Optional usage of ssh keys

Dockerfile

@@ -8,9 +8,9 @@ RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.n
 
 RUN /usr/sbin/sshd-keygen \
  && useradd -m -d /home/jenkins -s /bin/bash jenkins \
- && echo "jenkins:jenkins" | chpasswd \
  && sed -i '/root\tALL=/a jenkins ALL=(ALL) NOPASSWD: ALL' /etc/sudoers
 
 EXPOSE 22
 
-CMD ["/usr/sbin/sshd", "-D"]
+COPY docker-entry.sh /
+CMD ["/docker-entry.sh", "/usr/sbin/sshd", "-D"]

README.md

@@ -14,14 +14,31 @@ In Jenkins:
 
 * for example with *Docker Plugin*
 
-Credentials:
+## Simple way
 
-* jenkins/jenkins
+Initial password is created during start, but only if */context/.ssh* directory is not found locally:
 
-Manual launch:
+* user: **jenkins**
+* password: **jenkins**
+
+Steps:
+
+    docker pull valtri/docker-jenkins-centos
+    docker run -itd --name jenkins-centos valtri/docker-jenkins-centos
+
+## Recommended way
+
+Access using ssh keys and no password will be created.
+
+Steps:
+
+	ssh-keygen -t rsa -f jenkins_node
+	mkdir -p context/.ssh
+	#SELinux: chcon -Rt svirt_sandbox_file_t context/
+	cp -p jenkins_node.pub context/.ssh/authorized_keys
 
     docker pull valtri/docker-jenkins-centos
-    docker run -itd --name jenkins-contos valtri/docker-jenkins-centos
+    docker run -itd --name jenkins-centos --volume `pwd`/context:/context:ro valtri/docker-jenkins-centos
 
 # Tags
 

docker-entry.sh

@@ -0,0 +1,16 @@
+#! /bin/bash -e
+
+if ! test -d ~jenkins/.ssh; then
+	if test -d /context -a -d /context/.ssh; then
+		cp -va /context/.ssh ~jenkins/
+	else
+		mkdir ~jenkins/.ssh
+		echo "Settings jenkins password"
+		echo "jenkins:jenkins" | chpasswd
+	fi
+
+	chmod 0700 ~jenkins/.ssh
+	chown -R jenkins:jenkins ~jenkins/.ssh
+fi
+
+exec "$@"