valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-08 17:33:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7c212cbb2d
salt/tests/unit/modules/test_dockermod.py

833 lines
34 KiB
Python
Raw Normal View History

Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
# -*- coding: utf-8 -*-
'''
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
Unit tests for the docker module
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
'''
# Import Python Libs
[PY3] Add print_function import to files with unicode_literals already added This makes the 2.x usage invalid syntax and forces the use of print as a function. This adds the import to the files which I've updated in the last couple of days but forgot to add it.
2017-12-15 18:14:18 +00:00
from __future__ import absolute_import, print_function, unicode_literals
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
# Import Salt Testing Libs
Allow passing different loader_module_globals per loader_module
2017-03-21 23:56:24 +00:00
from tests.support.mixins import LoaderModuleMockMixin
Move whatever we need from salttesting to salt. Let's drop the salttesting dependency cycle.
2017-02-27 13:58:07 +00:00
from tests.support.unit import skipIf, TestCase
from tests.support.mock import (
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
MagicMock,
Mock,
NO_MOCK,
NO_MOCK_REASON,
patch
)
More conversion to __utils__ Also, actually using __utils__ here revealed several import errors in utils modules, so these needed to be dealt with.
2017-12-06 19:14:02 +00:00
import logging
log = logging.getLogger(__name__)
Fix Docker test for Py3 Move to Py3-compat nested context manager approach. Fix bug in thin generation where non-abs paths were not avoided.
2016-08-17 13:37:14 +00:00
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
# Import Salt Libs
Adjust a couple more tests to handle __utils__['state.check_result'] mocking
2017-09-05 14:11:11 +00:00
import salt.config
import salt.loader
Maintain two different tests for Py2 vs 3 in dockerng_test file
2016-09-01 17:01:39 +00:00
from salt.ext.six.moves import range
Overhaul Docker support This does the following: - Splits states for container/volume/image/network management into four separate state modules. - Preserves backward compatibility by making ``docker.image_present`` invoke ``docker_image.present``, etc. - Changes how Salt detects that a container needs to be replaced. Instead of comparing each passed argument to the named container's configuration, it creates a temporary container, and compares that container to the named container. If the two differ, then the older container is removed, and the new one is renamed and started, becoming the named container. - Removes the unit tests for container management and replaces them with integration tests. - Adds unit tests for the new salt.utils.docker
2017-03-13 20:34:28 +00:00
from salt.exceptions import CommandExecutionError
Rename docker execution module to avoid shadowing in the loader With the merging of #39996, salt/modules/docker.py now imports salt.utils.docker. However, our loader appends the module dir (in this case salt/modules/) to sys.path temporarily for the length of the loading process. So, as the docker execution module tries to import salt.utils.docker, when salt.utils.docker attempts to do an "import docker", and docker-py is *not* installed, this results in salt/modules/docker.py (the docker execution module) being loaded in its place, which results in tracebacks in the minion log. Renaming the docker execution module keeps this import shadowing from occurring. Note that we don't need to do this for the placeholder salt/states/docker.py as it does not import salt.utils.docker.
2017-03-23 20:33:56 +00:00
import salt.modules.dockermod as docker_mod
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
Skip test if docker-py is not installed
2015-09-28 17:53:10 +00:00
def _docker_py_version():
Fix a weird import issue ``` ImportError: Failed to import test module: unit.modules.docker_test Traceback (most recent call last): File "/usr/lib64/python2.7/unittest/loader.py", line 252, in _find_tests module = self._get_module_from_name(name) File "/usr/lib64/python2.7/unittest/loader.py", line 230, in _get_module_from_name __import__(name) File "/testing/tests/unit/modules/docker_test.py", line 39, in <module> class DockerTestCase(TestCase): File "/testing/tests/unit/modules/docker_test.py", line 103, in DockerTestCase @skipIf(_docker_py_version() < (1, 4, 0), File "/testing/tests/unit/modules/docker_test.py", line 34, in _docker_py_version return docker_mod.docker.version_info AttributeError: 'module' object has no attribute 'version_info' ```
2017-02-24 00:26:28 +00:00
try:
if docker_mod.HAS_DOCKER_PY:
return docker_mod.docker.version_info
except AttributeError:
pass
Fix skipIf call and _docker_py_version
2017-02-23 01:20:12 +00:00
return (0,)
Skip test if docker-py is not installed
2015-09-28 17:53:10 +00:00
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
@skipIf(NO_MOCK, NO_MOCK_REASON)
Pylint fix
2017-03-21 19:39:34 +00:00
@skipIf(docker_mod.HAS_DOCKER_PY is False, 'docker-py must be installed to run these tests. Skipping.')
Allow passing different loader_module_globals per loader_module
2017-03-21 23:56:24 +00:00
class DockerTestCase(TestCase, LoaderModuleMockMixin):
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
'''
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
Validate docker module
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
'''
Adjust to the new LoaderModuleMockMixin usage
2017-03-22 12:12:36 +00:00
def setup_loader_modules(self):
Adjust a couple more tests to handle __utils__['state.check_result'] mocking
2017-09-05 14:11:11 +00:00
utils = salt.loader.utils(
salt.config.DEFAULT_MINION_OPTS,
whitelist=['state']
)
More conversion to __utils__ Also, actually using __utils__ here revealed several import errors in utils modules, so these needed to be dealt with.
2017-12-06 19:14:02 +00:00
# Force the LazyDict to populate its references. Otherwise the lookup
# will fail inside the unit tests.
Make lazydict workaround PY3-compatible
2017-12-19 17:12:10 +00:00
list(utils)
Adjust a couple more tests to handle __utils__['state.check_result'] mocking
2017-09-05 14:11:11 +00:00
return {docker_mod: {'__context__': {'docker.docker_version': ''},
'__utils__': utils}}
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
Merge branch '2016.11' into 'develop' Conflicts: - salt/template.py - tests/unit/modules/dockerng_test.py
2017-03-30 18:32:24 +00:00
try:
docker_version = docker_mod.docker.version_info
except AttributeError:
docker_version = 0,
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
def setUp(self):
'''
Ensure we aren't persisting context dunders between tests
'''
docker_mod.__context__.pop('docker.client', None)
add unit test for failed login
2018-03-22 07:57:16 +00:00
def test_failed_login(self):
'''
Check that when docker.login failed a retcode other then 0
is part of the return.
