From 041bc80e71c3c700ff0c01702d9ffd0885d2b75b Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 11 Jan 2019 07:31:05 +0100 Subject: CI/CD: Improve 'goso' handling for Docker and Jenkins * Inside the container user can call 'sudo' without password * Added Docker environment variables to controll the 'gosu' UID/GID --- Dockerfile | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'Dockerfile') diff --git a/Dockerfile b/Dockerfile index 4c66a15a..a76dc8b7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -123,7 +123,7 @@ RUN apt-get update && apt-get install -y \ liblua5.1-dev # Packages needed for vyos-frr -RUN sudo apt-get update && sudo apt-get install -y \ +RUN apt-get update && apt-get install -y \ texinfo \ imagemagick \ groff \ @@ -156,12 +156,9 @@ RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packe curl -K- | gzip -d > /usr/bin/packer && \ chmod +x /usr/bin/packer -COPY scripts/docker-entrypoint.sh /usr/local/bin/ -# Create vyos_bld user account and enable sudo -#RUN useradd -ms /bin/bash -u 1006 --gid users vyos_bld && \ -# usermod -aG sudo vyos_bld && \ -# echo "%sudo ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers +# Allow password-less 'sudo' for all users in group 'sudo' +RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ + chmod a+s /usr/sbin/useradd /usr/sbin/gosu /usr/sbin/usermod -#USER vyos_bld -#WORKDIR /home/vyos_bld +COPY scripts/docker-entrypoint.sh /usr/local/bin/ ENTRYPOINT ["docker-entrypoint.sh"] -- cgit v1.2.3