diff options
| author | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2018-05-11 12:29:59 +0000 |
|---|---|---|
| committer | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2018-05-11 12:31:36 +0000 |
| commit | 702513b895ce183dce59becc8fae6ebb085e43a2 (patch) | |
| tree | df9099f6192f2b2160d4ff879d41a18a94c065b2 | |
| parent | 4f37117e32a4d6b8d915e6b95c9cab0994436539 (diff) | |
tcwg-build: Add new script new-user.sh
... and use it to create users inside containers.
Change-Id: Ic00d13c30ad6e8a4a613040fa76537eec7e1ad97
| -rw-r--r-- | tcwg-base/tcwg-build/Dockerfile.in | 9 | ||||
| -rwxr-xr-x | tcwg-base/tcwg-build/build.sh | 3 | ||||
| -rwxr-xr-x | tcwg-base/tcwg-build/new-user.sh | 55 | ||||
| -rw-r--r-- | trusty-amd64-tcwg-base/trusty-amd64-tcwg-build/Dockerfile | 11 | ||||
| -rw-r--r-- | trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile | 11 | ||||
| -rw-r--r-- | trusty-armhf-tcwg-base/trusty-armhf-tcwg-build/Dockerfile | 11 | ||||
| -rw-r--r-- | trusty-i386-tcwg-base/trusty-i386-tcwg-build/Dockerfile | 11 | ||||
| -rw-r--r-- | xenial-amd64-tcwg-base/xenial-amd64-tcwg-build/Dockerfile | 11 | ||||
| -rw-r--r-- | xenial-arm64-tcwg-base/xenial-arm64-tcwg-build/Dockerfile | 11 | ||||
| -rw-r--r-- | xenial-armhf-tcwg-base/xenial-armhf-tcwg-build/Dockerfile | 11 | ||||
| -rw-r--r-- | xenial-i386-tcwg-base/xenial-i386-tcwg-build/Dockerfile | 11 |
11 files changed, 101 insertions, 54 deletions
diff --git a/tcwg-base/tcwg-build/Dockerfile.in b/tcwg-base/tcwg-build/Dockerfile.in index 5d620d23..39ef4f39 100644 --- a/tcwg-base/tcwg-build/Dockerfile.in +++ b/tcwg-base/tcwg-build/Dockerfile.in @@ -1,10 +1,9 @@ FROM linaro/ci-#{ARCH}-tcwg-base-ubuntu:#{DISTRO} -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave diff --git a/tcwg-base/tcwg-build/build.sh b/tcwg-base/tcwg-build/build.sh index 8624b7fd..99795026 100755 --- a/tcwg-base/tcwg-build/build.sh +++ b/tcwg-base/tcwg-build/build.sh @@ -6,7 +6,7 @@ trap cleanup_exit INT TERM EXIT cleanup_exit() { - rm -rf tcwg-buildslave tcwg-benchmark + rm -rf new-user.sh tcwg-buildslave tcwg-benchmark } export LANG=C @@ -16,6 +16,7 @@ name=$(basename ${PWD} | cut -f3- -d '-') image=linaro/ci-${arch}-${name}-ubuntu:${distro} top=$(git rev-parse --show-toplevel) +cp $top/tcwg-base/tcwg-build/new-user.sh ./ rsync -a $top/tcwg-base/tcwg-build/tcwg-buildslave/ ./tcwg-buildslave/ rsync -a $top/tcwg-base/tcwg-build/tcwg-benchmark/ ./tcwg-benchmark/ diff --git a/tcwg-base/tcwg-build/new-user.sh b/tcwg-base/tcwg-build/new-user.sh new file mode 100755 index 00000000..ff191814 --- /dev/null +++ b/tcwg-base/tcwg-build/new-user.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +set -euf -o pipefail + +usage () +{ + exit 1 +} + +group="" +key="" +user="" +verbose=false + +while [ $# -gt 0 ]; do + case "$1" in + --group) group="$2" ;; + --key) key="$2" ;; + --user) user="$2" ;; + --verbose) verbose="$2"; shift ;; + *) echo "ERROR: Wrong option: $1"; usage ;; + esac + shift 2 +done + +if $verbose; then set -x; fi + +if [ x"$group" != x"" ]; then + gid=$(echo "$group" | cut -s -d: -f 2) + group=$(echo "$group" | cut -d: -f 1) + + if [ x"$gid" != x"" ]; then + groupadd -g $gid $group + fi + + group_opt="-g $group" +else + group_opt="" +fi + +uid=$(echo "$user" | cut -s -d: -f 2) +user=$(echo "$user" | cut -d: -f 1) + +useradd -m $group_opt -G kvm ${uid:+-u $uid} $user + +sudoers_file=/etc/sudoers.d/$(echo $user | tr "." "-") +echo '$user ALL = NOPASSWD: ALL' > $sudoers_file +chmod 0440 $sudoers_file + +if [ x"$key" != x"" ] ; then + sudo -i -u $user mkdir -p /home/$user/.ssh + sudo -i -u $user chmod 0700 /home/$user/.ssh + cat "$key" | sudo -i -u $user tee /home/$user/.ssh/authorized_keys > /dev/null + sudo -i -u $user chmod 0600 /home/$user/.ssh/authorized_keys +fi diff --git a/trusty-amd64-tcwg-base/trusty-amd64-tcwg-build/Dockerfile b/trusty-amd64-tcwg-base/trusty-amd64-tcwg-build/Dockerfile index 3963ce4d..280e8c91 100644 --- a/trusty-amd64-tcwg-base/trusty-amd64-tcwg-build/Dockerfile +++ b/trusty-amd64-tcwg-base/trusty-amd64-tcwg-build/Dockerfile @@ -1,11 +1,10 @@ # Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-amd64-tcwg-base-ubuntu:trusty -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave @@ -28,4 +27,4 @@ RUN \ /var/lib/apt/lists/* \ /tmp/* \ /var/tmp/* -# checksum: e043d076e8a7fca8b61124ede2bd2461 +# checksum: 847950907becd4d2e0bb2246eed17943 diff --git a/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile b/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile index b75535f4..91ca9969 100644 --- a/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile +++ b/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile @@ -1,11 +1,10 @@ # Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-arm64-tcwg-base-ubuntu:trusty -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave @@ -16,4 +15,4 @@ RUN chown -R tcwg-buildslave:tcwg-infra /home/tcwg-buildslave/ \ && chmod 0700 /home/tcwg-buildslave/.ssh/ /home/tcwg-benchmark/.ssh/ \ && chmod 0600 /home/tcwg-buildslave/.ssh/* /home/tcwg-benchmark/.ssh/* -# checksum: 599fae0a5672c9f658bf2b0af0ab31e3 +# checksum: d46dab616715909f84717ae49d7542b9 diff --git a/trusty-armhf-tcwg-base/trusty-armhf-tcwg-build/Dockerfile b/trusty-armhf-tcwg-base/trusty-armhf-tcwg-build/Dockerfile index 91557eee..d1fbe12b 100644 --- a/trusty-armhf-tcwg-base/trusty-armhf-tcwg-build/Dockerfile +++ b/trusty-armhf-tcwg-base/trusty-armhf-tcwg-build/Dockerfile @@ -1,11 +1,10 @@ # Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-armhf-tcwg-base-ubuntu:trusty -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave @@ -16,4 +15,4 @@ RUN chown -R tcwg-buildslave:tcwg-infra /home/tcwg-buildslave/ \ && chmod 0700 /home/tcwg-buildslave/.ssh/ /home/tcwg-benchmark/.ssh/ \ && chmod 0600 /home/tcwg-buildslave/.ssh/* /home/tcwg-benchmark/.ssh/* -# checksum: 16c7b81789c72e4ca4703f9e020406a8 +# checksum: 719915c4d53c3aaff4bfb874ca144542 diff --git a/trusty-i386-tcwg-base/trusty-i386-tcwg-build/Dockerfile b/trusty-i386-tcwg-base/trusty-i386-tcwg-build/Dockerfile index 74c8557b..b559b08d 100644 --- a/trusty-i386-tcwg-base/trusty-i386-tcwg-build/Dockerfile +++ b/trusty-i386-tcwg-base/trusty-i386-tcwg-build/Dockerfile @@ -1,11 +1,10 @@ # Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-i386-tcwg-base-ubuntu:trusty -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave @@ -27,4 +26,4 @@ RUN \ /var/lib/apt/lists/* \ /tmp/* \ /var/tmp/* -# checksum: 50b70f6f0b7cf04d865d6a472c00f215 +# checksum: ba06b8439f636dc78d7968329afbf02e