| # syntax=docker/dockerfile:1 |
| |
| # ENGINE_VERSION is the version of the (docker-in-docker) Docker Engine to |
| # test against. |
| ARG ENGINE_VERSION=28 |
| |
| FROM docker:${ENGINE_VERSION}-dind |
| |
| # the openssh-client update is needed for security reasons when using docker:23.0-dind, currently maintained as an lts by mirantis |
| RUN apk --no-cache add openssl openssh-client openssh-server shadow && \ |
| apk --no-cache upgrade openssl openssh-client openssh-server && \ |
| # TODO(krissetto): `groupadd` can be removed once we only test against moby >= v24 |
| # see https://github.com/docker-library/docker/pull/470 |
| groupadd -f docker && \ |
| useradd --create-home --shell /bin/sh --password $(head -c32 /dev/urandom | base64) penguin && \ |
| usermod -aG docker penguin && \ |
| ssh-keygen -A |
| # workaround: ssh session excludes /usr/local/bin from $PATH |
| RUN ln -s /usr/local/bin/docker /usr/bin/docker |
| COPY ./connhelper-ssh/entrypoint.sh / |
| EXPOSE 22 |
| ENTRYPOINT ["/entrypoint.sh"] |
| # usage: docker run --privileged -e TEST_CONNHELPER_SSH_ID_RSA_PUB=$(cat ~/.ssh/id_rsa.pub) -p 22 $THIS_IMAGE |
