Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add configuration validation option and tests.
Fixes #36911 If config file is invalid we'll exit anyhow, so this just prevents the daemon from starting if the configuration is fine. Mainly useful for making config changes and restarting the daemon iff the config is valid. Signed-off-by: Rich Horwood <rjhorwood@apple.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Signed-off-by: Anca Iordache <anca.iordache@docker.com>
- Loading branch information
Showing
12 changed files
with
148 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,101 @@ | ||
package daemon // import "github.com/docker/docker/integration/daemon" | ||
|
||
import ( | ||
"io/ioutil" | ||
"os" | ||
"os/exec" | ||
"path/filepath" | ||
"runtime" | ||
"testing" | ||
|
||
"github.com/docker/docker/testutil/daemon" | ||
"gotest.tools/v3/assert" | ||
"gotest.tools/v3/skip" | ||
|
||
is "gotest.tools/v3/assert/cmp" | ||
) | ||
|
||
func TestConfigDaemonLibtrustID(t *testing.T) { | ||
skip.If(t, runtime.GOOS != "linux") | ||
|
||
d := daemon.New(t) | ||
defer d.Stop(t) | ||
|
||
trustKey := filepath.Join(d.RootDir(), "key.json") | ||
err := ioutil.WriteFile(trustKey, []byte(`{"crv":"P-256","d":"dm28PH4Z4EbyUN8L0bPonAciAQa1QJmmyYd876mnypY","kid":"WTJ3:YSIP:CE2E:G6KJ:PSBD:YX2Y:WEYD:M64G:NU2V:XPZV:H2CR:VLUB","kty":"EC","x":"Mh5-JINSjaa_EZdXDttri255Z5fbCEOTQIZjAcScFTk","y":"eUyuAjfxevb07hCCpvi4Zi334Dy4GDWQvEToGEX4exQ"}`), 0644) | ||
assert.NilError(t, err) | ||
|
||
config := filepath.Join(d.RootDir(), "daemon.json") | ||
err = ioutil.WriteFile(config, []byte(`{"deprecated-key-path": "`+trustKey+`"}`), 0644) | ||
assert.NilError(t, err) | ||
|
||
d.Start(t, "--config-file", config) | ||
info := d.Info(t) | ||
assert.Equal(t, info.ID, "WTJ3:YSIP:CE2E:G6KJ:PSBD:YX2Y:WEYD:M64G:NU2V:XPZV:H2CR:VLUB") | ||
} | ||
|
||
func TestDaemonConfigValidation(t *testing.T) { | ||
skip.If(t, runtime.GOOS != "linux") | ||
|
||
d := daemon.New(t) | ||
dockerBinary, err := d.BinaryPath() | ||
assert.NilError(t, err) | ||
params := []string{"--validate", "--config-file"} | ||
|
||
dest := os.Getenv("DOCKER_INTEGRATION_DAEMON_DEST") | ||
if dest == "" { | ||
dest = os.Getenv("DEST") | ||
} | ||
testdata := filepath.Join(dest, "..", "..", "integration", "daemon", "testdata") | ||
|
||
const ( | ||
validOut = "configuration OK" | ||
failedOut = "unable to configure the Docker daemon with file" | ||
) | ||
|
||
tests := []struct { | ||
name string | ||
args []string | ||
expectedOut string | ||
}{ | ||
{ | ||
name: "config with no content", | ||
args: append(params, filepath.Join(testdata, "empty-config-1.json")), | ||
expectedOut: validOut, | ||
}, | ||
{ | ||
name: "config with {}", | ||
args: append(params, filepath.Join(testdata, "empty-config-2.json")), | ||
expectedOut: validOut, | ||
}, | ||
{ | ||
name: "invalid config", | ||
args: append(params, filepath.Join(testdata, "invalid-config-1.json")), | ||
expectedOut: failedOut, | ||
}, | ||
{ | ||
name: "malformed config", | ||
args: append(params, filepath.Join(testdata, "malformed-config.json")), | ||
expectedOut: failedOut, | ||
}, | ||
{ | ||
name: "valid config", | ||
args: append(params, filepath.Join(testdata, "valid-config-1.json")), | ||
expectedOut: validOut, | ||
}, | ||
} | ||
for _, tc := range tests { | ||
tc := tc | ||
t.Run(tc.name, func(t *testing.T) { | ||
t.Parallel() | ||
cmd := exec.Command(dockerBinary, tc.args...) | ||
out, err := cmd.CombinedOutput() | ||
assert.Check(t, is.Contains(string(out), tc.expectedOut)) | ||
if tc.expectedOut == failedOut { | ||
assert.ErrorContains(t, err, "", "expected an error, but got none") | ||
} else { | ||
assert.NilError(t, err) | ||
} | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
package daemon // import "github.com/docker/docker/integration/daemon" | ||
|
||
import ( | ||
"os" | ||
"testing" | ||
) | ||
|
||
func TestMain(m *testing.M) { | ||
os.Exit(m.Run()) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
{} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
{"unknown-option": true} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
{"debug": true} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters