Skip to content

try to bump kitchen docker #872

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
tbavelier wants to merge 4 commits into from
Closed

try to bump kitchen docker #872

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1fc0c98
try to bump kitchen docker
tbavelier Oct 3, 2025
105b6c4
test
tbavelier Oct 3, 2025
7b49117
test
tbavelier Oct 3, 2025
04d6f5c
test
tbavelier Oct 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ group :development do
gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
gem "bcrypt_pbkdf", '= 1.0.1', require: false
gem "kitchen-puppet"
gem "kitchen-docker", '~> 3.0.0', require: false
gem "kitchen-docker", '>= 3.0', '< 4.0', require: false
gem "kitchen-verifier-serverspec"
gem "rexml", '~> 3.4.0', require: false
gem "mixlib-shellout", "~> 2.2.7", platforms: [:ruby]
Expand Down
27 changes: 15 additions & 12 deletions Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,10 @@ GEM
aws-sigv4 (~> 1.5)
aws-sigv4 (1.11.0)
aws-eventstream (~> 1, >= 1.0.2)
base64 (0.2.0)
base64 (0.3.0)
bcrypt_pbkdf (1.0.1)
bcrypt_pbkdf (1.0.1-x64-mingw32)
bigdecimal (3.1.9)
bigdecimal (3.2.3)
bindata (2.5.0)
bolt (4.0.0)
CFPropertyList (>= 2.2)
Expand All @@ -50,7 +50,7 @@ GEM
winrm (~> 2.0)
winrm-fs (~> 1.3)
builder (3.3.0)
chef-utils (18.6.2)
chef-utils (18.8.11)
concurrent-ruby
coderay (1.1.3)
colored2 (3.1.2)
Expand All @@ -69,7 +69,7 @@ GEM
excon (>= 0.64.0)
multi_json
domain_name (0.6.20240107)
ed25519 (1.3.0)
ed25519 (1.4.0)
erubi (1.13.1)
excon (1.2.3)
facter (4.10.0)
Expand All @@ -91,7 +91,7 @@ GEM
net-http-persistent (>= 4.0.4, < 5)
fast_gettext (2.4.0)
prime
ffi (1.17.1)
ffi (1.17.2)
forwardable (1.3.3)
getoptlong (0.2.1)
gettext (3.5.1)
Expand All @@ -118,7 +118,8 @@ GEM
http-accept (1.7.0)
http-cookie (1.0.8)
domain_name (~> 0.5)
httpclient (2.8.3)
httpclient (2.9.0)
mutex_m
io-console (0.7.2)
jgrep (1.5.4)
jmespath (1.6.2)
Expand Down Expand Up @@ -174,7 +175,8 @@ GEM
mocha (2.7.1)
ruby2_keywords (>= 0.0.5)
molinillo (0.8.0)
multi_json (1.15.0)
multi_json (1.17.0)
mutex_m (0.3.0)
net-http (0.6.0)
uri
net-http-persistent (4.0.5)
Expand Down Expand Up @@ -332,7 +334,7 @@ GEM
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
retryable (3.0.5)
rexml (3.4.1)
rexml (3.4.4)
rgen (0.10.2)
rspec (3.13.0)
rspec-core (~> 3.13.0)
Expand Down Expand Up @@ -423,10 +425,10 @@ GEM
table_print (1.5.7)
terminal-table (3.0.2)
unicode-display_width (>= 1.1.1, < 3)
test-kitchen (3.7.0)
test-kitchen (3.7.2)
bcrypt_pbkdf (~> 1.0)
chef-utils (>= 16.4.35)
ed25519 (~> 1.2)
ed25519 (~> 1.3)
license-acceptance (>= 1.0.11, < 3.0)
mixlib-install (~> 3.6)
mixlib-shellout (>= 1.2, < 4.0)
Expand Down Expand Up @@ -506,6 +508,7 @@ GEM

PLATFORMS
arm64-darwin-22
arm64-darwin-23
arm64-darwin-24
x64-mingw32
x86_64-linux
Expand All @@ -518,7 +521,7 @@ DEPENDENCIES
facterdb (~> 3.4.0)
io-console (= 0.7.2)
json (= 2.6.3)
kitchen-docker (~> 3.0.0)
kitchen-docker (>= 3.0, < 4.0)
kitchen-puppet
kitchen-verifier-serverspec
librarian-puppet (~> 5.0)
Expand All @@ -545,4 +548,4 @@ DEPENDENCIES
voxpupuli-puppet-lint-plugins (~> 5.0)