'''
client = Mock()
get_client_mock = MagicMock(return_value=client)
ref_out = {
'stdout': '',
'stderr': 'login failed',
'retcode': 1
}
with patch.dict(docker_mod.__pillar__, {'docker-registries': {'portus.example.com:5000':
{'username': 'admin', 'password': 'linux12345', 'email': 'tux@example.com'}}}):
with patch.object(docker_mod, '_get_client', get_client_mock):
with patch.dict(docker_mod.__salt__, {'cmd.run_all': MagicMock(return_value=ref_out)}):
ret = docker_mod.login('portus.example.com:5000')
fix checking test results
2018-03-22 15:31:46 +00:00
self.assertIn('retcode', ret)
self.assertNotEqual(ret['retcode'], 0)
add unit test for failed login
2018-03-22 07:57:16 +00:00
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
def test_ps_with_host_true(self):
'''
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
Check that docker.ps called with host is ``True``,
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
include resutlt of ``network.interfaces`` command in returned result.
'''
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
client = Mock()
client.containers = MagicMock(return_value=[])
get_client_mock = MagicMock(return_value=client)
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
network_interfaces = Mock(return_value={'mocked': None})
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__salt__,
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
{'network.interfaces': network_interfaces}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
ret = docker_mod.ps_(host=True)
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
self.assertEqual(ret,
{'host': {'interfaces': {'mocked': None}}})
pass filters argument to dockerng.ps
2015-10-07 13:06:16 +00:00
def test_ps_with_filters(self):
'''
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
Check that docker.ps accept filters parameter.
pass filters argument to dockerng.ps
2015-10-07 13:06:16 +00:00
'''
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
client = Mock()
client.containers = MagicMock(return_value=[])
get_client_mock = MagicMock(return_value=client)
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod.ps_(filters={'label': 'KEY'})
pass filters argument to dockerng.ps
2015-10-07 13:06:16 +00:00
client.containers.assert_called_once_with(
all=True,
filters={'label': 'KEY'})
Drop `@patch` usage
2017-04-10 13:00:57 +00:00
def test_check_mine_cache_is_refreshed_on_container_change_event(self):
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
'''
Every command that might modify docker containers state.
Should trig an update on ``mine.send``
'''
Drop `@patch` usage
2017-04-10 13:00:57 +00:00
with patch.object(docker_mod, '_get_exec_driver'):
client_args_mock = MagicMock(return_value={
'create_container': [
'image', 'command', 'hostname', 'user', 'detach', 'stdin_open',
'tty', 'ports', 'environment', 'volumes', 'network_disabled',
'name', 'entrypoint', 'working_dir', 'domainname', 'cpuset',
'host_config', 'mac_address', 'labels', 'volume_driver',
'stop_signal', 'networking_config', 'healthcheck',
'stop_timeout'],
'host_config': [
'binds', 'port_bindings', 'lxc_conf', 'publish_all_ports',
'links', 'privileged', 'dns', 'dns_search', 'volumes_from',
'network_mode', 'restart_policy', 'cap_add', 'cap_drop',
'devices', 'extra_hosts', 'read_only', 'pid_mode', 'ipc_mode',
'security_opt', 'ulimits', 'log_config', 'mem_limit',
'memswap_limit', 'mem_reservation', 'kernel_memory',
'mem_swappiness', 'cgroup_parent', 'group_add', 'cpu_quota',
'cpu_period', 'blkio_weight', 'blkio_weight_device',
'device_read_bps', 'device_write_bps', 'device_read_iops',
'device_write_iops', 'oom_kill_disable', 'shm_size', 'sysctls',
'tmpfs', 'oom_score_adj', 'dns_opt', 'cpu_shares',
'cpuset_cpus', 'userns_mode', 'pids_limit', 'isolation',
'auto_remove', 'storage_opt'],
'networking_config': [
'aliases', 'links', 'ipv4_address', 'ipv6_address',
'link_local_ips'],
}
)
for command_name, args in (('create', ()),
('rm_', ()),
('kill', ()),
('pause', ()),
('signal_', ('KILL',)),
Many improvements to docker network and container states Much Improved Support for Docker Networking =========================================== The `docker_network.present` state has undergone a full rewrite, which includes the following improvements: Full API Support for Network Management --------------------------------------- The improvements made to input handling in the `docker_container.running` state for 2017.7.0 have now been expanded to docker_network.present`. This brings with it full support for all tunable configuration arguments. Custom Subnets -------------- Custom subnets can now be configured. Both IPv4 and mixed IPv4/IPv6 networks are supported. Network Configuration in :py:func:`docker_container.running` States ------------------------------------------------------------------- It is now possible to configure static IPv4/IPv6 addresses, as well as links and labels. Improved Handling of Images from Custom Registries ================================================== Rather than attempting to parse the tag from the passed image name, Salt will now resolve that tag down to an image ID and use that ID instead. Due to this change, there are some backward-incompatible changes to image management. See below for a full list of these changes. Backward-incompatible Changes to Docker Image Management -------------------------------------------------------- Passing image names to the following functions must now be done using separate `repository` and `tag` arguments: - `docker.build` - `docker.commit` - `docker.import` - `docker.load` - `docker.tag` - `docker.sls_build` Additionally, the `tag` argument must now be explicitly passed to the `docker_image.present` state, unless the image is being pulled from a docker registry.
2017-11-01 02:04:41 +00:00
('start_', ()),
Drop `@patch` usage
2017-04-10 13:00:57 +00:00
('stop', ()),
('unpause', ()),
('_run', ('command',)),
('_script', ('command',)),
):
mine_send = Mock()
command = getattr(docker_mod, command_name)
client = MagicMock()
client.api_version = '1.12'
with patch.dict(docker_mod.__salt__,
{'mine.send': mine_send,
'container_resource.run': MagicMock(),
allow docker util to be reloaded with reload_modules If we reference the actual import, the utils module won't be reloaded, but if we use `__utils__` it can be reloaded on a pip install
2017-08-21 15:35:46 +00:00
'cp.cache_file': MagicMock(return_value=False)}):
with patch.dict(docker_mod.__utils__,
{'docker.get_client_args': client_args_mock}):
with patch.object(docker_mod, '_get_client', client):
command('container', *args)
Drop `@patch` usage
2017-04-10 13:00:57 +00:00
mine_send.assert_called_with('docker.ps', verbose=True, all=True,
host=True)
Migrate salt.mine to dockerng
2015-05-26 16:00:05 +00:00
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
@skipIf(_docker_py_version() < (1, 5, 0),
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_list_networks(self, *args):
'''
test list networks.
