kitchen-docker 2.1.0 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a2b8e38c60e7c372eb20e133a717c069e2371a4d
-  data.tar.gz: 59c4cb5cb92f171b8acfe30769150fc4c284c920
+  metadata.gz: b939e9c2b0904be1588251727d88e41cdf7860c5
+  data.tar.gz: feeb4a93431ac53e63787d78b1430223e5340b30
 SHA512:
-  metadata.gz: 7aef3953bac91da662c0ff21309b227e2b404348716b1f21b205de707b2bfb44b2f3daad594d5dbd7d143ade70861d92bb45153d445ed65468d09174da1fbf24
-  data.tar.gz: 1096f10f52579bfe2d28b42d79b0c7e9775a29a158b3e2d58fb58b5c3b668519b655077666072edf392ec293a4cf5e4f26502d93c17959c3c526506023124eb3
+  metadata.gz: ce018dcd2008f84c802cb9050b05c84d239bcc903b53cdcee34791d40f4b4af3c39569df906b42a6b55a935850bd6c9e7562133ea201d6c58e2bcee0ede084b6
+  data.tar.gz: e6b5607abd8c8243d80aba28c04303e33d391cf3e09732d036634957cfc139cfa92248f26c158e4a39836ad4747c36fe73a9f124446d6eb205fef9f46c67dba8

data/CHANGELOG.md

@@ -1,3 +1,20 @@
+## 2.2.0
+
+* Use a temporary file for each suite instance Docker container
+Dockerfile, instead of passing their contents via STDIN. This allows for
+the use of commands like ADD and COPY. **Users must now use Docker >= 1.5.0**
+
+* Passwordless suite instance Docker container login (SSH), using a
+generated key pair.
+
+* Support for sharing a host device with suite instance Docker containers.
+
+* README YAML highlighting.
+
+## 2.1.0
+
+* Use `NUL` instead of `/dev/null` on Windows for output redirection
+
 ## 2.0.0
 
 * Use Docker `top` and `port` instead of `inspect`
@@ -22,9 +39,9 @@
 
 * `publish_all` option to publish all ports to the host interface
 
-* `instance_name` option to name the docker container
+* `instance_name` option to name the Docker container
 
-* `links` option to link suite instance docker containers
+* `links` option to link suite instance Docker containers
 
 * `socket` option will now default to ENV `DOCKER_HOST` if set
 

data/README.md

@@ -12,7 +12,7 @@ Please read the Test Kitchen [docs][test_kitchen_docs] for more details.
 
 Example `.kitchen.local.yml`:
 
-```
+```yaml
 ---
 driver:
   name: docker
@@ -36,7 +36,7 @@ platforms.
 
 Examples:
 
-```
+```yaml
 ---
 platforms:
 - name: ubuntu-12.04
@@ -45,7 +45,7 @@ platforms:
 
 This will effectively generate a configuration similar to:
 
-```
+```yaml
 ---
 platforms:
 - name: ubuntu-12.04
@@ -68,11 +68,11 @@ The default value is `docker`.
 
 Examples:
 
-```
+```yaml
   binary: docker.io
 ```
 
-```
+```yaml
   binary: /opt/docker
 ```
 
@@ -86,17 +86,17 @@ to suite containers.
 
 Examples:
 
-```
+```yaml
   socket: unix:///tmp/docker.sock
 ```
 
-```
+```yaml
   socket: tcp://docker.example.com:4242
 ```
 
 If you use [Boot2Docker](https://github.com/boot2docker/boot2docker), set your `DOCKER_HOST` environment variable properly (e.g. `export DOCKER_HOST=tcp://192.168.59.103:2375`) or you have to use the following:
 
-```
+```yaml
 socket: tcp://192.168.59.103:2375
 ```
 
@@ -150,17 +150,17 @@ Custom command(s) to be run when provisioning the base for the suite containers.
 
 Examples:
 
-```
+```yaml
   provision_command: curl -L https://www.opscode.com/chef/install.sh | bash
 ```
 
-```
+```yaml
   provision_command:
     - apt-get install dnsutils
     - apt-get install telnet
 ```
 
-```
+```yaml
 driver_config:
   provision_command: curl -L https://www.opscode.com/chef/install.sh | bash
   require_chef_omnibus: false
@@ -192,11 +192,11 @@ The default value is `false`.
 
 Sets the command used to run the suite container.
 
-The default value is `/usr/sbin/sshd -D -o UseDNS=no -o UsePAM=no -o PasswordAuthentication=yes`.
+The default value is `/usr/sbin/sshd -D -o UseDNS=no -o UsePAM=no -o PasswordAuthentication=yes -o UsePrivilegeSeparation=no -o PidFile=/tmp/sshd.pid`.
 
 Examples:
 
-```
+```yaml
   run_command: /sbin/init
 ```
 
@@ -216,11 +216,11 @@ Adds a data volume(s) to the suite container.
 
