ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2024-12-28 11:13:10 +08:00
Code Issues Projects Releases Packages Wiki Activity
the-bastion/docker/Dockerfile.sandbox
Stéphane Lesimple c201f44d83 enh: tests: refactor the framework for more maintainability 
The chain of executions is as is:
- `docker_build_and_run_tests_all.sh`
  - launches several instances of `docker_build_and_run_tests.sh`
    - builds docker images with the `target_role.sh` and `tester_role.sh` entrypoints
      - inside the tester docker, `tester_role.sh` launches `launch_tests_on_instance.sh`
      - the target docker gets tested after setting up accounts, SSH etc.

Previously, these scripts passed options to each other either by a mix of environment
variables and command-line arguments, with some inconsistencies here and there.

Now, `launch_tests_on_instance.sh` supports a lot of command-line options, which can
be specified directly if testing a remote server, or can be passed-through by the calling
script in case of docker tests. `docker_build_and_run_tests.sh` and
`docker_build_and_run_tests_all.sh` also support to passthrough these options down.
2021-06-25 16:02:38 +02:00

33 lines
1.5 KiB
Text
Raw Blame History

FROM debian:buster
LABEL maintainer="stephane.lesimple+bastion@ovhcloud.com"
# first, copy everything we need
COPY . /opt/bastion
# then do a big RUN to squash layers (--squash is still experimental, we can't use it yet)
RUN \
# ensure the OS is up to date
apt update -y && DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y && \
# install packages (-i), including dev ones (-d) and syslog-ng (-s) \
/opt/bastion/bin/admin/packages-check.sh -i -d -s && \
# download and install the ttyrec deb package (-d) \
/opt/bastion/bin/admin/install-ttyrec.sh -d && \
# download and install the yubico-piv-checker deb package (-d) \
/opt/bastion/bin/admin/install-yubico-piv-checker.sh -d && \
# cleanup packages cache to save space \
rm -rf /var/cache/apt && \
# handle locales \
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen && \
# disable /dev/kmsg handling by syslog-ng and explicitly enable /dev/log \
sed -i -re 's=system\(\);=unix-stream("/dev/log");=' /etc/syslog-ng/syslog-ng.conf && \
# accountUidMax & ttyrecGroupIdOffset change: fixes https://github.com/ovh/the-bastion/issues/24 \
sed -i -re 's/^"accountUidMax":.+/"accountUidMax": 9999,/;s/^"ttyrecGroupIdOffset":.+/"ttyrecGroupIdOffset": 10000,/' /opt/bastion/etc/bastion/bastion.conf.dist && \
# install the software \
/opt/bastion/bin/admin/install --new-install
# We'll expose our port 22
EXPOSE 22/tcp
# start at entrypoint
ENTRYPOINT /opt/bastion/docker/entrypoint.sh --sandbox
Reference in a new issue View git blame Copy permalink