moby/integration/buildfile_test.go
unclejack b829e96cde forbid chained onbuild, from & maintainer triggers
This changes the way onbuild works:
- forbids the chaining of onbuild instructions
- forbids the use of `onbuild from`
- forbids the use of `onbuild maintainer`

It also makes docker throw errors when encountering such triggers when
executing the triggers during `FROM`.

Three tests have been added:
- ensure that chained onbuild (`onbuild onbuild`) is forbidden
- ensure that `onbuild from` is forbidden
- ensure that `onbuild maintainer` is forbidden

Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
2014-02-20 20:31:04 +02:00

968 lines
22 KiB
Go

package docker
import (
"fmt"
"github.com/dotcloud/docker"
"github.com/dotcloud/docker/archive"
"github.com/dotcloud/docker/engine"
"github.com/dotcloud/docker/utils"
"io/ioutil"
"net"
"net/http"
"net/http/httptest"
"strings"
"testing"
)
// A testContextTemplate describes a build context and how to test it
type testContextTemplate struct {
// Contents of the Dockerfile
dockerfile string
// Additional files in the context, eg [][2]string{"./passwd", "gordon"}
files [][2]string
// Additional remote files to host on a local HTTP server.
remoteFiles [][2]string
}
func (context testContextTemplate) Archive(dockerfile string, t *testing.T) archive.Archive {
input := []string{"Dockerfile", dockerfile}
for _, pair := range context.files {
input = append(input, pair[0], pair[1])
}
a, err := archive.Generate(input...)
if err != nil {
t.Fatal(err)
}
return a
}
// A table of all the contexts to build and test.
// A new docker runtime will be created and torn down for each context.
var testContexts = []testContextTemplate{
{
`
from {IMAGE}
run sh -c 'echo root:testpass > /tmp/passwd'
run mkdir -p /var/run/sshd
run [ "$(cat /tmp/passwd)" = "root:testpass" ]
run [ "$(ls -d /var/run/sshd)" = "/var/run/sshd" ]
`,
nil,
nil,
},
// Exactly the same as above, except uses a line split with a \ to test
// multiline support.
{
`
from {IMAGE}
run sh -c 'echo root:testpass \
> /tmp/passwd'
run mkdir -p /var/run/sshd
run [ "$(cat /tmp/passwd)" = "root:testpass" ]
run [ "$(ls -d /var/run/sshd)" = "/var/run/sshd" ]
`,
nil,
nil,
},
// Line containing literal "\n"
{
`
from {IMAGE}
run sh -c 'echo root:testpass > /tmp/passwd'
run echo "foo \n bar"; echo "baz"
run mkdir -p /var/run/sshd
run [ "$(cat /tmp/passwd)" = "root:testpass" ]
run [ "$(ls -d /var/run/sshd)" = "/var/run/sshd" ]
`,
nil,
nil,
},
{
`
from {IMAGE}
add foo /usr/lib/bla/bar
run [ "$(cat /usr/lib/bla/bar)" = 'hello' ]
add http://{SERVERADDR}/baz /usr/lib/baz/quux
run [ "$(cat /usr/lib/baz/quux)" = 'world!' ]
`,
[][2]string{{"foo", "hello"}},
[][2]string{{"/baz", "world!"}},
},
{
`
from {IMAGE}
add f /
run [ "$(cat /f)" = "hello" ]
add f /abc
run [ "$(cat /abc)" = "hello" ]
add f /x/y/z
run [ "$(cat /x/y/z)" = "hello" ]
add f /x/y/d/
run [ "$(cat /x/y/d/f)" = "hello" ]
add d /
run [ "$(cat /ga)" = "bu" ]
add d /somewhere
run [ "$(cat /somewhere/ga)" = "bu" ]
add d /anotherplace/
run [ "$(cat /anotherplace/ga)" = "bu" ]
add d /somewheeeere/over/the/rainbooow
run [ "$(cat /somewheeeere/over/the/rainbooow/ga)" = "bu" ]
`,
[][2]string{
{"f", "hello"},
{"d/ga", "bu"},
},
nil,
},
{
`
from {IMAGE}
add http://{SERVERADDR}/x /a/b/c
run [ "$(cat /a/b/c)" = "hello" ]
add http://{SERVERADDR}/x?foo=bar /
run [ "$(cat /x)" = "hello" ]
add http://{SERVERADDR}/x /d/
run [ "$(cat /d/x)" = "hello" ]
add http://{SERVERADDR} /e
run [ "$(cat /e)" = "blah" ]
`,
nil,
[][2]string{{"/x", "hello"}, {"/", "blah"}},
},
// Comments, shebangs, and executability, oh my!
