mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
518 lines
13 KiB
Go
518 lines
13 KiB
Go
package config // import "github.com/docker/docker/daemon/config"
|
|
|
|
import (
|
|
"io/ioutil"
|
|
"os"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/docker/docker/daemon/discovery"
|
|
"github.com/docker/docker/opts"
|
|
"github.com/spf13/pflag"
|
|
"gotest.tools/assert"
|
|
is "gotest.tools/assert/cmp"
|
|
"gotest.tools/fs"
|
|
"gotest.tools/skip"
|
|
)
|
|
|
|
func TestDaemonConfigurationNotFound(t *testing.T) {
|
|
_, err := MergeDaemonConfigurations(&Config{}, nil, "/tmp/foo-bar-baz-docker")
|
|
if err == nil || !os.IsNotExist(err) {
|
|
t.Fatalf("expected does not exist error, got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestDaemonBrokenConfiguration(t *testing.T) {
|
|
f, err := ioutil.TempFile("", "docker-config-")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
configFile := f.Name()
|
|
f.Write([]byte(`{"Debug": tru`))
|
|
f.Close()
|
|
|
|
_, err = MergeDaemonConfigurations(&Config{}, nil, configFile)
|
|
if err == nil {
|
|
t.Fatalf("expected error, got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestParseClusterAdvertiseSettings(t *testing.T) {
|
|
_, err := ParseClusterAdvertiseSettings("something", "")
|
|
if err != discovery.ErrDiscoveryDisabled {
|
|
t.Fatalf("expected discovery disabled error, got %v\n", err)
|
|
}
|
|
|
|
_, err = ParseClusterAdvertiseSettings("", "something")
|
|
if err == nil {
|
|
t.Fatalf("expected discovery store error, got %v\n", err)
|
|
}
|
|
|
|
_, err = ParseClusterAdvertiseSettings("etcd", "127.0.0.1:8080")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func TestFindConfigurationConflicts(t *testing.T) {
|
|
config := map[string]interface{}{"authorization-plugins": "foobar"}
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
|
|
flags.String("authorization-plugins", "", "")
|
|
assert.Check(t, flags.Set("authorization-plugins", "asdf"))
|
|
assert.Check(t, is.ErrorContains(findConfigurationConflicts(config, flags), "authorization-plugins: (from flag: asdf, from file: foobar)"))
|
|
}
|
|
|
|
func TestFindConfigurationConflictsWithNamedOptions(t *testing.T) {
|
|
config := map[string]interface{}{"hosts": []string{"qwer"}}
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
|
|
var hosts []string
|
|
flags.VarP(opts.NewNamedListOptsRef("hosts", &hosts, opts.ValidateHost), "host", "H", "Daemon socket(s) to connect to")
|
|
assert.Check(t, flags.Set("host", "tcp://127.0.0.1:4444"))
|
|
assert.Check(t, flags.Set("host", "unix:///var/run/docker.sock"))
|
|
assert.Check(t, is.ErrorContains(findConfigurationConflicts(config, flags), "hosts"))
|
|
}
|
|
|
|
func TestDaemonConfigurationMergeConflicts(t *testing.T) {
|
|
f, err := ioutil.TempFile("", "docker-config-")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
configFile := f.Name()
|
|
f.Write([]byte(`{"debug": true}`))
|
|
f.Close()
|
|
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
flags.Bool("debug", false, "")
|
|
flags.Set("debug", "false")
|
|
|
|
_, err = MergeDaemonConfigurations(&Config{}, flags, configFile)
|
|
if err == nil {
|
|
t.Fatal("expected error, got nil")
|
|
}
|
|
if !strings.Contains(err.Error(), "debug") {
|
|
t.Fatalf("expected debug conflict, got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestDaemonConfigurationMergeConcurrent(t *testing.T) {
|
|
f, err := ioutil.TempFile("", "docker-config-")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
configFile := f.Name()
|
|
f.Write([]byte(`{"max-concurrent-downloads": 1}`))
|
|
f.Close()
|
|
|
|
_, err = MergeDaemonConfigurations(&Config{}, nil, configFile)
|
|
if err != nil {
|
|
t.Fatal("expected error, got nil")
|
|
}
|
|
}
|
|
|
|
func TestDaemonConfigurationMergeConcurrentError(t *testing.T) {
|
|
f, err := ioutil.TempFile("", "docker-config-")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
configFile := f.Name()
|
|
f.Write([]byte(`{"max-concurrent-downloads": -1}`))
|
