get.porter.sh/porter@v1.3.0/pkg/cnab/provider/driver_test.go (about) 1 package cnabprovider 2 3 import ( 4 "testing" 5 6 "get.porter.sh/porter/pkg/cnab" 7 "github.com/cnabio/cnab-go/driver/docker" 8 "github.com/stretchr/testify/assert" 9 "github.com/stretchr/testify/require" 10 ) 11 12 func TestNewDriver_Docker(t *testing.T) { 13 t.Parallel() 14 15 t.Run("vanilla docker", func(t *testing.T) { 16 t.Parallel() 17 18 r := NewTestRuntime(t) 19 defer r.Close() 20 21 driver, err := r.newDriver(DriverNameDocker, ActionArguments{}) 22 23 require.NoError(t, err) 24 assert.IsType(t, driver, &docker.Driver{}) 25 }) 26 27 t.Run("docker with host access", func(t *testing.T) { 28 t.Parallel() 29 30 r := NewTestRuntime(t) 31 // mock retrieving the docker group id on linux 32 r.MockGetDockerGroupId() 33 defer r.Close() 34 35 _, err := r.FileSystem.Create("/var/run/docker.sock") 36 require.NoError(t, err) 37 args := ActionArguments{ 38 AllowDockerHostAccess: true, 39 } 40 41 driver, err := r.newDriver(DriverNameDocker, args) 42 43 require.NoError(t, err) 44 assert.IsType(t, driver, &docker.Driver{}) 45 }) 46 47 t.Run("docker with host access, mismatch driver name", func(t *testing.T) { 48 t.Parallel() 49 50 r := NewTestRuntime(t) 51 r.MockGetDockerGroupId() 52 defer r.Close() 53 54 args := ActionArguments{ 55 AllowDockerHostAccess: true, 56 } 57 58 _, err := r.newDriver("custom-driver", args) 59 60 assert.EqualError(t, err, "allow-docker-host-access was enabled, but the driver is custom-driver") 61 }) 62 63 t.Run("docker with host access, default config", func(t *testing.T) { 64 t.Parallel() 65 66 r := NewTestRuntime(t) 67 r.MockGetDockerGroupId() 68 defer r.Close() 69 70 // Currently, toggling Privileged is the only config exposed to users 71 // Here we supply no override, so expect Privileged to be false 72 r.Extensions[cnab.DockerExtensionKey] = cnab.Docker{} 73 _, err := r.FileSystem.Create("/var/run/docker.sock") 74 require.NoError(t, err) 75 args := ActionArguments{ 76 AllowDockerHostAccess: true, 77 } 78 79 driver, err := r.newDriver(DriverNameDocker, args) 80 require.NoError(t, err) 81 assert.IsType(t, driver, &docker.Driver{}) 82 83 dockerish, ok := driver.(*docker.Driver) 84 assert.True(t, ok) 85 86 err = dockerish.ApplyConfigurationOptions() 87 assert.NoError(t, err) 88 89 containerHostCfg, err := dockerish.GetContainerHostConfig() 90 require.NoError(t, err) 91 require.Equal(t, false, containerHostCfg.Privileged) 92 }) 93 94 t.Run("docker with host access, privileged true", func(t *testing.T) { 95 t.Parallel() 96 97 r := NewTestRuntime(t) 98 r.MockGetDockerGroupId() 99 defer r.Close() 100 101 // Currently, toggling Privileged is the only config exposed to users 102 // Here we supply an override, so expect Privileged to be set to the override 103 r.Extensions[cnab.DockerExtensionKey] = cnab.Docker{ 104 Privileged: true, 105 } 106 _, err := r.FileSystem.Create("/var/run/docker.sock") 107 require.NoError(t, err) 108 args := ActionArguments{ 109 AllowDockerHostAccess: true, 110 } 111 112 driver, err := r.newDriver(DriverNameDocker, args) 113 require.NoError(t, err) 114 assert.IsType(t, driver, &docker.Driver{}) 115 116 dockerish, ok := driver.(*docker.Driver) 117 assert.True(t, ok) 118 119 err = dockerish.ApplyConfigurationOptions() 120 assert.NoError(t, err) 121 122 containerHostCfg, err := dockerish.GetContainerHostConfig() 123 require.NoError(t, err) 124 require.Equal(t, true, containerHostCfg.Privileged) 125 }) 126 127 t.Run("docker with host access, default config, and host volume mounts", func(t *testing.T) { 128 t.Parallel() 129 130 r := NewTestRuntime(t) 131 r.MockGetDockerGroupId() 132 defer r.Close() 133 134 r.Extensions[cnab.DockerExtensionKey] = cnab.Docker{} 135 _, err := r.FileSystem.Create("/var/run/docker.sock") 136 require.NoError(t, err) 137 _, err = r.FileSystem.Create("/sourceFolder") 138 require.NoError(t, err) 139 _, err = r.FileSystem.Create("/sourceFolder2") 140 require.NoError(t, err) 141 _, err = r.FileSystem.Create("/sourceFolder3") 142 require.NoError(t, err) 143 144 args := ActionArguments{ 145 AllowDockerHostAccess: true, 146 HostVolumeMounts: []HostVolumeMountSpec{ 147 { 148 Source: "/sourceFolder", 149 Target: "/targetFolder", 150 }, 151 { 152 Source: "/sourceFolder2", 153 Target: "/targetFolder2", 154 ReadOnly: true, 155 }, 156 { 157 Source: "/sourceFolder3", 158 Target: "/targetFolder3", 159 ReadOnly: false, 160 }, 161 }, 162 } 163 164 driver, err := r.newDriver(DriverNameDocker, args) 165 require.NoError(t, err) 166 assert.IsType(t, driver, &docker.Driver{}) 167 168 dockerish, ok := driver.