mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-11-26 11:51:02 +00:00
added code for privileged mode with unit tests
This commit is contained in:
parent
f363ce804b
commit
d7096f7e66
2 changed files with 72 additions and 7 deletions
|
@ -309,11 +309,10 @@ func (b *Builder) run() error {
|
||||||
AttachStderr: true,
|
AttachStderr: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
// configure if Docker should run in privileged mode.
|
// configure if Docker should run in privileged mode
|
||||||
// by default, this is disabled for pull requests for
|
host := docker.HostConfig{
|
||||||
// security reasons.
|
Privileged: (b.Privileged && len(b.Repo.PR) == 0),
|
||||||
host := docker.HostConfig{}
|
}
|
||||||
host.Privileged = b.Privileged && len(b.Repo.PR) == 0
|
|
||||||
|
|
||||||
// debugging
|
// debugging
|
||||||
log.Noticef("starting build %s", b.Build.Name)
|
log.Noticef("starting build %s", b.Build.Name)
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
package build
|
package build
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
|
@ -338,9 +341,72 @@ func TestTeardown(t *testing.T) {
|
||||||
if !imageRemoved {
|
if !imageRemoved {
|
||||||
t.Errorf("Expected Docker image was removed")
|
t.Errorf("Expected Docker image was removed")
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// TODO test service container stop
|
func TestRun(t *testing.T) {
|
||||||
// TODO test service container remove
|
t.Skip()
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRunPrivileged(t *testing.T) {
|
||||||
|
setup()
|
||||||
|
defer teardown()
|
||||||
|
|
||||||
|
var conf = docker.HostConfig{}
|
||||||
|
|
||||||
|
mux.HandleFunc("/v1.9/containers/create", func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
body := `{ "Id":"e90e34656806", "Warnings":[] }`
|
||||||
|
w.Write([]byte(body))
|
||||||
|
})
|
||||||
|
|
||||||
|
mux.HandleFunc("/v1.9/containers/e90e34656806/start", func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
err := json.NewDecoder(r.Body).Decode(&conf)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println(err.Error())
|
||||||
|
}
|
||||||
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
|
})
|
||||||
|
|
||||||
|
b := Builder{}
|
||||||
|
b.BuildState = &BuildState{}
|
||||||
|
b.dockerClient = client
|
||||||
|
b.Stdout = new(bytes.Buffer)
|
||||||
|
b.image = &docker.Image{ID: "c3ab8ff137"}
|
||||||
|
b.Build = &script.Build{}
|
||||||
|
b.Repo = &repo.Repo{}
|
||||||
|
b.run()
|
||||||
|
|
||||||
|
if conf.Privileged != false {
|
||||||
|
t.Errorf("Expected container NOT started in Privileged mode")
|
||||||
|
}
|
||||||
|
|
||||||
|
// now lets set priviliged mode
|
||||||
|
b.Privileged = true
|
||||||
|
b.run()
|
||||||
|
|
||||||
|
if conf.Privileged != true {
|
||||||
|
t.Errorf("Expected container IS started in Privileged mode")
|
||||||
|
}
|
||||||
|
|
||||||
|
// now lets set priviliged mode but for a pull request
|
||||||
|
b.Privileged = true
|
||||||
|
b.Repo.PR = "55"
|
||||||
|
b.run()
|
||||||
|
|
||||||
|
if conf.Privileged != false {
|
||||||
|
t.Errorf("Expected container NOT started in Privileged mode when PR")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRunErrorCreate(t *testing.T) {
|
||||||
|
t.Skip()
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRunErrorStart(t *testing.T) {
|
||||||
|
t.Skip()
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRunErrorWait(t *testing.T) {
|
||||||
|
t.Skip()
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestWriteIdentifyFile(t *testing.T) {
|
func TestWriteIdentifyFile(t *testing.T) {
|
||||||
|
|
Loading…
Reference in a new issue