Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ability to override ubuntu:18.04 #527

Merged
merged 10 commits into from
May 10, 2019
Merged

Ability to override ubuntu:18.04 #527

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
4f65f0a
build-arg to define base-image, fix locale for Debian
matyasmarkovics Mar 12, 2019
089258a
if both NAME and BASE_IMAGE are defined, don't append variant to base…
matyasmarkovics Mar 13, 2019
9d29b23
exclude mounts (e.g.: /proc) from cleanup
matyasmarkovics Mar 13, 2019
17a737f
remove interactive and TTY flags when Enabling SSH in test
matyasmarkovics Mar 13, 2019
ad88ec9
ssh by IP in test; verbose SSH into container
matyasmarkovics Mar 13, 2019
4a3476b
send tests over in ssh, instead of mounting them
matyasmarkovics Mar 13, 2019
6d6395c
invoke make from travis
matyasmarkovics Mar 13, 2019
36bd411
Default to ubuntu BASE_IMAGE in Dockerfile, modify make to only add -…
matyasmarkovics Apr 8, 2019
89597c5
Use tools/docker-ssh in make ssh and in test/runner.sh to connect to …
matyasmarkovics Apr 8, 2019
d616b3b
fix for 'ttyname failed: Inappropriate ioctl for device' during make …
matyasmarkovics Apr 17, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,7 @@ env:
- VERSION=${TRAVIS_BRANCH}

script:
- docker build -t ${NAME}:${VERSION} --rm image
- env NAME=${NAME} VERSION=${VERSION} ./test/runner.sh
- make build test

after_success:
- docker login -u "${DOCKER_USERNAME}" -p "${DOCKER_PASSWORD}";
Expand Down
23 changes: 16 additions & 7 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,19 @@
NAME = phusion/baseimage
VERSION = 0.11
ifndef BASE_IMAGE
BASE_IMAGE = ubuntu:18.04
NAME ?= phusion/baseimage
else ifdef NAME
else
NAME = phusion/baseimage-$(subst :,-,${BASE_IMAGE})
endif
VERSION ?= 0.11


.PHONY: all build test tag_latest release ssh

all: build

build:
docker build -t $(NAME):$(VERSION) --rm image
docker build -t $(NAME):$(VERSION) --build-arg BASE_IMAGE=$(BASE_IMAGE) --rm image

test:
env NAME=$(NAME) VERSION=$(VERSION) ./test/runner.sh
Expand All @@ -19,13 +26,15 @@ release: test tag_latest
docker push $(NAME)
@echo "*** Don't forget to create a tag by creating an official GitHub release."

ssh: SSH_COMMAND?=
ssh: SSH_IDENTITY_FILE?=image/services/sshd/keys/insecure_key
ssh:
chmod 600 image/services/sshd/keys/insecure_key
@ID=$$(docker ps | grep -F "$(NAME):$(VERSION)" | awk '{ print $$1 }') && \
chmod 600 ${SSH_IDENTITY_FILE}
ID=$$(docker ps | grep -F "$(NAME):$(VERSION)" | awk '{ print $$1 }') && \
if test "$$ID" = ""; then echo "Container is not running."; exit 1; fi && \
IP=$$(docker inspect $$ID | grep IPAddr | sed 's/.*: "//; s/".*//') && \
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably docker version dependent, but the sed substitution wasn't giving the expected output, so I've found out how the do the same with docker itself.

IP=$$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' $$ID) && \
echo "SSHing into $$IP" && \
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i image/services/sshd/keys/insecure_key root@$$IP
ssh -v -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ${SSH_IDENTITY_FILE} root@$$IP ${SSH_COMMAND}

test_release:
echo test_release
Expand Down
3 changes: 2 additions & 1 deletion image/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
FROM ubuntu:18.04
ARG BASE_IMAGE
FROM $BASE_IMAGE
MAINTAINER Phusion <[email protected]>

COPY . /bd_build
Expand Down
4 changes: 2 additions & 2 deletions image/cleanup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ rm -rf /tmp/* /var/tmp/*
rm -rf /var/lib/apt/lists/*

# clean up python bytecode
find / -name *.pyc -delete
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I remember getting plenty of "permission denied" errors here as find was trying to traverse into /proc and /sysfolders.

find / -name *__pycache__* -delete
find / -mount -name *.pyc -delete
find / -mount -name *__pycache__* -delete

rm -f /etc/ssh/ssh_host_*
11 changes: 10 additions & 1 deletion image/prepare.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,16 @@ $minimal_apt_get_install software-properties-common
apt-get dist-upgrade -y --no-install-recommends -o Dpkg::Options::="--force-confold"

## Fix locale.
$minimal_apt_get_install language-pack-en
case $(lsb_release -is) in
Ubuntu)
$minimal_apt_get_install language-pack-en
;;
Debian)
$minimal_apt_get_install locales locales-all
;;
*)
;;
esac
locale-gen en_US
update-locale LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8
echo -n en_US.UTF-8 > /etc/container_environment/LANG
Expand Down
16 changes: 7 additions & 9 deletions test/runner.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,8 @@ function cleanup()
docker rm $ID >/dev/null
}

PWD=`pwd`

echo " --> Starting insecure container"
ID=`docker run -d -p 22 -v $PWD/test:/test $NAME:$VERSION /sbin/my_init --enable-insecure-key`
ID=`docker run -d -p 22 $NAME:$VERSION /sbin/my_init --enable-insecure-key`
sleep 1

echo " --> Obtaining SSH port number"
Expand All @@ -29,14 +27,14 @@ fi
trap cleanup EXIT

echo " --> Enabling SSH in the container"
docker exec -t -i $ID /etc/my_init.d/00_regen_ssh_host_keys.sh -f
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Neither of these commands need input, so in that sense they don't need to be interactive nor should they expect their input to be a terminal. I wouldn't bother, but I was getting an error on this lines, suggesting to remove at least one of -i or '-t'. I've googled around and found a pretty good explanation: https://stackoverflow.com/a/54254380 and realised both could be removed.

docker exec -t -i $ID rm /etc/service/sshd/down
docker exec -t -i $ID sv start /etc/service/sshd
docker exec $ID /etc/my_init.d/00_regen_ssh_host_keys.sh -f
docker exec $ID rm /etc/service/sshd/down
docker exec $ID sv start /etc/service/sshd
sleep 1

echo " --> Logging into container and running tests"
cp image/services/sshd/keys/insecure_key /tmp/insecure_key
chmod 600 /tmp/insecure_key
sleep 1 # Give container some more time to start up.
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /tmp/insecure_key -p $SSHPORT [email protected] \
Copy link
Contributor Author

@matyasmarkovics matyasmarkovics Mar 31, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I could not connect using localhost, only with the containers' IP. I wanted to remove duplication between these lines and the ssh target in Makefile. Apparently, I've "reverted" someone's contribution though: 2f0e1ad#diff-2c0426df66e885ae0431057d1c516e62

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm actually more interested in line 38 and 39, what effect will result when insecure_key isn't copied into the container, or if it will have any effect on the tests.

It looks like there is a new error raised during the make test:

Warning: Permanently added '[127.0.0.1]:32768' (ECDSA) to the list of known hosts.
mesg: ttyname failed: Inappropriate ioctl for device

This is the only strange thing I found that looks wrong. I wonder if it's related to removing -t -i setting.

/bin/bash /test/test.sh
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
NAME=$NAME VERSION=$VERSION SSH_IDENTITY_FILE=/tmp/insecure_key \
SSH_COMMAND="'/bin/bash -s' < $DIR/test.sh" make ssh