RANGER-5365:Add test users into Ranger Docker Base Image (#6)

rameeshm · Ramesh Mani · web-flow · commit de9303fec7f4 · 2026-01-01T21:56:27.000-08:00
* RANGER-5365:Add test users into Ranger Docker Base Image Signed-off-by: Ramesh Mani <rmani@apache.org> * RANGER-5365:Add test users into Ranger Docker Base Image - co-pilot review fix * RANGER-5365:Add test users into Ranger Docker Base Image -review comment fix * RANGER-5365:Add test users into Ranger Docker Base Image -build issue fix * RANGER-5365:Add test users into Ranger Docker Base Image -build issue fix2 --------- Signed-off-by: Ramesh Mani <rmani@apache.org> Co-authored-by: Ramesh Mani <rmani@apache.org>
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -47,23 +47,16 @@ ENV RANGER_SCRIPTS=/home/ranger/scripts
 ENV RANGER_HOME=/opt/ranger
 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
 
-# setup groups, users, directories
-RUN groupadd ranger \
-    && for u in ranger rangeradmin rangerusersync rangertagsync rangerkms; do \
-      useradd -g ranger -ms /bin/bash $u; \
-    done
-
-RUN groupadd hadoop \
-    && for u in hdfs yarn hive hbase kafka ozone; do \
-      useradd -g hadoop -ms /bin/bash $u; \
-    done
-
-RUN groupadd knox \
-    && useradd -g knox -ms /bin/bash knox
-
-# setup directories
+# create directories and setup perms
 RUN mkdir -p /home/ranger/dist /home/ranger/scripts /opt/ranger && \
-    chown -R ranger:ranger /home/ranger /opt/ranger && \
     chmod +rx /home/ranger /home/ranger/dist /home/ranger/scripts
 
+# setup groups and users
+COPY docker/create_users_and_groups.sh ${RANGER_SCRIPTS}
+RUN chmod +x /home/ranger/scripts/create_users_and_groups.sh && \
+    ./home/ranger/scripts/create_users_and_groups.sh
+
+# change ownerships
+RUN chown -R ranger:ranger /home/ranger /opt/ranger
+
 ENTRYPOINT [ "/bin/bash" ]
diff --git a/docker/create_users_and_groups.sh b/docker/create_users_and_groups.sh
@@ -0,0 +1,90 @@
+#!/bin/bash
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Script to create users and groups in ranger containers
+# This script is designed to be run during container initialization
+
+set -e
+
+# General-purpose function to create a group if it doesn't exist.
+create_group_if_not_exists() {
+    local groupname=$1
+
+    if ! getent group "$groupname" &>/dev/null; then
+        echo "Creating group: $groupname"
+        groupadd "$groupname"
+        echo "Group $groupname created successfully"
+    else
+        echo "Group $groupname already exists"
+    fi
+}
+
+# General-purpose function to create a user if it doesn't exist.
+create_user_if_not_exists() {
+    local username=$1
+    local home_dir=$2
+    local primary_group=$3
+
+    if ! id "$username" &>/dev/null; then
+        echo "Creating user: $username"
+        useradd -g "$primary_group" -m -d "$home_dir" -s /bin/bash "$username"
+
+        # Set a default password
+        echo "$username:$username" | chpasswd
+
+        echo "User $username created successfully"
+    else
+        echo "User $username already exists"
+    fi
+}
+
+# Function to create users and groups if not exist
+create_users_and_groups() {
+    local group_name=$1
+    local users=$2
+
+    echo "Creating group '$group_name' with users: $users"
+
+    # Create group and users
+    create_group_if_not_exists "$group_name"
+    for u in $users; do
+        create_user_if_not_exists "$u" "/home/$u" "$group_name"
+    done
+}
+
+# Main function to create all users and groups if not exist
+create_all_users_and_groups() {
+    echo "Starting user and group creation..."
+
+    # Create ranger group and users
+    create_users_and_groups "ranger" "ranger rangeradmin rangerusersync rangertagsync rangerkms rangerauditserver"
+
+    # Create hadoop group and users
+    create_users_and_groups "hadoop" "hdfs yarn hive hbase kafka ozone"
+
+    # Create knox group and user
+    create_users_and_groups "knox" "knox"
+
+    # Create test users in test group
+    create_users_and_groups "testgroup" "testuser1 testuser2 testuser3"
+
+    echo "User and group creation completed successfully..."
+}
+
+# Execute the main function
+create_all_users_and_groups
