kitchen-docker 2.8.0 → 2.12.0

data/lib/docker/version.rb

@@ -0,0 +1,25 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+begin
+  require 'docker'
+
+  # Override API_VERSION constant in docker-api gem to use version 1.24 of the Docker API
+  # This override is for the docker-api gem to communicate to the Docker engine on Windows
+  module Docker
+    VERSION = '0.0.0'
+    API_VERSION = '1.24'
+  end
+rescue LoadError => e
+  logger.debug("[Docker] docker-api gem not found for InSpec verifier. #{e}")
+end

data/lib/kitchen/docker/container/linux.rb

@@ -0,0 +1,136 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'base64'
+require 'openssl'
+require 'securerandom'
+require 'shellwords'
+
+require_relative '../container'
+require_relative '../helpers/dockerfile_helper'
+
+module Kitchen
+  module Docker
+    class Container
+      class Linux < Kitchen::Docker::Container
+        include Kitchen::Docker::Helpers::DockerfileHelper
+
+        MUTEX_FOR_SSH_KEYS = Mutex.new
+
+        def initialize(config)
+          super
+        end
+
+        def create(state)
+          super
+
+          debug('Creating Linux container')
+          generate_keys
+
+          state[:ssh_key] = @config[:private_key]
+          state[:image_id] = build_image(state, dockerfile) unless state[:image_id]
+          state[:container_id] = run_container(state, 22) unless state[:container_id]
+          state[:hostname] = hostname(state)
+          state[:port] = container_ssh_port(state)
+        end
+
+        def execute(command)
+          # Create temp script file and upload files to container
+          debug("Executing command on Linux container (Platform: #{@config[:platform]})")
+          filename = "docker-#{::SecureRandom.uuid}.sh"
+          temp_file = "./.kitchen/temp/#{filename}"
+          create_temp_file(temp_file, command)
+
+          remote_path = @config[:temp_dir]
+          debug("Creating directory #{remote_path} on container")
+          create_dir_on_container(@config, remote_path)
+
+          debug("Uploading temp file #{temp_file} to #{remote_path} on container")
+          upload(temp_file, remote_path)
+
+          debug('Deleting temp file from local filesystem')
+          ::File.delete(temp_file)
+
+          # Replace any environment variables used in the path and execute script file
+          debug("Executing temp script #{remote_path}/#{filename} on container")
+          remote_path = replace_env_variables(@config, remote_path)
+
+          container_exec(@config, "/bin/bash #{remote_path}/#{filename}")
+        rescue => e
+          raise "Failed to execute command on Linux container. #{e}"
+        end
+
+        protected
+
+        def generate_keys
+          MUTEX_FOR_SSH_KEYS.synchronize do
+            if !File.exist?(@config[:public_key]) || !File.exist?(@config[:private_key])
+              private_key = OpenSSL::PKey::RSA.new(2048)
+              blobbed_key = Base64.encode64(private_key.to_blob).gsub("\n", '')
+              public_key = "ssh-rsa #{blobbed_key} kitchen_docker_key"
+              File.open(@config[:private_key], 'w') do |file|
+                file.write(private_key)
+                file.chmod(0600)
+              end
+              File.open(@config[:public_key], 'w') do |file|
+                file.write(public_key)
+                file.chmod(0600)
+              end
+            end
+          end
+        end
+
+        def parse_container_ssh_port(output)
+          _host, port = output.split(':')
+          port.to_i
+        rescue => e
+          raise ActionFailed, "Could not parse Docker port output for container SSH port. #{e}"
+        end
+
+        def container_ssh_port(state)
+          return 22 if @config[:use_internal_docker_network]
+
+          output = docker_command("port #{state[:container_id]} 22/tcp")
+          parse_container_ssh_port(output)
+        rescue => e
+          raise ActionFailed, "Docker reports container has no ssh port mapped. #{e}"
+        end
+
+        def dockerfile
+          return dockerfile_template if @config[:dockerfile]
+
+          from = "FROM #{@config[:image]}"
+          platform = dockerfile_platform
+          username = @config[:username]
+          public_key = IO.read(@config[:public_key]).strip
+          homedir = username == 'root' ? '/root' : "/home/#{username}"
+          base = dockerfile_base_linux(username, homedir)
+
+          custom = ''
+          Array(@config[:provision_command]).each do |cmd|
+            custom << "RUN #{cmd}\n"
+          end
+
+          ssh_key = "RUN echo #{Shellwords.escape(public_key)} >> #{homedir}/.ssh/authorized_keys"
+
+          # Empty string to ensure the file ends with a newline.
+          output = [from, dockerfile_proxy_config, platform, base, custom, ssh_key, ''].join("\n")
+          debug('--- Start Dockerfile ---')
+          debug(output.strip)
+          debug('--- End Dockerfile ---')
+          output
+        end
+      end
+    end
+  end
+end

