lib/kitchen/driver/docker.rb in kitchen-docker-2.3.0 vs lib/kitchen/driver/docker.rb in kitchen-docker-2.4.0
- old
+ new
@@ -68,10 +68,12 @@
default_config :build_context do |driver|
!driver.remote_socket?
end
+ MUTEX_FOR_SSH_KEYS = Mutex.new
+
def verify_dependencies
run_command("#{config[:binary]} >> #{dev_null} 2>&1", :quiet => true)
rescue
raise UserError,
'You must first install the Docker CLI tool http://www.docker.io/gettingstarted/'
@@ -135,27 +137,46 @@
docker << " --tlskey=#{config[:tls_key]}" if config[:tls_key]
run_command("#{docker} #{cmd}", options.merge(:quiet => !logger.debug?))
end
def generate_keys
- if !File.exist?(config[:public_key]) || !File.exist?(config[:private_key])
- private_key = OpenSSL::PKey::RSA.new(2048)
- blobbed_key = Base64.encode64(private_key.to_blob).gsub("\n", '')
- public_key = "ssh-rsa #{blobbed_key} kitchen_docker_key"
- File.open(config[:private_key], 'w') do |file|
- file.write(private_key)
- file.chmod(0600)
+ MUTEX_FOR_SSH_KEYS.synchronize do
+ if !File.exist?(config[:public_key]) || !File.exist?(config[:private_key])
+ private_key = OpenSSL::PKey::RSA.new(2048)
+ blobbed_key = Base64.encode64(private_key.to_blob).gsub("\n", '')
+ public_key = "ssh-rsa #{blobbed_key} kitchen_docker_key"
+ File.open(config[:private_key], 'w') do |file|
+ file.write(private_key)
+ file.chmod(0600)
+ end
+ File.open(config[:public_key], 'w') do |file|
+ file.write(public_key)
+ file.chmod(0600)
+ end
end
- File.open(config[:public_key], 'w') do |file|
- file.write(public_key)
- file.chmod(0600)
- end
end
end
def build_dockerfile
from = "FROM #{config[:image]}"
+
+ env_variables = ''
+ if config[:http_proxy]
+ env_variables << "ENV http_proxy #{config[:http_proxy]}\n"
+ env_variables << "ENV HTTP_PROXY #{config[:http_proxy]}\n"
+ end
+
+ if config[:https_proxy]
+ env_variables << "ENV https_proxy #{config[:https_proxy]}\n"
+ env_variables << "ENV HTTPS_PROXY #{config[:https_proxy]}\n"
+ end
+
+ if config[:no_proxy]
+ env_variables << "ENV no_proxy #{config[:no_proxy]}\n"
+ env_variables << "ENV NO_PROXY #{config[:no_proxy]}\n"
+ end
+
platform = case config[:platform]
when 'debian', 'ubuntu'
disable_upstart = <<-eos
RUN dpkg-divert --local --rename --add /sbin/initctl
RUN ln -sf /bin/true /sbin/initctl
@@ -166,10 +187,11 @@
RUN apt-get install -y sudo openssh-server curl lsb-release
eos
config[:disable_upstart] ? disable_upstart + packages : packages
when 'rhel', 'centos', 'fedora'
<<-eos
+ ENV container docker
RUN yum clean all
RUN yum install -y sudo openssh-server openssh-clients which curl
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
eos
@@ -199,31 +221,36 @@
"Unknown platform '#{config[:platform]}'"
end
username = config[:username]
password = config[:password]
- public_key = IO.read(config[:public_key])
+ public_key = IO.read(config[:public_key]).strip
+ homedir = username == 'root' ? '/root' : "/home/#{username}"
base = <<-eos
- RUN if ! getent passwd #{username}; then useradd -d /home/#{username} -m -s /bin/bash #{username}; fi
+ RUN if ! getent passwd #{username}; then \
+ useradd -d #{homedir} -m -s /bin/bash #{username}; \
+ fi
RUN echo #{username}:#{password} | chpasswd
RUN echo '#{username} ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
RUN mkdir -p /etc/sudoers.d
RUN echo '#{username} ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers.d/#{username}
RUN chmod 0440 /etc/sudoers.d/#{username}
- RUN [ ! -d /home/#{username}/.ssh ] && mkdir /home/#{username}/.ssh
- RUN chown -R #{username} /home/#{username}/.ssh
- RUN chmod 0700 /home/#{username}/.ssh
- RUN echo '#{public_key}' >> /home/#{username}/.ssh/authorized_keys
- RUN chown #{username} /home/#{username}/.ssh/authorized_keys
- RUN chmod 0600 /home/#{username}/.ssh/authorized_keys
+ RUN mkdir -p #{homedir}/.ssh
+ RUN chown -R #{username} #{homedir}/.ssh
+ RUN chmod 0700 #{homedir}/.ssh
+ RUN touch #{homedir}/.ssh/authorized_keys
+ RUN chown #{username} #{homedir}/.ssh/authorized_keys
+ RUN chmod 0600 #{homedir}/.ssh/authorized_keys
eos
custom = ''
Array(config[:provision_command]).each do |cmd|
custom << "RUN #{cmd}\n"
end
- [from, platform, base, custom].join("\n")
+ ssh_key = "RUN echo '#{public_key}' >> #{homedir}/.ssh/authorized_keys"
+ # Empty string to ensure the file ends with a newline.
+ [from, env_variables, platform, base, custom, ssh_key, ''].join("\n")
end
def dockerfile
if config[:dockerfile]
template = IO.read(File.expand_path(config[:dockerfile]))
@@ -247,14 +274,18 @@
def build_image(state)
cmd = "build"
cmd << " --no-cache" unless config[:use_cache]
dockerfile_contents = dockerfile
build_context = config[:build_context] ? '.' : '-'
- output = Tempfile.create('Dockerfile-kitchen-', Dir.pwd) do |file|
- file.write(dockerfile_contents)
+ file = Tempfile.new('Dockerfile-kitchen', Dir.pwd)
+ output = begin
+ file.write(dockerfile)
file.close
docker_command("#{cmd} -f #{file.path} #{build_context}", :input => dockerfile_contents)
+ ensure
+ file.close unless file.closed?
+ file.unlink
end
parse_image_id(output)
end
def parse_container_id(output)
@@ -320,10 +351,10 @@
end
end
def rm_container(state)
container_id = state[:container_id]
- docker_command("stop #{container_id}")
+ docker_command("stop -t 0 #{container_id}")
docker_command("rm #{container_id}")
end
def rm_image(state)
image_id = state[:image_id]