DockerCLI/dockerfiles/Dockerfile.e2e

ARG GO_VERSION=1.19.10

# Use Debian based image as docker-compose requires glibc.
FROM golang:${GO_VERSION}-buster

RUN apt-get update && apt-get install -y \
    build-essential \
    curl \
    openssl \
    openssh-client \
    && rm -rf /var/lib/apt/lists/*

ARG COMPOSE_VERSION=1.29.2
RUN curl -fsSL https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose \
    && chmod +x /usr/local/bin/docker-compose

ARG NOTARY_VERSION=v0.6.1
RUN curl -fsSL https://github.com/theupdateframework/notary/releases/download/${NOTARY_VERSION}/notary-Linux-amd64 -o /usr/local/bin/notary \
    && chmod +x /usr/local/bin/notary

ARG GOTESTSUM_VERSION=1.8.2
RUN curl -fsSL https://github.com/gotestyourself/gotestsum/releases/download/v${GOTESTSUM_VERSION}/gotestsum_${GOTESTSUM_VERSION}_linux_amd64.tar.gz -o gotestsum.tar.gz \
    && tar -xf gotestsum.tar.gz gotestsum \
    && mv gotestsum /usr/local/bin/gotestsum \
    && rm gotestsum.tar.gz 

ENV CGO_ENABLED=0 \
    DISABLE_WARN_OUTSIDE_CONTAINER=1 \
    PATH=/go/src/github.com/docker/cli/build:$PATH
WORKDIR /go/src/github.com/docker/cli

# Trust notary CA cert.
COPY e2e/testdata/notary/root-ca.cert /usr/share/ca-certificates/notary.cert
RUN echo 'notary.cert' >> /etc/ca-certificates.conf && update-ca-certificates

COPY . .
ARG VERSION
ARG GITCOMMIT
ENV VERSION=${VERSION}
ENV GITCOMMIT=${GITCOMMIT}
ENV DOCKER_BUILDKIT=1
RUN ./scripts/build/binary
RUN ./scripts/build/plugins e2e/cli-plugins/plugins/*

CMD ./scripts/test/e2e/entry
[20.10] update go to go1.19.10 go1.19.10 (released 2023-06-06) includes four security fixes to the cmd/go and runtime packages, as well as bug fixes to the compiler, the go command, and the runtime. See the Go 1.19.10 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.19.10+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.19.9...go1.19.10 These minor releases include 3 security fixes following the security policy: - cmd/go: cgo code injection The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via "go get", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected). Thanks to Juho Nurminen of Mattermost for reporting this issue. This is CVE-2023-29402 and Go issue https://go.dev/issue/60167. - runtime: unexpected behavior of setuid/setgid binaries The Go runtime didn't act any differently when a binary had the setuid/setgid bit set. On Unix platforms, if a setuid/setgid binary was executed with standard I/O file descriptors closed, opening any files could result in unexpected content being read/written with elevated prilieges. Similarly if a setuid/setgid program was terminated, either via panic or signal, it could leak the contents of its registers. Thanks to Vincent Dehors from Synacktiv for reporting this issue. This is CVE-2023-29403 and Go issue https://go.dev/issue/60272. - cmd/go: improper sanitization of LDFLAGS The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Thanks to Juho Nurminen of Mattermost for reporting this issue. This is CVE-2023-29404 and CVE-2023-29405 and Go issues https://go.dev/issue/60305 and https://go.dev/issue/60306. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-06-20 19:20:04 -04:00			`ARG GO_VERSION=1.19.10`
Add engine commands built on containerd This new collection of commands supports initializing a local engine using containerd, updating that engine, and activating the EE product Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com> 2018-03-19 18:56:51 -04:00
Make e2e test image - Build image that contains everything needed to run e2e tests - Add ability to run e2e tests against an endpoint Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2018-05-17 07:11:59 -04:00			`# Use Debian based image as docker-compose requires glibc.`
Update Golang 1.13.8 Also pinning the e2e image to the "buster" variant, which is what's currently used, but making it explicit. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-02-26 05:16:35 -05:00			`FROM golang:${GO_VERSION}-buster`
Make e2e test image - Build image that contains everything needed to run e2e tests - Add ability to run e2e tests against an endpoint Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2018-05-17 07:11:59 -04:00
			`RUN apt-get update && apt-get install -y \`
			`build-essential \`
			`curl \`
			`openssl \`
connhelper: add e2e Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp> 2018-09-06 01:38:01 -04:00			`openssh-client \`
Make e2e test image - Build image that contains everything needed to run e2e tests - Add ability to run e2e tests against an endpoint Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2018-05-17 07:11:59 -04:00			`&& rm -rf /var/lib/apt/lists/*`

