-
Notifications
You must be signed in to change notification settings - Fork 7
/
tf-agent_cntnr
132 lines (110 loc) · 3.83 KB
/
tf-agent_cntnr
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
FROM phusion/baseimage:focal-1.0.0
ENV DEBIAN_FRONTEND noninteractive
ENV HOME /root
ENV LC_ALL C.UTF-8
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US.UTF-8
ENV PATH /data/testflinger-agent:/data/testflinger-cli:/data/snappy-device-agents:$PATH
# add maas-cli PPA
RUN apt-add-repository ppa:maas/2.9 -y \
&& add-apt-repository ppa:checkbox-dev/ppa -y
# install deps & cleanup
RUN apt-get update \
&& apt-get install -y \
--no-install-recommends \
bash \
bash-completion \
sudo \
openssh-client \
build-essential \
net-tools \
iputils-ping \
iproute2 \
curl \
git \
wget \
python3 \
python3-dev \
python3-pip \
python3-virtualenv \
python3-requests \
python3-click \
openjdk-11-jre \
maas-cli \
python-cheetah \
checkbox-ng
# clean up APT
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# link python3 bin
RUN ln -s /usr/bin/python3 /usr/bin/python
RUN pip3 install requests_oauthlib paho-mqtt xdg
# add users
RUN useradd -ms /bin/bash ubuntu \
&& useradd -ms /bin/bash jenkins
# add to sudoers
RUN echo 'ubuntu ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers \
&& echo 'jenkins ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
# add SSH access
RUN rm -f /etc/service/sshd/down \
&& /etc/my_init.d/00_regen_ssh_host_keys.sh > /dev/null 2>&1
# prepare ssh key ops
COPY ./authorized_keys /tmp/authorized_keys
# gen ssh keys, update pubkey, import auth_keys
USER ubuntu
# generate ssh key and insert real hostname into pubkey
RUN ssh-keygen -t rsa -N '' -f /home/ubuntu/.ssh/id_rsa \
&& sed -i 's|@buildkitsandbox|@testflinger-agent-cntnr|gI' /home/ubuntu/.ssh/id_rsa.pub
# import auth_keys
RUN cat /tmp/authorized_keys >> /home/ubuntu/.ssh/authorized_keys
USER jenkins
# generate ssh key and insert real hostname into pubkey
RUN ssh-keygen -t rsa -N '' -f /home/jenkins/.ssh/id_rsa \
&& sed -i 's|@buildkitsandbox|@testflinger-agent-cntnr|gI' /home/jenkins/.ssh/id_rsa.pub
# import auth_keys
RUN cat /tmp/authorized_keys >> /home/jenkins/.ssh/authorized_keys
# root must be last
USER root
RUN ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa \
&& sed -i 's|@buildkitsandbox|@testflinger-agent-cntnr|gI' /root/.ssh/id_rsa.pub
RUN cat /tmp/authorized_keys >> /root/.ssh/authorized_keys \
&& rm -f /tmp/authorized_keys
# facilitate logging
RUN mkdir -p /var/log/testflinger \
&& chmod 755 /var/log/testflinger
WORKDIR /data/testflinger-agent
RUN git init \
&& git remote add origin https://github.com/canonical/testflinger-agent.git \
&& git fetch origin \
&& git checkout -b main --track origin/main
WORKDIR /data/snappy-device-agents
RUN git init \
&& git remote add origin https://github.com/canonical/snappy-device-agents.git \
&& git fetch origin \
&& git checkout -b main --track origin/main
# install tf-cli standalone (no file mapping required)
WORKDIR /data/
RUN git clone https://github.com/canonical/testflinger-cli.git
# run tf-agent setup
WORKDIR /data/testflinger-agent
RUN echo && echo "Running testflinger-agent setup:" \
&& python3 setup.py install
# run tf-cli setup
WORKDIR /data/testflinger-cli
RUN echo && echo "Running testflinger-cli setup:" \
&& python3 setup.py install
# run snappy-agent setup
WORKDIR /data/snappy-device-agents
RUN echo && echo "Running snappy-device-agents setup:" \
&& python3 setup.py install
# adjust perms on src files
RUN chown -R ubuntu:ubuntu /data/testflinger-agent \
&& chmod 775 /data/testflinger-agent \
&& chown -R ubuntu:ubuntu /data/testflinger-cli \
&& chmod 775 /data/testflinger-cli \
&& chown -R ubuntu:ubuntu /data/snappy-device-agents \
&& chmod 775 /data/snappy-device-agents
# set user passwords (temp pw)
RUN echo "ubuntu:ch4ng3m3" | chpasswd \
&& echo "jenkins:ch4ng3m3" | chpasswd
# set user passwords (secure method)
# RUN --mount=type=secret,id=tf_secret,required=true chpasswd < /run/secrets/tf_secret