docker-base-images/jenkins-ssh-agent-jdk17-dind
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: docker-base-images:release-1.0.5-01
Branches Tags
docker-base-images:master
docker-base-images:release-1.0.7
docker-base-images:release-1.0.6-04
docker-base-images:release-1.0.6-03
docker-base-images:release-1.0.6-02
docker-base-images:release-1.0.6-01
docker-base-images:release-1.0.6
docker-base-images:release-1.0.5-04
docker-base-images:release-1.0.5-03
docker-base-images:release-1.0.5-02
docker-base-images:release-1.0.5-01
docker-base-images:release-1.0.5
docker-base-images:release-1.0.4
docker-base-images:release-1.0.3
docker-base-images:release-1.0.2
docker-base-images:release-1.0.1
docker-base-images:release-1.0.0
..
compare: docker-base-images:master
Branches Tags
docker-base-images:master
docker-base-images:release-1.0.7
docker-base-images:release-1.0.6-04
docker-base-images:release-1.0.6-03
docker-base-images:release-1.0.6-02
docker-base-images:release-1.0.6-01
docker-base-images:release-1.0.6
docker-base-images:release-1.0.5-04
docker-base-images:release-1.0.5-03
docker-base-images:release-1.0.5-02
docker-base-images:release-1.0.5-01
docker-base-images:release-1.0.5
docker-base-images:release-1.0.4
docker-base-images:release-1.0.3
docker-base-images:release-1.0.2
docker-base-images:release-1.0.1
docker-base-images:release-1.0.0

9 Commits
release-1. ... master

Author SHA1 Message Date
amorozov
d3b12408a6 updated README.md
All checks were successful
GIT.TSWF.IO/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head This commit looks good
Details
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head This commit looks good
Details
2025-03-03 04:34:55 +03:00
amorozov
df3d2924d9 updated Dockerfile
All checks were successful
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head This commit looks good
Details
2025-03-03 04:19:27 +03:00
amorozov
cefcb44095 updated Dockerfile
Some checks failed
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head There was a failure building this commit
Details
2025-03-03 04:18:28 +03:00
amorozov
9b77b744e0 updated Dockerfile
Some checks failed
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head There was a failure building this commit
Details
2025-03-03 04:16:50 +03:00
amorozov
e260864a84 updated entrypoint
All checks were successful
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head This commit looks good
Details
2025-03-03 04:12:40 +03:00
amorozov
44c51a62e5 feature: allow to connect as root
All checks were successful
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head This commit looks good
Details
2025-03-03 04:08:14 +03:00
amorozov
02f3aec625 chore: debug setup-sshd
Some checks failed
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head There was a failure building this commit
Details
2025-03-03 03:16:53 +03:00
amorozov
7995151a4d chore: debug Jenkinsfile
All checks were successful
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head This commit looks good
Details
2025-03-03 03:10:34 +03:00
amorozov
137b16af8f chore: debug Jenkinsfile
Some checks failed
Gitea/docker-base-images/jenkins-ssh-agent-jdk17-dind/pipeline/head There was a failure building this commit
Details
2025-03-03 02:58:37 +03:00
4 changed files with 20 additions and 6 deletions
Show Stats Expand all files Collapse all files

3
Dockerfile
View File

@ -100,7 +100,7 @@ RUN apk add --no-cache \
# setup SSH server # setup SSH server
RUN sed -i /etc/ssh/sshd_config \ RUN sed -i /etc/ssh/sshd_config \
-e 's/#PermitRootLogin.*/PermitRootLogin no/' \ -e 's/#PermitRootLogin.*/PermitRootLogin yes/' \
-e 's/#PasswordAuthentication.*/PasswordAuthentication no/' \ -e 's/#PasswordAuthentication.*/PasswordAuthentication no/' \
-e 's/#SyslogFacility.*/SyslogFacility AUTH/' \ -e 's/#SyslogFacility.*/SyslogFacility AUTH/' \
-e 's/#LogLevel.*/LogLevel INFO/' \ -e 's/#LogLevel.*/LogLevel INFO/' \
@ -121,6 +121,7 @@ WORKDIR "${JENKINS_AGENT_HOME}"
# The file path has been created earlier in the file by `mkdir -p` and we also have configured sshd so that it will # The file path has been created earlier in the file by `mkdir -p` and we also have configured sshd so that it will
# allow environment variables to be sourced (see `sed` command related to `PermitUserEnvironment`) # allow environment variables to be sourced (see `sed` command related to `PermitUserEnvironment`)
RUN echo "PATH=${PATH}" >> ${JENKINS_AGENT_HOME}/.ssh/environment RUN echo "PATH=${PATH}" >> ${JENKINS_AGENT_HOME}/.ssh/environment
RUN mkdir -p /root/.ssh/ && echo "PATH=${PATH}" >> /root/.ssh/environment
COPY setup-sshd /usr/local/bin/setup-sshd COPY setup-sshd /usr/local/bin/setup-sshd
RUN chmod a+x /usr/local/bin/setup-sshd RUN chmod a+x /usr/local/bin/setup-sshd

