deleted file mode 100644

@@ -1,23 +0,0 @@

-package main

-

-import (

-	"github.com/docker/docker/integration-cli/daemon"

-	"github.com/go-check/check"

-)

-

-func (s *DockerSwarmSuite) getDaemon(c *check.C, nodeID string) *daemon.Swarm {

-	s.daemonsLock.Lock()

-	defer s.daemonsLock.Unlock()

-	for _, d := range s.daemons {

-		if d.NodeID == nodeID {

-			return d

-		}

-	}

-	c.Fatalf("could not find node with id: %s", nodeID)

-	return nil

-}

-

-// nodeCmd executes a command on a given node via the normal docker socket

-func (s *DockerSwarmSuite) nodeCmd(c *check.C, id string, args ...string) (string, error) {

-	return s.getDaemon(c, id).Cmd(args...)

-}

new file mode 100644

@@ -0,0 +1,23 @@

+package main

+

+import (

+	"github.com/docker/docker/integration-cli/daemon"

+	"github.com/go-check/check"

+)

+

+func (s *DockerSwarmSuite) getDaemon(c *check.C, nodeID string) *daemon.Swarm {

+	s.daemonsLock.Lock()

+	defer s.daemonsLock.Unlock()

+	for _, d := range s.daemons {

+		if d.NodeID == nodeID {

+			return d

+		}

+	}

+	c.Fatalf("could not find node with id: %s", nodeID)

+	return nil

+}

+

+// nodeCmd executes a command on a given node via the normal docker socket

+func (s *DockerSwarmSuite) nodeCmd(c *check.C, id string, args ...string) (string, error) {

+	return s.getDaemon(c, id).Cmd(args...)

+}

@@ -564,32 +564,11 @@ func (s *DockerSuite) TestContainerAPICreateMultipleNetworksConfig(c *check.C) {

 }

 func (s *DockerSuite) TestContainerAPICreateWithHostName(c *check.C) {

-	hostName := "test-host"

-	config := map[string]interface{}{

-		"Image":    "busybox",

-		"Hostname": hostName,

-	}

-

-	status, body, err := request.SockRequest("POST", "/containers/create", config, daemonHost())

-	c.Assert(err, checker.IsNil)

-	c.Assert(status, checker.Equals, http.StatusCreated)

-

-	var container containertypes.ContainerCreateCreatedBody

-	c.Assert(json.Unmarshal(body, &container), checker.IsNil)

-

-	status, body, err = request.SockRequest("GET", "/containers/"+container.ID+"/json", nil, daemonHost())

-	c.Assert(err, checker.IsNil)

-	c.Assert(status, checker.Equals, http.StatusOK)

-

-	var containerJSON types.ContainerJSON

-	c.Assert(json.Unmarshal(body, &containerJSON), checker.IsNil)

-	c.Assert(containerJSON.Config.Hostname, checker.Equals, hostName, check.Commentf("Mismatched Hostname"))

-}

-

-func (s *DockerSuite) TestContainerAPICreateWithDomainName(c *check.C) {

 	domainName := "test-domain"

+	hostName := "test-hostname"

 	config := map[string]interface{}{

 		"Image":      "busybox",

+		"Hostname":   hostName,

 		"Domainname": domainName,

 	}

@@ -606,6 +585,7 @@ func (s *DockerSuite) TestContainerAPICreateWithDomainName(c *check.C) {

 	var containerJSON types.ContainerJSON

 	c.Assert(json.Unmarshal(body, &containerJSON), checker.IsNil)

+	c.Assert(containerJSON.Config.Hostname, checker.Equals, hostName, check.Commentf("Mismatched Hostname"))

 	c.Assert(containerJSON.Config.Domainname, checker.Equals, domainName, check.Commentf("Mismatched Domainname"))

 }

@@ -2347,35 +2347,17 @@ func (s *DockerDaemonSuite) TestBuildOnDisabledBridgeNetworkDaemon(c *check.C) {

 }

 // Test case for #21976

-func (s *DockerDaemonSuite) TestDaemonDNSInHostMode(c *check.C) {

+func (s *DockerDaemonSuite) TestDaemonDNSFlagsInHostMode(c *check.C) {

 	testRequires(c, SameHostDaemon, DaemonIsLinux)

-	s.d.StartWithBusybox(c, "--dns", "1.2.3.4")

+	s.d.StartWithBusybox(c, "--dns", "1.2.3.4", "--dns-search", "example.com", "--dns-opt", "timeout:3")

 	expectedOutput := "nameserver 1.2.3.4"

 	out, _ := s.d.Cmd("run", "--net=host", "busybox", "cat", "/etc/resolv.conf")

 	c.Assert(out, checker.Contains, expectedOutput, check.Commentf("Expected '%s', but got %q", expectedOutput, out))

-}

-

-// Test case for #21976

-func (s *DockerDaemonSuite) TestDaemonDNSSearchInHostMode(c *check.C) {

-	testRequires(c, SameHostDaemon, DaemonIsLinux)

-

-	s.d.StartWithBusybox(c, "--dns-search", "example.com")

-

-	expectedOutput := "search example.com"

-	out, _ := s.d.Cmd("run", "--net=host", "busybox", "cat", "/etc/resolv.conf")

+	expectedOutput = "search example.com"

 	c.Assert(out, checker.Contains, expectedOutput, check.Commentf("Expected '%s', but got %q", expectedOutput, out))

-}

-

-// Test case for #21976

-func (s *DockerDaemonSuite) TestDaemonDNSOptionsInHostMode(c *check.C) {

-	testRequires(c, SameHostDaemon, DaemonIsLinux)

-

-	s.d.StartWithBusybox(c, "--dns-opt", "timeout:3")

-

-	expectedOutput := "options timeout:3"

-	out, _ := s.d.Cmd("run", "--net=host", "busybox", "cat", "/etc/resolv.conf")

+	expectedOutput = "options timeout:3"

 	c.Assert(out, checker.Contains, expectedOutput, check.Commentf("Expected '%s', but got %q", expectedOutput, out))

 }

@@ -8,26 +8,19 @@ import (

 )

 func (s *DockerSuite) TestExperimentalVersionTrue(c *check.C) {

-	testRequires(c, ExperimentalDaemon)

-

-	out, _ := dockerCmd(c, "version")

-	for _, line := range strings.Split(out, "\n") {

-		if strings.HasPrefix(strings.TrimSpace(line), "Experimental:") {

-			c.Assert(line, checker.Matches, "*true")

-			return

-		}

-	}

-

-	c.Fatal(`"Experimental" not found in version output`)

+	testExperimentalInVersion(c, ExperimentalDaemon, "*true")

 }

 func (s *DockerSuite) TestExperimentalVersionFalse(c *check.C) {

-	testRequires(c, NotExperimentalDaemon)

+	testExperimentalInVersion(c, NotExperimentalDaemon, "*false")

+}

+func testExperimentalInVersion(c *check.C, requirement func() bool, expectedValue string) {

+	testRequires(c, requirement)

 	out, _ := dockerCmd(c, "version")

 	for _, line := range strings.Split(out, "\n") {

 		if strings.HasPrefix(strings.TrimSpace(line), "Experimental:") {

-			c.Assert(line, checker.Matches, "*false")

+			c.Assert(line, checker.Matches, expectedValue)

 			return

 		}

 	}

@@ -12,22 +12,6 @@ import (

 	"github.com/go-check/check"

 )

-func waitForStatus(c *check.C, name string, prev string, expected string) {

-	prev = prev + "\n"

-	expected = expected + "\n"

-	for {

-		out, _ := dockerCmd(c, "inspect", "--format={{.State.Status}}", name)

-		if out == expected {

-			return

-		}

-		c.Check(out, checker.Equals, prev)

-		if out != prev {

-			return

-		}

-		time.Sleep(100 * time.Millisecond)

-	}

-}

-

 func waitForHealthStatus(c *check.C, name string, prev string, expected string) {

 	prev = prev + "\n"

 	expected = expected + "\n"

