beaker-docker 1.2.0 → 1.4.0

data/CHANGELOG.md

@@ -1,5 +1,31 @@
 # Changelog
 
+## [1.4.0](https://github.com/voxpupuli/beaker-docker/tree/1.4.0) (2023-03-09)
+
+[Full Changelog](https://github.com/voxpupuli/beaker-docker/compare/1.3.0...1.4.0)
+
+**Implemented enhancements:**
+
+- Enable Rubocop [\#72](https://github.com/voxpupuli/beaker-docker/pull/72) ([jay7x](https://github.com/jay7x))
+- Refactor built-in Dockerfile and fix\_ssh\(\) [\#71](https://github.com/voxpupuli/beaker-docker/pull/71) ([jay7x](https://github.com/jay7x))
+
+**Fixed bugs:**
+
+- set flag for container to container communication [\#84](https://github.com/voxpupuli/beaker-docker/pull/84) ([rwaffen](https://github.com/rwaffen))
+
+**Merged pull requests:**
+
+- Bump actions/checkout from 2 to 3 [\#90](https://github.com/voxpupuli/beaker-docker/pull/90) ([dependabot[bot]](https://github.com/apps/dependabot))
+- dependabot: check for github actions as well [\#89](https://github.com/voxpupuli/beaker-docker/pull/89) ([bastelfreak](https://github.com/bastelfreak))
+
+## [1.3.0](https://github.com/voxpupuli/beaker-docker/tree/1.3.0) (2022-12-18)
+
+[Full Changelog](https://github.com/voxpupuli/beaker-docker/compare/1.2.0...1.3.0)
+
+**Implemented enhancements:**
+
+- Generate a ssh port from 1025..9999 range [\#68](https://github.com/voxpupuli/beaker-docker/pull/68) ([jay7x](https://github.com/jay7x))
+
 ## [1.2.0](https://github.com/voxpupuli/beaker-docker/tree/1.2.0) (2022-08-11)
 
 [Full Changelog](https://github.com/voxpupuli/beaker-docker/compare/1.1.1...1.2.0)

data/Gemfile

@@ -6,9 +6,9 @@ if File.exists? "#{__FILE__}.local"
   eval(File.read("#{__FILE__}.local"), binding)
 end
 
-group :coverage, optional: ENV['COVERAGE']!='yes' do
-  gem 'simplecov-console', :require => false
-  gem 'codecov', :require => false
+group :coverage, optional: ENV['COVERAGE'] != 'yes' do
+  gem 'simplecov-console', require: false
+  gem 'codecov', require: false
 end
 
 group :release do

data/Rakefile

@@ -1,9 +1,17 @@
 require 'rspec/core/rake_task'
 
-namespace :test do
+namespace :lint do
+  require 'rubocop/rake_task'
+  RuboCop::RakeTask.new(:rubocop) do |task|
+    # Use Rubocop's Github Actions formatter
+    if ENV['GITHUB_ACTIONS'] == 'true'
+      task.formatters << 'github'
+    end
+  end
+end
 
+namespace :test do
   namespace :spec do
-
     desc "Run spec tests"
     RSpec::Core::RakeTask.new(:run) do |t|
       t.rspec_opts = ['--color', '--format documentation']
@@ -16,11 +24,9 @@ namespace :test do
       t.rspec_opts = ['--color', '--format documentation']
       t.pattern = 'spec/'
     end
-
   end
 
   namespace :acceptance do
-
     desc <<-EOS
 A quick acceptance test, named because it has no pre-suites to run
     EOS
@@ -32,9 +38,8 @@ A quick acceptance test, named because it has no pre-suites to run
       beaker_test_base_dir = File.join(beaker_gem_dir, 'acceptance/tests/base')
       load_path_option = File.join(beaker_gem_dir, 'acceptance/lib')
 