|
f.Close()
|
|
|
|
_, err = MergeDaemonConfigurations(&Config{}, nil, configFile)
|
|
if err == nil {
|
|
t.Fatalf("expected no error, got error %v", err)
|
|
}
|
|
}
|
|
|
|
func TestDaemonConfigurationMergeConflictsWithInnerStructs(t *testing.T) {
|
|
f, err := ioutil.TempFile("", "docker-config-")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
configFile := f.Name()
|
|
f.Write([]byte(`{"tlscacert": "/etc/certificates/ca.pem"}`))
|
|
f.Close()
|
|
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
flags.String("tlscacert", "", "")
|
|
flags.Set("tlscacert", "~/.docker/ca.pem")
|
|
|
|
_, err = MergeDaemonConfigurations(&Config{}, flags, configFile)
|
|
if err == nil {
|
|
t.Fatal("expected error, got nil")
|
|
}
|
|
if !strings.Contains(err.Error(), "tlscacert") {
|
|
t.Fatalf("expected tlscacert conflict, got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestFindConfigurationConflictsWithUnknownKeys(t *testing.T) {
|
|
config := map[string]interface{}{"tls-verify": "true"}
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
|
|
flags.Bool("tlsverify", false, "")
|
|
err := findConfigurationConflicts(config, flags)
|
|
if err == nil {
|
|
t.Fatal("expected error, got nil")
|
|
}
|
|
if !strings.Contains(err.Error(), "the following directives don't match any configuration option: tls-verify") {
|
|
t.Fatalf("expected tls-verify conflict, got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestFindConfigurationConflictsWithMergedValues(t *testing.T) {
|
|
var hosts []string
|
|
config := map[string]interface{}{"hosts": "tcp://127.0.0.1:2345"}
|
|
flags := pflag.NewFlagSet("base", pflag.ContinueOnError)
|
|
flags.VarP(opts.NewNamedListOptsRef("hosts", &hosts, nil), "host", "H", "")
|
|
|
|
err := findConfigurationConflicts(config, flags)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
flags.Set("host", "unix:///var/run/docker.sock")
|
|
err = findConfigurationConflicts(config, flags)
|
|
if err == nil {
|
|
t.Fatal("expected error, got nil")
|
|
}
|
|
if !strings.Contains(err.Error(), "hosts: (from flag: [unix:///var/run/docker.sock], from file: tcp://127.0.0.1:2345)") {
|
|
t.Fatalf("expected hosts conflict, got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestValidateReservedNamespaceLabels(t *testing.T) {
|
|
for _, validLabels := range [][]string{
|
|
nil, // no error if there are no labels
|
|
{ // no error if there aren't any reserved namespace labels
|
|
"hello=world",
|
|
"label=me",
|
|
},
|
|
{ // only reserved namespaces that end with a dot are invalid
|
|
"com.dockerpsychnotreserved.label=value",
|
|
"io.dockerproject.not=reserved",
|
|
"org.docker.not=reserved",
|
|
},
|
|
} {
|
|
assert.Check(t, ValidateReservedNamespaceLabels(validLabels))
|
|
}
|
|
|
|
for _, invalidLabel := range []string{
|
|
"com.docker.feature=enabled",
|
|
"io.docker.configuration=0",
|
|
"org.dockerproject.setting=on",
|
|
// casing doesn't matter
|
|
"COM.docker.feature=enabled",
|
|
"io.DOCKER.CONFIGURATION=0",
|
|
"Org.Dockerproject.Setting=on",
|
|
} {
|
|
err := ValidateReservedNamespaceLabels([]string{
|
|
"valid=label",
|
|
invalidLabel,
|
|
"another=valid",
|
|
})
|
|
assert.Check(t, is.ErrorContains(err, invalidLabel))
|
|
}
|
|
}
|
|
|
|
func TestValidateConfigurationErrors(t *testing.T) {
|
|
minusNumber := -10
|
|
testCases := []struct {
|
|
config *Config
|
|
}{
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
Labels: []string{"one"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
Labels: []string{"foo=bar", "one"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
DNS: []string{"1.1.1.1o"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
DNS: []string{"2.2.2.2", "1.1.1.1o"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
DNSSearch: []string{"123456"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
DNSSearch: []string{"a.b.c", "123456"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
MaxConcurrentDownloads: &minusNumber,
|
|
// This is weird...