5
Jenkinsfile vendored
View File

@ -37,9 +37,10 @@ pipeline {
tag "${env.RELEASE_TAG_PREFIX}*" tag "${env.RELEASE_TAG_PREFIX}*"
} }
steps { steps {
sh "id"
sh "whoami" sh "whoami"
sh 'Home: $HOME' sh 'echo Home: $HOME'
sh 'awk -F: -v user=$(whoami) '$1 == user { print $6 }' /etc/passwd' sh 'awk -F: -v user=$(whoami) \'$1 == user { print $6 }\' /etc/passwd'
sh "docker login ${env.REGISTRY_HOST} -u ${env.GITEA_USER} -p ${env.GITEA_OAUTH_TOKEN}" sh "docker login ${env.REGISTRY_HOST} -u ${env.GITEA_USER} -p ${env.GITEA_OAUTH_TOKEN}"
sh "docker image push ${resolveImageName(env)}" sh "docker image push ${resolveImageName(env)}"
} }

10
README.md
View File

@ -20,7 +20,7 @@ dockerd-entrypoint.sh &
Генерируем новую пару SSH ключей. Генерируем новую пару SSH ключей.
```shell ```shell
ssh-keygen -t rsa -b 4096 -f .ssh/jenkins-ssh-agent -C "jenkins-ssh-agent"
``` ```
Желательно установить [SysBox](https://github.com/nestybox/sysbox/releases/tag/v0.6.6), без него придется делать контейнер с агентом привилегированным. Желательно установить [SysBox](https://github.com/nestybox/sysbox/releases/tag/v0.6.6), без него придется делать контейнер с агентом привилегированным.
@ -30,7 +30,7 @@ dockerd-entrypoint.sh &
version: '3.7' version: '3.7'
services: services:
jenkins-agent: jenkins-agent:
image: git.tswf.io/docker-base-images/jenkins-ssh-agent-jdk17-dind:1.0.4 image: git.tswf.io/docker-base-images/jenkins-ssh-agent-jdk17-dind:1.0.7
restart: always restart: always
# Используем, если не хотим делать контейнер привилегированным # Используем, если не хотим делать контейнер привилегированным
runtime: sysbox-runc runtime: sysbox-runc
@ -53,3 +53,9 @@ docker compose up -d
## Настройки Jenkins ## Настройки Jenkins
Смотри [описание агента](AGENT.README.md) Смотри [описание агента](AGENT.README.md)
# Использование от ROOT
Образ пропатчен для возможности запуска агента от имени ROOT. Решает сложности с запуском одноразовых docker-агентов на нашей ноде.
Просто в credentials при указании логина пишем `root`. Публичный ключ прописывается и на `jenkins`, и на него.

6
setup-sshd
View File

@ -1,4 +1,5 @@
#!/usr/bin/env bash #!/usr/bin/env bash
echo "STARTING DOCKER DAEMON AS $(id -u)"
dockerd-entrypoint.sh & dockerd-entrypoint.sh &
set -ex set -ex
@ -42,6 +43,11 @@ write_key() {
echo "$1" > "${JENKINS_AGENT_HOME}/.ssh/authorized_keys" echo "$1" > "${JENKINS_AGENT_HOME}/.ssh/authorized_keys"
chown -Rf "${ID_GROUP}" "${JENKINS_AGENT_HOME}/.ssh" chown -Rf "${ID_GROUP}" "${JENKINS_AGENT_HOME}/.ssh"
chmod 0700 -R "${JENKINS_AGENT_HOME}/.ssh" chmod 0700 -R "${JENKINS_AGENT_HOME}/.ssh"
mkdir -p "/root/.ssh"
echo "$1" > "/root/.ssh/authorized_keys"
chown -Rf root /root/.ssh
chmod 0700 -R /root/.ssh
} }
if [[ ${JENKINS_AGENT_SSH_PUBKEY} == ssh-* ]]; then if [[ ${JENKINS_AGENT_SSH_PUBKEY} == ssh-* ]]; then