{
`
FROM {IMAGE}
# This is an ordinary comment.
RUN { echo '#!/bin/sh'; echo 'echo hello world'; } > /hello.sh
RUN [ ! -x /hello.sh ]
RUN chmod +x /hello.sh
RUN [ -x /hello.sh ]
RUN [ "$(cat /hello.sh)" = $'#!/bin/sh\necho hello world' ]
RUN [ "$(/hello.sh)" = "hello world" ]
`,
nil,
nil,
},
// Users and groups
{
`
FROM {IMAGE}
# Make sure our defaults work
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)" = '0:0/root:root' ]
# TODO decide if "args.user = strconv.Itoa(syscall.Getuid())" is acceptable behavior for changeUser in sysvinit instead of "return nil" when "USER" isn't specified (so that we get the proper group list even if that is the empty list, even in the default case of not supplying an explicit USER to run as, which implies USER 0)
USER root
RUN [ "$(id -G):$(id -Gn)" = '0:root' ]
# Setup dockerio user and group
RUN echo 'dockerio:x:1000:1000::/bin:/bin/false' >> /etc/passwd
RUN echo 'dockerio:x:1000:' >> /etc/group
# Make sure we can switch to our user and all the information is exactly as we expect it to be
USER dockerio
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1000/dockerio:dockerio/1000:dockerio' ]
# Switch back to root and double check that worked exactly as we might expect it to
USER root
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '0:0/root:root/0:root' ]
# Add a "supplementary" group for our dockerio user
RUN echo 'supplementary:x:1001:dockerio' >> /etc/group
# ... and then go verify that we get it like we expect
USER dockerio
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1000/dockerio:dockerio/1000 1001:dockerio supplementary' ]
USER 1000
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1000/dockerio:dockerio/1000 1001:dockerio supplementary' ]
# super test the new "user:group" syntax
USER dockerio:dockerio
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1000/dockerio:dockerio/1000:dockerio' ]
USER 1000:dockerio
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1000/dockerio:dockerio/1000:dockerio' ]
USER dockerio:1000
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1000/dockerio:dockerio/1000:dockerio' ]
USER 1000:1000
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1000/dockerio:dockerio/1000:dockerio' ]
USER dockerio:supplementary
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1001/dockerio:supplementary/1001:supplementary' ]
USER dockerio:1001
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1001/dockerio:supplementary/1001:supplementary' ]
USER 1000:supplementary
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1001/dockerio:supplementary/1001:supplementary' ]
USER 1000:1001
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1000:1001/dockerio:supplementary/1001:supplementary' ]
# make sure unknown uid/gid still works properly
USER 1042:1043
RUN [ "$(id -u):$(id -g)/$(id -un):$(id -gn)/$(id -G):$(id -Gn)" = '1042:1043/1042:1043/1043:1043' ]
`,
nil,
nil,
},
// Environment variable
{
`
from {IMAGE}
env FOO BAR
run [ "$FOO" = "BAR" ]
`,
nil,
nil,
},
// Environment overwriting
{
`
from {IMAGE}
env FOO BAR
run [ "$FOO" = "BAR" ]
env FOO BAZ
run [ "$FOO" = "BAZ" ]
`,
nil,
nil,
},
{
`
from {IMAGE}
ENTRYPOINT /bin/echo
CMD Hello world
`,
nil,
nil,
},
{
`
from {IMAGE}
VOLUME /test
CMD Hello world
`,
nil,
nil,
},
{
`
from {IMAGE}
env FOO /foo/baz
env BAR /bar
env BAZ $BAR
env FOOPATH $PATH:$FOO
run [ "$BAR" = "$BAZ" ]
run [ "$FOOPATH" = "$PATH:/foo/baz" ]
`,
nil,
nil,
},
{
`
from {IMAGE}
env FOO /bar
env TEST testdir
env BAZ /foobar
add testfile $BAZ/
add $TEST $FOO
run [ "$(cat /foobar/testfile)" = "test1" ]
run [ "$(cat /bar/withfile)" = "test2" ]
`,
[][2]string{
{"testfile", "test1"},
{"testdir/withfile", "test2"},
},
nil,
},
// JSON!