data/lib/kitchen/docker/container/windows.rb

@@ -0,0 +1,85 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'securerandom'
+
+require_relative '../container'
+
+module Kitchen
+  module Docker
+    class Container
+      class Windows < Kitchen::Docker::Container
+        def initialize(config)
+          super
+        end
+
+        def create(state)
+          super
+
+          debug('Creating Windows container')
+          state[:username] = @config[:username]
+          state[:image_id] = build_image(state, dockerfile) unless state[:image_id]
+          state[:container_id] = run_container(state) unless state[:container_id]
+          state[:hostname] = hostname(state)
+        end
+
+        def execute(command)
+          # Create temp script file and upload files to container
+          debug('Executing command on Windows container')
+          filename = "docker-#{::SecureRandom.uuid}.ps1"
+          temp_file = ".\\.kitchen\\temp\\#{filename}"
+          create_temp_file(temp_file, command)
+
+          remote_path = @config[:temp_dir].tr('/', '\\')
+          debug("Creating directory #{remote_path} on container")
+          create_dir_on_container(@config, remote_path)
+
+          debug("Uploading temp file #{temp_file} to #{remote_path} on container")
+          upload(temp_file, remote_path)
+
+          debug('Deleting temp file from local filesystem')
+          ::File.delete(temp_file)
+
+          # Replace any environment variables used in the path and execute script file
+          debug("Executing temp script #{remote_path}\\#{filename} on container")
+          remote_path = replace_env_variables(@config, remote_path)
+          cmd = build_powershell_command("-File #{remote_path}\\#{filename}")
+
+          container_exec(@config, cmd)
+        rescue => e
+          raise "Failed to execute command on Windows container. #{e}"
+        end
+
+        protected
+
+        def dockerfile
+          raise ActionFailed, "Unknown platform '#{@config[:platform]}'" unless @config[:platform] == 'windows'
+          return dockerfile_template if @config[:dockerfile]
+
+          from = "FROM #{@config[:image]}"
+
+          custom = ''
+          Array(@config[:provision_command]).each do |cmd|
+            custom << "RUN #{cmd}\n"
+          end
+
+          output = [from, dockerfile_proxy_config, custom, ''].join("\n")
+          debug('--- Start Dockerfile ---')
+          debug(output.strip)
+          debug('--- End Dockerfile ---')
+          output
+        end
+      end
+    end
+  end
+end

data/lib/kitchen/docker/container.rb

@@ -0,0 +1,75 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require_relative 'helpers/cli_helper'
+require_relative 'helpers/container_helper'
+require_relative 'helpers/file_helper'
+require_relative 'helpers/image_helper'
+
+module Kitchen
+  module Docker
+    class Container
+      include Kitchen::Docker::Helpers::CliHelper
+      include Kitchen::Docker::Helpers::ContainerHelper
+      include Kitchen::Docker::Helpers::FileHelper
+      include Kitchen::Docker::Helpers::ImageHelper
+
+      def initialize(config)
+        @config = config
+      end
+
+      def create(state)
+        if container_exists?(state)
+          info("Container ID #{state[:container_id]} already exists.")
+        elsif !container_exists?(state) && state[:container_id]
+          raise ActionFailed, "Container ID #{state[:container_id]} was found in the kitchen state data, "\
+                              'but the container does not exist.'
+        end
+
+        state[:username] = @config[:username]
+      end
+
+      def destroy(state)
+        info("[Docker] Destroying Docker container #{state[:container_id]}") if state[:container_id]
+        remove_container(state) if container_exists?(state)
+
+        if @config[:remove_images] && state[:image_id]
+          remove_image(state) if image_exists?(state)
+        end
+      end
+
+      def hostname(state)
+        hostname = 'localhost'
+
+        if remote_socket?
+          hostname = socket_uri.host
+        elsif @config[:use_internal_docker_network]
+          hostname = container_ip_address(state)
+        end
+
+        hostname
+      end
+
+      def upload(locals, remote)
+        files = locals
+        files = Array(locals) unless locals.is_a?(Array)
+
+        files.each do |file|
+          copy_file_to_container(@config, file, remote)
+        end
+
+        files
+      end
+    end
+  end
+end