-      ENV['BEAKER_setfile'] = 'acceptance/config/nodes/hosts.yaml'
+      ENV['BEAKER_setfile'] = 'acceptance/config/nodes/hosts.yaml' unless ENV.key?('BEAKER_setfile')
       sh("beaker",
-         "--hosts", "acceptance/config/nodes/hosts.yaml",
           # We can't run these tests until the rsync support in the main
           # beaker/host.rb is updated to work with passwords.
           # "--tests", beaker_test_base_dir,
@@ -43,9 +48,7 @@ A quick acceptance test, named because it has no pre-suites to run
          "--log-level", "debug",
          "--debug")
     end
-
   end
-
 end
 
 # namespace-named default tasks.
@@ -55,6 +58,7 @@ task 'test:spec' => 'test:spec:run'
 task 'test:acceptance' => 'test:acceptance:quick'
 
 # global defaults
+task :lint => %i[lint:rubocop]
 task :test => 'test:spec'
 task :default => :test
 
@@ -90,7 +94,6 @@ task :docs => 'docs:clear' do
 end
 
 namespace :docs do
-
   desc 'Clear the generated documentation cache'
   task :clear do
     original_dir = Dir.pwd

data/beaker-docker.gemspec

@@ -27,6 +27,10 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'rspec-its', '~> 1.3'
   s.add_development_dependency 'fakefs', '~> 1.3'
   s.add_development_dependency 'rake', '~> 13.0'
+  s.add_development_dependency 'rubocop', '~> 1.12.0'
+  s.add_development_dependency 'rubocop-performance', '~> 1.10'
+  s.add_development_dependency 'rubocop-rake', '~> 0.2'
+  s.add_development_dependency 'rubocop-rspec', '>= 1.44'
 
   # Run time dependencies
   s.add_runtime_dependency 'stringify-hash', '~> 0.0.0'

data/lib/beaker/hypervisor/docker.rb

@@ -30,7 +30,7 @@ module Beaker
           * Check your DOCKER_HOST variable has been set
           * If you are on OSX or Windows, you might not have Docker Machine setup correctly: https://docs.docker.com/machine/
           * If you are using rootless podman, you might need to set up your local socket and service
-          ERRMSG
+        ERRMSG
       end
 
       # Pass on all the logging from docker-api to the beaker logger instance
@@ -78,7 +78,7 @@ module Beaker
         'Hostname' => host.name,
         'HostConfig' => {
           'PortBindings' => {
-            '22/tcp' => [{ 'HostPort' => rand.to_s[2..5], 'HostIp' => '0.0.0.0'}]
+            '22/tcp' => [{ 'HostPort' => rand(1025..9999).to_s, 'HostIp' => '0.0.0.0'}]
           },
           'PublishAllPorts' => true,
           'RestartPolicy' => {
@@ -142,9 +142,9 @@ module Beaker
         port: nil
       }
 
-      container_json = container.json
+      container_json   = container.json
       network_settings = container_json['NetworkSettings']
-      host_config = container_json['HostConfig']
+      host_config      = container_json['HostConfig']
 
       ip = nil
       port = nil
@@ -161,9 +161,10 @@ module Beaker
 
           # Host to Container
           port22 = network_settings.dig('PortBindings','22/tcp')
-          if port22.nil? && network_settings.key?('Ports')
+          if port22.nil? && network_settings.key?('Ports') && !nested_docker?
             port22 = network_settings.dig('Ports','22/tcp')
           end
+
           ip = port22[0]['HostIp'] if port22
           port = port22[0]['HostPort'] if port22
 
@@ -216,7 +217,6 @@ module Beaker
       @hosts.each do |host|
         @logger.notify "provisioning #{host.name}"
 
-
         image = get_container_image(host)
 
         if host['tag']
@@ -510,145 +510,132 @@ module Beaker
 
     def dockerfile_for(host)
       # specify base image
-      dockerfile = <<-EOF
+      dockerfile = <<~DF
         FROM #{host['image']}
         ENV container docker
-      EOF
+      DF
 
       # Commands before any other commands. Can be used for eg. proxy configuration
-      dockerfile += (host['docker_image_first_commands'] || []).map { |command|
-        "RUN #{command}\n"
-      }.join('')
-
-      # additional options to specify to the sshd
-      # may vary by platform
-      sshd_options = ''
+      dockerfile += (host['docker_image_first_commands'] || []).map { |cmd| "RUN #{cmd}\n" }.join('')
 