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
host_config = {}
client = Mock()
client.api_version = '1.21'
Many improvements to docker network and container states Much Improved Support for Docker Networking =========================================== The `docker_network.present` state has undergone a full rewrite, which includes the following improvements: Full API Support for Network Management --------------------------------------- The improvements made to input handling in the `docker_container.running` state for 2017.7.0 have now been expanded to docker_network.present`. This brings with it full support for all tunable configuration arguments. Custom Subnets -------------- Custom subnets can now be configured. Both IPv4 and mixed IPv4/IPv6 networks are supported. Network Configuration in :py:func:`docker_container.running` States ------------------------------------------------------------------- It is now possible to configure static IPv4/IPv6 addresses, as well as links and labels. Improved Handling of Images from Custom Registries ================================================== Rather than attempting to parse the tag from the passed image name, Salt will now resolve that tag down to an image ID and use that ID instead. Due to this change, there are some backward-incompatible changes to image management. See below for a full list of these changes. Backward-incompatible Changes to Docker Image Management -------------------------------------------------------- Passing image names to the following functions must now be done using separate `repository` and `tag` arguments: - `docker.build` - `docker.commit` - `docker.import` - `docker.load` - `docker.tag` - `docker.sls_build` Additionally, the `tag` argument must now be explicitly passed to the `docker_image.present` state, unless the image is being pulled from a docker registry.
2017-11-01 02:04:41 +00:00
client.networks = Mock(return_value=[
{'Name': 'foo',
'Id': '01234',
'Containers': {}}
])
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
docker_mod.networks(names=['foo'], ids=['01234'])
client.networks.assert_called_once_with(names=['foo'], ids=['01234'])
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_create_network(self, *args):
'''
test create network.
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
host_config = {}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
dockerng: avoid network duplication and add driver_opts
2017-04-18 18:25:46 +00:00
docker_mod.create_network('foo',
driver='bridge',
Add support for IPAM config in Docker networks Fixes #43047
2017-08-17 06:26:08 +00:00
driver_opts={},
gateway='192.168.0.1',
ip_range='192.168.0.128/25',
subnet='192.168.0.0/24'
)
dockerng: avoid network duplication and add driver_opts
2017-04-18 18:25:46 +00:00
client.create_network.assert_called_once_with('foo',
driver='bridge',
options={},
Add support for IPAM config in Docker networks Fixes #43047
2017-08-17 06:26:08 +00:00
ipam={
'Config': [{
'Gateway': '192.168.0.1',
'IPRange': '192.168.0.128/25',
'Subnet': '192.168.0.0/24'
}],
'Driver': 'default',
},
dockerng: avoid network duplication and add driver_opts
2017-04-18 18:25:46 +00:00
check_duplicate=True)
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_remove_network(self, *args):
'''
test remove network.
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
host_config = {}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod.remove_network('foo')
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
client.remove_network.assert_called_once_with('foo')
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_inspect_network(self, *args):
'''
test inspect network.
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
host_config = {}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod.inspect_network('foo')
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
client.inspect_network.assert_called_once_with('foo')
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_connect_container_to_network(self, *args):
'''
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
test connect_container_to_network
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
host_config = {}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Fixes for docker tests These tests were failing because of improper mocking. The mocks were assigned to the __salt__ dunder but we should have been patching the attributes of the docker execution module directly.
2017-02-19 01:14:22 +00:00
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
context = {'docker.exec_driver': 'docker-exec'}
Fixes for docker tests These tests were failing because of improper mocking. The mocks were assigned to the __salt__ dunder but we should have been patching the attributes of the docker execution module directly.
2017-02-19 01:14:22 +00:00
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
{'__salt__': __salt__}):
Fixes for docker tests These tests were failing because of improper mocking. The mocks were assigned to the __salt__ dunder but we should have been patching the attributes of the docker execution module directly.
2017-02-19 01:14:22 +00:00
with patch.dict(docker_mod.__context__, context):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
docker_mod.connect_container_to_network('container', 'foo')
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
client.connect_container_to_network.assert_called_once_with(
Many improvements to docker network and container states Much Improved Support for Docker Networking =========================================== The `docker_network.present` state has undergone a full rewrite, which includes the following improvements: Full API Support for Network Management --------------------------------------- The improvements made to input handling in the `docker_container.running` state for 2017.7.0 have now been expanded to docker_network.present`. This brings with it full support for all tunable configuration arguments. Custom Subnets -------------- Custom subnets can now be configured. Both IPv4 and mixed IPv4/IPv6 networks are supported. Network Configuration in :py:func:`docker_container.running` States ------------------------------------------------------------------- It is now possible to configure static IPv4/IPv6 addresses, as well as links and labels. Improved Handling of Images from Custom Registries ================================================== Rather than attempting to parse the tag from the passed image name, Salt will now resolve that tag down to an image ID and use that ID instead. Due to this change, there are some backward-incompatible changes to image management. See below for a full list of these changes. Backward-incompatible Changes to Docker Image Management -------------------------------------------------------- Passing image names to the following functions must now be done using separate `repository` and `tag` arguments: - `docker.build` - `docker.commit` - `docker.import` - `docker.load` - `docker.tag` - `docker.sls_build` Additionally, the `tag` argument must now be explicitly passed to the `docker_image.present` state, unless the image is being pulled from a docker registry.
2017-11-01 02:04:41 +00:00
'container', 'foo')
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_disconnect_container_from_network(self, *args):
'''
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
test disconnect_container_from_network
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
host_config = {}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod.disconnect_container_from_network('container', 'foo')
Add expose networking to modules.dockerng
2015-11-23 11:27:36 +00:00
client.disconnect_container_from_network.assert_called_once_with(
'container', 'foo')
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_list_volumes(self, *args):
'''
test list volumes.
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod.volumes(
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
filters={'dangling': [True]},
)
client.volumes.assert_called_once_with(
filters={'dangling': [True]},
)
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_create_volume(self, *args):
'''
test create volume.
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod.create_volume(
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
'foo',
driver='bridge',
driver_opts={},
)
client.create_volume.assert_called_once_with(
'foo',
driver='bridge',
driver_opts={},
)
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_remove_volume(self, *args):
'''
test remove volume.
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod.remove_volume('foo')
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
client.remove_volume.assert_called_once_with('foo')
Merge branch '2016.11' into 'develop' Conflicts: - doc/ref/cache/all/index.rst - doc/topics/cache/index.rst - salt/cache/localfs.py - salt/modules/boto_rds.py - salt/roster/cloud.py - salt/states/virtualenv_mod.py - tests/integration/states/test_archive.py - tests/unit/modules/test_dockermod.py - tests/unit/states/dockerng_test.py
2017-03-28 23:09:30 +00:00
@skipIf(docker_version < (1, 5, 0),
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
'docker module must be installed to run this test or is too old. >=1.5.0')
def test_inspect_volume(self, *args):
'''
test inspect volume.