|
|
ValuesSet: map[string]interface{}{
|
|
"max-concurrent-downloads": -1,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
MaxConcurrentUploads: &minusNumber,
|
|
// This is weird...
|
|
ValuesSet: map[string]interface{}{
|
|
"max-concurrent-uploads": -1,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
NodeGenericResources: []string{"foo"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
NodeGenericResources: []string{"foo=bar", "foo=1"},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
for _, tc := range testCases {
|
|
err := Validate(tc.config)
|
|
if err == nil {
|
|
t.Fatalf("expected error, got nil for config %v", tc.config)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestValidateConfiguration(t *testing.T) {
|
|
minusNumber := 4
|
|
testCases := []struct {
|
|
config *Config
|
|
}{
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
Labels: []string{"one=two"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
DNS: []string{"1.1.1.1"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
DNSSearch: []string{"a.b.c"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
MaxConcurrentDownloads: &minusNumber,
|
|
// This is weird...
|
|
ValuesSet: map[string]interface{}{
|
|
"max-concurrent-downloads": -1,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
MaxConcurrentUploads: &minusNumber,
|
|
// This is weird...
|
|
ValuesSet: map[string]interface{}{
|
|
"max-concurrent-uploads": -1,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
NodeGenericResources: []string{"foo=bar", "foo=baz"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
config: &Config{
|
|
CommonConfig: CommonConfig{
|
|
NodeGenericResources: []string{"foo=1"},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
for _, tc := range testCases {
|
|
err := Validate(tc.config)
|
|
if err != nil {
|
|
t.Fatalf("expected no error, got error %v", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestModifiedDiscoverySettings(t *testing.T) {
|
|
cases := []struct {
|
|
current *Config
|
|
modified *Config
|
|
expected bool
|
|
}{
|
|
{
|
|
current: discoveryConfig("foo", "bar", map[string]string{}),
|
|
modified: discoveryConfig("foo", "bar", map[string]string{}),
|
|
expected: false,
|
|
},
|
|
{
|
|
current: discoveryConfig("foo", "bar", map[string]string{"foo": "bar"}),
|
|
modified: discoveryConfig("foo", "bar", map[string]string{"foo": "bar"}),
|
|
expected: false,
|
|
},
|
|
{
|
|
current: discoveryConfig("foo", "bar", map[string]string{}),
|
|
modified: discoveryConfig("foo", "bar", nil),
|
|
expected: false,
|
|
},
|
|
{
|
|
current: discoveryConfig("foo", "bar", nil),
|
|
modified: discoveryConfig("foo", "bar", map[string]string{}),
|
|
expected: false,
|
|
},
|
|
{
|
|
current: discoveryConfig("foo", "bar", nil),
|
|
modified: discoveryConfig("baz", "bar", nil),
|
|
expected: true,
|
|
},
|
|
{
|
|
current: discoveryConfig("foo", "bar", nil),
|
|
modified: discoveryConfig("foo", "baz", nil),
|
|
expected: true,
|
|
},
|
|
{
|
|
current: discoveryConfig("foo", "bar", nil),
|
|
modified: discoveryConfig("foo", "bar", map[string]string{"foo": "bar"}),
|
|
expected: true,
|
|
},
|
|
}
|
|
|
|
for _, c := range cases {
|
|
got := ModifiedDiscoverySettings(c.current, c.modified.ClusterStore, c.modified.ClusterAdvertise, c.modified.ClusterOpts)
|
|
if c.expected != got {
|
|
t.Fatalf("expected %v, got %v: current config %v, new config %v", c.expected, got, c.current, c.modified)
|
|
}
|
|
}
|
|
}
|
|
|
|
func discoveryConfig(backendAddr, advertiseAddr string, opts map[string]string) *Config {
|
|
return &Config{
|
|
CommonConfig: CommonConfig{
|
|
ClusterStore: backendAddr,
|
|
ClusterAdvertise: advertiseAddr,
|
|
ClusterOpts: opts,
|
|
},
|
|
}
|
|
}
|
|
|
|
// TestReloadSetConfigFileNotExist tests that when `--config-file` is set
|
|
// and it doesn't exist the `Reload` function returns an error.
