2017-05-09 18:35:25 -04:00
|
|
|
package container
|
|
|
|
|
|
|
|
import (
|
2017-08-31 17:07:16 -04:00
|
|
|
"context"
|
2018-03-06 05:15:18 -05:00
|
|
|
"fmt"
|
2017-08-31 17:07:16 -04:00
|
|
|
"io"
|
|
|
|
"io/ioutil"
|
2017-05-09 18:35:25 -04:00
|
|
|
"os"
|
2017-08-02 20:31:32 -04:00
|
|
|
"runtime"
|
2018-12-13 16:19:46 -05:00
|
|
|
"sort"
|
2017-08-31 17:07:16 -04:00
|
|
|
"strings"
|
2017-05-09 18:35:25 -04:00
|
|
|
"testing"
|
|
|
|
|
2018-12-13 16:19:46 -05:00
|
|
|
"github.com/docker/cli/cli/config/configfile"
|
2017-08-31 17:07:16 -04:00
|
|
|
"github.com/docker/cli/internal/test"
|
2018-03-06 05:15:18 -05:00
|
|
|
"github.com/docker/cli/internal/test/notary"
|
2017-08-31 17:07:16 -04:00
|
|
|
"github.com/docker/docker/api/types"
|
|
|
|
"github.com/docker/docker/api/types/container"
|
|
|
|
"github.com/docker/docker/api/types/network"
|
2017-12-21 16:27:57 -05:00
|
|
|
"github.com/google/go-cmp/cmp"
|
2020-05-27 14:32:22 -04:00
|
|
|
specs "github.com/opencontainers/image-spec/specs-go/v1"
|
2020-02-22 12:12:14 -05:00
|
|
|
"gotest.tools/v3/assert"
|
|
|
|
is "gotest.tools/v3/assert/cmp"
|
|
|
|
"gotest.tools/v3/fs"
|
|
|
|
"gotest.tools/v3/golden"
|
2017-05-09 18:35:25 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestCIDFileNoOPWithNoFilename(t *testing.T) {
|
|
|
|
file, err := newCIDFile("")
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
2017-12-21 16:27:57 -05:00
|
|
|
assert.DeepEqual(t, &cidFile{}, file, cmp.AllowUnexported(cidFile{}))
|
2017-05-09 18:35:25 -04:00
|
|
|
|
2018-03-06 15:13:00 -05:00
|
|
|
assert.NilError(t, file.Write("id"))
|
|
|
|
assert.NilError(t, file.Close())
|
2017-05-09 18:35:25 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestNewCIDFileWhenFileAlreadyExists(t *testing.T) {
|
|
|
|
tempfile := fs.NewFile(t, "test-cid-file")
|
|
|
|
defer tempfile.Remove()
|
|
|
|
|
|
|
|
_, err := newCIDFile(tempfile.Path())
|
2017-12-21 16:27:57 -05:00
|
|
|
assert.ErrorContains(t, err, "Container ID file found")
|
2017-05-09 18:35:25 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestCIDFileCloseWithNoWrite(t *testing.T) {
|
|
|
|
tempdir := fs.NewDir(t, "test-cid-file")
|
|
|
|
defer tempdir.Remove()
|
|
|
|
|
|
|
|
path := tempdir.Join("cidfile")
|
|
|
|
file, err := newCIDFile(path)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
|
|
|
assert.Check(t, is.Equal(file.path, path))
|
2017-05-09 18:35:25 -04:00
|
|
|
|
2018-03-06 15:13:00 -05:00
|
|
|
assert.NilError(t, file.Close())
|
2017-05-09 18:35:25 -04:00
|
|
|
_, err = os.Stat(path)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, os.IsNotExist(err))
|
2017-05-09 18:35:25 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestCIDFileCloseWithWrite(t *testing.T) {
|
|
|
|
tempdir := fs.NewDir(t, "test-cid-file")
|
|
|
|
defer tempdir.Remove()
|
|
|
|
|
|
|
|
path := tempdir.Join("cidfile")
|
|
|
|
file, err := newCIDFile(path)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
2017-05-09 18:35:25 -04:00
|
|
|
|
|
|
|
content := "id"
|
2018-03-06 15:13:00 -05:00
|
|
|
assert.NilError(t, file.Write(content))
|
2017-05-09 18:35:25 -04:00
|
|
|
|
|
|
|
actual, err := ioutil.ReadFile(path)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
