From e50fdb2d08a6aab83bb59797f43a59ae5c384bd2 Mon Sep 17 00:00:00 2001 From: Moncef AOUDIA Date: Wed, 19 Jun 2024 18:03:23 +0200 Subject: [PATCH] feat: upgrade to Ubuntu 24.04 --- .github/workflows/cd.yml | 63 +++++++++++++++++++++++++++++++++++++ .github/workflows/ci.yml | 35 +++++++++++++++++++++ .github/workflows/ci_cd.yml | 29 ----------------- .gitignore | 2 ++ Dockerfile | 14 ++++----- README.md | 2 +- configure-ssh-user.sh | 14 +++++++-- 7 files changed, 119 insertions(+), 40 deletions(-) create mode 100644 .github/workflows/cd.yml create mode 100644 .github/workflows/ci.yml delete mode 100644 .github/workflows/ci_cd.yml create mode 100644 .gitignore diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 0000000..457693a --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,63 @@ +name: Docker Image Deployment + +on: + push: + branches: + - 'main' + +jobs: + docker: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: | + aoudiamoncef/ubuntu-sshd + ghcr.io/${{ github.repository }}/ubuntu-sshd + + - name: Build and push to Docker Hub + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: aoudiamoncef/ubuntu-sshd:latest + labels: ${{ steps.meta.outputs.labels }} + + - name: Build and push to GitHub Container Registry + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ghcr.io/${{ github.repository }}/ubuntu-sshd:latest + labels: ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ghcr.io/${{ github.repository }}/ubuntu-sshd + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..08268ea --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,35 @@ +name: Docker Image CI + +on: + pull_request: + branches: + - 'main' + +jobs: + build-check: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: | + aoudiamoncef/ubuntu-sshd + ghcr.io/${{ github.repository }}/ubuntu-sshd + + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: . + push: false + tags: aoudiamoncef/ubuntu-sshd:pr-${{ github.event.number }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/.github/workflows/ci_cd.yml b/.github/workflows/ci_cd.yml deleted file mode 100644 index df98e69..0000000 --- a/.github/workflows/ci_cd.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: Docker Image Deployment - -on: - push: - branches: - - 'main' - -jobs: - docker: - runs-on: ubuntu-latest - steps: - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Build and push - uses: docker/build-push-action@v5 - with: - push: true - tags: aoudiamoncef/ubuntu-sshd:latest \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9bea433 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ + +.DS_Store diff --git a/Dockerfile b/Dockerfile index 22fc7a5..7998560 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Use an official Ubuntu base image -FROM ubuntu:22.04 +FROM ubuntu:24.04 # Set environment variables to avoid interactive prompts during installation ENV DEBIAN_FRONTEND=noninteractive @@ -8,7 +8,7 @@ ENV PASSWORD=changeme # Install OpenSSH server and clean up RUN apt-get update \ - && apt-get install -y openssh-server iputils-ping telnet iproute2\ + && apt-get install -y openssh-server iputils-ping telnet iproute2 \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* @@ -16,11 +16,8 @@ RUN apt-get update \ RUN mkdir -p /run/sshd \ && chmod 755 /run/sshd -# Expose SSH port -EXPOSE 22 - -# Create the non-root user with the ability to set a password and authorized keys using environment variables -RUN useradd -ms /bin/bash $SSH_USERNAME +# Check if the user exists before trying to create it +RUN if ! id -u $SSH_USERNAME > /dev/null 2>&1; then useradd -ms /bin/bash $SSH_USERNAME; fi # Set up SSH configuration RUN mkdir -p /home/$SSH_USERNAME/.ssh && chown $SSH_USERNAME:$SSH_USERNAME /home/$SSH_USERNAME/.ssh \ @@ -31,5 +28,8 @@ RUN mkdir -p /home/$SSH_USERNAME/.ssh && chown $SSH_USERNAME:$SSH_USERNAME /home COPY configure-ssh-user.sh /usr/local/bin/ RUN chmod +x /usr/local/bin/configure-ssh-user.sh +# Expose SSH port +EXPOSE 22 + # Start SSH server CMD ["/usr/local/bin/configure-ssh-user.sh"] diff --git a/README.md b/README.md index ec68677..909fef5 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Docker Pulls](https://img.shields.io/docker/pulls/aoudiamoncef/ubuntu-sshd.svg)](https://hub.docker.com/r/aoudiamoncef/ubuntu-sshd) [![Maintenance](https://img.shields.io/badge/Maintained-Yes-green.svg)](https://github.com/aoudiamoncef/ubuntu-sshd) -This Docker image provides an Ubuntu 22.04 base with SSH server enabled. It allows you to easily create SSH-accessible containers via SSH keys or with a default username and password. +This Docker image provides an Ubuntu 24.04 base with SSH server enabled. It allows you to easily create SSH-accessible containers via SSH keys or with a default username and password. ## Usage diff --git a/configure-ssh-user.sh b/configure-ssh-user.sh index c0924bc..9da7368 100644 --- a/configure-ssh-user.sh +++ b/configure-ssh-user.sh @@ -5,15 +5,23 @@ : ${PASSWORD:=changeme} # Create the user with the provided username and set the password -useradd -ms /bin/bash $SSH_USERNAME -echo "$SSH_USERNAME:$PASSWORD" | chpasswd +if id "$SSH_USERNAME" &>/dev/null; then + echo "User $SSH_USERNAME already exists" +else + useradd -ms /bin/bash "$SSH_USERNAME" + echo "$SSH_USERNAME:$PASSWORD" | chpasswd + echo "User $SSH_USERNAME created with the provided password" +fi # Set the authorized keys from the AUTHORIZED_KEYS environment variable (if provided) if [ -n "$AUTHORIZED_KEYS" ]; then mkdir -p /home/$SSH_USERNAME/.ssh echo "$AUTHORIZED_KEYS" > /home/$SSH_USERNAME/.ssh/authorized_keys chown -R $SSH_USERNAME:$SSH_USERNAME /home/$SSH_USERNAME/.ssh + chmod 700 /home/$SSH_USERNAME/.ssh + chmod 600 /home/$SSH_USERNAME/.ssh/authorized_keys + echo "Authorized keys set for user $SSH_USERNAME" fi # Start the SSH server -/usr/sbin/sshd -D +exec /usr/sbin/sshd -D