# For running tests, build a docker image with a passwordless sudo and a trust
# store we can manipulate.

FROM centos:6

RUN yum install -y epel-release

# Install pip, sudo and nose:
RUN yum install -y python-pip sudo
RUN pip install nose

# Add an unprivileged user:
RUN useradd --create-home --home-dir /home/lea --shell /bin/bash --groups wheel --uid 1000 lea

# Let that user sudo:
RUN sed -i.bkp -e \
      's/# %wheel\(NOPASSWD: ALL\)\?/%wheel/g' \
      /etc/sudoers

RUN mkdir -p /home/lea/certbot

# Install fake testing CA:
COPY ./tests/certs/ca/my-root-ca.crt.pem /usr/local/share/ca-certificates/
RUN update-ca-trust

# Copy code:
COPY . /home/lea/certbot/letsencrypt-auto-source

USER lea
WORKDIR /home/lea

CMD ["nosetests", "-v", "-s", "certbot/letsencrypt-auto-source/tests"]