{
`
FROM {IMAGE}
RUN ["/bin/echo","hello","world"]
CMD ["/bin/true"]
ENTRYPOINT ["/bin/echo","your command -->"]
`,
nil,
nil,
},
{
`
FROM {IMAGE}
ADD test /test
RUN ["chmod","+x","/test"]
RUN ["/test"]
RUN [ "$(cat /testfile)" = 'test!' ]
`,
[][2]string{
{"test", "#!/bin/sh\necho 'test!' > /testfile"},
},
nil,
},
}
// FIXME: test building with 2 successive overlapping ADD commands
func constructDockerfile(template string, ip net.IP, port string) string {
serverAddr := fmt.Sprintf("%s:%s", ip, port)
replacer := strings.NewReplacer("{IMAGE}", unitTestImageID, "{SERVERADDR}", serverAddr)
return replacer.Replace(template)
}
func mkTestingFileServer(files [][2]string) (*httptest.Server, error) {
mux := http.NewServeMux()
for _, file := range files {
name, contents := file[0], file[1]
mux.HandleFunc(name, func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte(contents))
})
}
// This is how httptest.NewServer sets up a net.Listener, except that our listener must accept remote
// connections (from the container).
listener, err := net.Listen("tcp", ":0")
if err != nil {
return nil, err
}
s := httptest.NewUnstartedServer(mux)
s.Listener = listener
s.Start()
return s, nil
}
func TestBuild(t *testing.T) {
for _, ctx := range testContexts {
_, err := buildImage(ctx, t, nil, true)
if err != nil {
t.Fatal(err)
}
}
}
func buildImage(context testContextTemplate, t *testing.T, eng *engine.Engine, useCache bool) (*docker.Image, error) {
if eng == nil {
eng = NewTestEngine(t)
runtime := mkRuntimeFromEngine(eng, t)
// FIXME: we might not need runtime, why not simply nuke
// the engine?
defer nuke(runtime)
}
srv := mkServerFromEngine(eng, t)
httpServer, err := mkTestingFileServer(context.remoteFiles)
if err != nil {
t.Fatal(err)
}
defer httpServer.Close()
idx := strings.LastIndex(httpServer.URL, ":")
if idx < 0 {
t.Fatalf("could not get port from test http server address %s", httpServer.URL)
}
port := httpServer.URL[idx+1:]
iIP := eng.Hack_GetGlobalVar("httpapi.bridgeIP")
if iIP == nil {
t.Fatal("Legacy bridgeIP field not set in engine")
}
ip, ok := iIP.(net.IP)
if !ok {
panic("Legacy bridgeIP field in engine does not cast to net.IP")
}
dockerfile := constructDockerfile(context.dockerfile, ip, port)
buildfile := docker.NewBuildFile(srv, ioutil.Discard, ioutil.Discard, false, useCache, false, ioutil.Discard, utils.NewStreamFormatter(false), nil, nil)
id, err := buildfile.Build(context.Archive(dockerfile, t))
if err != nil {
return nil, err
}
return srv.ImageInspect(id)
}
func TestVolume(t *testing.T) {
img, err := buildImage(testContextTemplate{`
from {IMAGE}
volume /test
cmd Hello world
`, nil, nil}, t, nil, true)
if err != nil {
t.Fatal(err)
}
if len(img.Config.Volumes) == 0 {
t.Fail()
}
for key := range img.Config.Volumes {
if key != "/test" {
t.Fail()
}
}
}
func TestBuildMaintainer(t *testing.T) {
img, err := buildImage(testContextTemplate{`
from {IMAGE}
maintainer dockerio
`, nil, nil}, t, nil, true)
if err != nil {
t.Fatal(err)
}
if img.Author != "dockerio" {
t.Fail()
}
}
func TestBuildUser(t *testing.T) {
img, err := buildImage(testContextTemplate{`
from {IMAGE}
user dockerio
`, nil, nil}, t, nil, true)
if err != nil {
t.Fatal(err)
}
if img.Config.User != "dockerio" {
t.Fail()
}
}
func TestBuildEnv(t *testing.T) {
img, err := buildImage(testContextTemplate{`
from {IMAGE}
env port 4243
`,
nil, nil}, t, nil, true)
if err != nil {
t.Fatal(err)
}
hasEnv := false
for _, envVar := range img.Config.Env {
if envVar == "port=4243" {
hasEnv = true
break
}
}
if !hasEnv {
t.Fail()
}
}
func TestBuildCmd(t *testing.T) {
