2024-02-13 08:32:45 -05:00
|
|
|
# syntax=docker/dockerfile:1
|
|
|
|
|
|
|
|
# ENGINE_VERSION is the version of the (docker-in-docker) Docker Engine to
|
|
|
|
# test against.
|
|
|
|
ARG ENGINE_VERSION=25.0
|
|
|
|
|
|
|
|
FROM docker:${ENGINE_VERSION}-dind
|
|
|
|
|
|
|
|
# the openssh-client update is needed for security reasons when using docker:23.0-dind, currently maintained as an lts by mirantis
|
|
|
|
RUN apk --no-cache upgrade openssh-client && \
|
|
|
|
apk --no-cache add shadow openssh-server && \
|
|
|
|
# TODO(krissetto): `groupadd` can be removed once we only test against moby >= v24
|
|
|
|
# see https://github.com/docker-library/docker/pull/470
|
2018-09-06 01:38:01 -04:00
|
|
|
groupadd -f docker && \
|
2019-03-11 10:24:28 -04:00
|
|
|
useradd --create-home --shell /bin/sh --password $(head -c32 /dev/urandom | base64) penguin && \
|
2018-09-06 01:38:01 -04:00
|
|
|
usermod -aG docker penguin && \
|
|
|
|
ssh-keygen -A
|
|
|
|
# workaround: ssh session excludes /usr/local/bin from $PATH
|
|
|
|
RUN ln -s /usr/local/bin/docker /usr/bin/docker
|
|
|
|
COPY ./connhelper-ssh/entrypoint.sh /
|
|
|
|
EXPOSE 22
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|
|
|
|
# usage: docker run --privileged -e TEST_CONNHELPER_SSH_ID_RSA_PUB=$(cat ~/.ssh/id_rsa.pub) -p 22 $THIS_IMAGE
|