123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450 |
- //go:build !windows
- // +build !windows
- package main
- import (
- "encoding/json"
- "fmt"
- "path/filepath"
- "strings"
- "testing"
- "github.com/docker/docker/api/types"
- "github.com/docker/docker/api/types/mount"
- "github.com/docker/docker/api/types/swarm"
- "github.com/docker/docker/integration-cli/checker"
- "gotest.tools/v3/assert"
- "gotest.tools/v3/poll"
- )
- func (s *DockerSwarmSuite) TestServiceCreateMountVolume(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- out, err := d.Cmd("service", "create", "--no-resolve-image", "--detach=true", "--mount", "type=volume,source=foo,target=/foo,volume-nocopy", "busybox", "top")
- assert.NilError(c, err, out)
- id := strings.TrimSpace(out)
- var tasks []swarm.Task
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- tasks = d.GetServiceTasks(c, id)
- return len(tasks) > 0, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- task := tasks[0]
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- if task.NodeID == "" || task.Status.ContainerStatus == nil {
- task = d.GetTask(c, task.ID)
- }
- return task.NodeID != "" && task.Status.ContainerStatus != nil, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- // check container mount config
- out, err = s.nodeCmd(c, task.NodeID, "inspect", "--format", "{{json .HostConfig.Mounts}}", task.Status.ContainerStatus.ContainerID)
- assert.NilError(c, err, out)
- var mountConfig []mount.Mount
- assert.Assert(c, json.Unmarshal([]byte(out), &mountConfig) == nil)
- assert.Equal(c, len(mountConfig), 1)
- assert.Equal(c, mountConfig[0].Source, "foo")
- assert.Equal(c, mountConfig[0].Target, "/foo")
- assert.Equal(c, mountConfig[0].Type, mount.TypeVolume)
- assert.Assert(c, mountConfig[0].VolumeOptions != nil)
- assert.Assert(c, mountConfig[0].VolumeOptions.NoCopy)
- // check container mounts actual
- out, err = s.nodeCmd(c, task.NodeID, "inspect", "--format", "{{json .Mounts}}", task.Status.ContainerStatus.ContainerID)
- assert.NilError(c, err, out)
- var mounts []types.MountPoint
- assert.Assert(c, json.Unmarshal([]byte(out), &mounts) == nil)
- assert.Equal(c, len(mounts), 1)
- assert.Equal(c, mounts[0].Type, mount.TypeVolume)
- assert.Equal(c, mounts[0].Name, "foo")
- assert.Equal(c, mounts[0].Destination, "/foo")
- assert.Equal(c, mounts[0].RW, true)
- }
- func (s *DockerSwarmSuite) TestServiceCreateWithSecretSimple(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- serviceName := "test-service-secret"
- testName := "test_secret"
- id := d.CreateSecret(c, swarm.SecretSpec{
- Annotations: swarm.Annotations{
- Name: testName,
- },
- Data: []byte("TESTINGDATA"),
- })
- assert.Assert(c, id != "", "secrets: %s", id)
- out, err := d.Cmd("service", "create", "--detach", "--no-resolve-image", "--name", serviceName, "--secret", testName, "busybox", "top")
- assert.NilError(c, err, out)
- out, err = d.Cmd("service", "inspect", "--format", "{{ json .Spec.TaskTemplate.ContainerSpec.Secrets }}", serviceName)
- assert.NilError(c, err)
- var refs []swarm.SecretReference
- assert.Assert(c, json.Unmarshal([]byte(out), &refs) == nil)
- assert.Equal(c, len(refs), 1)
- assert.Equal(c, refs[0].SecretName, testName)
- assert.Assert(c, refs[0].File != nil)
- assert.Equal(c, refs[0].File.Name, testName)
- assert.Equal(c, refs[0].File.UID, "0")
- assert.Equal(c, refs[0].File.GID, "0")
- out, err = d.Cmd("service", "rm", serviceName)
- assert.NilError(c, err, out)
- d.DeleteSecret(c, testName)
- }
- func (s *DockerSwarmSuite) TestServiceCreateWithSecretSourceTargetPaths(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- testPaths := map[string]string{
- "app": "/etc/secret",
- "test_secret": "test_secret",
- "relative_secret": "relative/secret",
- "escapes_in_container": "../secret",
- }
- var secretFlags []string
- for testName, testTarget := range testPaths {
- id := d.CreateSecret(c, swarm.SecretSpec{
- Annotations: swarm.Annotations{
- Name: testName,
- },
- Data: []byte("TESTINGDATA " + testName + " " + testTarget),
- })
- assert.Assert(c, id != "", "secrets: %s", id)
- secretFlags = append(secretFlags, "--secret", fmt.Sprintf("source=%s,target=%s", testName, testTarget))
- }
- serviceName := "svc"
- serviceCmd := []string{"service", "create", "--detach", "--no-resolve-image", "--name", serviceName}
- serviceCmd = append(serviceCmd, secretFlags...)