@@ -17,40 +17,24 @@ import (

 // This used to work, it test a log of PageSize-1 (gh#4851)

 func (s *DockerSuite) TestLogsContainerSmallerThanPage(c *check.C) {

-	testLen := 32767

-	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo -n = >> a.a; done; echo >> a.a; cat a.a", testLen))

-

-	id := strings.TrimSpace(out)

-	dockerCmd(c, "wait", id)

-

-	out, _ = dockerCmd(c, "logs", id)

-

-	c.Assert(out, checker.HasLen, testLen+1)

+	testLogsContainerPagination(c, 32767)

 }

 // Regression test: When going over the PageSize, it used to panic (gh#4851)

 func (s *DockerSuite) TestLogsContainerBiggerThanPage(c *check.C) {

-	testLen := 32768

-	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo -n = >> a.a; done; echo >> a.a; cat a.a", testLen))

-

-	id := strings.TrimSpace(out)

-	dockerCmd(c, "wait", id)

-

-	out, _ = dockerCmd(c, "logs", id)

-

-	c.Assert(out, checker.HasLen, testLen+1)

+	testLogsContainerPagination(c, 32768)

 }

 // Regression test: When going much over the PageSize, it used to block (gh#4851)

 func (s *DockerSuite) TestLogsContainerMuchBiggerThanPage(c *check.C) {

-	testLen := 33000

-	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo -n = >> a.a; done; echo >> a.a; cat a.a", testLen))

+	testLogsContainerPagination(c, 33000)

+}

+func testLogsContainerPagination(c *check.C, testLen int) {

+	out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", fmt.Sprintf("for i in $(seq 1 %d); do echo -n = >> a.a; done; echo >> a.a; cat a.a", testLen))

 	id := strings.TrimSpace(out)

 	dockerCmd(c, "wait", id)

-

 	out, _ = dockerCmd(c, "logs", id)

-

 	c.Assert(out, checker.HasLen, testLen+1)

 }

@@ -1854,13 +1854,20 @@ func (s *DockerSuite) TestRunInteractiveWithRestartPolicy(c *check.C) {

 }

 // Test for #2267

-func (s *DockerSuite) TestRunWriteHostsFileAndNotCommit(c *check.C) {

-	// Cannot run on Windows as Windows does not support diff.

+func (s *DockerSuite) TestRunWriteSpecialFilesAndNotCommit(c *check.C) {

+	// Cannot run on Windows as this files are not present in Windows

 	testRequires(c, DaemonIsLinux)

-	name := "writehosts"

-	out, _ := dockerCmd(c, "run", "--name", name, "busybox", "sh", "-c", "echo test2267 >> /etc/hosts && cat /etc/hosts")

+

+	testRunWriteSpecialFilesAndNotCommit(c, "writehosts", "/etc/hosts")

+	testRunWriteSpecialFilesAndNotCommit(c, "writehostname", "/etc/hostname")

+	testRunWriteSpecialFilesAndNotCommit(c, "writeresolv", "/etc/resolv.conf")

+}

+

+func testRunWriteSpecialFilesAndNotCommit(c *check.C, name, path string) {

+	command := fmt.Sprintf("echo test2267 >> %s && cat %s", path, path)

+	out, _ := dockerCmd(c, "run", "--name", name, "busybox", "sh", "-c", command)

 	if !strings.Contains(out, "test2267") {

-		c.Fatal("/etc/hosts should contain 'test2267'")

+		c.Fatalf("%s should contain 'test2267'", path)

 	}

 	out, _ = dockerCmd(c, "diff", name)

@@ -1897,38 +1904,6 @@ func sliceEq(a, b []string) bool {

 	return true

 }

-// Test for #2267

-func (s *DockerSuite) TestRunWriteHostnameFileAndNotCommit(c *check.C) {

-	// Cannot run on Windows as Windows does not support diff.