'''
__salt__ = {
'config.get': Mock(),
'mine.send': Mock(),
}
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.dict(docker_mod.__dict__,
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
{'__salt__': __salt__}):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod.inspect_volume('foo')
Add execution module to manage docker volumes
2015-12-01 10:16:55 +00:00
client.inspect_volume.assert_called_once_with('foo')
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
def test_wait_success(self):
client = Mock()
client.api_version = '1.21'
client.wait = Mock(return_value=0)
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_inspect_container = Mock(side_effect=[
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
{'State': {'Running': True}},
{'State': {'Stopped': True}}])
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.object(docker_mod, 'inspect_container',
docker_inspect_container):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod._clear_context()
result = docker_mod.wait('foo')
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
self.assertEqual(result, {'result': True,
'exit_status': 0,
'state': {'new': 'stopped',
'old': 'running'}})
def test_wait_fails_already_stopped(self):
client = Mock()
client.api_version = '1.21'
client.wait = Mock(return_value=0)
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_inspect_container = Mock(side_effect=[
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
{'State': {'Stopped': True}},
{'State': {'Stopped': True}},
])
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.object(docker_mod, 'inspect_container',
docker_inspect_container):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod._clear_context()
result = docker_mod.wait('foo')
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
self.assertEqual(result, {'result': False,
'comment': "Container 'foo' already stopped",
'exit_status': 0,
'state': {'new': 'stopped',
'old': 'stopped'}})
def test_wait_success_already_stopped(self):
client = Mock()
client.api_version = '1.21'
client.wait = Mock(return_value=0)
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_inspect_container = Mock(side_effect=[
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
{'State': {'Stopped': True}},
{'State': {'Stopped': True}},
])
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.object(docker_mod, 'inspect_container',
docker_inspect_container):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod._clear_context()
result = docker_mod.wait('foo', ignore_already_stopped=True)
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
self.assertEqual(result, {'result': True,
'comment': "Container 'foo' already stopped",
'exit_status': 0,
'state': {'new': 'stopped',
'old': 'stopped'}})
def test_wait_success_absent_container(self):
client = Mock()
client.api_version = '1.21'
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_inspect_container = Mock(side_effect=CommandExecutionError)
with patch.object(docker_mod, 'inspect_container',
docker_inspect_container):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod._clear_context()
result = docker_mod.wait('foo', ignore_already_stopped=True)
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
self.assertEqual(result, {'result': True,
'comment': "Container 'foo' absent"})
def test_wait_fails_on_exit_status(self):
client = Mock()
client.api_version = '1.21'
client.wait = Mock(return_value=1)
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_inspect_container = Mock(side_effect=[
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
{'State': {'Running': True}},
{'State': {'Stopped': True}}])
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.object(docker_mod, 'inspect_container',
docker_inspect_container):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod._clear_context()
result = docker_mod.wait('foo', fail_on_exit_status=True)
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
self.assertEqual(result, {'result': False,
'exit_status': 1,
'state': {'new': 'stopped',
'old': 'running'}})
def test_wait_fails_on_exit_status_and_already_stopped(self):
client = Mock()
client.api_version = '1.21'
client.wait = Mock(return_value=1)
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_inspect_container = Mock(side_effect=[
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
{'State': {'Stopped': True}},
{'State': {'Stopped': True}}])
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
with patch.object(docker_mod, 'inspect_container',
docker_inspect_container):
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod._clear_context()
result = docker_mod.wait('foo',
Enhance dockerng.wait() to control success on exit_code and on already stopped containers (#32475)
2016-04-13 14:16:26 +00:00
ignore_already_stopped=True,
fail_on_exit_status=True)
self.assertEqual(result, {'result': False,
'comment': "Container 'foo' already stopped",
'exit_status': 1,
'state': {'new': 'stopped',
'old': 'stopped'}})
first version of building docker images
2016-07-06 07:14:49 +00:00
def test_sls_build(self, *args):
'''
test build sls image.
'''
docker_start_mock = MagicMock(
return_value={})
docker_create_mock = MagicMock(
return_value={'Id': 'ID', 'Name': 'NAME'})
docker_stop_mock = MagicMock(
return_value={'state': {'old': 'running', 'new': 'stopped'},
'result': True})
allow sls_build to be used with states
2017-02-16 20:33:21 +00:00
docker_rm_mock = MagicMock(return_value={})
first version of building docker images
2016-07-06 07:14:49 +00:00
docker_commit_mock = MagicMock(
return_value={'Id': 'ID2', 'Image': 'foo', 'Time_Elapsed': 42})
docker_sls_mock = MagicMock(
return_value={
"file_|-/etc/test.sh_|-/etc/test.sh_|-managed": {
"comment": "File /etc/test.sh is in the correct state",
"name": "/etc/test.sh",
"start_time": "07:04:26.834792",
"result": True,
"duration": 13.492,
"__run_num__": 0,
"changes": {}
},
"test_|-always-passes_|-foo_|-succeed_without_changes": {
"comment": "Success!",
"name": "foo",
"start_time": "07:04:26.848915",
"result": True,
"duration": 0.363,
"__run_num__": 1,
"changes": {}
}
})
test return value
2016-07-06 07:37:14 +00:00
ret = None
Many improvements to docker network and container states Much Improved Support for Docker Networking =========================================== The `docker_network.present` state has undergone a full rewrite, which includes the following improvements: Full API Support for Network Management --------------------------------------- The improvements made to input handling in the `docker_container.running` state for 2017.7.0 have now been expanded to docker_network.present`. This brings with it full support for all tunable configuration arguments. Custom Subnets -------------- Custom subnets can now be configured. Both IPv4 and mixed IPv4/IPv6 networks are supported. Network Configuration in :py:func:`docker_container.running` States ------------------------------------------------------------------- It is now possible to configure static IPv4/IPv6 addresses, as well as links and labels. Improved Handling of Images from Custom Registries ================================================== Rather than attempting to parse the tag from the passed image name, Salt will now resolve that tag down to an image ID and use that ID instead. Due to this change, there are some backward-incompatible changes to image management. See below for a full list of these changes. Backward-incompatible Changes to Docker Image Management -------------------------------------------------------- Passing image names to the following functions must now be done using separate `repository` and `tag` arguments: - `docker.build` - `docker.commit` - `docker.import` - `docker.load` - `docker.tag` - `docker.sls_build` Additionally, the `tag` argument must now be explicitly passed to the `docker_image.present` state, unless the image is being pulled from a docker registry.
