1. docker
  2. Commit 08547dff29490236949317ca604dbda9d8feac4f
Browse code

update tests

Signed-off-by: Victor Vieux <vieux@docker.com>

Victor Vieux authored on 2014/10/01 04:10:03
Showing 3 changed files
daemon/daemon.go
History View file @ 08547df
... ... 
@@ -527,11 +527,35 @@ func (daemon *Daemon) getEntrypointAndArgs(configEntrypoint, configCmd []string)
527 527 
 	return entrypoint, args
528 528 
 }
529 529
530 
-func (daemon *Daemon) newContainer(name string, config *runconfig.Config, img *image.Image) (*Container, error) {
530 
+func parseSecurityOpt(container *Container, config *runconfig.Config) error {
531 531 
 	var (
532 
-		id         string
533 
-		err        error
534 532 
 		label_opts []string
533 
+		err        error
534 
+	)
535 
+
536 
+	for _, opt := range config.SecurityOpt {
537 
+		con := strings.SplitN(opt, ":", 2)
538 
+		if len(con) == 1 {
539 
+			return fmt.Errorf("Invalid --security-opt: %q", opt)
540 
+		}
541 
+		switch con[0] {
542 
+		case "label":
543 
+			label_opts = append(label_opts, con[1])
544 
+		case "apparmor":
545 
+			container.AppArmorProfile = con[1]
546 
+		default:
547 
+			return fmt.Errorf("Invalid --security-opt: %q", opt)
548 
+		}
549 
+	}
550 
+
551 
+	container.ProcessLabel, container.MountLabel, err = label.InitLabels(label_opts)
552 
+	return err
553 
+}
554 
+
555 
+func (daemon *Daemon) newContainer(name string, config *runconfig.Config, img *image.Image) (*Container, error) {
556 
+	var (
557 
+		id  string
558 
+		err error
535 559 
 	)
536 560 
 	id, name, err = daemon.generateIdAndName(name)
537 561 
 	if err != nil {
... ... 
@@ -558,26 +582,8 @@ func (daemon *Daemon) newContainer(name string, config *runconfig.Config, img *i
558 558 
 		execCommands:    newExecStore(),
559 559 
 	}
560 560 
 	container.root = daemon.containerRoot(container.ID)
561 
-
562 
-	for _, opt := range config.SecurityOpt {
563 
-		con := strings.SplitN(opt, ":", 2)
564 
-		if len(con) == 1 {
565 
-			return nil, fmt.Errorf("Invalid --security-opt: %q", opt)
566 
-		}
567 
-		switch con[0] {
568 
-		case "label":
569 
-			label_opts = append(label_opts, con[1])
570 
-		case "apparmor":
571 
-			container.AppArmorProfile = con[1]
572 
-		default:
573 
-			return nil, fmt.Errorf("Invalid --security-opt: %q", opt)
574 
-		}
575 
-	}
576 
-
577 
-	if container.ProcessLabel, container.MountLabel, err = label.InitLabels(label_opts); err != nil {
578 
-		return nil, err
579 
-	}
580 
-	return container, nil
561 
+	err = parseSecurityOpt(container, config)
562 
+	return container, err
581 563 
 }
582 564
583 565 
 func (daemon *Daemon) createRootfs(container *Container, img *image.Image) error {
daemon/daemon_unit_test.go
History View file @ 08547df
584 566 
new file mode 100644
... ... 
@@ -0,0 +1,39 @@
0 
+package daemon
1 
+
2 
+import (
3 
+	"testing"
4 
+
5 
+	"github.com/docker/docker/runconfig"
6 
+)
7 
+
8 
+func TestParseSecurityOpt(t *testing.T) {
9 
+	container := &Container{}
10 
+	config := &runconfig.Config{}