-	testRequires(c, DaemonIsLinux)

-	name := "writehostname"

-	out, _ := dockerCmd(c, "run", "--name", name, "busybox", "sh", "-c", "echo test2267 >> /etc/hostname && cat /etc/hostname")

-	if !strings.Contains(out, "test2267") {

-		c.Fatal("/etc/hostname should contain 'test2267'")

-	}

-

-	out, _ = dockerCmd(c, "diff", name)

-	if len(strings.Trim(out, "\r\n")) != 0 && !eqToBaseDiff(out, c) {

-		c.Fatal("diff should be empty")

-	}

-}

-

-// Test for #2267

-func (s *DockerSuite) TestRunWriteResolvFileAndNotCommit(c *check.C) {

-	// Cannot run on Windows as Windows does not support diff.

-	testRequires(c, DaemonIsLinux)

-	name := "writeresolv"

-	out, _ := dockerCmd(c, "run", "--name", name, "busybox", "sh", "-c", "echo test2267 >> /etc/resolv.conf && cat /etc/resolv.conf")

-	if !strings.Contains(out, "test2267") {

-		c.Fatal("/etc/resolv.conf should contain 'test2267'")

-	}

-

-	out, _ = dockerCmd(c, "diff", name)

-	if len(strings.Trim(out, "\r\n")) != 0 && !eqToBaseDiff(out, c) {

-		c.Fatal("diff should be empty")

-	}

-}

-

 func (s *DockerSuite) TestRunWithBadDevice(c *check.C) {

 	// Cannot run on Windows as Windows does not support --device

 	testRequires(c, DaemonIsLinux)

@@ -3453,38 +3428,14 @@ func (s *DockerSuite) TestRunContainerWithCgroupParent(c *check.C) {

 	// Not applicable on Windows as uses Unix specific functionality

 	testRequires(c, DaemonIsLinux)

-	cgroupParent := "test"

-	name := "cgroup-test"

+	// cgroup-parent relative path

+	testRunContainerWithCgroupParent(c, "test", "cgroup-test")

-	out, _, err := dockerCmdWithError("run", "--cgroup-parent", cgroupParent, "--name", name, "busybox", "cat", "/proc/self/cgroup")

-	if err != nil {

-		c.Fatalf("unexpected failure when running container with --cgroup-parent option - %s\n%v", string(out), err)

-	}

-	cgroupPaths := testutil.ParseCgroupPaths(string(out))

-	if len(cgroupPaths) == 0 {

-		c.Fatalf("unexpected output - %q", string(out))

-	}

-	id, err := getIDByName(name)

-	c.Assert(err, check.IsNil)

-	expectedCgroup := path.Join(cgroupParent, id)

-	found := false

-	for _, path := range cgroupPaths {

-		if strings.HasSuffix(path, expectedCgroup) {

-			found = true

-			break

-		}

-	}

-	if !found {

-		c.Fatalf("unexpected cgroup paths. Expected at least one cgroup path to have suffix %q. Cgroup Paths: %v", expectedCgroup, cgroupPaths)

-	}

+	// cgroup-parent absolute path

+	testRunContainerWithCgroupParent(c, "/cgroup-parent/test", "cgroup-test-absolute")

 }

-func (s *DockerSuite) TestRunContainerWithCgroupParentAbsPath(c *check.C) {

-	// Not applicable on Windows as uses Unix specific functionality

-	testRequires(c, DaemonIsLinux)

-

-	cgroupParent := "/cgroup-parent/test"

-	name := "cgroup-test"

+func testRunContainerWithCgroupParent(c *check.C, cgroupParent, name string) {

 	out, _, err := dockerCmdWithError("run", "--cgroup-parent", cgroupParent, "--name", name, "busybox", "cat", "/proc/self/cgroup")

 	if err != nil {

 		c.Fatalf("unexpected failure when running container with --cgroup-parent option - %s\n%v", string(out), err)

@@ -3513,49 +3464,12 @@ func (s *DockerSuite) TestRunInvalidCgroupParent(c *check.C) {

 	// Not applicable on Windows as uses Unix specific functionality

 	testRequires(c, DaemonIsLinux)