2017-11-01 02:04:41 +00:00
with patch.object(docker_mod, 'start_', docker_start_mock), \
patch.object(docker_mod, 'create', docker_create_mock), \
patch.object(docker_mod, 'stop', docker_stop_mock), \
patch.object(docker_mod, 'commit', docker_commit_mock), \
patch.object(docker_mod, 'sls', docker_sls_mock), \
patch.object(docker_mod, 'rm_', docker_rm_mock):
ret = docker_mod.sls_build('foo', mods='foo')
first version of building docker images
2016-07-06 07:14:49 +00:00
docker_create_mock.assert_called_once_with(
use sleep from path for docker.sls_build sleep sometimes is found in /bin/sleep, like in ubuntu. We should just depend on the PATH variable being correct, and finding sleep, instead of explicitly saying /usr/bin/sleep
2016-11-29 16:24:58 +00:00
cmd='sleep infinity',
allow sls_build to be used with states
2017-02-16 20:33:21 +00:00
image='opensuse/python', interactive=True, tty=True)
first version of building docker images
2016-07-06 07:14:49 +00:00
docker_start_mock.assert_called_once_with('ID')
Properly support pillarenv in docker.sls_build
2017-12-15 16:47:07 +00:00
docker_sls_mock.assert_called_once_with('ID', 'foo')
first version of building docker images
2016-07-06 07:14:49 +00:00
docker_stop_mock.assert_called_once_with('ID')
allow sls_build to be used with states
2017-02-16 20:33:21 +00:00
docker_rm_mock.assert_called_once_with('ID')
Many improvements to docker network and container states Much Improved Support for Docker Networking =========================================== The `docker_network.present` state has undergone a full rewrite, which includes the following improvements: Full API Support for Network Management --------------------------------------- The improvements made to input handling in the `docker_container.running` state for 2017.7.0 have now been expanded to docker_network.present`. This brings with it full support for all tunable configuration arguments. Custom Subnets -------------- Custom subnets can now be configured. Both IPv4 and mixed IPv4/IPv6 networks are supported. Network Configuration in :py:func:`docker_container.running` States ------------------------------------------------------------------- It is now possible to configure static IPv4/IPv6 addresses, as well as links and labels. Improved Handling of Images from Custom Registries ================================================== Rather than attempting to parse the tag from the passed image name, Salt will now resolve that tag down to an image ID and use that ID instead. Due to this change, there are some backward-incompatible changes to image management. See below for a full list of these changes. Backward-incompatible Changes to Docker Image Management -------------------------------------------------------- Passing image names to the following functions must now be done using separate `repository` and `tag` arguments: - `docker.build` - `docker.commit` - `docker.import` - `docker.load` - `docker.tag` - `docker.sls_build` Additionally, the `tag` argument must now be explicitly passed to the `docker_image.present` state, unless the image is being pulled from a docker registry.
2017-11-01 02:04:41 +00:00
docker_commit_mock.assert_called_once_with('ID', 'foo', tag='latest')
test return value
2016-07-06 07:37:14 +00:00
self.assertEqual(
{'Id': 'ID2', 'Image': 'foo', 'Time_Elapsed': 42}, ret)
first version of building docker images
2016-07-06 07:14:49 +00:00
added unit test for dockerng.sls_build dryrun option (#39305)
2017-02-10 23:11:26 +00:00
def test_sls_build_dryrun(self, *args):
'''
test build sls image in dryrun mode.
'''
docker_start_mock = MagicMock(
return_value={})
docker_create_mock = MagicMock(
return_value={'Id': 'ID', 'Name': 'NAME'})
docker_stop_mock = MagicMock(
return_value={'state': {'old': 'running', 'new': 'stopped'},
'result': True})
docker_rm_mock = MagicMock(
return_value={})
docker_sls_mock = MagicMock(
return_value={
"file_|-/etc/test.sh_|-/etc/test.sh_|-managed": {
"comment": "File /etc/test.sh is in the correct state",
"name": "/etc/test.sh",
"start_time": "07:04:26.834792",
"result": True,
"duration": 13.492,
"__run_num__": 0,
"changes": {}
},
"test_|-always-passes_|-foo_|-succeed_without_changes": {
"comment": "Success!",
"name": "foo",
"start_time": "07:04:26.848915",
"result": True,
"duration": 0.363,
"__run_num__": 1,
"changes": {}
}
})
ret = None
Many improvements to docker network and container states Much Improved Support for Docker Networking =========================================== The `docker_network.present` state has undergone a full rewrite, which includes the following improvements: Full API Support for Network Management --------------------------------------- The improvements made to input handling in the `docker_container.running` state for 2017.7.0 have now been expanded to docker_network.present`. This brings with it full support for all tunable configuration arguments. Custom Subnets -------------- Custom subnets can now be configured. Both IPv4 and mixed IPv4/IPv6 networks are supported. Network Configuration in :py:func:`docker_container.running` States ------------------------------------------------------------------- It is now possible to configure static IPv4/IPv6 addresses, as well as links and labels. Improved Handling of Images from Custom Registries ================================================== Rather than attempting to parse the tag from the passed image name, Salt will now resolve that tag down to an image ID and use that ID instead. Due to this change, there are some backward-incompatible changes to image management. See below for a full list of these changes. Backward-incompatible Changes to Docker Image Management -------------------------------------------------------- Passing image names to the following functions must now be done using separate `repository` and `tag` arguments: - `docker.build` - `docker.commit` - `docker.import` - `docker.load` - `docker.tag` - `docker.sls_build` Additionally, the `tag` argument must now be explicitly passed to the `docker_image.present` state, unless the image is being pulled from a docker registry.
