-
Notifications
You must be signed in to change notification settings - Fork 0
/
fixtures_linux_daemon.go
143 lines (121 loc) · 4.31 KB
/
fixtures_linux_daemon.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
package main
import (
"fmt"
"io/ioutil"
"os"
"os/exec"
"path/filepath"
"runtime"
"strings"
"sync"
"testing"
"github.com/docker/docker/integration-cli/fixtures/load"
"github.com/docker/docker/pkg/integration/checker"
"github.com/go-check/check"
)
func ensureFrozenImagesLinux(t *testing.T) {
images := []string{"busybox:latest", "hello-world:frozen", "debian:jessie"}
err := load.FrozenImagesLinux(dockerBinary, images...)
if err != nil {
t.Log(dockerCmdWithError("images"))
t.Fatalf("%+v", err)
}
for _, img := range images {
protectedImages[img] = struct{}{}
}
}
var ensureSyscallTestOnce sync.Once
func ensureSyscallTest(c *check.C) {
var doIt bool
ensureSyscallTestOnce.Do(func() {
doIt = true
})
if !doIt {
return
}
protectedImages["syscall-test:latest"] = struct{}{}
// if no match, must build in docker, which is significantly slower
// (slower mostly because of the vfs graphdriver)
if daemonPlatform != runtime.GOOS {
ensureSyscallTestBuild(c)
return
}
tmp, err := ioutil.TempDir("", "syscall-test-build")
c.Assert(err, checker.IsNil, check.Commentf("couldn't create temp dir"))
defer os.RemoveAll(tmp)
gcc, err := exec.LookPath("gcc")
c.Assert(err, checker.IsNil, check.Commentf("could not find gcc"))
tests := []string{"userns", "ns", "acct", "setuid", "setgid", "socket", "raw"}
for _, test := range tests {
out, err := exec.Command(gcc, "-g", "-Wall", "-static", fmt.Sprintf("../contrib/syscall-test/%s.c", test), "-o", fmt.Sprintf("%s/%s-test", tmp, test)).CombinedOutput()
c.Assert(err, checker.IsNil, check.Commentf(string(out)))
}
if runtime.GOOS == "linux" && runtime.GOARCH == "amd64" {
out, err := exec.Command(gcc, "-s", "-m32", "-nostdlib", "../contrib/syscall-test/exit32.s", "-o", tmp+"/"+"exit32-test").CombinedOutput()
c.Assert(err, checker.IsNil, check.Commentf(string(out)))
}
dockerFile := filepath.Join(tmp, "Dockerfile")
content := []byte(`
FROM debian:jessie
COPY . /usr/bin/
`)
err = ioutil.WriteFile(dockerFile, content, 600)
c.Assert(err, checker.IsNil)
var buildArgs []string
if arg := os.Getenv("DOCKER_BUILD_ARGS"); strings.TrimSpace(arg) != "" {
buildArgs = strings.Split(arg, " ")
}
buildArgs = append(buildArgs, []string{"-q", "-t", "syscall-test", tmp}...)
buildArgs = append([]string{"build"}, buildArgs...)
dockerCmd(c, buildArgs...)
}
func ensureSyscallTestBuild(c *check.C) {
err := load.FrozenImagesLinux(dockerBinary, "buildpack-deps:jessie")
c.Assert(err, checker.IsNil)
var buildArgs []string
if arg := os.Getenv("DOCKER_BUILD_ARGS"); strings.TrimSpace(arg) != "" {
buildArgs = strings.Split(arg, " ")
}
buildArgs = append(buildArgs, []string{"-q", "-t", "syscall-test", "../contrib/syscall-test"}...)
buildArgs = append([]string{"build"}, buildArgs...)
dockerCmd(c, buildArgs...)
}
func ensureNNPTest(c *check.C) {
protectedImages["nnp-test:latest"] = struct{}{}
if daemonPlatform != runtime.GOOS {
ensureNNPTestBuild(c)
return
}
tmp, err := ioutil.TempDir("", "docker-nnp-test")
c.Assert(err, checker.IsNil)
gcc, err := exec.LookPath("gcc")
c.Assert(err, checker.IsNil, check.Commentf("could not find gcc"))
out, err := exec.Command(gcc, "-g", "-Wall", "-static", "../contrib/nnp-test/nnp-test.c", "-o", filepath.Join(tmp, "nnp-test")).CombinedOutput()
c.Assert(err, checker.IsNil, check.Commentf(string(out)))
dockerfile := filepath.Join(tmp, "Dockerfile")
content := `
FROM debian:jessie
COPY . /usr/bin
RUN chmod +s /usr/bin/nnp-test
`
err = ioutil.WriteFile(dockerfile, []byte(content), 600)
c.Assert(err, checker.IsNil, check.Commentf("could not write Dockerfile for nnp-test image"))
var buildArgs []string
if arg := os.Getenv("DOCKER_BUILD_ARGS"); strings.TrimSpace(arg) != "" {
buildArgs = strings.Split(arg, " ")
}
buildArgs = append(buildArgs, []string{"-q", "-t", "nnp-test", tmp}...)
buildArgs = append([]string{"build"}, buildArgs...)
dockerCmd(c, buildArgs...)
}
func ensureNNPTestBuild(c *check.C) {
err := load.FrozenImagesLinux(dockerBinary, "buildpack-deps:jessie")
c.Assert(err, checker.IsNil)
var buildArgs []string
if arg := os.Getenv("DOCKER_BUILD_ARGS"); strings.TrimSpace(arg) != "" {
buildArgs = strings.Split(arg, " ")
}
buildArgs = append(buildArgs, []string{"-q", "-t", "npp-test", "../contrib/nnp-test"}...)
buildArgs = append([]string{"build"}, buildArgs...)
dockerCmd(c, buildArgs...)
}