|
|
func TestReloadSetConfigFileNotExist(t *testing.T) {
|
|
configFile := "/tmp/blabla/not/exists/config.json"
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
flags.String("config-file", "", "")
|
|
flags.Set("config-file", configFile)
|
|
|
|
err := Reload(configFile, flags, func(c *Config) {})
|
|
assert.Check(t, is.ErrorContains(err, "unable to configure the Docker daemon with file"))
|
|
}
|
|
|
|
// TestReloadDefaultConfigNotExist tests that if the default configuration file
|
|
// doesn't exist the daemon still will be reloaded.
|
|
func TestReloadDefaultConfigNotExist(t *testing.T) {
|
|
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
|
|
reloaded := false
|
|
configFile := "/etc/docker/daemon.json"
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
flags.String("config-file", configFile, "")
|
|
err := Reload(configFile, flags, func(c *Config) {
|
|
reloaded = true
|
|
})
|
|
assert.Check(t, err)
|
|
assert.Check(t, reloaded)
|
|
}
|
|
|
|
// TestReloadBadDefaultConfig tests that when `--config-file` is not set
|
|
// and the default configuration file exists and is bad return an error
|
|
func TestReloadBadDefaultConfig(t *testing.T) {
|
|
f, err := ioutil.TempFile("", "docker-config-")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
configFile := f.Name()
|
|
f.Write([]byte(`{wrong: "configuration"}`))
|
|
f.Close()
|
|
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
flags.String("config-file", configFile, "")
|
|
err = Reload(configFile, flags, func(c *Config) {})
|
|
assert.Check(t, is.ErrorContains(err, "unable to configure the Docker daemon with file"))
|
|
}
|
|
|
|
func TestReloadWithConflictingLabels(t *testing.T) {
|
|
tempFile := fs.NewFile(t, "config", fs.WithContent(`{"labels":["foo=bar","foo=baz"]}`))
|
|
defer tempFile.Remove()
|
|
configFile := tempFile.Path()
|
|
|
|
var lbls []string
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
flags.String("config-file", configFile, "")
|
|
flags.StringSlice("labels", lbls, "")
|
|
err := Reload(configFile, flags, func(c *Config) {})
|
|
assert.Check(t, is.ErrorContains(err, "conflict labels for foo=baz and foo=bar"))
|
|
}
|
|
|
|
func TestReloadWithDuplicateLabels(t *testing.T) {
|
|
tempFile := fs.NewFile(t, "config", fs.WithContent(`{"labels":["foo=the-same","foo=the-same"]}`))
|
|
defer tempFile.Remove()
|
|
configFile := tempFile.Path()
|
|
|
|
var lbls []string
|
|
flags := pflag.NewFlagSet("test", pflag.ContinueOnError)
|
|
flags.String("config-file", configFile, "")
|
|
flags.StringSlice("labels", lbls, "")
|
|
err := Reload(configFile, flags, func(c *Config) {})
|
|
assert.Check(t, err)
|
|
}
|