-
Notifications
You must be signed in to change notification settings - Fork 18.6k
/
protect.go
233 lines (203 loc) · 6.79 KB
/
protect.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
package environment
import (
"context"
"testing"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/container"
"github.com/docker/docker/api/types/filters"
"github.com/docker/docker/api/types/image"
"github.com/docker/docker/api/types/volume"
"github.com/docker/docker/errdefs"
"github.com/docker/docker/testutil"
"go.opentelemetry.io/otel"
"gotest.tools/v3/assert"
)
var frozenImages = []string{"busybox:latest", "busybox:glibc", "hello-world:frozen", "debian:bookworm-slim"}
type protectedElements struct {
containers map[string]struct{}
images map[string]struct{}
networks map[string]struct{}
plugins map[string]struct{}
volumes map[string]struct{}
}
func newProtectedElements() protectedElements {
return protectedElements{
containers: map[string]struct{}{},
images: map[string]struct{}{},
networks: map[string]struct{}{},
plugins: map[string]struct{}{},
volumes: map[string]struct{}{},
}
}
// ProtectAll protects the existing environment (containers, images, networks,
// volumes, and, on Linux, plugins) from being cleaned up at the end of test
// runs
func ProtectAll(ctx context.Context, t testing.TB, testEnv *Execution) {
testutil.CheckNotParallel(t)
t.Helper()
ctx, span := otel.Tracer("").Start(ctx, "ProtectAll")
defer span.End()
ProtectContainers(ctx, t, testEnv)
ProtectImages(ctx, t, testEnv)
ProtectNetworks(ctx, t, testEnv)
ProtectVolumes(ctx, t, testEnv)
if testEnv.DaemonInfo.OSType == "linux" {
ProtectPlugins(ctx, t, testEnv)
}
}
// ProtectContainer adds the specified container(s) to be protected in case of
// clean
func (e *Execution) ProtectContainer(t testing.TB, containers ...string) {
t.Helper()
for _, container := range containers {
e.protectedElements.containers[container] = struct{}{}
}
}
// ProtectContainers protects existing containers from being cleaned up at the
// end of test runs
func ProtectContainers(ctx context.Context, t testing.TB, testEnv *Execution) {
t.Helper()
containers := getExistingContainers(ctx, t, testEnv)
testEnv.ProtectContainer(t, containers...)
}
func getExistingContainers(ctx context.Context, t testing.TB, testEnv *Execution) []string {
t.Helper()
client := testEnv.APIClient()
containerList, err := client.ContainerList(ctx, container.ListOptions{
All: true,
})
assert.NilError(t, err, "failed to list containers")
var containers []string
for _, container := range containerList {
containers = append(containers, container.ID)
}
return containers
}
// ProtectImage adds the specified image(s) to be protected in case of clean
func (e *Execution) ProtectImage(t testing.TB, images ...string) {
t.Helper()
for _, img := range images {
e.protectedElements.images[img] = struct{}{}
}
}
// ProtectImages protects existing images and on linux frozen images from being
// cleaned up at the end of test runs
func ProtectImages(ctx context.Context, t testing.TB, testEnv *Execution) {
t.Helper()
images := getExistingImages(ctx, t, testEnv)
if testEnv.DaemonInfo.OSType == "linux" {
images = append(images, frozenImages...)
}
testEnv.ProtectImage(t, images...)
}
func getExistingImages(ctx context.Context, t testing.TB, testEnv *Execution) []string {
t.Helper()
client := testEnv.APIClient()
imageList, err := client.ImageList(ctx, image.ListOptions{
All: true,
Filters: filters.NewArgs(filters.Arg("dangling", "false")),
})
assert.NilError(t, err, "failed to list images")
var images []string
for _, img := range imageList {
images = append(images, tagsFromImageSummary(img)...)
}
return images
}
func tagsFromImageSummary(image image.Summary) []string {
var result []string
for _, tag := range image.RepoTags {
// Starting from API 1.43 no longer outputs the hardcoded <none>
// strings. But since the tests might be ran against a remote
// daemon/pre 1.43 CLI we must still be able to handle it.
if tag != "<none>:<none>" {
result = append(result, tag)
}
}
for _, digest := range image.RepoDigests {
if digest != "<none>@<none>" {
result = append(result, digest)
}
}
return result
}
// ProtectNetwork adds the specified network(s) to be protected in case of
// clean
func (e *Execution) ProtectNetwork(t testing.TB, networks ...string) {
t.Helper()
for _, network := range networks {
e.protectedElements.networks[network] = struct{}{}
}
}
// ProtectNetworks protects existing networks from being cleaned up at the end
// of test runs
func ProtectNetworks(ctx context.Context, t testing.TB, testEnv *Execution) {
t.Helper()
networks := getExistingNetworks(ctx, t, testEnv)
testEnv.ProtectNetwork(t, networks...)
}
func getExistingNetworks(ctx context.Context, t testing.TB, testEnv *Execution) []string {
t.Helper()
client := testEnv.APIClient()
networkList, err := client.NetworkList(ctx, types.NetworkListOptions{})
assert.NilError(t, err, "failed to list networks")
var networks []string
for _, network := range networkList {
networks = append(networks, network.ID)
}
return networks
}
// ProtectPlugin adds the specified plugin(s) to be protected in case of clean
func (e *Execution) ProtectPlugin(t testing.TB, plugins ...string) {
t.Helper()
for _, plugin := range plugins {
e.protectedElements.plugins[plugin] = struct{}{}
}
}
// ProtectPlugins protects existing plugins from being cleaned up at the end of
// test runs
func ProtectPlugins(ctx context.Context, t testing.TB, testEnv *Execution) {
t.Helper()
plugins := getExistingPlugins(ctx, t, testEnv)
testEnv.ProtectPlugin(t, plugins...)
}
func getExistingPlugins(ctx context.Context, t testing.TB, testEnv *Execution) []string {
t.Helper()
client := testEnv.APIClient()
pluginList, err := client.PluginList(ctx, filters.Args{})
// Docker EE does not allow cluster-wide plugin management.
if errdefs.IsNotImplemented(err) {
return []string{}
}
assert.NilError(t, err, "failed to list plugins")
var plugins []string
for _, plugin := range pluginList {
plugins = append(plugins, plugin.Name)
}
return plugins
}
// ProtectVolume adds the specified volume(s) to be protected in case of clean
func (e *Execution) ProtectVolume(t testing.TB, volumes ...string) {
t.Helper()
for _, vol := range volumes {
e.protectedElements.volumes[vol] = struct{}{}
}
}
// ProtectVolumes protects existing volumes from being cleaned up at the end of
// test runs
func ProtectVolumes(ctx context.Context, t testing.TB, testEnv *Execution) {
t.Helper()
volumes := getExistingVolumes(ctx, t, testEnv)
testEnv.ProtectVolume(t, volumes...)
}
func getExistingVolumes(ctx context.Context, t testing.TB, testEnv *Execution) []string {
t.Helper()
client := testEnv.APIClient()
volumeList, err := client.VolumeList(ctx, volume.ListOptions{})
assert.NilError(t, err, "failed to list volumes")
var volumes []string
for _, vol := range volumeList.Volumes {
volumes = append(volumes, vol.Name)
}
return volumes
}