# lib_apt.sh - Docker build script apt library.
# For import only.
-# Copyright (c) 2020 Cisco and/or its affiliates.
+# Copyright (c) 2023 Cisco and/or its affiliates.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
alias lib_apt_imported=true
export CIMAN_DOCKER_SCRIPTS=${CIMAN_DOCKER_SCRIPTS:-"$(dirname $BASH_SOURCE)"}
-. $CIMAN_DOCKER_SCRIPTS/lib_common.sh
+. "$CIMAN_DOCKER_SCRIPTS/lib_common.sh"
+. "$CIMAN_DOCKER_SCRIPTS/lib_csit.sh"
dump_apt_package_list() {
branchname="$(echo $branch | sed -e 's,/,_,')"
--allow-change-held-packages $@
}
-apt_install_docker_os_package_dependancies() {
- # Assumes 'apt-get update -q' has aready been run.
- apt_install_packages \
- apt-transport-https \
- ca-certificates \
- curl \
- gnupg-agent \
- software-properties-common
-}
-
-# Used for older OS distro's which are incompatible
-# with modern distro cmake vesrion
-apt_override_cmake_install_with_pip3_version() {
- local os_cmake="/usr/bin/cmake"
- local os_cmake_ver="$($os_cmake --version | head -1)"
- local pip3_cmake="/usr/local/bin/cmake"
-
- python3 -m pip install --disable-pip-version-check cmake || true
- local pip3_cmake_ver="$($pip3_cmake --version | head -1)"
- echo_log "Overriding $OS_NAME '$os_cmake_ver' with '$pip3_cmake_ver'!"
- sudo apt-get remove -y cmake --autoremove || true
- update-alternatives --quiet --remove-all cmake || true
- update-alternatives --quiet --install $os_cmake cmake $pip3_cmake 100
- echo_log "Default cmake ($(which cmake)) version: '$(cmake --version | head -1)'!"
-}
-
-apt_install_docker() {
- local apt_docker_gpg_key_file=$1
- apt-key add $apt_docker_gpg_key_file
- add-apt-repository "deb [arch=$DEB_ARCH] \
- https://download.docker.com/linux/$OS_ID \
- $(lsb_release -cs) stable"
- apt-get update -q
- apt_install_packages -y -qq docker-ce docker-ce-cli containerd.io
- rm -rf $DOCKER_GPG_KEY_DIR
-}
+generate_apt_dockerfile_common() {
+ local executor_class="$1"
+ local executor_image="$2"
+ local dpkg_arch="$(dpkg --print-architecture)"
-generate_apt_dockerfile() {
- local executor_os_name=$1
- local from_image=$2
- local executor_image=$3
- local vpp_install_skip_sysctl_envvar="";
-
- if grep -q debian-9 <<<$executor_os_name ; then
- # Workaround to VPP package installation failure on debian-9
- vpp_install_skip_sysctl_envvar="ENV VPP_INSTALL_SKIP_SYSCTL=1"
- fi
- cat <<EOF >$DOCKERIGNOREFILE
-**/__pycache__
-*.pyc
-EOF
- cat <<EOF >$DOCKERFILE
-FROM $from_image AS executor-image
-LABEL Description="FD.io CI executor docker image for $executor_os_name/$OS_ARCH"
-LABEL Vendor="fd.io"
-LABEL Version="$DOCKER_TAG"
+ cat <<EOF >>"$DOCKERFILE"
# Create download dir to cache external tarballs
WORKDIR $DOCKER_DOWNLOADS_DIR
COPY . .
# Build Environment Variables
-ENV DEBIAN_FRONTEND=noninteractive
-ENV FDIOTOOLS_IMAGE=$executor_image
-ENV LC_ALL=C.UTF-8
+ENV DEBIAN_FRONTEND="noninteractive"
+ENV FDIOTOOLS_IMAGE="$executor_image"
+ENV FDIOTOOLS_EXECUTOR_CLASS="$executor_class"
ENV CIMAN_ROOT="$DOCKER_CIMAN_ROOT"
-ENV PATH=$PATH:$DOCKER_CIMAN_ROOT/docker/scripts
+ENV PATH="\$PATH:$DOCKER_CIMAN_ROOT/docker/scripts"
+
+# Configure locales
+RUN apt-get update -qq \\
+ && apt-get install -y \\
+ apt-utils \\
+ locales \\
+ && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \\
+ && locale-gen en_US.UTF-8 \\
+ && dpkg-reconfigure --frontend=noninteractive locales \\
+ && update-locale LANG=en_US.UTF-8 \\
+ && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/\$TZ /etc/localtime && echo \$TZ > /etc/timezone \\
+ && rm -r /var/lib/apt/lists/*
+ENV LANG="en_US.UTF-8" LANGUAGE="en_US" LC_ALL="en_US.UTF-8"