11 
+
12 
+	// test apparmor
13 
+	config.SecurityOpt = []string{"apparmor:test_profile"}
14 
+	if err := parseSecurityOpt(container, config); err != nil {
15 
+		t.Fatalf("Unexpected parseSecurityOpt error: %v", err)
16 
+	}
17 
+	if container.AppArmorProfile != "test_profile" {
18 
+		t.Fatalf("Unexpected AppArmorProfile, expected: \"test_profile\", got %q", container.AppArmorProfile)
19 
+	}
20 
+
21 
+	// test valid label
22 
+	config.SecurityOpt = []string{"label:user:USER"}
23 
+	if err := parseSecurityOpt(container, config); err != nil {
24 
+		t.Fatalf("Unexpected parseSecurityOpt error: %v", err)
25 
+	}
26 
+
27 
+	// test invalid label
28 
+	config.SecurityOpt = []string{"label"}
29 
+	if err := parseSecurityOpt(container, config); err == nil {
30 
+		t.Fatal("Expected parseSecurityOpt error, got nil")
31 
+	}
32 
+
33 
+	// test invalid opt
34 
+	config.SecurityOpt = []string{"test"}
35 
+	if err := parseSecurityOpt(container, config); err == nil {
36 
+		t.Fatal("Expected parseSecurityOpt error, got nil")
37 
+	}
38 
+}
integration-cli/docker_cli_run_test.go
History View file @ 08547df
... ... 
@@ -19,7 +19,6 @@ import (
19 19
20 20 
 	"github.com/docker/docker/pkg/mount"
21 21 
 	"github.com/docker/docker/pkg/networkfs/resolvconf"
22 
-	"github.com/docker/libcontainer/label"
23 22 
 	"github.com/kr/pty"
24 23 
 )
25 24
... ... 
@@ -1720,42 +1719,6 @@ func TestRunWriteResolvFileAndNotCommit(t *testing.T) {
1720 1720 
 	logDone("run - write to /etc/resolv.conf and not commited")
1721 1721 
 }
1722 1722
1723 
-func TestRunSecurityOptLevel(t *testing.T) {
1724 
-	plabel, _, _ := label.InitLabels(nil)
1725 
-	if plabel != "" {
1726 
-		defer deleteAllContainers()
1727 
-		cmd := exec.Command(dockerBinary, "run", "--security-opt", "label:level:s0:c0,c100", "busybox", "ps", "-eZ")
1728 
-		out, _, err := runCommandWithOutput(cmd)
1729 
-		if err != nil {
1730 
-			t.Fatal(err, out)
1731 
-		}
1732 
-		id := strings.TrimSpace(out)
1733 
-		if !strings.ContainsAny(id, "s0:c0,c100") {
1734 
-			t.Fatal("security-opt label:level:s0:c0,c100 failed")
1735 
-		}
1736 
-	}
1737 
-
1738 
-	logDone("run - security-opt label:level")
1739 
-}
1740 
-
1741 
-func TestRunSecurityOptDisable(t *testing.T) {
1742 
-	plabel, _, _ := label.InitLabels(nil)
1743 
-	if plabel != "" {
1744 
-		defer deleteAllContainers()
1745 
-		cmd := exec.Command(dockerBinary, "run", "--security-opt", "label:disable", "busybox", "ps", "-eZ")
1746 
-		out, _, err := runCommandWithOutput(cmd)
1747 
-		if err != nil {
1748 
-			t.Fatal(err, out)
1749 
-		}
1750 
-		id := strings.TrimSpace(out)
1751 
-		if !strings.ContainsAny(id, "svirt") {
1752 
-			t.Fatal("security-opt label:level:disable failed")
1753 
-		}
1754 
-	}
1755 
-
1756 
-	logDone("run - security-opt label:disable")
1757 
-}
1758 
-
1759 1723 
 func TestRunWithBadDevice(t *testing.T) {
1760 1724 
 	name := "baddevice"
1761 1725 
 	cmd := exec.Command(dockerBinary, "run", "--name", name, "--device", "/etc", "busybox", "true")