(*docker.Driver) 169 assert.True(t, ok) 170 171 err = dockerish.ApplyConfigurationOptions() 172 assert.NoError(t, err) 173 174 containerHostCfg, err := dockerish.GetContainerHostConfig() 175 require.NoError(t, err) 176 require.Equal(t, false, containerHostCfg.Privileged) 177 178 require.Len(t, containerHostCfg.Mounts, 4) //includes the docker socket mount 179 assert.Equal(t, "/sourceFolder", containerHostCfg.Mounts[1].Source) 180 assert.Equal(t, "/targetFolder", containerHostCfg.Mounts[1].Target) 181 assert.Equal(t, false, containerHostCfg.Mounts[1].ReadOnly) 182 assert.Equal(t, "/sourceFolder2", containerHostCfg.Mounts[2].Source) 183 assert.Equal(t, "/targetFolder2", containerHostCfg.Mounts[2].Target) 184 assert.Equal(t, true, containerHostCfg.Mounts[2].ReadOnly) 185 assert.Equal(t, "/sourceFolder3", containerHostCfg.Mounts[3].Source) 186 assert.Equal(t, "/targetFolder3", containerHostCfg.Mounts[3].Target) 187 assert.Equal(t, false, containerHostCfg.Mounts[3].ReadOnly) 188 }) 189 190 t.Run("host volume mount, docker driver, with multiple mounts", func(t *testing.T) { 191 t.Parallel() 192 193 r := NewTestRuntime(t) 194 defer r.Close() 195 196 _, err := r.FileSystem.Create("/sourceFolder") 197 require.NoError(t, err) 198 _, err = r.FileSystem.Create("/sourceFolder2") 199 require.NoError(t, err) 200 _, err = r.FileSystem.Create("/sourceFolder3") 201 require.NoError(t, err) 202 203 args := ActionArguments{ 204 HostVolumeMounts: []HostVolumeMountSpec{ 205 { 206 Source: "/sourceFolder", 207 Target: "/targetFolder", 208 }, 209 { 210 Source: "/sourceFolder2", 211 Target: "/targetFolder2", 212 ReadOnly: true, 213 }, 214 { 215 Source: "/sourceFolder3", 216 Target: "/targetFolder3", 217 ReadOnly: false, 218 }, 219 }, 220 } 221 222 driver, err := r.newDriver(DriverNameDocker, args) 223 224 require.NoError(t, err) 225 assert.IsType(t, driver, &docker.Driver{}) 226 227 dockerish, ok := driver.(*docker.Driver) 228 assert.True(t, ok) 229 230 err = dockerish.ApplyConfigurationOptions() 231 assert.NoError(t, err) 232 233 containerHostCfg, err := dockerish.GetContainerHostConfig() 234 require.NoError(t, err) 235 236 require.Len(t, containerHostCfg.Mounts, 3) 237 assert.Equal(t, "/sourceFolder", containerHostCfg.Mounts[0].Source) 238 assert.Equal(t, "/targetFolder", containerHostCfg.Mounts[0].Target) 239 assert.Equal(t, false, containerHostCfg.Mounts[0].ReadOnly) 240 assert.Equal(t, "/sourceFolder2", containerHostCfg.Mounts[1].Source) 241 assert.Equal(t, "/targetFolder2", containerHostCfg.Mounts[1].Target) 242 assert.Equal(t, true, containerHostCfg.Mounts[1].ReadOnly) 243 assert.Equal(t, "/sourceFolder3", containerHostCfg.Mounts[2].Source) 244 assert.Equal(t, "/targetFolder3", containerHostCfg.Mounts[2].Target) 245 assert.Equal(t, false, containerHostCfg.Mounts[2].ReadOnly) 246 247 }) 248 249 t.Run("host volume mount, docker driver, with single mount", func(t *testing.T) { 250 t.Parallel() 251 252 r := NewTestRuntime(t) 253 defer r.Close() 254 255 _, err := r.FileSystem.Create("/sourceFolder") 256 require.NoError(t, err) 257 258 args := ActionArguments{ 259 HostVolumeMounts: []HostVolumeMountSpec{ 260 { 261 Source: "/sourceFolder", 262 Target: "/targetFolder", 263 }, 264 }, 265 } 266 267 driver, err := r.newDriver(DriverNameDocker, args) 268 269 require.NoError(t, err) 270 assert.IsType(t, driver, &docker.Driver{}) 271 272 dockerish, ok := driver.(*docker.Driver) 273 assert.True(t, ok) 274 275 err = dockerish.ApplyConfigurationOptions() 276 assert.NoError(t, err) 277 278 containerHostCfg, err := dockerish.GetContainerHostConfig() 279 require.NoError(t, err) 280 281 require.Len(t, containerHostCfg.Mounts, 1) 282 assert.Equal(t, "/sourceFolder", containerHostCfg.Mounts[0].Source) 283 assert.Equal(t, "/targetFolder", containerHostCfg.Mounts[0].Target) 284 assert.Equal(t, false, containerHostCfg.Mounts[0].ReadOnly) 285 }) 286 287 t.Run("host volume mount, mismatch driver name", func(t *testing.T) { 288 t.Parallel() 289 290 r := NewTestRuntime(t) 291 r.MockGetDockerGroupId() 292 defer r.Close() 293 294 args := ActionArguments{ 295 HostVolumeMounts: []HostVolumeMountSpec{ 296 { 297 Source: "/sourceFolder", 298 Target: "/targetFolder", 299 }, 300 }, 301 } 302 303 _, err := r.newDriver("custom-driver", args) 304 305 assert.EqualError(t, err, "mount-host-volume was was used to mount a volume, but the driver is custom-driver") 306 }) 307 }