BUNDLED WITH
2.4.13
2.4.10
2 changes: 2 additions & 0 deletions kitchen.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ platforms:
- name: centos-stream9-puppet-8
driver:
image: 'datadog/docker-library:chef_kitchen_systemd_centos_9'
dockerfile: 'kitchen/dockerfiles/centos9.Dockerfile'
platform: centosstream
docker_platform: linux/amd64
privileged: true
Expand Down Expand Up @@ -106,6 +107,7 @@ platforms:
- name: rocky-9-puppet-8
driver:
image: 'datadog/docker-library:chef_kitchen_systemd_rocky_9'
dockerfile: 'kitchen/dockerfiles/rocky9.Dockerfile'
platform: rhel # kitchen-docker has issues installing packages otherwises
docker_platform: linux/amd64
privileged: true
Expand Down
29 changes: 29 additions & 0 deletions kitchen/dockerfiles/centos9.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
FROM datadog/docker-library:chef_kitchen_systemd_centos_9

# Base packages needed for SSH access from kitchen
RUN yum clean all && \
yum install -y sudo openssh-server openssh-clients which

# Generate supported SSH host keys (skip DSA which is removed in OpenSSH 9+)
RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ''
RUN [ -f "/etc/ssh/ssh_host_ecdsa_key" ] || ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -N ''
RUN [ -f "/etc/ssh/ssh_host_ed25519_key" ] || ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ''

# Inject Kitchen's public key for SSH access (driver provides insecure_key.pub in build context)
ADD insecure_key.pub /tmp/insecure_key.pub
RUN mkdir -p /root/.ssh && chmod 700 /root/.ssh && \
touch /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys && \
cat /tmp/insecure_key.pub >> /root/.ssh/authorized_keys

# Create the kitchen user if missing (kept for parity with default kitchen-docker behavior)
RUN if ! getent passwd kitchen; then \
useradd -d /home/kitchen -m -s /bin/bash -p '*' kitchen; \
fi

# Allow SSH key login for the kitchen user as well
RUN mkdir -p /home/kitchen/.ssh && chmod 700 /home/kitchen/.ssh && \
touch /home/kitchen/.ssh/authorized_keys && chmod 600 /home/kitchen/.ssh/authorized_keys && \
cat /tmp/insecure_key.pub >> /home/kitchen/.ssh/authorized_keys && \
chown -R kitchen:kitchen /home/kitchen/.ssh


29 changes: 29 additions & 0 deletions kitchen/dockerfiles/rocky9.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
FROM datadog/docker-library:chef_kitchen_systemd_rocky_9

# Base packages needed for SSH access from kitchen
RUN yum clean all && \
yum install -y sudo openssh-server openssh-clients which

# Generate supported SSH host keys (skip DSA which is removed in OpenSSH 9+)
RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ''
RUN [ -f "/etc/ssh/ssh_host_ecdsa_key" ] || ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -N ''
RUN [ -f "/etc/ssh/ssh_host_ed25519_key" ] || ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ''

# Inject Kitchen's public key for SSH access (driver provides insecure_key.pub in build context)
ADD insecure_key.pub /tmp/insecure_key.pub
RUN mkdir -p /root/.ssh && chmod 700 /root/.ssh && \
touch /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys && \
cat /tmp/insecure_key.pub >> /root/.ssh/authorized_keys

# Create the kitchen user if missing (kept for parity with default kitchen-docker behavior)
RUN if ! getent passwd kitchen; then \
useradd -d /home/kitchen -m -s /bin/bash -p '*' kitchen; \
fi

# Allow SSH key login for the kitchen user as well
RUN mkdir -p /home/kitchen/.ssh && chmod 700 /home/kitchen/.ssh && \
touch /home/kitchen/.ssh/authorized_keys && chmod 600 /home/kitchen/.ssh/authorized_keys && \
cat /tmp/insecure_key.pub >> /home/kitchen/.ssh/authorized_keys && \
chown -R kitchen:kitchen /home/kitchen/.ssh


Loading