- serviceCmd = append(serviceCmd, "busybox", "top")
- out, err := d.Cmd(serviceCmd...)
- assert.NilError(c, err, out)
- out, err = d.Cmd("service", "inspect", "--format", "{{ json .Spec.TaskTemplate.ContainerSpec.Secrets }}", serviceName)
- assert.NilError(c, err)
- var refs []swarm.SecretReference
- assert.Assert(c, json.Unmarshal([]byte(out), &refs) == nil)
- assert.Equal(c, len(refs), len(testPaths))
- var tasks []swarm.Task
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- tasks = d.GetServiceTasks(c, serviceName)
- return len(tasks) > 0, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- task := tasks[0]
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- if task.NodeID == "" || task.Status.ContainerStatus == nil {
- task = d.GetTask(c, task.ID)
- }
- return task.NodeID != "" && task.Status.ContainerStatus != nil, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- for testName, testTarget := range testPaths {
- path := testTarget
- if !filepath.IsAbs(path) {
- path = filepath.Join("/run/secrets", path)
- }
- out, err := d.Cmd("exec", task.Status.ContainerStatus.ContainerID, "cat", path)
- assert.NilError(c, err)
- assert.Equal(c, out, "TESTINGDATA "+testName+" "+testTarget)
- }
- out, err = d.Cmd("service", "rm", serviceName)
- assert.NilError(c, err, out)
- }
- func (s *DockerSwarmSuite) TestServiceCreateWithSecretReferencedTwice(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- id := d.CreateSecret(c, swarm.SecretSpec{
- Annotations: swarm.Annotations{
- Name: "mysecret",
- },
- Data: []byte("TESTINGDATA"),
- })
- assert.Assert(c, id != "", "secrets: %s", id)
- serviceName := "svc"
- out, err := d.Cmd("service", "create", "--detach", "--no-resolve-image", "--name", serviceName, "--secret", "source=mysecret,target=target1", "--secret", "source=mysecret,target=target2", "busybox", "top")
- assert.NilError(c, err, out)
- out, err = d.Cmd("service", "inspect", "--format", "{{ json .Spec.TaskTemplate.ContainerSpec.Secrets }}", serviceName)
- assert.NilError(c, err)
- var refs []swarm.SecretReference
- assert.Assert(c, json.Unmarshal([]byte(out), &refs) == nil)
- assert.Equal(c, len(refs), 2)
- var tasks []swarm.Task
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- tasks = d.GetServiceTasks(c, serviceName)
- return len(tasks) > 0, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- task := tasks[0]
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- if task.NodeID == "" || task.Status.ContainerStatus == nil {
- task = d.GetTask(c, task.ID)
- }
- return task.NodeID != "" && task.Status.ContainerStatus != nil, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- for _, target := range []string{"target1", "target2"} {
- assert.NilError(c, err, out)
- path := filepath.Join("/run/secrets", target)
- out, err := d.Cmd("exec", task.Status.ContainerStatus.ContainerID, "cat", path)
- assert.NilError(c, err)
- assert.Equal(c, out, "TESTINGDATA")
- }
- out, err = d.Cmd("service", "rm", serviceName)
- assert.NilError(c, err, out)
- }
- func (s *DockerSwarmSuite) TestServiceCreateWithConfigSimple(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- serviceName := "test-service-config"
- testName := "test_config"
- id := d.CreateConfig(c, swarm.ConfigSpec{
- Annotations: swarm.Annotations{
- Name: testName,
- },
- Data: []byte("TESTINGDATA"),
- })
- assert.Assert(c, id != "", "configs: %s", id)
- out, err := d.Cmd("service", "create", "--detach", "--no-resolve-image", "--name", serviceName, "--config", testName, "busybox", "top")
- assert.NilError(c, err, out)
- out, err = d.Cmd("service", "inspect", "--format", "{{ json .Spec.TaskTemplate.ContainerSpec.Configs }}", serviceName)
- assert.NilError(c, err)
- var refs []swarm.ConfigReference
- assert.Assert(c, json.Unmarshal([]byte(out), &refs) == nil)
- assert.Equal(c, len(refs), 1)
- assert.Equal(c, refs[0].ConfigName, testName)
- assert.Assert(c, refs[0].File != nil)