 Examples:
 
-```
+```yaml
   volume: /ftp
 ```
 
-```
+```yaml
   volume:
   - /ftp
   - /srv
@@ -232,11 +232,11 @@ Mount volumes managed by other containers.
 
 Examples:
 
-```
+```yaml
   volumes_from: repos
 ```
 
-```
+```yaml
   volumes_from:
   - repos
   - logging
@@ -250,11 +250,11 @@ Dockers defaults.
 
 Examples:
 
-```
+```yaml
   dns: 8.8.8.8
 ```
 
-```
+```yaml
   dns:
   - 8.8.8.8
   - 8.8.4.4
@@ -265,7 +265,7 @@ Sets an http proxy for the suite container using the `http_proxy` environment va
 
 Examples:
 
-```
+```yaml
   http_proxy: http://proxy.host.com:8080
 ```
 ### https\_proxy
@@ -274,7 +274,7 @@ Sets an https proxy for the suite container using the `https_proxy` environment
 
 Examples:
 
-```
+```yaml
   https_proxy: http://proxy.host.com:8080
 ```
 ### forward
@@ -284,11 +284,11 @@ the host (public) port in the mappings, if not, Docker chooses for you.
 
 Examples:
 
-```
+```yaml
   forward: 80
 ```
 
-```
+```yaml
   forward:
   - 22:2222
   - 80:8080
@@ -300,7 +300,7 @@ Set the suite container hostname. Otherwise use Dockers default.
 
 Examples:
 
-```
+```yaml
   hostname: foobar.local
 ```
 
@@ -313,7 +313,7 @@ The default value is `false`.
 
 Examples:
 
-```
+```yaml
   privileged: true
 ```
 
@@ -323,11 +323,11 @@ Adds a capability to the running container.
 
 Examples:
 
-````
+```yaml
 cap_add:
 - SYS_PTRACE
 
-````
+```
 
 ### cap\_drop
 
@@ -335,11 +335,10 @@ Drops a capability from the running container.
 
 Examples:
 
-````
+```yaml
 cap_drop:
 - CHOWN
-
-````
+```
 
 ### security\_opt
 
@@ -349,7 +348,7 @@ profiles to grant access to specific resources.
 
 Examples:
 
-```
+```yaml
 security_opt:
   - apparmor:my_profile
 ```
@@ -360,7 +359,7 @@ Use a custom Dockerfile, instead of having Kitchen-Docker build one for you.
 
 Examples:
 
-```
+```yaml
   dockerfile: test/Dockerfile
 ```
 
@@ -370,7 +369,7 @@ Set the name of container to link to other container(s).
 
 Examples:
 
-```
+```yaml
   instance_name: web
 ```
 
@@ -380,13 +379,11 @@ Set ```instance_name```(and alias) of other container(s) that connect from the s
 
 Examples:
 
-```
+```yaml
  links: db:db
 ```
 
-Examples:
-
-```
+```yaml
   links:
   - db:db
   - kvs:kvs
@@ -401,10 +398,26 @@ The default value is `false`.
 
 Examples:
 
