Merge pull request #826 from jdeathe/centos-7-develop

Release changes for 2.6.0

.env.example

@@ -1,16 +1,16 @@
+ENABLE_SSHD_BOOTSTRAP=true
+ENABLE_SSHD_WRAPPER=true
 SSH_AUTHORIZED_KEYS=
-SSH_AUTOSTART_SSHD=true
-SSH_AUTOSTART_SSHD_BOOTSTRAP=true
 SSH_CHROOT_DIRECTORY=%h
 SSH_INHERIT_ENVIRONMENT=false
 SSH_PASSWORD_AUTHENTICATION=false
 SSH_SUDO=ALL=(ALL) ALL
-SSH_TIMEZONE=UTC
 SSH_USER=app-admin
 SSH_USER_FORCE_SFTP=false
 SSH_USER_HOME=/home/%u
 SSH_USER_ID=500:500
 SSH_USER_PASSWORD=
 SSH_USER_PASSWORD_HASHED=false
 SSH_USER_PRIVATE_KEY=
-SSH_USER_SHELL=/bin/bash
+SSH_USER_SHELL=/bin/bash
+SYSTEM_TIMEZONE=UTC

CHANGELOG.md

@@ -4,6 +4,37 @@
 
 Summary of release changes for Version 2 - CentOS-7
 
+### 2.6.0 - 2019-06-20
+
+- Deprecates `SSH_AUTOSTART_SSHD`, replaced with `ENABLE_SSHD_WRAPPER`.
+- Deprecates `SSH_AUTOSTART_SSHD_BOOTSTRAP`, replaced with `ENABLE_SSHD_BOOTSTRAP`.
+- Deprecates `SSH_AUTOSTART_SUPERVISOR_STDOUT`, replaced with `ENABLE_SUPERVISOR_STDOUT`.
+- Deprecates `SSH_TIMEZONE`, replaced with `SYSTEM_TIMEZONE`.
+- Updates source tag to CentOS 7.6.1810.
+- Updates supervisord to 4.0.3.
+- Updates default value of `ENABLE_SUPERVISOR_STDOUT` to false.
+- Updates `sshd-bootstrap` and `sshd-wrapper` configuration to send error log output to stderr.
+- Updates order of values in SSH/SFTP Details log output.
+- Updates bootstrap timer to use UTC date timestamps.
+- Updates bootstrap supervisord configuration file/priority to `20-sshd-bootstrap.conf`/`20`.
+- Updates wrapper supervisord configuration file/priority to `50-sshd-wrapper.conf`/`50`.
+- Adds reference to `python-setuptools` in README; removed in error.
+- Adds `inspect`, `reload` and `top` Makefile targets.
+- Adds improved lock/state file implementation in bootstrap and wrapper scripts.
+- Adds improved `clean` Makefile target; includes exited containers and dangling images.
+- Adds improved wait on bootstrap completion in wrapper script.
+- Adds `system-timezone` and `system-timezone-wrapper` to handle system time zone setup.
+- Adds system time zone validation to healthcheck.
+- Fixes port incrementation failures when installing systemd units via `scmi`.
+- Fixes etcd port registration failures when installing systemd units via `scmi` with the `--register` option.
+- Fixes binary paths in systemd unit files for compatibility with both EL and Ubuntu hosts.
+- Fixes use of printf binary instead of builtin in systemd unit files.
+- Fixes docker host connection status check in Makefile.
+- Fixes make clean error thrown when removing exited containers.
+- Removes support for long image tags (i.e. centos-7-2.x.x).
+- Removes system time zone setup from `sshd-bootstrap`.
+- Removes redundant directory test from `sshd-bootstrap`; state file ensures it's a one-shot process.
+
 ### 2.5.1 - 2019-02-28
 
 - Deprecates use of `supervisor_stdout` - the default value of `SSH_AUTOSTART_SUPERVISOR_STDOUT` will be switched to "false" in a future release.