- assert.Equal(c, refs[0].File.Name, testName)
- assert.Equal(c, refs[0].File.UID, "0")
- assert.Equal(c, refs[0].File.GID, "0")
- out, err = d.Cmd("service", "rm", serviceName)
- assert.NilError(c, err, out)
- d.DeleteConfig(c, testName)
- }
- func (s *DockerSwarmSuite) TestServiceCreateWithConfigSourceTargetPaths(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- testPaths := map[string]string{
- "app": "/etc/config",
- "test_config": "test_config",
- "relative_config": "relative/config",
- }
- var configFlags []string
- for testName, testTarget := range testPaths {
- id := d.CreateConfig(c, swarm.ConfigSpec{
- Annotations: swarm.Annotations{
- Name: testName,
- },
- Data: []byte("TESTINGDATA " + testName + " " + testTarget),
- })
- assert.Assert(c, id != "", "configs: %s", id)
- configFlags = append(configFlags, "--config", fmt.Sprintf("source=%s,target=%s", testName, testTarget))
- }
- serviceName := "svc"
- serviceCmd := []string{"service", "create", "--detach", "--no-resolve-image", "--name", serviceName}
- serviceCmd = append(serviceCmd, configFlags...)
- serviceCmd = append(serviceCmd, "busybox", "top")
- out, err := d.Cmd(serviceCmd...)
- assert.NilError(c, err, out)
- out, err = d.Cmd("service", "inspect", "--format", "{{ json .Spec.TaskTemplate.ContainerSpec.Configs }}", serviceName)
- assert.NilError(c, err)
- var refs []swarm.ConfigReference
- assert.Assert(c, json.Unmarshal([]byte(out), &refs) == nil)
- assert.Equal(c, len(refs), len(testPaths))
- var tasks []swarm.Task
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- tasks = d.GetServiceTasks(c, serviceName)
- return len(tasks) > 0, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- task := tasks[0]
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- if task.NodeID == "" || task.Status.ContainerStatus == nil {
- task = d.GetTask(c, task.ID)
- }
- return task.NodeID != "" && task.Status.ContainerStatus != nil, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- for testName, testTarget := range testPaths {
- path := testTarget
- if !filepath.IsAbs(path) {
- path = filepath.Join("/", path)
- }
- out, err := d.Cmd("exec", task.Status.ContainerStatus.ContainerID, "cat", path)
- assert.NilError(c, err)
- assert.Equal(c, out, "TESTINGDATA "+testName+" "+testTarget)
- }
- out, err = d.Cmd("service", "rm", serviceName)
- assert.NilError(c, err, out)
- }
- func (s *DockerSwarmSuite) TestServiceCreateWithConfigReferencedTwice(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- id := d.CreateConfig(c, swarm.ConfigSpec{
- Annotations: swarm.Annotations{
- Name: "myconfig",
- },
- Data: []byte("TESTINGDATA"),
- })
- assert.Assert(c, id != "", "configs: %s", id)
- serviceName := "svc"
- out, err := d.Cmd("service", "create", "--detach", "--no-resolve-image", "--name", serviceName, "--config", "source=myconfig,target=target1", "--config", "source=myconfig,target=target2", "busybox", "top")
- assert.NilError(c, err, out)
- out, err = d.Cmd("service", "inspect", "--format", "{{ json .Spec.TaskTemplate.ContainerSpec.Configs }}", serviceName)
- assert.NilError(c, err)
- var refs []swarm.ConfigReference
- assert.Assert(c, json.Unmarshal([]byte(out), &refs) == nil)
- assert.Equal(c, len(refs), 2)
- var tasks []swarm.Task
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- tasks = d.GetServiceTasks(c, serviceName)
- return len(tasks) > 0, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- task := tasks[0]
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- if task.NodeID == "" || task.Status.ContainerStatus == nil {
- task = d.GetTask(c, task.ID)
- }
- return task.NodeID != "" && task.Status.ContainerStatus != nil, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- for _, target := range []string{"target1", "target2"} {
- assert.NilError(c, err, out)
- path := filepath.Join("/", target)
- out, err := d.Cmd("exec", task.Status.ContainerStatus.ContainerID, "cat", path)