# Install baseline packages (minimum build & utils).
#
# ci-management global-jjb requirements:
-# facter
-# python3-pip
-# python3-venv
-# for lftools:
-# xmlstarlet
-# from global-jjb/packer/provision/baseline.sh:
-# unzip
-# xz-utils
-# puppet
-# git
-# git-review
-# libxml2-dev
-# libxml-xpath-perl
-# libxslt-dev
-# make
-# wget
-# jq
+# facter
+# python3-pip
+# python3-venv
+# for lftools:
+# xmlstarlet
+# libxml2-dev
+# libxslt-dev
+# from packer/provision/baseline.sh:
+# unzip
+# xz-utils
+# git
+# git-review
+# libxml2-dev
+# libxml-xpath-perl
+# libxslt-dev
+# make
+# wget
+# jq
#
# Python build from source requirements:
-# build-essential
+# build-essential
#
-# TODO: Fix broken project requirement install targets
+# TODO: Fix broken project requirement install targets
+# graphviz for doxygen (HICN)
+# doxygen for doxygen (HICN)
+# libffi-dev for python cffi install (Ubuntu20.04/VPP/aarch64)
+# liblapack-dev for python numpy/scipy (CSIT/aarch64)
+# libopenblas-dev for python numpy/scipy (CSIT/aarch64)
+# libpcap-dev for python pypcap install (CSIT)
+# sshpass for CSIT jobs
#
-# graphviz for 'make bootstrap-doxygen' (VPP)
-# doxygen for 'make doxygen' (VPP)
-# enchant for 'make docs' (VPP)
-# libffi-dev for python cffi install (Ubuntu20.04/VPP/aarch64)
-# liblapack-dev for python numpy/scipy (CSIT/aarch64)
-# libopenblas-dev for python numpy/scipy (CSIT/aarch64)
-# libpcap-dev for python pypcap install (CSIT)
+RUN apt-get update -qq \\
+ && apt-get install -y \\
+ apt-transport-https \\
+ curl \\
+ ca-certificates \\
+ default-jdk \\
+ default-jre \\
+ dnsutils \\
+ doxygen \\
+ emacs \\
+ facter \\
+ gawk \\
+ gdb \\
+ gfortran \\
+ git \\
+ git-review \\
+ gnupg-agent \\
+ graphviz \\
+ iproute2 \\
+ iputils-clockdiff \\
+ iputils-ping \\
+ iputils-tracepath \\
+ jq \\
+ libffi-dev \\
+ liblapack-dev \\
+ libopenblas-dev \\
+ libpcap-dev \\
+ libxml-xpath-perl \\
+ make \\
+ python3-pip \\
+ python3-venv \\
+ rsync \\
+ ruby-dev \\
+ software-properties-common \\
+ sshpass \\
+ sysstat \\
+ sudo \\
+ traceroute \\
+ tree \\
+ vim \\
+ wget \\
+ xmlstarlet \\
+ xz-utils \\
+ && curl -L https://packagecloud.io/fdio/master/gpgkey | apt-key add - \\
+ && curl -s https://packagecloud.io/install/repositories/fdio/master/script.deb.sh | bash \\
+ && rm -r /var/lib/apt/lists/*
+
+# Install terraform for CSIT
#
-RUN apt-get update -q \\
- && apt-get install -y -qq \\
- apt-utils \\
- default-jdk \\
- default-jre \\
- doxygen \\
- enchant \\
- emacs \\
- facter \\
- gawk \\
- gfortran \\
- git \\
- git-review \\
- graphviz \\
- iproute2 \\
- iputils-clockdiff \\
- iputils-ping \\
- iputils-tracepath \\
- jq \\
- libffi-dev \\
- liblapack-dev \\
- libopenblas-dev \\
- libpcap-dev \\
- libxml2-dev \\
- libxml-xpath-perl \\
- libxslt-dev \\
- make \\
- python3-pip \\
- python3-venv \\
- rsync \\
- ruby-dev \\
- sudo \\
- traceroute \\
- tree \\
- vim \\
- wget \\
- xmlstarlet \\
- xz-utils \\
- && rm -r /var/lib/apt/lists/*
+RUN wget https://releases.hashicorp.com/terraform/1.7.3/terraform_1.7.3_linux_$dpkg_arch.zip \\
+ && unzip terraform_1.7.3_linux_$dpkg_arch.zip \\
+ && mv terraform /usr/bin \\
+ && rm -f terraform_1.7.3_linux_$dpkg_arch.zip
# Install packages for all project branches
#
-RUN apt-get update -q \\
- && dbld_install_docker.sh \\
- && dbld_vpp_install_packages.sh \\
- && dbld_csit_install_packages.sh \\
- && dbld_lfit_requirements.sh \\
- && rm -r /var/lib/apt/lists/*
+RUN apt-get update -qq \\
+ && dbld_vpp_install_packages.sh \\
+ && dbld_csit_install_packages.sh \\
+ && rm -r /var/lib/apt/lists/*
+EOF
+}
+
+generate_apt_dockerfile_clean() {
+ cat <<EOF >>"$DOCKERFILE"
+
+# Clean up copy-in build tree
+RUN dbld_dump_build_logs.sh \\
+ && rm -rf "/tmp/*" "$DOCKER_BUILD_FILES_DIR" "/root/.ccache"
+EOF
+}
+
+# Generate 'builder' class apt dockerfile
+builder_generate_apt_dockerfile() {
+ local executor_class="$1"
+ local executor_os_name="$2"
+ local executor_image="$3"
+ local vpp_install_skip_sysctl_envvar="";
+
+ generate_apt_dockerfile_common $executor_class $executor_image
+ csit_builder_generate_docker_build_files
+ cat <<EOF >>"$DOCKERFILE"
+
+# Install LF-IT requirements
+ENV LF_VENV="/root/lf-venv"
+RUN apt-get update -qq \\
+ && dbld_lfit_requirements.sh \\
+ && rm -r /var/lib/apt/lists/*
+
+# Install packagecloud requirements
+RUN gem install rake package_cloud \\
+ && curl -s https://packagecloud.io/install/repositories/fdio/master/script.deb.sh | bash
+
+# Install CSIT ssh requirements
+# TODO: Verify why badkey is required & figure out how to avoid it.
+COPY files/badkey /root/.ssh/id_rsa
+COPY files/sshconfig /root/.ssh/config
# CI Runtime Environment
WORKDIR /
$vpp_install_skip_sysctl_envvar
-ENV VPP_ZOMBIE_NOCHECK=1
-ENV DOCKER_TEST=1
-# TODO: Mount ccache volume into docker container, then remove this.
-ENV CCACHE_DISABLE=1
-RUN gem install rake package_cloud \\
- && curl -s https://packagecloud.io/install/repositories/fdio/master/script.deb.sh | sudo bash
+ENV VPP_ZOMBIE_NOCHECK="1"
+ENV CCACHE_DIR="/scratch/ccache"