img, err := buildImage(testContextTemplate{`
from {IMAGE}
cmd ["/bin/echo", "Hello World"]
`,
nil, nil}, t, nil, true)
if err != nil {
t.Fatal(err)
}
if img.Config.Cmd[0] != "/bin/echo" {
t.Log(img.Config.Cmd[0])
t.Fail()
}
if img.Config.Cmd[1] != "Hello World" {
t.Log(img.Config.Cmd[1])
t.Fail()
}
}
func TestBuildExpose(t *testing.T) {
img, err := buildImage(testContextTemplate{`
from {IMAGE}
expose 4243
`,
nil, nil}, t, nil, true)
if err != nil {
t.Fatal(err)
}
if img.Config.PortSpecs[0] != "4243" {
t.Fail()
}
}
func TestBuildEntrypoint(t *testing.T) {
img, err := buildImage(testContextTemplate{`
from {IMAGE}
entrypoint ["/bin/echo"]
`,
nil, nil}, t, nil, true)
if err != nil {
t.Fatal(err)
}
if img.Config.Entrypoint[0] != "/bin/echo" {
t.Log(img.Config.Entrypoint[0])
t.Fail()
}
}
// testing #1405 - config.Cmd does not get cleaned up if
// utilizing cache
func TestBuildEntrypointRunCleanup(t *testing.T) {
eng := NewTestEngine(t)
defer nuke(mkRuntimeFromEngine(eng, t))
img, err := buildImage(testContextTemplate{`
from {IMAGE}
run echo "hello"
`,
nil, nil}, t, eng, true)
if err != nil {
t.Fatal(err)
}
img, err = buildImage(testContextTemplate{`
from {IMAGE}
run echo "hello"
add foo /foo
entrypoint ["/bin/echo"]
`,
[][2]string{{"foo", "HEYO"}}, nil}, t, eng, true)
if err != nil {
t.Fatal(err)
}
if len(img.Config.Cmd) != 0 {
t.Fail()
}
}
func checkCacheBehavior(t *testing.T, template testContextTemplate, expectHit bool) (imageId string) {
eng := NewTestEngine(t)
defer nuke(mkRuntimeFromEngine(eng, t))
img, err := buildImage(template, t, eng, true)
if err != nil {
t.Fatal(err)
}
imageId = img.ID
img, err = buildImage(template, t, eng, expectHit)
if err != nil {
t.Fatal(err)
}
if hit := imageId == img.ID; hit != expectHit {
t.Fatalf("Cache misbehavior, got hit=%t, expected hit=%t: (first: %s, second %s)", hit, expectHit, imageId, img.ID)
}
return
}
func checkCacheBehaviorFromEngime(t *testing.T, template testContextTemplate, expectHit bool, eng *engine.Engine) (imageId string) {
img, err := buildImage(template, t, eng, true)
if err != nil {
t.Fatal(err)
}
imageId = img.ID
img, err = buildImage(template, t, eng, expectHit)
if err != nil {
t.Fatal(err)
}
if hit := imageId == img.ID; hit != expectHit {
t.Fatalf("Cache misbehavior, got hit=%t, expected hit=%t: (first: %s, second %s)", hit, expectHit, imageId, img.ID)
}
return
}
func TestBuildImageWithCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
`,
nil, nil}
checkCacheBehavior(t, template, true)
}
func TestBuildImageWithoutCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
`,
nil, nil}
checkCacheBehavior(t, template, false)
}
func TestBuildADDLocalFileWithCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
run echo "first"
add foo /usr/lib/bla/bar
run [ "$(cat /usr/lib/bla/bar)" = "hello" ]
run echo "second"
add . /src/
run [ "$(cat /src/foo)" = "hello" ]
`,
[][2]string{
{"foo", "hello"},
},
nil}
eng := NewTestEngine(t)
defer nuke(mkRuntimeFromEngine(eng, t))
id1 := checkCacheBehaviorFromEngime(t, template, true, eng)
template.files = append(template.files, [2]string{"bar", "hello2"})
id2 := checkCacheBehaviorFromEngime(t, template, true, eng)
if id1 == id2 {
t.Fatal("The cache should have been invalided but hasn't.")
}
id3 := checkCacheBehaviorFromEngime(t, template, true, eng)
if id2 != id3 {
t.Fatal("The cache should have been used but hasn't.")
}
template.files[1][1] = "hello3"
id4 := checkCacheBehaviorFromEngime(t, template, true, eng)
if id3 == id4 {
t.Fatal("The cache should have been invalided but hasn't.")
