From d7096f7e66ddc7a71bec38d93985b9a57acc4da6 Mon Sep 17 00:00:00 2001 From: Brad Rydzewski Date: Tue, 18 Mar 2014 23:21:04 -0700 Subject: [PATCH] added code for privileged mode with unit tests --- pkg/build/build.go | 9 +++--- pkg/build/build_test.go | 70 +++++++++++++++++++++++++++++++++++++++-- 2 files changed, 72 insertions(+), 7 deletions(-) diff --git a/pkg/build/build.go b/pkg/build/build.go index ffe9ce1d7..d245f8121 100644 --- a/pkg/build/build.go +++ b/pkg/build/build.go @@ -309,11 +309,10 @@ func (b *Builder) run() error { AttachStderr: true, } - // configure if Docker should run in privileged mode. - // by default, this is disabled for pull requests for - // security reasons. - host := docker.HostConfig{} - host.Privileged = b.Privileged && len(b.Repo.PR) == 0 + // configure if Docker should run in privileged mode + host := docker.HostConfig{ + Privileged: (b.Privileged && len(b.Repo.PR) == 0), + } // debugging log.Noticef("starting build %s", b.Build.Name) diff --git a/pkg/build/build_test.go b/pkg/build/build_test.go index b68da7ca2..3cc74ddf1 100644 --- a/pkg/build/build_test.go +++ b/pkg/build/build_test.go @@ -1,6 +1,9 @@ package build import ( + "bytes" + "encoding/json" + "fmt" "io/ioutil" "net/http" "net/http/httptest" @@ -338,9 +341,72 @@ func TestTeardown(t *testing.T) { if !imageRemoved { t.Errorf("Expected Docker image was removed") } +} - // TODO test service container stop - // TODO test service container remove +func TestRun(t *testing.T) { + t.Skip() +} + +func TestRunPrivileged(t *testing.T) { + setup() + defer teardown() + + var conf = docker.HostConfig{} + + mux.HandleFunc("/v1.9/containers/create", func(w http.ResponseWriter, r *http.Request) { + body := `{ "Id":"e90e34656806", "Warnings":[] }` + w.Write([]byte(body)) + }) + + mux.HandleFunc("/v1.9/containers/e90e34656806/start", func(w http.ResponseWriter, r *http.Request) { + err := json.NewDecoder(r.Body).Decode(&conf) + if err != nil { + fmt.Println(err.Error()) + } + w.WriteHeader(http.StatusBadRequest) + }) + + b := Builder{} + b.BuildState = &BuildState{} + b.dockerClient = client + b.Stdout = new(bytes.Buffer) + b.image = &docker.Image{ID: "c3ab8ff137"} + b.Build = &script.Build{} + b.Repo = &repo.Repo{} + b.run() + + if conf.Privileged != false { + t.Errorf("Expected container NOT started in Privileged mode") + } + + // now lets set priviliged mode + b.Privileged = true + b.run() + + if conf.Privileged != true { + t.Errorf("Expected container IS started in Privileged mode") + } + + // now lets set priviliged mode but for a pull request + b.Privileged = true + b.Repo.PR = "55" + b.run() + + if conf.Privileged != false { + t.Errorf("Expected container NOT started in Privileged mode when PR") + } +} + +func TestRunErrorCreate(t *testing.T) { + t.Skip() +} + +func TestRunErrorStart(t *testing.T) { + t.Skip() +} + +func TestRunErrorWait(t *testing.T) { + t.Skip() } func TestWriteIdentifyFile(t *testing.T) {