Dockerfile

@@ -1,6 +1,6 @@
-FROM centos:7.5.1804
+FROM centos:7.6.1810
 
-ARG RELEASE_VERSION="2.5.1"
+ARG RELEASE_VERSION="2.6.0"
 
 # ------------------------------------------------------------------------------
 # - Import the RPM GPG keys for repositories
@@ -23,13 +23,18 @@ RUN rpm --rebuilddb \
 		centos-release-scl-rh \
 		epel-release \
 		https://centos7.iuscommunity.org/ius-release.rpm \
+	&& yum -y install \
+			--setopt=tsflags=nodocs \
+			--disableplugin=fastestmirror \
+		inotify-tools-3.14-8.el7 \
 		openssh-clients-7.4p1-16.el7 \
 		openssh-server-7.4p1-16.el7 \
 		openssl-1.0.2k-16.el7 \
 		python-setuptools-0.9.8-7.el7 \
 		sudo-1.8.23-3.el7 \
 		yum-plugin-versionlock-1.1.31-50.el7 \
 	&& yum versionlock add \
+		inotify-tools \
 		openssh \
 		openssh-server \
 		openssh-clients \
@@ -38,7 +43,7 @@ RUN rpm --rebuilddb \
 		yum-plugin-versionlock \
 	&& yum clean all \
 	&& easy_install \
-		'supervisor == 3.3.5' \
+		'supervisor == 4.0.3' \
 		'supervisor-stdout == 0.1.1' \
 	&& mkdir -p \
 		/var/log/supervisor/ \
@@ -81,33 +86,33 @@ RUN ln -sf \
 		-e "s~{{RELEASE_VERSION}}~${RELEASE_VERSION}~g" \
 		/etc/systemd/system/[email protected] \
 	&& chmod 644 \
-		/etc/{supervisord.conf,supervisord.d/sshd-{bootstrap,wrapper}.conf} \
+		/etc/{supervisord.conf,supervisord.d/{20-sshd-bootstrap,50-sshd-wrapper}.conf} \
 	&& chmod 700 \
-		/usr/{bin/healthcheck,sbin/{scmi,sshd-{bootstrap,wrapper}}}
+		/usr/{bin/healthcheck,sbin/{scmi,sshd-{bootstrap,wrapper},system-{timezone,timezone-wrapper}}}
 
 EXPOSE 22
 
 # ------------------------------------------------------------------------------
 # Set default environment variables
 # ------------------------------------------------------------------------------
 ENV \
+	ENABLE_SSHD_BOOTSTRAP="true" \
+	ENABLE_SSHD_WRAPPER="true" \
+	ENABLE_SUPERVISOR_STDOUT="false" \
 	SSH_AUTHORIZED_KEYS="" \
-	SSH_AUTOSTART_SSHD="true" \
-	SSH_AUTOSTART_SSHD_BOOTSTRAP="true" \
-	SSH_AUTOSTART_SUPERVISOR_STDOUT="true" \
 	SSH_CHROOT_DIRECTORY="%h" \
 	SSH_INHERIT_ENVIRONMENT="false" \
 	SSH_PASSWORD_AUTHENTICATION="false" \
 	SSH_SUDO="ALL=(ALL) ALL" \
-	SSH_TIMEZONE="UTC" \
 	SSH_USER="app-admin" \
 	SSH_USER_FORCE_SFTP="false" \
 	SSH_USER_HOME="/home/%u" \
 	SSH_USER_ID="500:500" \
 	SSH_USER_PASSWORD="" \
 	SSH_USER_PASSWORD_HASHED="false" \
 	SSH_USER_PRIVATE_KEY="" \
-	SSH_USER_SHELL="/bin/bash"
+	SSH_USER_SHELL="/bin/bash" \
+	SYSTEM_TIMEZONE="UTC"
 
 # ------------------------------------------------------------------------------
 # Set image metadata
@@ -140,7 +145,7 @@ jdeathe/centos-ssh:${RELEASE_VERSION} \
 	org.deathe.license="MIT" \
 	org.deathe.vendor="jdeathe" \
 	org.deathe.url="https://github.com/jdeathe/centos-ssh" \
-	org.deathe.description="CentOS-7 7.5.1804 x86_64 - SCL, EPEL and IUS Repositories / Supervisor / OpenSSH."
+	org.deathe.description="CentOS-7 7.6.1810 x86_64 - SCL, EPEL and IUS Repositories / Supervisor / OpenSSH."
 
 HEALTHCHECK \
 	--interval=1s \