|
|
|
assert.Check(t, is.Equal(content, string(actual)))
|
2017-05-09 18:35:25 -04:00
|
|
|
|
2018-03-06 15:13:00 -05:00
|
|
|
assert.NilError(t, file.Close())
|
2017-05-09 18:35:25 -04:00
|
|
|
_, err = os.Stat(path)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
2017-05-09 18:35:25 -04:00
|
|
|
}
|
2017-08-31 17:07:16 -04:00
|
|
|
|
2019-03-07 07:34:26 -05:00
|
|
|
func TestCreateContainerImagePullPolicy(t *testing.T) {
|
2017-08-31 17:07:16 -04:00
|
|
|
imageName := "does-not-exist-locally"
|
|
|
|
containerID := "abcdef"
|
|
|
|
config := &containerConfig{
|
|
|
|
Config: &container.Config{
|
|
|
|
Image: imageName,
|
|
|
|
},
|
|
|
|
HostConfig: &container.HostConfig{},
|
|
|
|
}
|
|
|
|
|
2019-03-07 07:34:26 -05:00
|
|
|
cases := []struct {
|
|
|
|
PullPolicy string
|
|
|
|
ExpectedPulls int
|
|
|
|
ExpectedBody container.ContainerCreateCreatedBody
|
|
|
|
ExpectedErrMsg string
|
|
|
|
ResponseCounter int
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
PullPolicy: PullImageMissing,
|
|
|
|
ExpectedPulls: 1,
|
|
|
|
ExpectedBody: container.ContainerCreateCreatedBody{ID: containerID},
|
|
|
|
}, {
|
|
|
|
PullPolicy: PullImageAlways,
|
|
|
|
ExpectedPulls: 1,
|
|
|
|
ExpectedBody: container.ContainerCreateCreatedBody{ID: containerID},
|
|
|
|
ResponseCounter: 1, // This lets us return a container on the first pull
|
|
|
|
}, {
|
|
|
|
PullPolicy: PullImageNever,
|
|
|
|
ExpectedPulls: 0,
|
|
|
|
ExpectedErrMsg: "error fake not found",
|
2019-02-16 18:41:56 -05:00
|
|
|
},
|
|
|
|
}
|
2019-03-07 07:34:26 -05:00
|
|
|
for _, c := range cases {
|
2019-10-29 09:41:38 -04:00
|
|
|
c := c
|
2019-03-07 07:34:26 -05:00
|
|
|
pullCounter := 0
|
|
|
|
|
|
|
|
client := &fakeClient{
|
|
|
|
createContainerFunc: func(
|
|
|
|
config *container.Config,
|
|
|
|
hostConfig *container.HostConfig,
|
|
|
|
networkingConfig *network.NetworkingConfig,
|
2020-05-27 14:32:22 -04:00
|
|
|
platform *specs.Platform,
|
2019-03-07 07:34:26 -05:00
|
|
|
containerName string,
|
|
|
|
) (container.ContainerCreateCreatedBody, error) {
|
|
|
|
defer func() { c.ResponseCounter++ }()
|
|
|
|
switch c.ResponseCounter {
|
|
|
|
case 0:
|
|
|
|
return container.ContainerCreateCreatedBody{}, fakeNotFound{}
|
|
|
|
default:
|
|
|
|
return container.ContainerCreateCreatedBody{ID: containerID}, nil
|
|
|
|
}
|
|
|
|
},
|
|
|
|
imageCreateFunc: func(parentReference string, options types.ImageCreateOptions) (io.ReadCloser, error) {
|
|
|
|
defer func() { pullCounter++ }()
|
|
|
|
return ioutil.NopCloser(strings.NewReader("")), nil
|
|
|
|
},
|
|
|
|
infoFunc: func() (types.Info, error) {
|
2021-04-30 03:31:41 -04:00
|
|
|
return types.Info{IndexServerAddress: "https://indexserver.example.com"}, nil
|
2019-03-07 07:34:26 -05:00
|
|
|
},
|
|
|
|
}
|
|
|
|
cli := test.NewFakeCli(client)
|
2019-03-01 07:00:25 -05:00
|
|
|
body, err := createContainer(context.Background(), cli, config, &createOptions{
|
|
|
|
name: "name",
|
|
|
|
platform: runtime.GOOS,
|
|
|
|
untrusted: true,
|
2019-03-07 07:34:26 -05:00
|
|
|
pull: c.PullPolicy,
|
2019-03-01 07:00:25 -05:00
|
|
|
})
|
|
|
|
|
2019-03-07 07:34:26 -05:00
|
|
|
if c.ExpectedErrMsg != "" {
|
|
|
|