       # add platform-specific actions
-      service_name = "sshd"
+      service_name = 'sshd'
       additional_packages = host_packages(host)
       case host['platform']
       when /ubuntu/, /debian/
-        service_name = "ssh"
-        dockerfile += <<~EOF
-          RUN apt-get update
-          RUN apt-get install -y openssh-server openssh-client #{additional_packages.join(' ')}
-          RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/*
-          EOF
-      when  /cumulus/
-          dockerfile += <<~EOF
-          RUN apt-get update
-          RUN apt-get install -y openssh-server openssh-client #{additional_packages.join(' ')}
-          EOF
+        service_name = 'ssh'
+        dockerfile += <<~DF
+          RUN apt-get update \
+          && apt-get install -y openssh-server openssh-client #{additional_packages.join(' ')} \
+          && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/*
+        DF
+      when /cumulus/
+        dockerfile += <<~DF
+          RUN apt-get update \
+          && apt-get install -y openssh-server openssh-client #{additional_packages.join(' ')}
+        DF
       when /el-[89]/, /fedora-(2[2-9]|3)/
-        dockerfile += <<~EOF
-          RUN dnf clean all
-          RUN dnf install -y sudo openssh-server openssh-clients #{additional_packages.join(' ')}
-          RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
-          RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
-          RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/*
-          EOF
+        dockerfile += <<~DF
+          RUN dnf clean all \
+          && dnf install -y sudo openssh-server openssh-clients #{additional_packages.join(' ')} \
+          && ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key \
+          && ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key \
+          && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/*
+        DF
       when /^el-/, /centos/, /fedora/, /redhat/, /eos/
-        dockerfile += <<~EOF
-          RUN yum clean all
-          RUN yum install -y sudo openssh-server openssh-clients #{additional_packages.join(' ')}
-          RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
-          RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
-          RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/*
-          EOF
+        dockerfile += <<~DF
+          RUN yum clean all \
+          && yum install -y sudo openssh-server openssh-clients #{additional_packages.join(' ')} \
+          && ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key \
+          && ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key \
+          && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/*
+        DF
       when /opensuse/, /sles/
-        dockerfile += <<~EOF
-          RUN zypper -n in openssh #{additional_packages.join(' ')}
-          RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
-          RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
-          RUN sed -ri 's/^#?UsePAM .*/UsePAM no/' /etc/ssh/sshd_config
-          RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/*
-          EOF
+        dockerfile += <<~DF
+          RUN zypper -n in openssh #{additional_packages.join(' ')} \
+          && ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key \
+          && ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key \
+          && sed -ri 's/^#?UsePAM .*/UsePAM no/' /etc/ssh/sshd_config \
+          && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/*
+        DF
       when /archlinux/
-        dockerfile += <<~EOF
-          RUN pacman --sync --refresh --noconfirm archlinux-keyring
-          RUN pacman --sync --refresh --noconfirm --sysupgrade
-          RUN pacman --sync --noconfirm #{additional_packages.join(' ')}
-          RUN ssh-keygen -A
-          RUN sed -ri 's/^#?UsePAM .*/UsePAM no/' /etc/ssh/sshd_config
-          RUN systemctl enable sshd
-          EOF
+        dockerfile += <<~DF
+          RUN pacman --sync --refresh --noconfirm archlinux-keyring \
+          && pacman --sync --refresh --noconfirm --sysupgrade \
+          && pacman --sync --noconfirm #{additional_packages.join(' ')} \
+          && ssh-keygen -A \
+          && sed -ri 's/^#?UsePAM .*/UsePAM no/' /etc/ssh/sshd_config \
+          && systemctl enable sshd
+        DF
       else
-        # TODO add more platform steps here
+        # TODO: add more platform steps here
         raise "platform #{host['platform']} not yet supported on docker"
       end
 
       # Make sshd directory, set root password
-      dockerfile += <<~EOF
-        RUN mkdir -p /var/run/sshd
-        RUN echo root:#{root_password} | chpasswd
-        EOF
+      dockerfile += <<~DF
+        RUN mkdir -p /var/run/sshd \
+        && echo root:#{root_password} | chpasswd
+      DF
 