+ENV CCACHE_MAXSIZE="10G"
+EOF
+ generate_apt_dockerfile_clean
+}
-# Clean up copy-in build tree
-RUN dbld_dump_build_logs.sh \\
- && rm -rf /tmp/*
+# Generate 'csit_dut' class apt dockerfile
+csit_dut_generate_apt_dockerfile() {
+ local executor_class="$1"
+ local executor_os_name="$2"
+ local executor_image="$3"
+
+ csit_dut_generate_docker_build_files
+ generate_apt_dockerfile_common "$executor_class" "$executor_image"
+ cat <<EOF >>"$DOCKERFILE"
+
+# Install csit_dut specific packages
+RUN apt-get update -qq \\
+ && apt-get install -y \\
+ net-tools \\
+ openssh-server \\
+ pciutils \\
+ rsyslog \\
+ supervisor \\
+ && rm -r /var/lib/apt/lists/*
+
+# Fix permissions
+RUN chown root:syslog /var/log \\
+ && chmod 755 /etc/default
+
+# Create directory structure
+RUN mkdir -p /var/run/sshd
+
+# SSH settings
+RUN echo 'root:Csit1234' | chpasswd \\
+ && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \\
+ && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+EXPOSE 2222
+
+COPY files/supervisord.conf /etc/supervisor/supervisord.conf
+
+CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"]
EOF
+ generate_apt_dockerfile_clean
}
-write_apt_ubuntu_docker_gpg_keyfile() {
- # To update docker gpg key
- # curl -fsSL https://download.docker.com/linux/ubuntu/gpg
- cat <<EOF >$DOCKER_APT_UBUNTU_DOCKER_GPGFILE
------BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth
-lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh
-38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq
-L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7
-UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N
-cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht
-ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo
-vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD
-G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ
-XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj
-q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB
-tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3
-BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO
-v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd
-tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk
-jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m
-6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P
-XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc
-FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8
-g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm
-ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh
-9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5
-G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW
-FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB
-EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF
-M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx
-Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu
-w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk
-z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8
-eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb
-VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa
-1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X
-zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ
-pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7
-ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ
-BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY
-1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp
-YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI
-mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES
-KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7
-JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ
-cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0
-6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5
-U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z
-VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f
-irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk
-SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz
-QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W
-9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw
-24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe
-dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y
-Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR
-H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh
-/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ
-M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S
-xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O
-jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG
-YT90qFF93M3v01BbxP+EIY2/9tiIPbrd
-=0YYh
------END PGP PUBLIC KEY BLOCK-----
+# Generate 'csit_shim' class apt dockerfile
+csit_shim_generate_apt_dockerfile() {
+ local executor_class="$1"
+ local executor_os_name="$2"
+ local executor_image="$3"
+
+ csit_shim_generate_docker_build_files
+ cat <<EOF >>"$DOCKERFILE"
+
+# Copy-in temporary build tree containing
+# ci-management, vpp, & csit git repos
+WORKDIR $DOCKER_BUILD_DIR
+COPY . .