-	cgroupParent := "../../../../../../../../SHOULD_NOT_EXIST"

-	cleanCgroupParent := "SHOULD_NOT_EXIST"

-	name := "cgroup-invalid-test"

+	testRunInvalidCgroupParent(c, "../../../../../../../../SHOULD_NOT_EXIST", "SHOULD_NOT_EXIST", "cgroup-invalid-test")

-	out, _, err := dockerCmdWithError("run", "--cgroup-parent", cgroupParent, "--name", name, "busybox", "cat", "/proc/self/cgroup")

-	if err != nil {

-		// XXX: This may include a daemon crash.

-		c.Fatalf("unexpected failure when running container with --cgroup-parent option - %s\n%v", string(out), err)

-	}

-

-	// We expect "/SHOULD_NOT_EXIST" to not exist. If not, we have a security issue.

-	if _, err := os.Stat("/SHOULD_NOT_EXIST"); err == nil || !os.IsNotExist(err) {

-		c.Fatalf("SECURITY: --cgroup-parent with ../../ relative paths cause files to be created in the host (this is bad) !!")

-	}

-

-	cgroupPaths := testutil.ParseCgroupPaths(string(out))

-	if len(cgroupPaths) == 0 {

-		c.Fatalf("unexpected output - %q", string(out))

-	}

-	id, err := getIDByName(name)

-	c.Assert(err, check.IsNil)

-	expectedCgroup := path.Join(cleanCgroupParent, id)

-	found := false

-	for _, path := range cgroupPaths {

-		if strings.HasSuffix(path, expectedCgroup) {

-			found = true

-			break

-		}

-	}

-	if !found {

-		c.Fatalf("unexpected cgroup paths. Expected at least one cgroup path to have suffix %q. Cgroup Paths: %v", expectedCgroup, cgroupPaths)

-	}

+	testRunInvalidCgroupParent(c, "/../../../../../../../../SHOULD_NOT_EXIST", "/SHOULD_NOT_EXIST", "cgroup-absolute-invalid-test")

 }

-// TestRunInvalidCgroupParent checks that a specially-crafted cgroup parent doesn't cause Docker to crash or start modifying /.

-func (s *DockerSuite) TestRunAbsoluteInvalidCgroupParent(c *check.C) {

-	// Not applicable on Windows as uses Unix specific functionality

-	testRequires(c, DaemonIsLinux)

-

-	cgroupParent := "/../../../../../../../../SHOULD_NOT_EXIST"

-	cleanCgroupParent := "/SHOULD_NOT_EXIST"

-	name := "cgroup-absolute-invalid-test"

-

+func testRunInvalidCgroupParent(c *check.C, cgroupParent, cleanCgroupParent, name string) {

 	out, _, err := dockerCmdWithError("run", "--cgroup-parent", cgroupParent, "--name", name, "busybox", "cat", "/proc/self/cgroup")

 	if err != nil {

 		// XXX: This may include a daemon crash.

@@ -3564,7 +3478,7 @@ func (s *DockerSuite) TestRunAbsoluteInvalidCgroupParent(c *check.C) {

 	// We expect "/SHOULD_NOT_EXIST" to not exist. If not, we have a security issue.

 	if _, err := os.Stat("/SHOULD_NOT_EXIST"); err == nil || !os.IsNotExist(err) {

-		c.Fatalf("SECURITY: --cgroup-parent with /../../ garbage paths cause files to be created in the host (this is bad) !!")

+		c.Fatalf("SECURITY: --cgroup-parent with ../../ relative paths cause files to be created in the host (this is bad) !!")