diff --git a/xenial-amd64-tcwg-base/xenial-amd64-tcwg-build/Dockerfile b/xenial-amd64-tcwg-base/xenial-amd64-tcwg-build/Dockerfile index 23b8fb7b..58b1c170 100644 --- a/xenial-amd64-tcwg-base/xenial-amd64-tcwg-build/Dockerfile +++ b/xenial-amd64-tcwg-base/xenial-amd64-tcwg-build/Dockerfile @@ -1,11 +1,10 @@ # Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-amd64-tcwg-base-ubuntu:xenial -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave @@ -28,4 +27,4 @@ RUN \ /var/lib/apt/lists/* \ /tmp/* \ /var/tmp/* -# checksum: 0f60af30bf7b204b2997d062f2291e04 +# checksum: c2cb73fc80affc8312b1959673d8767c diff --git a/xenial-arm64-tcwg-base/xenial-arm64-tcwg-build/Dockerfile b/xenial-arm64-tcwg-base/xenial-arm64-tcwg-build/Dockerfile index 05baa4f3..989ef31e 100644 --- a/xenial-arm64-tcwg-base/xenial-arm64-tcwg-build/Dockerfile +++ b/xenial-arm64-tcwg-base/xenial-arm64-tcwg-build/Dockerfile @@ -1,11 +1,10 @@ # Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-arm64-tcwg-base-ubuntu:xenial -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave @@ -16,4 +15,4 @@ RUN chown -R tcwg-buildslave:tcwg-infra /home/tcwg-buildslave/ \ && chmod 0700 /home/tcwg-buildslave/.ssh/ /home/tcwg-benchmark/.ssh/ \ && chmod 0600 /home/tcwg-buildslave/.ssh/* /home/tcwg-benchmark/.ssh/* -# checksum: 50d4c4360a7ee4779da324ce515f04de +# checksum: a9bb4838879761da324a80f74d713b07 diff --git a/xenial-armhf-tcwg-base/xenial-armhf-tcwg-build/Dockerfile b/xenial-armhf-tcwg-base/xenial-armhf-tcwg-build/Dockerfile index b53f1ad8..d685b29a 100644 --- a/xenial-armhf-tcwg-base/xenial-armhf-tcwg-build/Dockerfile +++ b/xenial-armhf-tcwg-base/xenial-armhf-tcwg-build/Dockerfile @@ -1,11 +1,10 @@ # Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-armhf-tcwg-base-ubuntu:xenial -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave @@ -16,4 +15,4 @@ RUN chown -R tcwg-buildslave:tcwg-infra /home/tcwg-buildslave/ \ && chmod 0700 /home/tcwg-buildslave/.ssh/ /home/tcwg-benchmark/.ssh/ \ && chmod 0600 /home/tcwg-buildslave/.ssh/* /home/tcwg-benchmark/.ssh/* -# checksum: ee083c05a3f3b2c07c38fb1dd87df413 +# checksum: 8dcea6cdeb064fe01ee369351717080c diff --git a/xenial-i386-tcwg-base/xenial-i386-tcwg-build/Dockerfile b/xenial-i386-tcwg-base/xenial-i386-tcwg-build/Dockerfile index 0d926f9b..b105a155 100644 --- a/xenial-i386-tcwg-base/xenial-i386-tcwg-build/Dockerfile +++ b/xenial-i386-tcwg-base/xenial-i386-tcwg-build/Dockerfile @@ -1,11 +1,10 @@ # Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-i386-tcwg-base-ubuntu:xenial -RUN groupadd -g 9000 tcwg-infra \ - && useradd -m -g tcwg-infra -G kvm -u 11827 tcwg-buildslave \ - && useradd -m -g tcwg-infra -G kvm -u 12326 tcwg-benchmark \ - && echo '%tcwg-infra ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \ - && chmod 0440 /etc/sudoers.d/jenkins \ +COPY new-user.sh /usr/local/bin/ + +RUN new-user.sh --user tcwg-buildslave:11827 --group tcwg-infra:9000 \ + && new-user.sh --user tcwg-benchmark:12326 --group tcwg-infra \ && mkdir -p /home/tcwg-buildslave/workspace COPY tcwg-buildslave /home/tcwg-buildslave @@ -27,4 +26,4 @@ RUN \ /var/lib/apt/lists/* \ /tmp/* \ /var/tmp/* -# checksum: dca3033a9d14f6f55c1ec182817af115 +# checksum: c4d98a96007fb76a7e5c6114053a3c87 |