e2e: update docker-compose to 1.29.2 Newer versions have COMPOSE_DOCKER_CLI_BUILD enabled by default, so removing that env-var. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 524e3b215dc92119194b5ebe47a95720ca8f78c7) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-06-09 08:07:58 -04:00			`ARG COMPOSE_VERSION=1.29.2`
Dockerfile.e2e: don't show progress, force TLS, and follow redirects Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-02-13 08:49:21 -05:00			RUN curl -fsSL https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose \
Make e2e test image - Build image that contains everything needed to run e2e tests - Add ability to run e2e tests against an endpoint Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2018-05-17 07:11:59 -04:00			`&& chmod +x /usr/local/bin/docker-compose`

			`ARG NOTARY_VERSION=v0.6.1`
Dockerfile.e2e: don't show progress, force TLS, and follow redirects Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-02-13 08:49:21 -05:00			`RUN curl -fsSL https://github.com/theupdateframework/notary/releases/download/${NOTARY_VERSION}/notary-Linux-amd64 -o /usr/local/bin/notary \`
Make e2e test image - Build image that contains everything needed to run e2e tests - Add ability to run e2e tests against an endpoint Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2018-05-17 07:11:59 -04:00			`&& chmod +x /usr/local/bin/notary`

update gotestsum to v1.8.2 release notes: https://github.com/gotestyourself/gotestsum/releases/tag/v1.8.2 - Show shuffle seed - Update tests, and cleanup formats - Update dependencies - Test against go1.19, remove go1.15 - Add project name to junit.xml output - Adding in support for s390x and ppc64le full diff: https://github.com/gotestyourself/gotestsum/compare/v1.8.1...v1.8.2 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 700099159c70f396e76adca0ca832c864a138490) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2022-11-17 11:10:59 -05:00			`ARG GOTESTSUM_VERSION=1.8.2`
Dockerfile.e2e: don't show progress, force TLS, and follow redirects Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-02-13 08:49:21 -05:00			`RUN curl -fsSL https://github.com/gotestyourself/gotestsum/releases/download/v${GOTESTSUM_VERSION}/gotestsum_${GOTESTSUM_VERSION}_linux_amd64.tar.gz -o gotestsum.tar.gz \`
Use gotest.tools/gotestsum binary to run unit and e2e tests and simplify the output. Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com> 2019-01-24 11:53:42 -05:00			`&& tar -xf gotestsum.tar.gz gotestsum \`
			`&& mv gotestsum /usr/local/bin/gotestsum \`
			`&& rm gotestsum.tar.gz`

Make e2e test image - Build image that contains everything needed to run e2e tests - Add ability to run e2e tests against an endpoint Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2018-05-17 07:11:59 -04:00			`ENV CGO_ENABLED=0 \`
			`DISABLE_WARN_OUTSIDE_CONTAINER=1 \`
			`PATH=/go/src/github.com/docker/cli/build:$PATH`
			`WORKDIR /go/src/github.com/docker/cli`

			`# Trust notary CA cert.`
			`COPY e2e/testdata/notary/root-ca.cert /usr/share/ca-certificates/notary.cert`
			`RUN echo 'notary.cert' >> /etc/ca-certificates.conf && update-ca-certificates`

			`COPY . .`
			`ARG VERSION`
			`ARG GITCOMMIT`
Dockerfile.e2e: update compose v1.25.1, enable buildkit Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-01-15 12:41:44 -05:00			`ENV VERSION=${VERSION}`
			`ENV GITCOMMIT=${GITCOMMIT}`
			`ENV DOCKER_BUILDKIT=1`
Make e2e test image - Build image that contains everything needed to run e2e tests - Add ability to run e2e tests against an endpoint Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2018-05-17 07:11:59 -04:00			`RUN ./scripts/build/binary`
Add some simple e2e tests for executing CLI plugins To help with this add a bad plugin which produces invalid metadata and arrange for it to be built in the e2e container. Signed-off-by: Ian Campbell <ijc@docker.com> 2018-12-11 09:15:04 -05:00			`RUN ./scripts/build/plugins e2e/cli-plugins/plugins/*`
Make e2e test image - Build image that contains everything needed to run e2e tests - Add ability to run e2e tests against an endpoint Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2018-05-17 07:11:59 -04:00
			`CMD ./scripts/test/e2e/entry`