assert.ErrorContains(t, err, c.ExpectedErrMsg)
|
|
|
|
} else {
|
|
|
|
assert.NilError(t, err)
|
|
|
|
assert.Check(t, is.DeepEqual(c.ExpectedBody, *body))
|
|
|
|
}
|
2018-11-05 08:12:22 -05:00
|
|
|
|
2019-03-07 07:34:26 -05:00
|
|
|
assert.Check(t, is.Equal(c.ExpectedPulls, pullCounter))
|
|
|
|
}
|
|
|
|
}
|
2018-03-06 05:15:18 -05:00
|
|
|
func TestNewCreateCommandWithContentTrustErrors(t *testing.T) {
|
|
|
|
testCases := []struct {
|
|
|
|
name string
|
|
|
|
args []string
|
|
|
|
expectedError string
|
|
|
|
notaryFunc test.NotaryClientFuncType
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "offline-notary-server",
|
|
|
|
notaryFunc: notary.GetOfflineNotaryRepository,
|
|
|
|
expectedError: "client is offline",
|
|
|
|
args: []string{"image:tag"},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "uninitialized-notary-server",
|
|
|
|
notaryFunc: notary.GetUninitializedNotaryRepository,
|
|
|
|
expectedError: "remote trust data does not exist",
|
|
|
|
args: []string{"image:tag"},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "empty-notary-server",
|
|
|
|
notaryFunc: notary.GetEmptyTargetsNotaryRepository,
|
|
|
|
expectedError: "No valid trust data for tag",
|
|
|
|
args: []string{"image:tag"},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tc := range testCases {
|
2019-10-29 09:41:38 -04:00
|
|
|
tc := tc
|
2018-03-06 05:15:18 -05:00
|
|
|
cli := test.NewFakeCli(&fakeClient{
|
|
|
|
createContainerFunc: func(config *container.Config,
|
|
|
|
hostConfig *container.HostConfig,
|
|
|
|
networkingConfig *network.NetworkingConfig,
|
2020-05-27 14:32:22 -04:00
|
|
|
platform *specs.Platform,
|
2018-03-06 05:15:18 -05:00
|
|
|
containerName string,
|
|
|
|
) (container.ContainerCreateCreatedBody, error) {
|
|
|
|
return container.ContainerCreateCreatedBody{}, fmt.Errorf("shouldn't try to pull image")
|
|
|
|
},
|
|
|
|
}, test.EnableContentTrust)
|
|
|
|
cli.SetNotaryClient(tc.notaryFunc)
|
|
|
|
cmd := NewCreateCommand(cli)
|
2020-05-07 08:25:59 -04:00
|
|
|
cmd.SetOut(ioutil.Discard)
|
2018-03-06 05:15:18 -05:00
|
|
|
cmd.SetArgs(tc.args)
|
|
|
|
err := cmd.Execute()
|
|
|
|
assert.ErrorContains(t, err, tc.expectedError)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-12-13 06:59:35 -05:00
|
|
|
func TestNewCreateCommandWithWarnings(t *testing.T) {
|
|
|
|
testCases := []struct {
|
|
|
|
name string
|
|
|
|
args []string
|
|
|
|
warning bool
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "container-create-without-oom-kill-disable",
|
|
|
|
args: []string{"image:tag"},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "container-create-oom-kill-disable-false",
|
|
|
|
args: []string{"--oom-kill-disable=false", "image:tag"},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "container-create-oom-kill-without-memory-limit",
|
|
|
|
args: []string{"--oom-kill-disable", "image:tag"},
|
|
|
|
warning: true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "container-create-oom-kill-true-without-memory-limit",
|
|
|
|
args: []string{"--oom-kill-disable=true", "image:tag"},
|
|
|
|
warning: true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "container-create-oom-kill-true-with-memory-limit",
|
|
|
|