       # Configure sshd service to allowroot login using password
       # Also, disable reverse DNS lookups to prevent every. single. ssh
       # operation taking 30 seconds while the lookup times out.
-      dockerfile += <<~EOF
-        RUN sed -ri 's/^#?PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config
-        RUN sed -ri 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config
-        RUN sed -ri 's/^#?UseDNS .*/UseDNS no/' /etc/ssh/sshd_config
-        EOF
-
+      # Also unbreak users with a bunch of SSH keys loaded in their keyring.
+      dockerfile += <<~DF
+        RUN sed -ri \
+        -e 's/^#?PermitRootLogin .*/PermitRootLogin yes/' \
+        -e 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/' \
+        -e 's/^#?UseDNS .*/UseDNS no/' \
+        -e 's/^#?MaxAuthTries.*/MaxAuthTries 1000/' \
+        /etc/ssh/sshd_config
+      DF
 
       # Any extra commands specified for the host
-      dockerfile += (host['docker_image_commands'] || []).map { |command|
-        "RUN #{command}\n"
-      }.join('')
+      dockerfile += (host['docker_image_commands'] || []).map { |cmd| "RUN #{cmd}\n" }.join('')
 
       # Override image entrypoint
-      if host['docker_image_entrypoint']
-        dockerfile += "ENTRYPOINT #{host['docker_image_entrypoint']}\n"
-      end
+      dockerfile += "ENTRYPOINT #{host['docker_image_entrypoint']}\n" if host['docker_image_entrypoint']
 
       # How to start a sshd on port 22.  May be an init for more supervision
       # Ensure that the ssh server can be restarted (done from set_env) and container keeps running
-      cmd = host['docker_cmd'] || ["sh","-c","service #{service_name} start ; tail -f /dev/null"]
-      dockerfile += <<-EOF
+      cmd = host['docker_cmd'] || ['sh', '-c', "service #{service_name} start; tail -f /dev/null"]
+      dockerfile += <<~DF
         EXPOSE 22
         CMD #{cmd}
-      EOF
-
-    # end
+      DF
 
       @logger.debug("Dockerfile is #{dockerfile}")
-      return dockerfile
+
+      dockerfile
     end
 
     # a puppet run may have changed the ssh config which would
     # keep us out of the container.  This is a best effort to fix it.
     # Optionally pass in a host object to to determine which ssh
     # restart command we should try.
-    def fix_ssh(container, host=nil)
+    def fix_ssh(container, host = nil)
       @logger.debug("Fixing ssh on container #{container.id}")
-      container.exec(['sed','-ri',
-                      's/^#?PermitRootLogin .*/PermitRootLogin yes/',
-                      '/etc/ssh/sshd_config'])
-      container.exec(['sed','-ri',
-                      's/^#?PasswordAuthentication .*/PasswordAuthentication yes/',
+      container.exec(['sed', '-ri',
+                      '-e', 's/^#?PermitRootLogin .*/PermitRootLogin yes/',
+                      '-e', 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/',
+                      '-e', 's/^#?UseDNS .*/UseDNS no/',
+                      # Unbreak users with a bunch of SSH keys loaded in their keyring.
+                      '-e', 's/^#?MaxAuthTries.*/MaxAuthTries 1000/',
                       '/etc/ssh/sshd_config'])
-      container.exec(['sed','-ri',
-                      's/^#?UseDNS .*/UseDNS no/',
-                      '/etc/ssh/sshd_config'])
-      # Make sure users with a bunch of SSH keys loaded in their keyring can
-      # still run tests
-      container.exec(['sed','-ri',
-                     's/^#?MaxAuthTries.*/MaxAuthTries 1000/',
-                     '/etc/ssh/sshd_config'])
-
-      if host
-        if host['platform'] =~ /alpine/
-          container.exec(%w(/usr/sbin/sshd))
-        else
-          container.exec(%w(service ssh restart))
-        end
+
+      return unless host
+
+      case host['platform']
+      when /alpine/
+        container.exec(%w[/usr/sbin/sshd])
+      when /ubuntu/, /debian/
+        container.exec(%w[service ssh restart])
+      else
+        container.exec(%w[service sshd restart])
       end
     end
 