2017-11-01 02:04:41 +00:00
with patch.object(docker_mod, 'start_', docker_start_mock), \
patch.object(docker_mod, 'create', docker_create_mock), \
patch.object(docker_mod, 'stop', docker_stop_mock), \
patch.object(docker_mod, 'rm_', docker_rm_mock), \
patch.object(docker_mod, 'sls', docker_sls_mock):
ret = docker_mod.sls_build('foo', mods='foo', dryrun=True)
added unit test for dockerng.sls_build dryrun option (#39305)
2017-02-10 23:11:26 +00:00
docker_create_mock.assert_called_once_with(
cmd='sleep infinity',
allow sls_build to be used with states
2017-02-16 20:33:21 +00:00
image='opensuse/python', interactive=True, tty=True)
added unit test for dockerng.sls_build dryrun option (#39305)
2017-02-10 23:11:26 +00:00
docker_start_mock.assert_called_once_with('ID')
Properly support pillarenv in docker.sls_build
2017-12-15 16:47:07 +00:00
docker_sls_mock.assert_called_once_with('ID', 'foo')
added unit test for dockerng.sls_build dryrun option (#39305)
2017-02-10 23:11:26 +00:00
docker_stop_mock.assert_called_once_with('ID')
docker_rm_mock.assert_called_once_with('ID')
self.assertEqual(
{
"file_|-/etc/test.sh_|-/etc/test.sh_|-managed": {
"comment": "File /etc/test.sh is in the correct state",
"name": "/etc/test.sh",
"start_time": "07:04:26.834792",
"result": True,
"duration": 13.492,
"__run_num__": 0,
"changes": {}
},
"test_|-always-passes_|-foo_|-succeed_without_changes": {
"comment": "Success!",
"name": "foo",
"start_time": "07:04:26.848915",
"result": True,
"duration": 0.363,
"__run_num__": 1,
"changes": {}
}
},
ret)
Just use nested with statements so the test will work on all Pythons
2016-09-01 20:56:15 +00:00
def test_call_success(self):
testcase for call
2016-07-06 09:49:39 +00:00
'''
test module calling inside containers
'''
Maintain two different tests for Py2 vs 3 in dockerng_test file
2016-09-01 17:01:39 +00:00
ret = None
testcase for call
2016-07-06 09:49:39 +00:00
docker_run_all_mock = MagicMock(
return_value={
'retcode': 0,
'stdout': '{"retcode": 0, "comment": "container cmd"}',
'stderr': 'err',
})
docker_copy_to_mock = MagicMock(
return_value={
'retcode': 0
})
added unit test for dockerng.sls_build dryrun option (#39305)
2017-02-10 23:11:26 +00:00
docker_config_mock = MagicMock(
return_value=''
)
testcase for call
2016-07-06 09:49:39 +00:00
client = Mock()
client.put_archive = Mock()
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
testcase for call
2016-07-06 09:49:39 +00:00
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
context = {'docker.exec_driver': 'docker-exec'}
Fixes for docker tests These tests were failing because of improper mocking. The mocks were assigned to the __salt__ dunder but we should have been patching the attributes of the docker execution module directly.
2017-02-19 01:14:22 +00:00
salt_dunder = {'config.option': docker_config_mock}
Many improvements to docker network and container states Much Improved Support for Docker Networking =========================================== The `docker_network.present` state has undergone a full rewrite, which includes the following improvements: Full API Support for Network Management --------------------------------------- The improvements made to input handling in the `docker_container.running` state for 2017.7.0 have now been expanded to docker_network.present`. This brings with it full support for all tunable configuration arguments. Custom Subnets -------------- Custom subnets can now be configured. Both IPv4 and mixed IPv4/IPv6 networks are supported. Network Configuration in :py:func:`docker_container.running` States ------------------------------------------------------------------- It is now possible to configure static IPv4/IPv6 addresses, as well as links and labels. Improved Handling of Images from Custom Registries ================================================== Rather than attempting to parse the tag from the passed image name, Salt will now resolve that tag down to an image ID and use that ID instead. Due to this change, there are some backward-incompatible changes to image management. See below for a full list of these changes. Backward-incompatible Changes to Docker Image Management -------------------------------------------------------- Passing image names to the following functions must now be done using separate `repository` and `tag` arguments: - `docker.build` - `docker.commit` - `docker.import` - `docker.load` - `docker.tag` - `docker.sls_build` Additionally, the `tag` argument must now be explicitly passed to the `docker_image.present` state, unless the image is being pulled from a docker registry.
2017-11-01 02:04:41 +00:00
with patch.object(docker_mod, 'run_all', docker_run_all_mock), \
patch.object(docker_mod, 'copy_to', docker_copy_to_mock), \
patch.object(docker_mod, '_get_client', get_client_mock), \
patch.dict(docker_mod.__opts__, {'cachedir': '/tmp'}), \
patch.dict(docker_mod.__salt__, salt_dunder), \
patch.dict(docker_mod.__context__, context):
# call twice to verify tmp path later
for i in range(2):
ret = docker_mod.call('ID', 'test.arg', 1, 2, arg1='val1')
Maintain two different tests for Py2 vs 3 in dockerng_test file
2016-09-01 17:01:39 +00:00
# Check that the directory is different each time
# [ call(name, [args]), ...
fix unit tests for dockermod
2017-05-03 00:50:03 +00:00
self.maxDiff = None
Maintain two different tests for Py2 vs 3 in dockerng_test file
2016-09-01 17:01:39 +00:00
self.assertIn('mkdir', docker_run_all_mock.mock_calls[0][1][1])
fix unit tests for dockermod
2017-05-03 00:50:03 +00:00
self.assertIn('mkdir', docker_run_all_mock.mock_calls[4][1][1])
Maintain two different tests for Py2 vs 3 in dockerng_test file
2016-09-01 17:01:39 +00:00
self.assertNotEqual(docker_run_all_mock.mock_calls[0][1][1],
docker_run_all_mock.mock_calls[4][1][1])
fix unit tests for dockermod
2017-05-03 00:50:03 +00:00
self.assertIn('salt-call', docker_run_all_mock.mock_calls[2][1][1])
self.assertIn('salt-call', docker_run_all_mock.mock_calls[6][1][1])
Maintain two different tests for Py2 vs 3 in dockerng_test file
2016-09-01 17:01:39 +00:00
self.assertNotEqual(docker_run_all_mock.mock_calls[2][1][1],
fix unit tests for dockermod
2017-05-03 00:50:03 +00:00
docker_run_all_mock.mock_calls[6][1][1])
# check thin untar
self.assertIn('tarfile', docker_run_all_mock.mock_calls[1][1][1])
self.assertIn('tarfile', docker_run_all_mock.mock_calls[5][1][1])
self.assertNotEqual(docker_run_all_mock.mock_calls[1][1][1],
Maintain two different tests for Py2 vs 3 in dockerng_test file
2016-09-01 17:01:39 +00:00
docker_run_all_mock.mock_calls[5][1][1])
fix unit tests for dockermod
2017-05-03 00:50:03 +00:00
# check directory cleanup
self.assertIn('rm -rf', docker_run_all_mock.mock_calls[3][1][1])
self.assertIn('rm -rf', docker_run_all_mock.mock_calls[7][1][1])
self.assertNotEqual(docker_run_all_mock.mock_calls[3][1][1],
docker_run_all_mock.mock_calls[7][1][1])
Maintain two different tests for Py2 vs 3 in dockerng_test file
2016-09-01 17:01:39 +00:00
self.assertEqual({"retcode": 0, "comment": "container cmd"}, ret)
testcase for call
2016-07-06 09:49:39 +00:00
Docker 1.12 reports tags as null (#35447) Add support for this new value.