 	}

 	cgroupPaths := testutil.ParseCgroupPaths(string(out))

@@ -132,60 +132,3 @@ func (s *DockerSwarmSuite) TestServiceHealthStart(c *check.C) {

 		return task.Status.State, nil

 	}, checker.Equals, swarm.TaskStateRunning)

 }

-

-// start a service whose task is unhealthy at beginning

-// its tasks should be blocked in starting stage, until health check is passed

-func (s *DockerSwarmSuite) TestServiceHealthUpdate(c *check.C) {

-	testRequires(c, DaemonIsLinux) // busybox doesn't work on Windows

-

-	d := s.AddDaemon(c, true, true)

-

-	// service started from this image won't pass health check

-	imageName := "testhealth"

-	_, _, err := d.BuildImageWithOut(imageName,

-		`FROM busybox

-		HEALTHCHECK --interval=1s --timeout=1s --retries=1024\

-		  CMD cat /status`,

-		true)

-	c.Check(err, check.IsNil)

-

-	serviceName := "healthServiceStart"

-	out, err := d.Cmd("service", "create", "--name", serviceName, imageName, "top")

-	c.Assert(err, checker.IsNil, check.Commentf(out))

-	id := strings.TrimSpace(out)

-

-	var tasks []swarm.Task

-	waitAndAssert(c, defaultReconciliationTimeout, func(c *check.C) (interface{}, check.CommentInterface) {

-		tasks = d.GetServiceTasks(c, id)

-		return tasks, nil

-	}, checker.HasLen, 1)

-

-	task := tasks[0]

-

-	// wait for task to start

-	waitAndAssert(c, defaultReconciliationTimeout, func(c *check.C) (interface{}, check.CommentInterface) {

-		task = d.GetTask(c, task.ID)

-		return task.Status.State, nil

-	}, checker.Equals, swarm.TaskStateStarting)

-

-	containerID := task.Status.ContainerStatus.ContainerID

-

-	// wait for health check to work

-	waitAndAssert(c, defaultReconciliationTimeout, func(c *check.C) (interface{}, check.CommentInterface) {

-		out, _ := d.Cmd("inspect", "--format={{.State.Health.FailingStreak}}", containerID)

-		failingStreak, _ := strconv.Atoi(strings.TrimSpace(out))

-		return failingStreak, nil

-	}, checker.GreaterThan, 0)

-

-	// task should be blocked at starting status

-	task = d.GetTask(c, task.ID)

-	c.Assert(task.Status.State, check.Equals, swarm.TaskStateStarting)

-

-	// make it healthy

-	d.Cmd("exec", containerID, "touch", "/status")

-	// Task should be at running status

-	waitAndAssert(c, defaultReconciliationTimeout, func(c *check.C) (interface{}, check.CommentInterface) {

-		task = d.GetTask(c, task.ID)

-		return task.Status.State, nil

-	}, checker.Equals, swarm.TaskStateRunning)

-}

@@ -12,29 +12,22 @@ import (

 	"github.com/go-check/check"

 )

+// ensure Kernel version is >= v3.9 for macvlan support

 func macvlanKernelSupport() bool {

-	const macvlanKernelVer = 3 // minimum macvlan kernel support

-	const macvlanMajorVer = 9  // minimum macvlan major kernel support

-	kv, err := kernel.GetKernelVersion()

-	if err != nil {

-		return false

-	}

-	// ensure Kernel version is >= v3.9 for macvlan support

-	if kv.Kernel < macvlanKernelVer || (kv.Kernel == macvlanKernelVer && kv.Major < macvlanMajorVer) {

-		return false

-	}

-	return true

+	return checkKernelMajorVersionGreaterOrEqualThen(3, 9)

 }

+// ensure Kernel version is >= v4.2 for ipvlan support

 func ipvlanKernelSupport() bool {

-	const ipvlanKernelVer = 4 // minimum ipvlan kernel support

-	const ipvlanMajorVer = 2  // minimum ipvlan major kernel support

+	return checkKernelMajorVersionGreaterOrEqualThen(4, 2)

+}

+

+func checkKernelMajorVersionGreaterOrEqualThen(kernelVersion int, majorVersion int) bool {

 	kv, err := kernel.GetKernelVersion()

 	if err != nil {

 		return false

 	}

-	// ensure Kernel version is >= v4.2 for ipvlan support

-	if kv.Kernel < ipvlanKernelVer || (kv.Kernel == ipvlanKernelVer && kv.Major < ipvlanMajorVer) {