- assert.NilError(c, err)
- assert.Equal(c, out, "TESTINGDATA")
- }
- out, err = d.Cmd("service", "rm", serviceName)
- assert.NilError(c, err, out)
- }
- func (s *DockerSwarmSuite) TestServiceCreateMountTmpfs(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- out, err := d.Cmd("service", "create", "--no-resolve-image", "--detach=true", "--mount", "type=tmpfs,target=/foo,tmpfs-size=1MB", "busybox", "sh", "-c", "mount | grep foo; exec tail -f /dev/null")
- assert.NilError(c, err, out)
- id := strings.TrimSpace(out)
- var tasks []swarm.Task
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- tasks = d.GetServiceTasks(c, id)
- return len(tasks) > 0, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- task := tasks[0]
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- if task.NodeID == "" || task.Status.ContainerStatus == nil {
- task = d.GetTask(c, task.ID)
- }
- return task.NodeID != "" && task.Status.ContainerStatus != nil, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- // check container mount config
- out, err = s.nodeCmd(c, task.NodeID, "inspect", "--format", "{{json .HostConfig.Mounts}}", task.Status.ContainerStatus.ContainerID)
- assert.NilError(c, err, out)
- var mountConfig []mount.Mount
- assert.Assert(c, json.Unmarshal([]byte(out), &mountConfig) == nil)
- assert.Equal(c, len(mountConfig), 1)
- assert.Equal(c, mountConfig[0].Source, "")
- assert.Equal(c, mountConfig[0].Target, "/foo")
- assert.Equal(c, mountConfig[0].Type, mount.TypeTmpfs)
- assert.Assert(c, mountConfig[0].TmpfsOptions != nil)
- assert.Equal(c, mountConfig[0].TmpfsOptions.SizeBytes, int64(1048576))
- // check container mounts actual
- out, err = s.nodeCmd(c, task.NodeID, "inspect", "--format", "{{json .Mounts}}", task.Status.ContainerStatus.ContainerID)
- assert.NilError(c, err, out)
- var mounts []types.MountPoint
- assert.Assert(c, json.Unmarshal([]byte(out), &mounts) == nil)
- assert.Equal(c, len(mounts), 1)
- assert.Equal(c, mounts[0].Type, mount.TypeTmpfs)
- assert.Equal(c, mounts[0].Name, "")
- assert.Equal(c, mounts[0].Destination, "/foo")
- assert.Equal(c, mounts[0].RW, true)
- out, err = s.nodeCmd(c, task.NodeID, "logs", task.Status.ContainerStatus.ContainerID)
- assert.NilError(c, err, out)
- assert.Assert(c, strings.HasPrefix(strings.TrimSpace(out), "tmpfs on /foo type tmpfs"))
- assert.Assert(c, strings.Contains(strings.TrimSpace(out), "size=1024k"))
- }
- func (s *DockerSwarmSuite) TestServiceCreateWithNetworkAlias(c *testing.T) {
- d := s.AddDaemon(c, true, true)
- out, err := d.Cmd("network", "create", "--scope=swarm", "test_swarm_br")
- assert.NilError(c, err, out)
- out, err = d.Cmd("service", "create", "--no-resolve-image", "--detach=true", "--network=name=test_swarm_br,alias=srv_alias", "--name=alias_tst_container", "busybox", "top")
- assert.NilError(c, err, out)
- id := strings.TrimSpace(out)
- var tasks []swarm.Task
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- tasks = d.GetServiceTasks(c, id)
- return len(tasks) > 0, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- task := tasks[0]
- poll.WaitOn(c, pollCheck(c, func(c *testing.T) (interface{}, string) {
- if task.NodeID == "" || task.Status.ContainerStatus == nil {
- task = d.GetTask(c, task.ID)
- }
- return task.NodeID != "" && task.Status.ContainerStatus != nil, ""
- }, checker.Equals(true)), poll.WithTimeout(defaultReconciliationTimeout))
- // check container alias config
- out, err = s.nodeCmd(c, task.NodeID, "inspect", "--format", "{{json .NetworkSettings.Networks.test_swarm_br.Aliases}}", task.Status.ContainerStatus.ContainerID)
- assert.NilError(c, err, out)
- // Make sure the only alias seen is the container-id
- var aliases []string
- assert.Assert(c, json.Unmarshal([]byte(out), &aliases) == nil)
- assert.Equal(c, len(aliases), 1)
- assert.Assert(c, strings.Contains(task.Status.ContainerStatus.ContainerID, aliases[0]))
- }
|