-
     # return the existing container if we're not provisioning
     # and docker_container_name is set
     def find_container(host)
@@ -679,6 +666,5 @@ module Beaker
     def in_container?
       return File.file?('/.dockerenv')
     end
-
   end
 end

data/lib/beaker-docker/version.rb

@@ -1,3 +1,3 @@
 module BeakerDocker
-  VERSION = '1.2.0'
+  VERSION = '1.4.0'
 end

data/spec/beaker/hypervisor/docker_spec.rb

@@ -746,7 +746,7 @@ module Beaker
             'image' => 'foobar',
           })
 
-          expect( dockerfile ).to be =~ /RUN zypper -n in openssh/
+          expect( dockerfile ).to be =~ /zypper -n in openssh/
         end
 
         (22..39).to_a.each do | fedora_release |
@@ -757,7 +757,7 @@ module Beaker
               'image' => 'foobar',
             })
 
-            expect( dockerfile ).to be =~ /RUN dnf install -y sudo/
+            expect( dockerfile ).to be =~ /dnf install -y sudo/
           end
         end
 
@@ -768,9 +768,48 @@ module Beaker
             'image' => 'foobar',
           })
 
-          expect( dockerfile ).to match(/RUN pacman --sync --refresh --noconfirm archlinux-keyring/)
-          expect( dockerfile ).to match(/RUN pacman --sync --refresh --noconfirm --sysupgrade/)
-          expect( dockerfile ).to match(/RUN pacman --sync --noconfirm curl ntp net-tools openssh/)
+          expect( dockerfile ).to match(/pacman --sync --refresh --noconfirm archlinux-keyring/)
+          expect( dockerfile ).to match(/pacman --sync --refresh --noconfirm --sysupgrade/)
+          expect( dockerfile ).to match(/pacman --sync --noconfirm curl ntp net-tools openssh/)
+        end
+      end
+
+      describe '#fix_ssh' do
+        let(:test_container) { double('container') }
+        let(:host) { hosts[0] }
+        before :each do
+          expect(test_container).to receive(:id).and_return('abcdef')
+        end
+
+        it 'should call exec once when called without host' do
+          expect(test_container).to receive(:exec).once.with(
+            include(/PermitRootLogin/) &&
+            include(/PasswordAuthentication/) &&
+            include(/UseDNS/) &&
+            include(/MaxAuthTries/)
+          )
+          docker.send(:fix_ssh, test_container)
+        end
+
+        it 'should exec sshd on alpine' do
+          host['platform'] = 'alpine-3.8-x86_64'
+          expect(test_container).to receive(:exec).with(array_including('sed'))
+          expect(test_container).to receive(:exec).with(%w[/usr/sbin/sshd])
+          docker.send(:fix_ssh, test_container, host)
+        end
+
+        it 'should restart ssh service on ubuntu' do
+          host['platform'] = 'ubuntu-20.04-x86_64'
+          expect(test_container).to receive(:exec).with(array_including('sed'))
+          expect(test_container).to receive(:exec).with(%w[service ssh restart])
+          docker.send(:fix_ssh, test_container, host)
+        end
+
+        it 'should restart sshd service otherwise' do
+          host['platform'] = 'boogeyman-2000-x86_64'
+          expect(test_container).to receive(:exec).with(array_including('sed'))
+          expect(test_container).to receive(:exec).with(%w[service sshd restart])
+          docker.send(:fix_ssh, test_container, host)
         end
       end
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: beaker-docker
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Vox Pupuli
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-11 00:00:00.000000000 Z
+date: 2023-03-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -69,6 +69,62 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.12.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.12.0
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.44'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.44'
 - !ruby/object:Gem::Dependency
   name: stringify-hash
   requirement: !ruby/object:Gem::Requirement
@@ -123,6 +179,8 @@ files:
 - ".github/workflows/release.yml"
 - ".github/workflows/test.yml"
 - ".gitignore"
+- ".rubocop.yml"
+- ".rubocop_todo.yml"
 - ".simplecov"
 - CHANGELOG.md
 - Gemfile