}
template.dockerfile += `
add ./bar /src2/
run ls /src2/bar
`
id5 := checkCacheBehaviorFromEngime(t, template, true, eng)
if id4 == id5 {
t.Fatal("The cache should have been invalided but hasn't.")
}
template.files[1][1] = "hello4"
id6 := checkCacheBehaviorFromEngime(t, template, true, eng)
if id5 == id6 {
t.Fatal("The cache should have been invalided but hasn't.")
}
template.dockerfile += `
add bar /src2/bar2
add /bar /src2/bar3
run ls /src2/bar2 /src2/bar3
`
id7 := checkCacheBehaviorFromEngime(t, template, true, eng)
if id6 == id7 {
t.Fatal("The cache should have been invalided but hasn't.")
}
template.files[1][1] = "hello5"
id8 := checkCacheBehaviorFromEngime(t, template, true, eng)
if id7 == id8 {
t.Fatal("The cache should have been invalided but hasn't.")
}
}
func TestBuildADDLocalFileWithoutCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
run echo "first"
add foo /usr/lib/bla/bar
run echo "second"
`,
[][2]string{{"foo", "hello"}},
nil}
checkCacheBehavior(t, template, false)
}
func TestBuildADDCurrentDirectoryWithCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
add . /usr/lib/bla
`,
nil, nil}
checkCacheBehavior(t, template, true)
}
func TestBuildADDCurrentDirectoryWithoutCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
add . /usr/lib/bla
`,
nil, nil}
checkCacheBehavior(t, template, false)
}
func TestBuildADDRemoteFileWithCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
run echo "first"
add http://{SERVERADDR}/baz /usr/lib/baz/quux
run echo "second"
`,
nil,
[][2]string{{"/baz", "world!"}}}
checkCacheBehavior(t, template, true)
}
func TestBuildADDRemoteFileWithoutCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
run echo "first"
add http://{SERVERADDR}/baz /usr/lib/baz/quux
run echo "second"
`,
nil,
[][2]string{{"/baz", "world!"}}}
checkCacheBehavior(t, template, false)
}
func TestBuildADDLocalAndRemoteFilesWithCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
run echo "first"
add foo /usr/lib/bla/bar
add http://{SERVERADDR}/baz /usr/lib/baz/quux
run echo "second"
`,
[][2]string{{"foo", "hello"}},
[][2]string{{"/baz", "world!"}}}
checkCacheBehavior(t, template, true)
}
func TestBuildADDLocalAndRemoteFilesWithoutCache(t *testing.T) {
template := testContextTemplate{`
from {IMAGE}
maintainer dockerio
run echo "first"
add foo /usr/lib/bla/bar
add http://{SERVERADDR}/baz /usr/lib/baz/quux
run echo "second"
`,
[][2]string{{"foo", "hello"}},
[][2]string{{"/baz", "world!"}}}
checkCacheBehavior(t, template, false)
}
func TestForbiddenContextPath(t *testing.T) {
eng := NewTestEngine(t)
defer nuke(mkRuntimeFromEngine(eng, t))
srv := mkServerFromEngine(eng, t)
context := testContextTemplate{`
from {IMAGE}
maintainer dockerio
add ../../ test/
`,
[][2]string{{"test.txt", "test1"}, {"other.txt", "other"}}, nil}
httpServer, err := mkTestingFileServer(context.remoteFiles)
if err != nil {
t.Fatal(err)
}
defer httpServer.Close()
idx := strings.LastIndex(httpServer.URL, ":")
if idx < 0 {
t.Fatalf("could not get port from test http server address %s", httpServer.URL)
}
port := httpServer.URL[idx+1:]
iIP := eng.Hack_GetGlobalVar("httpapi.bridgeIP")
if iIP == nil {
t.Fatal("Legacy bridgeIP field not set in engine")
}
ip, ok := iIP.(net.IP)
if !ok {
panic("Legacy bridgeIP field in engine does not cast to net.IP")
}
dockerfile := constructDockerfile(context.dockerfile, ip, port)
buildfile := docker.NewBuildFile(srv, ioutil.Discard, ioutil.Discard, false, true, false, ioutil.Discard, utils.NewStreamFormatter(false), nil, nil)