data/lib/kitchen/{driver → docker}/docker_version.rb

@@ -1,4 +1,3 @@
-# -*- encoding: utf-8 -*-
 #
 # Copyright (C) 2014, Sean Porter
 #
@@ -15,10 +14,8 @@
 # limitations under the License.
 
 module Kitchen
-
-  module Driver
-
+  module Docker
     # Version string for Docker Kitchen driver
-    DOCKER_VERSION = "2.8.0"
+    DOCKER_VERSION = "2.12.0"
   end
 end

data/lib/kitchen/{driver/docker/erb.rb → docker/erb_context.rb}

@@ -1,4 +1,3 @@
-# -*- encoding: utf-8 -*-
 #
 # Copyright (C) 2014, Sean Porter
 #
@@ -17,10 +16,8 @@
 require 'erb'
 
 module Kitchen
-
-  module Driver
-
-    class DockerERBContext
+  module Docker
+    class ERBContext
       def initialize(config={})
         config.each do |key, value|
           instance_variable_set('@' + key.to_s, value)

data/lib/kitchen/docker/helpers/cli_helper.rb

@@ -0,0 +1,172 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'kitchen'
+require 'kitchen/configurable'
+require 'kitchen/logging'
+require 'kitchen/shell_out'
+
+module Kitchen
+  module Docker
+    module Helpers
+      module CliHelper
+        include Configurable
+        include Logging
+        include ShellOut
+
+        def docker_command(cmd, options={})
+          docker = config[:binary].dup
+          docker << " -H #{config[:socket]}" if config[:socket]
+          docker << ' --tls' if config[:tls]
+          docker << ' --tlsverify' if config[:tls_verify]
+          docker << " --tlscacert=#{config[:tls_cacert]}" if config[:tls_cacert]
+          docker << " --tlscert=#{config[:tls_cert]}" if config[:tls_cert]
+          docker << " --tlskey=#{config[:tls_key]}" if config[:tls_key]
+          logger.debug("docker_command: #{docker} #{cmd} shell_opts: #{docker_shell_opts(options)}")
+          run_command("#{docker} #{cmd}", docker_shell_opts(options))
+        end
+
+        # Copied from kitchen because we need stderr
+        def run_command(cmd, options = {})
+          if options.fetch(:use_sudo, false)
+            cmd = "#{options.fetch(:sudo_command, "sudo -E")} #{cmd}"
+          end
+          subject = "[#{options.fetch(:log_subject, "local")} command]"
+
+          debug("#{subject} BEGIN (#{cmd})")
+          sh = Mixlib::ShellOut.new(cmd, shell_opts(options))
+          sh.run_command
+          debug("#{subject} END #{Util.duration(sh.execution_time)}")
+          sh.error!
+          sh.stdout + sh.stderr
+        rescue Mixlib::ShellOut::ShellCommandFailed => ex
+          raise ShellCommandFailed, ex.message
+        rescue Exception => error # rubocop:disable Lint/RescueException
+          error.extend(Kitchen::Error)
+          raise
+        end
+
+        def build_run_command(image_id, transport_port = nil)
+          cmd = 'run -d'
+          cmd << ' -i' if config[:interactive]
+          cmd << ' -t' if config[:tty]
+          cmd << build_env_variable_args(config[:env_variables]) if config[:env_variables]
+          cmd << " -p #{transport_port}" unless transport_port.nil?
+          Array(config[:forward]).each { |port| cmd << " -p #{port}" }
+          Array(config[:dns]).each { |dns| cmd << " --dns #{dns}" }
+          Array(config[:add_host]).each { |host, ip| cmd << " --add-host=#{host}:#{ip}" }
+          Array(config[:volume]).each { |volume| cmd << " -v #{volume}" }
+          Array(config[:volumes_from]).each { |container| cmd << " --volumes-from #{container}" }
+          Array(config[:links]).each { |link| cmd << " --link #{link}" }
+          Array(config[:devices]).each { |device| cmd << " --device #{device}" }
+          Array(config[:mount]).each {|mount| cmd << " --mount #{mount}"}
+          Array(config[:tmpfs]).each {|tmpfs| cmd << " --tmpfs #{tmpfs}"}
+          cmd << " --name #{config[:instance_name]}" if config[:instance_name]
