ssh {
 }
 
 @test "clean test container" {
-	docker kill $SUT_CONTAINER &>/dev/null ||:
-	docker rm -fv $SUT_CONTAINER &>/dev/null ||:
+	docker kill "${SUT_CONTAINER}" &>/dev/null ||:
+	docker rm -fv "${SUT_CONTAINER}" &>/dev/null ||:
 }
 
 @test "create slave container with pubkey as environment variable" {
-	docker run -e "JENKINS_SLAVE_SSH_PUBKEY=$PUBLIC_SSH_KEY" -d --name $SUT_CONTAINER -P $SUT_IMAGE
+	docker run -e "JENKINS_SLAVE_SSH_PUBKEY=$PUBLIC_SSH_KEY" -d --name "${SUT_CONTAINER}" -P $SUT_IMAGE
 }
 
 @test "slave container is running" {
 	sleep 1  # give time to sshd to eventually fail to initialize
-	retry 3 1 assert "true" docker inspect -f {{.State.Running}} $SUT_CONTAINER
+	retry 3 1 assert "true" docker inspect -f {{.State.Running}} "${SUT_CONTAINER}"
 }
 
 @test "connection with ssh + private key" {
@@ -99,3 +101,7 @@ function run_through_ssh {
 		)
 }
 
+@test "clean test container" {
+	docker kill "${SUT_CONTAINER}" &>/dev/null ||:
+	docker rm -fv "${SUT_CONTAINER}" &>/dev/null ||:
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# Force checkout as Unix endline style
		text eol=lf