1. docker
  2. Commit c028da3557cc0e9f80aee9b08118e9947e1fa57a
Browse code

Migrates TestContainersAPINetworkMountsNoChown to api tests

This fix migrates TestContainersAPINetworkMountsNoChown from
integration-cli to api tests in integration.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

Yong Tang authored on 2018/02/05 02:38:04
Showing 2 changed files
integration-cli/docker_api_containers_unix_test.go
History View file @ c028da3
1 1 
deleted file mode 100644
... ... 
@@ -1,77 +0,0 @@
1 
-// +build !windows
2 
-
3 
-package main
4 
-
5 
-import (
6 
-	"io/ioutil"
7 
-	"os"
8 
-	"path/filepath"
9 
-
10 
-	"github.com/docker/docker/api/types"
11 
-	containertypes "github.com/docker/docker/api/types/container"
12 
-	mounttypes "github.com/docker/docker/api/types/mount"
13 
-	networktypes "github.com/docker/docker/api/types/network"
14 
-	"github.com/docker/docker/client"
15 
-	"github.com/docker/docker/integration-cli/checker"
16 
-	"github.com/docker/docker/pkg/ioutils"
17 
-	"github.com/docker/docker/pkg/system"
18 
-	"github.com/go-check/check"
19 
-	"github.com/stretchr/testify/assert"
20 
-	"golang.org/x/net/context"
21 
-)
22 
-
23 
-func (s *DockerSuite) TestContainersAPINetworkMountsNoChown(c *check.C) {
24 
-	// chown only applies to Linux bind mounted volumes; must be same host to verify
25 
-	testRequires(c, DaemonIsLinux, SameHostDaemon)
26 
-
27 
-	tmpDir, err := ioutils.TempDir("", "test-network-mounts")
28 
-	c.Assert(err, checker.IsNil)
29 
-	defer os.RemoveAll(tmpDir)
30 
-
31 
-	// make tmp dir readable by anyone to allow userns process to mount from
32 
-	err = os.Chmod(tmpDir, 0755)
33 
-	c.Assert(err, checker.IsNil)
34 
-	// create temp files to use as network mounts
35 
-	tmpNWFileMount := filepath.Join(tmpDir, "nwfile")
36 
-
37 
-	err = ioutil.WriteFile(tmpNWFileMount, []byte("network file bind mount"), 0644)
38 
-	c.Assert(err, checker.IsNil)
39 
-
40 
-	config := containertypes.Config{
41 
-		Image: "busybox",
42 
-	}
43 
-	hostConfig := containertypes.HostConfig{
44 
-		Mounts: []mounttypes.Mount{
45 
-			{
46 
-				Type:   "bind",
47 
-				Source: tmpNWFileMount,
48 
-				Target: "/etc/resolv.conf",
49 
-			},
50 
-			{
51 
-				Type:   "bind",
52 
-				Source: tmpNWFileMount,
53 
-				Target: "/etc/hostname",
54 
-			},
55 
-			{
56 
-				Type:   "bind",
57 
-				Source: tmpNWFileMount,
58 
-				Target: "/etc/hosts",
59 
-			},
60 
-		},
61 
-	}
62 
-
63 
-	cli, err := client.NewEnvClient()
64 
-	c.Assert(err, checker.IsNil)
65 
-	defer cli.Close()
66 
-
67 
-	ctrCreate, err := cli.ContainerCreate(context.Background(), &config, &hostConfig, &networktypes.NetworkingConfig{}, "")
68 
-	c.Assert(err, checker.IsNil)
69 
-	// container will exit immediately because of no tty, but we only need the start sequence to test the condition
70 
-	err = cli.ContainerStart(context.Background(), ctrCreate.ID, types.ContainerStartOptions{})
71 
-	c.Assert(err, checker.IsNil)
72 
-
73 
-	// check that host-located bind mount network file did not change ownership when the container was started
74 
-	statT, err := system.Stat(tmpNWFileMount)
75 
-	c.Assert(err, checker.IsNil)
76 
-	assert.Equal(c, uint32(0), statT.UID(), "bind mounted network file should not change ownership from root")
77 
-}
integration/container/mounts_linux_test.go
History View file @ c028da3
... ... 
@@ -9,8 +9,15 @@ import (
9 9 
 	"github.com/docker/docker/api/types"
10 10 
 	"github.com/docker/docker/api/types/container"
11 11 
 	"github.com/docker/docker/api/types/mount"
12 
+	"github.com/docker/docker/api/types/network"
13 
+	"github.com/docker/docker/client"
12 14 
 	"github.com/docker/docker/integration-cli/daemon"
13 15 
 	"github.com/docker/docker/pkg/stdcopy"
16 
+	"github.com/docker/docker/pkg/system"
17 
+	"github.com/gotestyourself/gotestyourself/fs"
18 
+	"github.com/gotestyourself/gotestyourself/skip"
19 
+	"github.com/stretchr/testify/assert"
20 
+	"github.com/stretchr/testify/require"
14 21 
 )
15 22
16 23 
 func TestContainerShmNoLeak(t *testing.T) {
... ... 
@@ -82,3 +89,55 @@ func TestContainerShmNoLeak(t *testing.T) {
82 82 
 		t.Fatalf("mount leaked: %s", string(out))
83 83 
 	}
84 84 
 }
85 
+
86 
+func TestContainerNetworkMountsNoChown(t *testing.T) {
87 
+	// chown only applies to Linux bind mounted volumes; must be same host to verify
88 
+	skip.If(t, testEnv.DaemonInfo.OSType != "linux" || !testEnv.IsLocalDaemon())
89 
+
90 
+	defer setupTest(t)()
91 
+
92 
+	ctx := context.Background()
93 
+
94 
+	tmpDir := fs.NewDir(t, "network-file-mounts", fs.WithMode(0755), fs.WithFile("nwfile", "network file bind mount", fs.WithMode(0644)))
95 
+	defer tmpDir.Remove()
96 
+
97 
+	tmpNWFileMount := tmpDir.Join("nwfile")
98 
+
99 
+	config := container.Config{
100 
+		Image: "busybox",
101 
+	}
102 
+	hostConfig := container.HostConfig{
103 
+		Mounts: []mount.Mount{
104 
+			{
105 
+				Type:   "bind",
106 
+				Source: tmpNWFileMount,
107 
+				Target: "/etc/resolv.conf",
108 
+			},
109 
+			{
110 
+				Type:   "bind",
111 
+				Source: tmpNWFileMount,
112 
+				Target: "/etc/hostname",
113 
+			},
114 
+			{
115 
+				Type:   "bind",
116 
+				Source: tmpNWFileMount,
117 
+				Target: "/etc/hosts",
118 
+			},
119 
+		},
120 
+	}
121 
+
122 
+	cli, err := client.NewEnvClient()
123 
+	require.NoError(t, err)
124 
+	defer cli.Close()
125 
+
126 
+	ctrCreate, err := cli.ContainerCreate(ctx, &config, &hostConfig, &network.NetworkingConfig{}, "")
127 
+	require.NoError(t, err)
128 
+	// container will exit immediately because of no tty, but we only need the start sequence to test the condition
129 
+	err = cli.ContainerStart(ctx, ctrCreate.ID, types.ContainerStartOptions{})
130 
+	require.NoError(t, err)
131 
+
132 
+	// check that host-located bind mount network file did not change ownership when the container was started
133 
+	statT, err := system.Stat(tmpNWFileMount)
134 
+	require.NoError(t, err)
135 
+	assert.Equal(t, uint32(0), statT.UID(), "bind mounted network file should not change ownership from root")
136 
+}