+	if kv.Kernel < kernelVersion || (kv.Kernel == kernelVersion && kv.Major < majorVersion) {

 		return false

 	}

 	return true

@@ -251,7 +251,7 @@ func (s *DockerTrustSuite) setupTrustedplugin(c *check.C, source, name string) s

 	return repoName

 }

-func notaryClientEnv(cmd *exec.Cmd) {

+func (s *DockerTrustSuite) notaryCmd(c *check.C, args ...string) string {

 	pwd := "12345678"

 	env := []string{

 		fmt.Sprintf("NOTARY_ROOT_PASSPHRASE=%s", pwd),

@@ -259,16 +259,16 @@ func notaryClientEnv(cmd *exec.Cmd) {

 		fmt.Sprintf("NOTARY_SNAPSHOT_PASSPHRASE=%s", pwd),

 		fmt.Sprintf("NOTARY_DELEGATION_PASSPHRASE=%s", pwd),

 	}

-	cmd.Env = append(os.Environ(), env...)

+	result := icmd.RunCmd(icmd.Cmd{

+		Command: append([]string{notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json")}, args...),

+		Env:     append(os.Environ(), env...),

+	})

+	result.Assert(c, icmd.Success)

+	return result.Combined()

 }

 func (s *DockerTrustSuite) notaryInitRepo(c *check.C, repoName string) {

-	initCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"), "init", repoName)

-	notaryClientEnv(initCmd)

-	out, _, err := runCommandWithOutput(initCmd)

-	if err != nil {

-		c.Fatalf("Error initializing notary repository: %s\n", out)

-	}

+	s.notaryCmd(c, "init", repoName)

 }

 func (s *DockerTrustSuite) notaryCreateDelegation(c *check.C, repoName, role string, pubKey string, paths ...string) {

@@ -277,42 +277,19 @@ func (s *DockerTrustSuite) notaryCreateDelegation(c *check.C, repoName, role str

 		pathsArg = "--paths=" + strings.Join(paths, ",")

 	}

-	delgCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"),

-		"delegation", "add", repoName, role, pubKey, pathsArg)

-	notaryClientEnv(delgCmd)

-	out, _, err := runCommandWithOutput(delgCmd)

-	if err != nil {

-		c.Fatalf("Error adding %s role to notary repository: %s\n", role, out)

-	}

+	s.notaryCmd(c, "delegation", "add", repoName, role, pubKey, pathsArg)

 }

 func (s *DockerTrustSuite) notaryPublish(c *check.C, repoName string) {

-	pubCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"), "publish", repoName)

-	notaryClientEnv(pubCmd)

-	out, _, err := runCommandWithOutput(pubCmd)

-	if err != nil {

-		c.Fatalf("Error publishing notary repository: %s\n", out)

-	}

+	s.notaryCmd(c, "publish", repoName)

 }

 func (s *DockerTrustSuite) notaryImportKey(c *check.C, repoName, role string, privKey string) {

-	impCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"), "key",

-		"import", privKey, "-g", repoName, "-r", role)

-	notaryClientEnv(impCmd)

-	out, _, err := runCommandWithOutput(impCmd)

-	if err != nil {

-		c.Fatalf("Error importing key to notary repository: %s\n", out)

-	}

+	s.notaryCmd(c, "key", "import", privKey, "-g", repoName, "-r", role)

 }

 func (s *DockerTrustSuite) notaryListTargetsInRole(c *check.C, repoName, role string) map[string]string {

-	listCmd := exec.Command(notaryBinary, "-c", filepath.Join(s.not.dir, "client-config.json"), "list",

-		repoName, "-r", role)

-	notaryClientEnv(listCmd)

-	out, _, err := runCommandWithOutput(listCmd)

-	if err != nil {

-		c.Fatalf("Error listing targets in notary repository: %s\n", out)

-	}

+	out := s.notaryCmd(c, "list", repoName, "-r", role)

 	// should look something like:

 	//    NAME                                 DIGEST                                SIZE (BYTES)    ROLE