commit 36c74e29a8fe5e6d946272b2554ab7a65e1285b9
author Leonardo Sandoval <leonardo.sandoval@linaro.org> Wed Jan 05 11:26:55 2022 -0600
committer Leonardo Sandoval <leonardo.sandoval@linaro.org> Wed Jan 05 12:04:00 2022 -0600
tree 88e65d19e3ee7489873eb1d942cce41f99bdba9f
parent 4cb535c2151ea4b288258864340da2ccbaa46ec9

Include ssh into mbedtls host image

Signed-off-by: Leonardo Sandoval <leonardo.sandoval@linaro.org>
Change-Id: Id4fe95f0108ec22b5926ada19421be9cc498286d

focal-amd64-mbed-tls-host/Dockerfile

diff --git a/focal-amd64-mbed-tls-host/Dockerfile b/focal-amd64-mbed-tls-host/Dockerfile
index 9a97072..ddb72a2 100644
--- a/focal-amd64-mbed-tls-host/Dockerfile
+++ b/focal-amd64-mbed-tls-host/Dockerfile
@@ -8,6 +8,7 @@
     gnupg \
     lsb-release \
     openjdk-8-jre-headless \
+    openssh-server \
     python3 \
     python3-venv \
     sudo \
@@ -23,19 +24,26 @@
 # Can be overriden at build time
 ARG BUILDSLAVE_PASSWORD=buildslave
 
+COPY setup-sshd /usr/sbin/setup-sshd
+
 RUN set -e ;\
-    apt-get -yq update ;\
-    apt-get -yq install ${PKG_DEPS} ;\
+    echo 'locales locales/locales_to_be_generated multiselect C.UTF-8 UTF-8, en_US.UTF-8 UTF-8 ' | debconf-set-selections ;\
+    echo 'locales locales/default_environment_locale select en_US.UTF-8' | debconf-set-selections ;\
+    apt update -q=2 ;\
+    apt dist-upgrade -q=2 --yes ;\
+    apt install -q=2 --yes --no-install-recommends ${PKG_DEPS} ;\
     curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg ;\
     echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
 	$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null ;\
-    apt-get update ;\
-    apt-get install -yq ${DOCKER_PKGS_DEPS} ;\
+    apt update -q=2 ;\
+    apt install -q=2 --yes --no-install-recommends ${DOCKER_PKG_DEPS} ;\
     # Setup buildslave user for Jenkins
     useradd -m -s /bin/bash buildslave ;\
     echo "buildslave:$BUILDSLAVE_PASSWORD" | chpasswd ;\
     echo 'buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins ;\
     chmod 0440 /etc/sudoers.d/jenkins ;\
-    groupadd docker ;\
     usermod -aG docker buildslave ;\
     ln -s $(which python3) /usr/bin/python
+
+EXPOSE 22
+ENTRYPOINT ["/usr/sbin/setup-sshd"]

focal-amd64-mbed-tls-host/setup-sshd

diff --git a/focal-amd64-mbed-tls-host/setup-sshd b/focal-amd64-mbed-tls-host/setup-sshd
new file mode 100755
index 0000000..b0a5ed5
--- /dev/null
+++ b/focal-amd64-mbed-tls-host/setup-sshd
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+export HOME=/home/buildslave
+
+[ -z "${JENKINS_SLAVE_SSH_PUBKEY}" ] || {
+  mkdir ${HOME}/.ssh
+  echo "${JENKINS_SLAVE_SSH_PUBKEY}" > ${HOME}/.ssh/authorized_keys
+  chown -R buildslave:buildslave ${HOME}/.ssh
+  chmod 0700 -R ${HOME}/.ssh
+}
+
+exec /usr/sbin/sshd -D