_, err = buildfile.Build(context.Archive(dockerfile, t))
if err == nil {
t.Log("Error should not be nil")
t.Fail()
}
if err.Error() != "Forbidden path outside the build context: ../../ (/)" {
t.Logf("Error message is not expected: %s", err.Error())
t.Fail()
}
}
func TestBuildADDFileNotFound(t *testing.T) {
eng := NewTestEngine(t)
defer nuke(mkRuntimeFromEngine(eng, t))
context := testContextTemplate{`
from {IMAGE}
add foo /usr/local/bar
`,
nil, nil}
httpServer, err := mkTestingFileServer(context.remoteFiles)
if err != nil {
t.Fatal(err)
}
defer httpServer.Close()
idx := strings.LastIndex(httpServer.URL, ":")
if idx < 0 {
t.Fatalf("could not get port from test http server address %s", httpServer.URL)
}
port := httpServer.URL[idx+1:]
iIP := eng.Hack_GetGlobalVar("httpapi.bridgeIP")
if iIP == nil {
t.Fatal("Legacy bridgeIP field not set in engine")
}
ip, ok := iIP.(net.IP)
if !ok {
panic("Legacy bridgeIP field in engine does not cast to net.IP")
}
dockerfile := constructDockerfile(context.dockerfile, ip, port)
buildfile := docker.NewBuildFile(mkServerFromEngine(eng, t), ioutil.Discard, ioutil.Discard, false, true, false, ioutil.Discard, utils.NewStreamFormatter(false), nil, nil)
_, err = buildfile.Build(context.Archive(dockerfile, t))
if err == nil {
t.Log("Error should not be nil")
t.Fail()
}
if err.Error() != "foo: no such file or directory" {
t.Logf("Error message is not expected: %s", err.Error())
t.Fail()
}
}
func TestBuildInheritance(t *testing.T) {
eng := NewTestEngine(t)
defer nuke(mkRuntimeFromEngine(eng, t))
img, err := buildImage(testContextTemplate{`
from {IMAGE}
expose 4243
`,
nil, nil}, t, eng, true)
if err != nil {
t.Fatal(err)
}
img2, _ := buildImage(testContextTemplate{fmt.Sprintf(`
from %s
entrypoint ["/bin/echo"]
`, img.ID),
nil, nil}, t, eng, true)
if err != nil {
t.Fatal(err)
}
// from child
if img2.Config.Entrypoint[0] != "/bin/echo" {
t.Fail()
}
// from parent
if img.Config.PortSpecs[0] != "4243" {
t.Fail()
}
}
func TestBuildFails(t *testing.T) {
_, err := buildImage(testContextTemplate{`
from {IMAGE}
run sh -c "exit 23"
`,
nil, nil}, t, nil, true)
if err == nil {
t.Fatal("Error should not be nil")
}
sterr, ok := err.(*utils.JSONError)
if !ok {
t.Fatalf("Error should be utils.JSONError")
}
if sterr.Code != 23 {
t.Fatalf("StatusCode %d unexpected, should be 23", sterr.Code)
}
}
func TestBuildFailsDockerfileEmpty(t *testing.T) {
_, err := buildImage(testContextTemplate{``, nil, nil}, t, nil, true)
if err != docker.ErrDockerfileEmpty {
t.Fatal("Expected: %v, got: %v", docker.ErrDockerfileEmpty, err)
}
}
func TestBuildOnBuildTrigger(t *testing.T) {
_, err := buildImage(testContextTemplate{`
from {IMAGE}
onbuild run echo here is the trigger
onbuild run touch foobar
`,
nil, nil,
},
t, nil, true,
)
if err != nil {
t.Fatal(err)
}
// FIXME: test that the 'foobar' file was created in the final build.
}
func TestBuildOnBuildForbiddenChainedTrigger(t *testing.T) {
_, err := buildImage(testContextTemplate{`
from {IMAGE}
onbuild onbuild run echo test
`,
nil, nil,
},
t, nil, true,
)
if err == nil {
t.Fatal("Error should not be nil")
}
}
func TestBuildOnBuildForbiddenFromTrigger(t *testing.T) {
_, err := buildImage(testContextTemplate{`
from {IMAGE}
onbuild from {IMAGE}
`,
nil, nil,
},
t, nil, true,
)
if err == nil {
t.Fatal("Error should not be nil")
}
}
func TestBuildOnBuildForbiddenMaintainerTrigger(t *testing.T) {
_, err := buildImage(testContextTemplate{`
from {IMAGE}
onbuild maintainer test
`,
nil, nil,
},
t, nil, true,
)
if err == nil {
t.Fatal("Error should not be nil")
}
}