+
+# Build Environment Variables
+ENV DEBIAN_FRONTEND="noninteractive"
+ENV FDIOTOOLS_IMAGE="$executor_image"
+ENV FDIOTOOLS_EXECUTOR_CLASS="$executor_class"
+ENV CIMAN_ROOT="$DOCKER_CIMAN_ROOT"
+ENV PATH="\$PATH:$DOCKER_CIMAN_ROOT/docker/scripts"
+
+# Configure locales & timezone
+RUN apt-get update -qq \\
+ && apt-get install -y \\
+ apt-utils \\
+ locales \\
+ && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \\
+ && locale-gen en_US.UTF-8 \\
+ && dpkg-reconfigure --frontend=noninteractive locales \\
+ && update-locale LANG=en_US.UTF-8 \\
+ && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/\$TZ /etc/localtime && echo \$TZ > /etc/timezone \\
+ && rm -r /var/lib/apt/lists/*
+ENV LANG=en_US.UTF-8 LANGUAGE=en_US LC_ALL=en_US.UTF-8
+
+COPY files/wrapdocker /usr/local/bin/wrapdocker
+RUN chmod +x /usr/local/bin/wrapdocker
+
+# Install packages and Docker
+RUN apt-get update -qq \\
+ && apt-get install -y \\
+ bash \\
+ curl \\
+ iproute2 \\
+ locales \\
+ ssh \\
+ sudo \\
+ tzdata \\
+ uuid-runtime \\
+ && curl -fsSL https://get.docker.com | sh \\
+ && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /var/run/sshd
+RUN echo 'root:Csit1234' | chpasswd
+RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
+
+# SSH login fix. Otherwise user is kicked off after login
+RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+# Need volume for sidecar docker launches
+VOLUME /var/lib/docker
+
+# SSH to listen on port 6022 in shim
+RUN echo 'Port 6022' >>/etc/ssh/sshd_config
+RUN echo 'Port 6023' >>/etc/ssh/sshd_config
+
+# TODO: Verify why badkeypub is required & figure out how to avoid it.
+COPY files/badkeypub /root/.ssh/authorized_keys
+COPY files/sshconfig /root/.ssh/config
+
+# Clean up copy-in build tree
+RUN rm -rf /tmp/* $DOCKER_BUILD_FILES_DIR
+
+# Start sshd by default
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D"]
EOF
}
-write_apt_debian_docker_gpg_keyfile() {
- # To update docker gpg key
- # curl -fsSL https://download.docker.com/linux/debian/gpg
- cat <<EOF >$DOCKER_APT_DEBIAN_DOCKER_GPGFILE
------BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth
-lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh
-38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq
-L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7
-UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N
-cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht
-ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo
-vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD
-G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ
-XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj
-q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB
-tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3
-BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO
-v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd
-tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk
-jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m
-6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P
-XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc
-FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8
-g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm
-ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh
-9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5
-G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW
-FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB
-EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF
-M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx
-Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu
-w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk
-z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8
-eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb
-VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa
-1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X
-zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ
-pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7
-ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ
-BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY
-1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp
-YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI
-mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES
-KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7
-JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ
-cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0
-6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5
-U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z
-VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f
-irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk
-SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz
-QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W
-9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw
-24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe
-dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y
-Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR
-H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh
-/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ
-M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S
-xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O
-jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG
-YT90qFF93M3v01BbxP+EIY2/9tiIPbrd
-=0YYh
------END PGP PUBLIC KEY BLOCK-----
+generate_apt_dockerfile() {
+ local executor_class="$1"
+ local executor_os_name="$2"
+ local from_image="$3"
+ local executor_image="$4"
+
+ cat <<EOF >"$DOCKERIGNOREFILE"
+**/__pycache__
+*.pyc
+EOF
+ cat <<EOF >"$DOCKERFILE"
+FROM $from_image AS ${executor_class}-executor-image
+LABEL Description="FD.io CI '$executor_class' executor docker image for $executor_os_name/$OS_ARCH"
+LABEL Vendor="fd.io"
+LABEL Version="$DOCKER_TAG"
EOF
+ ${executor_class}_generate_apt_dockerfile "$executor_class" \
+ "$executor_os_name" "$executor_image"
}
Code Review / ci-management.git / blobdiff