2016-08-15 16:58:50 +00:00
def test_images_with_empty_tags(self):
docker_image states: Handle Hub images prefixed with "docker.io/" On some platforms, for reason which I do not yet grok, images pulled from the Hub are prefixed with "docker.io/". This causes the docker_image states to fail unless the user manually adds "docker.io/" before the image name. This commit adds a new function called "docker.resolve_tag" which disambiguates this variance and allows images to be specified without the "docker.io/" prefix. Resolves #42935.
2017-08-24 19:26:28 +00:00
'''
Docker 1.12 reports tags as null (#35447) Add support for this new value.
2016-08-15 16:58:50 +00:00
docker 1.12 reports also images without tags with `null`.
docker_image states: Handle Hub images prefixed with "docker.io/" On some platforms, for reason which I do not yet grok, images pulled from the Hub are prefixed with "docker.io/". This causes the docker_image states to fail unless the user manually adds "docker.io/" before the image name. This commit adds a new function called "docker.resolve_tag" which disambiguates this variance and allows images to be specified without the "docker.io/" prefix. Resolves #42935.
2017-08-24 19:26:28 +00:00
'''
Docker 1.12 reports tags as null (#35447) Add support for this new value.
2016-08-15 16:58:50 +00:00
client = Mock()
client.api_version = '1.24'
client.images = Mock(
return_value=[{'Id': 'sha256:abcde',
'RepoTags': None},
{'Id': 'sha256:abcdef'},
{'Id': 'sha256:abcdefg',
'RepoTags': ['image:latest']}])
Improved Docker auth handling and other misc. Docker improvements This commit changes how we handle Docker authentication. We no longer try to auth when pushing/pulling images. This was initially done based on a misunderstanding of how authentication was handled in docker-py. docker-py will automagically use the base64-encoded username/password combination stored in config.json if present, so we don't need to auth at all for push or pull, docker-py will handle all of that. We just need to make sure that we get the auth info into the config.json. To do this I have added a login() function to the execution module, which uses the Docker CLI to authenticate (with output_loglevel set to "quiet" to suppress any logging of the credentials). The CLI is used in this instance because docker-py provides no interface by which to persist a login in the config.json; it can read from the file, but is not designed to *write* to it. Rather than trying to write to this file ourselves, and potentially breaking it when (not *if*) Docker decides to change the internal format of the JSON data structure, using the CLI is a way of future-proofing the authentication logic. Context caching of the docker-py client instance has also been removed. Context caching was used based on the same incorrect understanding of how docker-py handles authentication, and sought to avoid repeated login attempts. As that is no longer a concern, there is no need to cache the client instance in the context dunder because we don't really gain a performance benefit from it. The _image_wrapper() function has been removed, as it no longer serves any purpose, and the image-specific code in it that was still needed has been absorbed into the _client_wrapper() helper. The functions which used the _image_wrapper() helper (like push() and pull()) now use _client_wrapper(). Additionally, the decorators used to enforce a minimum Docker version (or Docker API version) have been removed. These are not necessary since docker-py handles raising exceptions when a given feature is not supported by the effective API version. The _client_wrapper() helper function now checks for miscellaneous docker exceptions by catching the docker.errors.DockerException class, which is the base class for the custom exceptions raised by docker-py, and by doing so catches exceptions raised due to API version incompatibility (and more). The list of functions in the top-level docstring has been removed as it is very out-of-date, and is somewhat superfluous anyway given that we have for some time now had a list of the functions on the right side of the page in the documentation. Other changes: - Fixed a bug I introduced when I overhauled the docker_container.running state, in which a container with no changes to be made, which was not running, would be started by the state even when test=True was passed. - Custom registry image names are now properly identified. The colon in the hostname of the custom registry was previously causing incorrect identification of the image name and tag, when no explicit tag was being passed (e.g. localhost:5000/myimage). - When configuring credentials, the creds for the Docker Hub can be configured under a registry named ``hub``. This keeps the user from having to figure out the registry URL and configure it in their Pillar data, and thus makes using this module easier. - Removes the email address from the documentation for credential configuration. This was probably initially added because docker-py accepts it as an argument, but it is entirely ignored for purposes of authentication (even by docker-py) and is thus unnecessary. Relic of an earlier time in Docker's history, perhaps? - Fixed RST references to functions which weren't caught when this module was renamed to dockermod.py - Allow filter arguments in docker.networks to be passed as a comma-separated list as well as a Python list, in keeping with general usage elsewhere in Salt.
2017-04-02 21:27:06 +00:00
get_client_mock = MagicMock(return_value=client)
with patch.object(docker_mod, '_get_client', get_client_mock):
Rename dockerng state/execution module to docker
2017-02-12 00:22:14 +00:00
docker_mod._clear_context()
result = docker_mod.images()
Docker 1.12 reports tags as null (#35447) Add support for this new value.
2016-08-15 16:58:50 +00:00
self.assertEqual(result,
{'sha256:abcdefg': {'RepoTags': ['image:latest']}})
Resolve image ID during container comparison This fixes an issue where inspecting the container returns an image ID instead of an image name, resulting in a spurious report of a changed image. By resolving the image down to its ID for both the existing and new containers, we ensure we're comparing ID to ID.
2017-08-23 16:57:00 +00:00
def test_compare_container_image_id_resolution(self):
'''
Fix docstring in test
2017-08-24 19:09:29 +00:00
Test comparing two containers when one's inspect output is an ID and
not formatted in image:tag notation.
Resolve image ID during container comparison This fixes an issue where inspecting the container returns an image ID instead of an image name, resulting in a spurious report of a changed image. By resolving the image down to its ID for both the existing and new containers, we ensure we're comparing ID to ID.