args: []string{"--oom-kill-disable=true", "--memory=100M", "image:tag"},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "container-create-localhost-dns",
|
|
|
|
args: []string{"--dns=127.0.0.11", "image:tag"},
|
|
|
|
warning: true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "container-create-localhost-dns-ipv6",
|
|
|
|
args: []string{"--dns=::1", "image:tag"},
|
|
|
|
warning: true,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tc := range testCases {
|
2019-10-29 09:41:38 -04:00
|
|
|
tc := tc
|
2018-12-13 06:59:35 -05:00
|
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
|
|
cli := test.NewFakeCli(&fakeClient{
|
|
|
|
createContainerFunc: func(config *container.Config,
|
|
|
|
hostConfig *container.HostConfig,
|
|
|
|
networkingConfig *network.NetworkingConfig,
|
2020-05-27 14:32:22 -04:00
|
|
|
platform *specs.Platform,
|
2018-12-13 06:59:35 -05:00
|
|
|
containerName string,
|
|
|
|
) (container.ContainerCreateCreatedBody, error) {
|
|
|
|
return container.ContainerCreateCreatedBody{}, nil
|
|
|
|
},
|
|
|
|
})
|
|
|
|
cmd := NewCreateCommand(cli)
|
2020-05-07 08:25:59 -04:00
|
|
|
cmd.SetOut(ioutil.Discard)
|
2018-12-13 06:59:35 -05:00
|
|
|
cmd.SetArgs(tc.args)
|
|
|
|
err := cmd.Execute()
|
|
|
|
assert.NilError(t, err)
|
|
|
|
if tc.warning {
|
|
|
|
golden.Assert(t, cli.ErrBuffer().String(), tc.name+".golden")
|
|
|
|
} else {
|
|
|
|
assert.Equal(t, cli.ErrBuffer().String(), "")
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-12-13 16:19:46 -05:00
|
|
|
func TestCreateContainerWithProxyConfig(t *testing.T) {
|
|
|
|
expected := []string{
|
|
|
|
"HTTP_PROXY=httpProxy",
|
|
|
|
"http_proxy=httpProxy",
|
|
|
|
"HTTPS_PROXY=httpsProxy",
|
|
|
|
"https_proxy=httpsProxy",
|
|
|
|
"NO_PROXY=noProxy",
|
|
|
|
"no_proxy=noProxy",
|
|
|
|
"FTP_PROXY=ftpProxy",
|
|
|
|
"ftp_proxy=ftpProxy",
|
|
|
|
}
|
|
|
|
sort.Strings(expected)
|
|
|
|
|
|
|
|
cli := test.NewFakeCli(&fakeClient{
|
|
|
|
createContainerFunc: func(config *container.Config,
|
|
|
|
hostConfig *container.HostConfig,
|
|
|
|
networkingConfig *network.NetworkingConfig,
|
2020-05-27 14:32:22 -04:00
|
|
|
platform *specs.Platform,
|
2018-12-13 16:19:46 -05:00
|
|
|
containerName string,
|
|
|
|
) (container.ContainerCreateCreatedBody, error) {
|
|
|
|
sort.Strings(config.Env)
|
|
|
|
assert.DeepEqual(t, config.Env, expected)
|
|
|
|
return container.ContainerCreateCreatedBody{}, nil
|
|
|
|
},
|
|
|
|
})
|
|
|
|
cli.SetConfigFile(&configfile.ConfigFile{
|
|
|
|
Proxies: map[string]configfile.ProxyConfig{
|
|
|
|
"default": {
|
|
|
|
HTTPProxy: "httpProxy",
|
|
|
|
HTTPSProxy: "httpsProxy",
|
|
|
|
NoProxy: "noProxy",
|
|
|
|
FTPProxy: "ftpProxy",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
})
|
|
|
|
cmd := NewCreateCommand(cli)
|
2020-05-07 08:25:59 -04:00
|
|
|
cmd.SetOut(ioutil.Discard)
|
2018-12-13 16:19:46 -05:00
|
|
|
cmd.SetArgs([]string{"image:tag"})
|
|
|
|
err := cmd.Execute()
|
|
|
|
assert.NilError(t, err)
|
|
|
|
}
|
|
|
|
|
2017-08-31 17:07:16 -04:00
|
|
|
type fakeNotFound struct{}
|
|
|
|
|
|
|
|
func (f fakeNotFound) NotFound() bool { return true }
|
|
|
|
func (f fakeNotFound) Error() string { return "error fake not found" }
|