+          cmd << ' -P' if config[:publish_all]
+          cmd << " -h #{config[:hostname]}" if config[:hostname]
+          cmd << " -m #{config[:memory]}" if config[:memory]
+          cmd << " -c #{config[:cpu]}" if config[:cpu]
+          cmd << " --gpus #{config[:gpus]}" if config[:gpus]
+          cmd << " -e http_proxy=#{config[:http_proxy]}" if config[:http_proxy]
+          cmd << " -e https_proxy=#{config[:https_proxy]}" if config[:https_proxy]
+          cmd << ' --privileged' if config[:privileged]
+          cmd << " --isolation #{config[:isolation]}" if config[:isolation]
+          Array(config[:cap_add]).each { |cap| cmd << " --cap-add=#{cap}"} if config[:cap_add]
+          Array(config[:cap_drop]).each { |cap| cmd << " --cap-drop=#{cap}"} if config[:cap_drop]
+          Array(config[:security_opt]).each { |opt| cmd << " --security-opt=#{opt}"} if config[:security_opt]
+          cmd << " --platform=#{config[:docker_platform]}" if config[:docker_platform]
+          extra_run_options = config_to_options(config[:run_options])
+          cmd << " #{extra_run_options}" unless extra_run_options.empty?
+          cmd << " #{image_id} #{config[:run_command]}"
+          logger.debug("build_run_command: #{cmd}")
+          cmd
+        end
+
+        def build_exec_command(state, command)
+          cmd = 'exec'
+          cmd << ' -d' if config[:detach]
+          cmd << build_env_variable_args(config[:env_variables]) if config[:env_variables]
+          cmd << ' --privileged' if config[:privileged]
+          cmd << ' -t' if config[:tty]
+          cmd << ' -i' if config[:interactive]
+          cmd << " -u #{config[:username]}" if config[:username]
+          cmd << " -w #{config[:working_dir]}" if config[:working_dir]
+          cmd << " #{state[:container_id]}"
+          cmd << " #{command}"
+          logger.debug("build_exec_command: #{cmd}")
+          cmd
+        end
+
+        def build_copy_command(local_file, remote_file, opts = {})
+          cmd = 'cp'
+          cmd << ' -a' if opts[:archive]
+          cmd << " #{local_file} #{remote_file}"
+          cmd
+        end
+
+        def build_powershell_command(args)
+          cmd = 'powershell -ExecutionPolicy Bypass -NoLogo '
+          cmd << args
+          logger.debug("build_powershell_command: #{cmd}")
+          cmd
+        end
+
+        def build_env_variable_args(vars)
+          raise ActionFailed, 'Environment variables are not of a Hash type' unless vars.is_a?(Hash)
+
+          args = ''
+          vars.each do |k, v|
+            args << " -e #{k.to_s.strip}=\"#{v.to_s.strip}\""
+          end
+
+          args
+        end
+
+        def dev_null
+          case RbConfig::CONFIG['host_os']
+          when /mswin|msys|mingw|cygwin|bccwin|wince|emc/
+            'NUL'
+          else
+            '/dev/null'
+          end
+        end
+
+        def docker_shell_opts(options = {})
+          options[:live_stream] = nil if options[:suppress_output]
+          options.delete(:suppress_output)
+
+          options
+        end
+
+        # Convert the config input for `:build_options` or `:run_options` in to a
+        # command line string for use with Docker.
+        #
+        # @since 2.5.0
+        # @param config [nil, String, Array, Hash] Config data to convert.
+        # @return [String]
+        def config_to_options(config)
+          case config
+          when nil
+            ''
+          when String
+            config
+          when Array
+            config.map { |c| config_to_options(c) }.join(' ')
+          when Hash
+            config.map { |k, v| Array(v).map { |c| "--#{k}=#{Shellwords.escape(c)}" }.join(' ') }.join(' ')
+          end
+        end
+      end
+    end
+  end
+end