2017-08-23 16:57:00 +00:00
'''
def _inspect_container_effect(id_):
return {
'container1': {'Config': {'Image': 'realimage:latest'},
Fixing lint issues
2017-08-24 19:09:29 +00:00
'HostConfig': {}},
Resolve image ID during container comparison This fixes an issue where inspecting the container returns an image ID instead of an image name, resulting in a spurious report of a changed image. By resolving the image down to its ID for both the existing and new containers, we ensure we're comparing ID to ID.
2017-08-23 16:57:00 +00:00
'container2': {'Config': {'Image': 'image_id'},
Fixing lint issues
2017-08-24 19:09:29 +00:00
'HostConfig': {}},
Resolve image ID during container comparison This fixes an issue where inspecting the container returns an image ID instead of an image name, resulting in a spurious report of a changed image. By resolving the image down to its ID for both the existing and new containers, we ensure we're comparing ID to ID.
2017-08-23 16:57:00 +00:00
}[id_]
def _inspect_image_effect(id_):
return {
'realimage:latest': {'Id': 'image_id'},
'image_id': {'Id': 'image_id'},
}[id_]
inspect_container_mock = MagicMock(side_effect=_inspect_container_effect)
inspect_image_mock = MagicMock(side_effect=_inspect_image_effect)
with patch.object(docker_mod, 'inspect_container', inspect_container_mock):
with patch.object(docker_mod, 'inspect_image', inspect_image_mock):
[PY3] Add unicode_literals to docker state/execution modules
2017-12-14 04:49:23 +00:00
ret = docker_mod.compare_containers('container1', 'container2')
Resolve image ID during container comparison This fixes an issue where inspecting the container returns an image ID instead of an image name, resulting in a spurious report of a changed image. By resolving the image down to its ID for both the existing and new containers, we ensure we're comparing ID to ID.
2017-08-23 16:57:00 +00:00
self.assertEqual(ret, {})
docker_image states: Handle Hub images prefixed with "docker.io/" On some platforms, for reason which I do not yet grok, images pulled from the Hub are prefixed with "docker.io/". This causes the docker_image states to fail unless the user manually adds "docker.io/" before the image name. This commit adds a new function called "docker.resolve_tag" which disambiguates this variance and allows images to be specified without the "docker.io/" prefix. Resolves #42935.
2017-08-24 19:26:28 +00:00
Sort lists from Ulimits before comparing
2018-02-25 16:45:16 +00:00
def test_compare_container_ulimits_order(self):
'''
Test comparing two containers when the order of the Ulimits HostConfig
values are different, but the values are the same.
'''
def _inspect_container_effect(id_):
return {
'container1': {'Config': {},
'HostConfig': {
'Ulimits': [
{u'Hard': -1, u'Soft': -1, u'Name': u'core'},
{u'Hard': 65536, u'Soft': 65536, u'Name': u'nofile'}
]
}},
'container2': {'Config': {},
'HostConfig': {
'Ulimits': [
{u'Hard': 65536, u'Soft': 65536, u'Name': u'nofile'},
{u'Hard': -1, u'Soft': -1, u'Name': u'core'}
]
}},
}[id_]
inspect_container_mock = MagicMock(side_effect=_inspect_container_effect)
with patch.object(docker_mod, 'inspect_container', inspect_container_mock):
ret = docker_mod.compare_container('container1', 'container2')
self.assertEqual(ret, {})
docker_image states: Handle Hub images prefixed with "docker.io/" On some platforms, for reason which I do not yet grok, images pulled from the Hub are prefixed with "docker.io/". This causes the docker_image states to fail unless the user manually adds "docker.io/" before the image name. This commit adds a new function called "docker.resolve_tag" which disambiguates this variance and allows images to be specified without the "docker.io/" prefix. Resolves #42935.
2017-08-24 19:26:28 +00:00
def test_resolve_tag(self):
'''
Many improvements to docker network and container states Much Improved Support for Docker Networking =========================================== The `docker_network.present` state has undergone a full rewrite, which includes the following improvements: Full API Support for Network Management --------------------------------------- The improvements made to input handling in the `docker_container.running` state for 2017.7.0 have now been expanded to docker_network.present`. This brings with it full support for all tunable configuration arguments. Custom Subnets -------------- Custom subnets can now be configured. Both IPv4 and mixed IPv4/IPv6 networks are supported. Network Configuration in :py:func:`docker_container.running` States ------------------------------------------------------------------- It is now possible to configure static IPv4/IPv6 addresses, as well as links and labels. Improved Handling of Images from Custom Registries ================================================== Rather than attempting to parse the tag from the passed image name, Salt will now resolve that tag down to an image ID and use that ID instead. Due to this change, there are some backward-incompatible changes to image management. See below for a full list of these changes. Backward-incompatible Changes to Docker Image Management -------------------------------------------------------- Passing image names to the following functions must now be done using separate `repository` and `tag` arguments: - `docker.build` - `docker.commit` - `docker.import` - `docker.load` - `docker.tag` - `docker.sls_build` Additionally, the `tag` argument must now be explicitly passed to the `docker_image.present` state, unless the image is being pulled from a docker registry.
2017-11-01 02:04:41 +00:00
Test the resolve_tag function. It runs docker.insect_image on the image
name passed and then looks for the RepoTags key in the result
'''
id_ = 'sha256:6ad733544a6317992a6fac4eb19fe1df577d4dec7529efec28a5bd0edad0fd30'
tags = ['foo:latest', 'foo:bar']
mock_tagged = MagicMock(return_value={'Id': id_, 'RepoTags': tags})
mock_untagged = MagicMock(return_value={'Id': id_, 'RepoTags': []})
mock_unexpected = MagicMock(return_value={'Id': id_})
mock_not_found = MagicMock(side_effect=CommandExecutionError())
with patch.object(docker_mod, 'inspect_image', mock_tagged):
self.assertEqual(docker_mod.resolve_tag('foo'), tags[0])
self.assertEqual(docker_mod.resolve_tag('foo', all=True), tags)
with patch.object(docker_mod, 'inspect_image', mock_untagged):
self.assertEqual(docker_mod.resolve_tag('foo'), id_)
self.assertEqual(docker_mod.resolve_tag('foo', all=True), [id_])
with patch.object(docker_mod, 'inspect_image', mock_unexpected):
self.assertEqual(docker_mod.resolve_tag('foo'), id_)
self.assertEqual(docker_mod.resolve_tag('foo', all=True), [id_])
with patch.object(docker_mod, 'inspect_image', mock_not_found):
self.assertIs(docker_mod.resolve_tag('foo'), False)
self.assertIs(docker_mod.resolve_tag('foo', all=True), False)
Reference in New Issue Copy Permalink