-```
+```yaml
   publish_all: true
 ```
 
+### devices
+
+Share a host device with the container. Host device must be an absolute path.
+
+Examples:
+
+```
+devices: /dev/vboxdrv
+```
+
+```
+devices:
+  - /dev/vboxdrv
+  - /dev/vboxnetctl
+```
+
 ## Development
 
 * Source hosted at [GitHub][repo]

data/lib/kitchen/driver/docker.rb

@@ -16,7 +16,9 @@
 
 require 'kitchen'
 require 'json'
+require 'securerandom'
 require 'uri'
+require 'net/ssh'
 require File.join(File.dirname(__FILE__), 'docker', 'erb')
 
 module Kitchen
@@ -47,6 +49,8 @@ module Kitchen
       default_config :tls_key,       nil
       default_config :publish_all,   false
       default_config :wait_for_sshd, true
+      default_config :private_key,   File.join(Dir.pwd, '.kitchen', 'docker_id_rsa')
+      default_config :public_key,    File.join(Dir.pwd, '.kitchen', 'docker_id_rsa.pub')
 
       default_config :use_sudo do |driver|
         !driver.remote_socket?
@@ -91,6 +95,8 @@ module Kitchen
       end
 
       def create(state)
+        generate_keys
+        state[:ssh_key] = config[:private_key]
         state[:image_id] = build_image(state) unless state[:image_id]
         state[:container_id] = run_container(state) unless state[:container_id]
         state[:hostname] = remote_socket? ? socket_uri.host : 'localhost'
@@ -126,6 +132,22 @@ module Kitchen
         run_command("#{docker} #{cmd}", options.merge(:quiet => !logger.debug?))
       end
 
+      def generate_keys
+        if !File.exist?(config[:public_key]) || !File.exist?(config[:private_key])
+          private_key = OpenSSL::PKey::RSA.new(2048)
+          blobbed_key = Base64.encode64(private_key.to_blob).gsub("\n", '')
+          public_key = "ssh-rsa #{blobbed_key} kitchen_docker_key"
+          File.open(config[:private_key], 'w') do |file|
+            file.write(private_key)
+            file.chmod(0600)
+          end
+          File.open(config[:public_key], 'w') do |file|
+            file.write(public_key)
+            file.chmod(0600)
+          end
+        end
+      end
+
       def build_dockerfile
         from = "FROM #{config[:image]}"
         platform = case config[:platform]
@@ -172,8 +194,11 @@ module Kitchen
           raise ActionFailed,
           "Unknown platform '#{config[:platform]}'"
         end
+
         username = config[:username]
         password = config[:password]
+        public_key = IO.read(config[:public_key])
+
         base = <<-eos
           RUN if ! getent passwd #{username}; then useradd -d /home/#{username} -m -s /bin/bash #{username}; fi
           RUN echo #{username}:#{password} | chpasswd
@@ -181,6 +206,12 @@ module Kitchen
           RUN mkdir -p /etc/sudoers.d
           RUN echo '#{username} ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers.d/#{username}
           RUN chmod 0440 /etc/sudoers.d/#{username}
+          RUN [ ! -d /home/#{username}/.ssh ] && mkdir /home/#{username}/.ssh
+          RUN chown -R #{username} /home/#{username}/.ssh
+          RUN chmod 0700 /home/#{username}/.ssh
+          RUN echo '#{public_key}' >> /home/#{username}/.ssh/authorized_keys
+          RUN chown #{username} /home/#{username}/.ssh/authorized_keys
+          RUN chmod 0600 /home/#{username}/.ssh/authorized_keys
         eos
         custom = ''
         Array(config[:provision_command]).each do |cmd|
@@ -212,7 +243,11 @@ module Kitchen
       def build_image(state)
         cmd = "build"
         cmd << " --no-cache" unless config[:use_cache]
-        output = docker_command("#{cmd} -", :input => dockerfile)
+        output = Tempfile.create('Dockerfile-kitchen-', Dir.pwd) do |file|
+          file.write(dockerfile)
+          file.close
+          docker_command("#{cmd} -f #{file.path} .")
+        end
         parse_image_id(output)
       end
 
@@ -233,6 +268,7 @@ module Kitchen
         Array(config[:volume]).each {|volume| cmd << " -v #{volume}"}
         Array(config[:volumes_from]).each {|container| cmd << " --volumes-from #{container}"}
         Array(config[:links]).each {|link| cmd << " --link #{link}"}
+        Array(config[:devices]).each {|device| cmd << " --device #{device}"}
         cmd << " --name #{config[:instance_name]}" if config[:instance_name]
         cmd << " -P" if config[:publish_all]
         cmd << " -h #{config[:hostname]}" if config[:hostname]

data/lib/kitchen/driver/docker_version.rb

@@ -19,6 +19,6 @@ module Kitchen
   module Driver
 
     # Version string for Docker Kitchen driver
-    DOCKER_VERSION = "2.1.0"
+    DOCKER_VERSION = "2.2.0"
   end
 end

data/test/integration/capabilities/serverspec/capabilities_drop_spec.rb

@@ -1,6 +1,4 @@
-require 'serverspec' 
-
-set :backend, :exec
+require_relative 'spec_helper' 
 
 describe command('sudo /sbin/ifconfig eth0 multicast') do
   its(:exit_status) { should_not eq 0 }

data/test/integration/capabilities/serverspec/spec_helper.rb

@@ -0,0 +1,3 @@
+require 'serverspec' 
+
+set :backend, :exec

data/test/integration/default/serverspec/default_spec.rb

@@ -1,7 +1,4 @@
-require 'serverspec'
-
-include Serverspec::Helper::Exec
-include Serverspec::Helper::DetectOS
+require_relative 'spec_helper'
 
 describe file('/etc/passwd') do
   it { should be_file }

data/test/integration/default/serverspec/spec_helper.rb

@@ -0,0 +1,4 @@
+require 'serverspec'
+
+# Required by serverspec
+set :backend, :exec

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kitchen-docker
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.0
 platform: ruby
 authors:
 - Sean Porter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-25 00:00:00.000000000 Z
+date: 2015-07-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: test-kitchen
@@ -117,7 +117,9 @@ files:
 - lib/kitchen/driver/docker_version.rb
 - test/Dockerfile
 - test/integration/capabilities/serverspec/capabilities_drop_spec.rb
+- test/integration/capabilities/serverspec/spec_helper.rb
 - test/integration/default/serverspec/default_spec.rb
+- test/integration/default/serverspec/spec_helper.rb
 homepage: https://github.com/portertech/kitchen-docker
 licenses:
 - Apache 2.0
@@ -145,4 +147,6 @@ summary: A Docker Driver for Test Kitchen
 test_files:
 - test/Dockerfile
 - test/integration/capabilities/serverspec/capabilities_drop_spec.rb
+- test/integration/capabilities/serverspec/spec_helper.rb
 - test/integration/default/serverspec/default_spec.rb
+- test/integration/default/serverspec/spec_helper.rb