From 800bf5391a4adab0326a988f25cd9afb4bb5b40a Mon Sep 17 00:00:00 2001 From: Sonu Saha Date: Tue, 22 Mar 2022 11:56:41 +0530 Subject: [PATCH] CFINSPEC-85: Add unit test to check for mounted volumes Signed-off-by: Sonu Saha --- test/fixtures/cmd/docker-inspect | 233 +++++++++++++++++++ test/helpers/mock_loader.rb | 1 + test/unit/resources/docker_container_test.rb | 5 + 3 files changed, 239 insertions(+) create mode 100644 test/fixtures/cmd/docker-inspect diff --git a/test/fixtures/cmd/docker-inspect b/test/fixtures/cmd/docker-inspect new file mode 100644 index 000000000..9539355cb --- /dev/null +++ b/test/fixtures/cmd/docker-inspect @@ -0,0 +1,233 @@ +[ + { + "Id": "36a981f1ec0d3d1c7f7779671dc79e011f2bb691b6eeb2c43b05edee02b79539", + "Created": "2022-03-21T05:23:13.178761971Z", + "Path": "/docker-entrypoint.sh", + "Args": [ + "nginx", + "-g", + "daemon off;" + ], + "State": { + "Status": "running", + "Running": true, + "Paused": false, + "Restarting": false, + "OOMKilled": false, + "Dead": false, + "Pid": 2424, + "ExitCode": 0, + "Error": "", + "StartedAt": "2022-03-21T05:23:13.435779679Z", + "FinishedAt": "0001-01-01T00:00:00Z" + }, + "Image": "sha256:4f6e44d5fceb133ca9d0e4baccaa2dfd721f2c5f951d1a28ca7fd4cf5f2b04a1", + "ResolvConfPath": "/var/lib/docker/containers/36a981f1ec0d3d1c7f7779671dc79e011f2bb691b6eeb2c43b05edee02b79539/resolv.conf", + "HostnamePath": "/var/lib/docker/containers/36a981f1ec0d3d1c7f7779671dc79e011f2bb691b6eeb2c43b05edee02b79539/hostname", + "HostsPath": "/var/lib/docker/containers/36a981f1ec0d3d1c7f7779671dc79e011f2bb691b6eeb2c43b05edee02b79539/hosts", + "LogPath": "/var/lib/docker/containers/36a981f1ec0d3d1c7f7779671dc79e011f2bb691b6eeb2c43b05edee02b79539/36a981f1ec0d3d1c7f7779671dc79e011f2bb691b6eeb2c43b05edee02b79539-json.log", + "Name": "/trusting_williams", + "RestartCount": 0, + "Driver": "overlay2", + "Platform": "linux", + "MountLabel": "", + "ProcessLabel": "", + "AppArmorProfile": "", + "ExecIDs": null, + "HostConfig": { + "Binds": null, + "ContainerIDFile": "", + "LogConfig": { + "Type": "json-file", + "Config": {} + }, + "NetworkMode": "default", + "PortBindings": {}, + "RestartPolicy": { + "Name": "no", + "MaximumRetryCount": 0 + }, + "AutoRemove": false, + "VolumeDriver": "", + "VolumesFrom": null, + "CapAdd": null, + "CapDrop": null, + "CgroupnsMode": "private", + "Dns": [], + "DnsOptions": [], + "DnsSearch": [], + "ExtraHosts": null, + "GroupAdd": null, + "IpcMode": "private", + "Cgroup": "", + "Links": null, + "OomScoreAdj": 0, + "PidMode": "", + "Privileged": false, + "PublishAllPorts": false, + "ReadonlyRootfs": false, + "SecurityOpt": null, + "UTSMode": "", + "UsernsMode": "", + "ShmSize": 67108864, + "Runtime": "runc", + "ConsoleSize": [ + 0, + 0 + ], + "Isolation": "", + "CpuShares": 0, + "Memory": 0, + "NanoCpus": 0, + "CgroupParent": "", + "BlkioWeight": 0, + "BlkioWeightDevice": [], + "BlkioDeviceReadBps": null, + "BlkioDeviceWriteBps": null, + "BlkioDeviceReadIOps": null, + "BlkioDeviceWriteIOps": null, + "CpuPeriod": 0, + "CpuQuota": 0, + "CpuRealtimePeriod": 0, + "CpuRealtimeRuntime": 0, + "CpusetCpus": "", + "CpusetMems": "", + "Devices": [], + "DeviceCgroupRules": null, + "DeviceRequests": null, + "KernelMemory": 0, + "KernelMemoryTCP": 0, + "MemoryReservation": 0, + "MemorySwap": 0, + "MemorySwappiness": null, + "OomKillDisable": null, + "PidsLimit": null, + "Ulimits": null, + "CpuCount": 0, + "CpuPercent": 0, + "IOMaximumIOps": 0, + "IOMaximumBandwidth": 0, + "Mounts": [ + { + "Type": "volume", + "Source": "myvol2", + "Target": "/app" + } + ], + "MaskedPaths": [ + "/proc/asound", + "/proc/acpi", + "/proc/kcore", + "/proc/keys", + "/proc/latency_stats", + "/proc/timer_list", + "/proc/timer_stats", + "/proc/sched_debug", + "/proc/scsi", + "/sys/firmware" + ], + "ReadonlyPaths": [ + "/proc/bus", + "/proc/fs", + "/proc/irq", + "/proc/sys", + "/proc/sysrq-trigger" + ] + }, + "GraphDriver": { + "Data": { + "LowerDir": "/var/lib/docker/overlay2/1424effcec0fdc7234402663637c2cbd466d84f30a2838b6be2c3f074d9ce2a9-init/diff:/var/lib/docker/overlay2/409f4ed0129c77297201c41fe3ededa514f4b7ee3a01324917cf81cdb227f8f4/diff:/var/lib/docker/overlay2/81db7ba78e6a85e259f501b6ef0199e1c2566bf0db45a159e8d94f7beb994ccf/diff:/var/lib/docker/overlay2/b1ba5f1241fa00ba1d93e8818109633c047b80388d9cea734ea360c4b06fd832/diff:/var/lib/docker/overlay2/c965bed4b998eba7c9a2ce1aef1592d5f290eccfe648e18ecb22ce259689b464/diff:/var/lib/docker/overlay2/873a23b96e84ccc65851bc82d541da545eded80455518069944b28828663845c/diff:/var/lib/docker/overlay2/e4b850cefce408a53da3a08276983ff227c2e020883ad41d6f363dfa96853893/diff", + "MergedDir": "/var/lib/docker/overlay2/1424effcec0fdc7234402663637c2cbd466d84f30a2838b6be2c3f074d9ce2a9/merged", + "UpperDir": "/var/lib/docker/overlay2/1424effcec0fdc7234402663637c2cbd466d84f30a2838b6be2c3f074d9ce2a9/diff", + "WorkDir": "/var/lib/docker/overlay2/1424effcec0fdc7234402663637c2cbd466d84f30a2838b6be2c3f074d9ce2a9/work" + }, + "Name": "overlay2" + }, + "Mounts": [ + { + "Type": "volume", + "Name": "myvol2", + "Source": "/var/lib/docker/volumes/myvol2/_data", + "Destination": "/app", + "Driver": "local", + "Mode": "z", + "RW": true, + "Propagation": "" + } + ], + "Config": { + "Hostname": "36a981f1ec0d", + "Domainname": "", + "User": "", + "AttachStdin": false, + "AttachStdout": false, + "AttachStderr": false, + "ExposedPorts": { + "80/tcp": {} + }, + "Tty": false, + "OpenStdin": false, + "StdinOnce": false, + "Env": [ + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", + "NGINX_VERSION=1.21.6", + "NJS_VERSION=0.7.2", + "PKG_RELEASE=1~bullseye" + ], + "Cmd": [ + "nginx", + "-g", + "daemon off;" + ], + "Image": "nginx:latest", + "Volumes": null, + "WorkingDir": "", + "Entrypoint": [ + "/docker-entrypoint.sh" + ], + "OnBuild": null, + "Labels": { + "maintainer": "NGINX Docker Maintainers \u003cdocker-maint@nginx.com\u003e" + }, + "StopSignal": "SIGQUIT" + }, + "NetworkSettings": { + "Bridge": "", + "SandboxID": "cd498ab32e4f029504a92da8a44822188857f98da6f0f54ea7dc087733b88f01", + "HairpinMode": false, + "LinkLocalIPv6Address": "", + "LinkLocalIPv6PrefixLen": 0, + "Ports": { + "80/tcp": null + }, + "SandboxKey": "/var/run/docker/netns/cd498ab32e4f", + "SecondaryIPAddresses": null, + "SecondaryIPv6Addresses": null, + "EndpointID": "5b76a7779528d8ac8e222da8298e82136ca6928a5af1b5b1e731b7d01486fb3e", + "Gateway": "172.17.0.1", + "GlobalIPv6Address": "", + "GlobalIPv6PrefixLen": 0, + "IPAddress": "172.17.0.4", + "IPPrefixLen": 16, + "IPv6Gateway": "", + "MacAddress": "02:42:ac:11:00:04", + "Networks": { + "bridge": { + "IPAMConfig": null, + "Links": null, + "Aliases": null, + "NetworkID": "7507315d62a18bb05ad4e14dd6ecb5341d23884aa8cf919ad821ad1068d2ac8f", + "EndpointID": "5b76a7779528d8ac8e222da8298e82136ca6928a5af1b5b1e731b7d01486fb3e", + "Gateway": "172.17.0.1", + "IPAddress": "172.17.0.4", + "IPPrefixLen": 16, + "IPv6Gateway": "", + "GlobalIPv6Address": "", + "GlobalIPv6PrefixLen": 0, + "MacAddress": "02:42:ac:11:00:04", + "DriverOpts": null + } + } + } + } +] diff --git a/test/helpers/mock_loader.rb b/test/helpers/mock_loader.rb index 07fdf9369..061224ffc 100644 --- a/test/helpers/mock_loader.rb +++ b/test/helpers/mock_loader.rb @@ -471,6 +471,7 @@ class MockLoader "docker version --format '{{ json . }}'" => cmd.call("docker-version"), "docker info --format '{{ json . }}'" => cmd.call("docker-info"), "docker inspect 71b5df59442b" => cmd.call("docker-inspec"), + "docker inspect trusting_williams" => cmd.call("docker-inspect"), # inspect container to check for mounted volumes # docker images "83c36bfade9375ae1feb91023cd1f7409b786fd992ad4013bf0f2259d33d6406" => cmd.call("docker-images"), # docker services diff --git a/test/unit/resources/docker_container_test.rb b/test/unit/resources/docker_container_test.rb index e594ca197..912852c38 100644 --- a/test/unit/resources/docker_container_test.rb +++ b/test/unit/resources/docker_container_test.rb @@ -48,5 +48,10 @@ describe "Inspec::Resources::DockerContainer" do resource = load_resource("docker_container", "laughing_austin") _(resource.to_s).must_equal "Docker Container laughing_austin" end + + it "checks if a volume has been mounted for the docker resource" do + resource = load_resource("docker_container", "trusting_williams") + _(resource.has_volume?('/app', '/var/lib/docker/volumes/myvol2/_data')).must_equal true + end end end