mirror of https://github.com/docker/docker-py.git
Privileged option is part of host config, not config
This commit is contained in:
Peter Yu
parent
35d3a3c977
commit
e361f4c1cd
|
|
@ -125,7 +125,7 @@ class Client(requests.Session):
|
|||
def _container_config(self, image, command, hostname=None, user=None,
|
||||
detach=False, stdin_open=False, tty=False,
|
||||
mem_limit=0, ports=None, environment=None, dns=None,
|
||||
volumes=None, volumes_from=None, privileged=False):
|
||||
volumes=None, volumes_from=None):
|
||||
if isinstance(command, six.string_types):
|
||||
command = shlex.split(str(command))
|
||||
if isinstance(environment, dict):
|
||||
|
|
@ -160,7 +160,6 @@ class Client(requests.Session):
|
|||
'Image': image,
|
||||
'Volumes': volumes,
|
||||
'VolumesFrom': volumes_from,
|
||||
'Privileged': privileged,
|
||||
}
|
||||
|
||||
def _post_json(self, url, data, **kwargs):
|
||||
|
|
@ -321,12 +320,11 @@ class Client(requests.Session):
|
|||
def create_container(self, image, command=None, hostname=None, user=None,
|
||||
detach=False, stdin_open=False, tty=False,
|
||||
mem_limit=0, ports=None, environment=None, dns=None,
|
||||
volumes=None, volumes_from=None, privileged=False,
|
||||
name=None):
|
||||
volumes=None, volumes_from=None, name=None):
|
||||
|
||||
config = self._container_config(
|
||||
image, command, hostname, user, detach, stdin_open, tty, mem_limit,
|
||||
ports, environment, dns, volumes, volumes_from, privileged
|
||||
ports, environment, dns, volumes, volumes_from
|
||||
)
|
||||
return self.create_container_from_config(config, name)
|
||||
|
||||
|
|
@ -582,7 +580,7 @@ class Client(requests.Session):
|
|||
True)
|
||||
|
||||
def start(self, container, binds=None, port_bindings=None, lxc_conf=None,
|
||||
publish_all_ports=False, links=None):
|
||||
publish_all_ports=False, links=None, privileged=False):
|
||||
if isinstance(container, dict):
|
||||
container = container.get('Id')
|
||||
|
||||
|
|
@ -613,6 +611,8 @@ class Client(requests.Session):
|
|||
|
||||
start_config['Links'] = formatted_links
|
||||
|
||||
start_config['Privileged'] = privileged
|
||||
|
||||
url = self._url("/containers/{0}/start".format(container))
|
||||
res = self._post_json(url, data=start_config)
|
||||
self._raise_for_status(res)
|
||||
|
|
|
|||
|
|
@ -162,17 +162,6 @@ class TestCreateContainerWithBinds(BaseTestCase):
|
|||
self.assertIn(filename, logs)
|
||||
|
||||
|
||||
class TestCreateContainerPrivileged(BaseTestCase):
|
||||
def runTest(self):
|
||||
res = self.client.create_container('busybox', 'true', privileged=True)
|
||||
inspect = self.client.inspect_container(res['Id'])
|
||||
self.assertIn('Config', inspect)
|
||||
# Since Nov 2013, the Privileged flag is no longer part of the
|
||||
# container's config exposed via the API (safety concerns?).
|
||||
#
|
||||
# self.assertEqual(inspect['Config']['Privileged'], True)
|
||||
|
||||
|
||||
class TestCreateContainerWithName(BaseTestCase):
|
||||
def runTest(self):
|
||||
res = self.client.create_container('busybox', 'true', name='foobar')
|
||||
|
|
@ -219,6 +208,28 @@ class TestStartContainerWithDictInsteadOfId(BaseTestCase):
|
|||
self.assertEqual(inspect['State']['ExitCode'], 0)
|
||||
|
||||
|
||||
class TestStartContainerPrivileged(BaseTestCase):
|
||||
def runTest(self):
|
||||
res = self.client.create_container('busybox', 'true')
|
||||
self.assertIn('Id', res)
|
||||
self.tmp_containers.append(res['Id'])
|
||||
self.client.start(res['Id'], privileged=True)
|
||||
inspect = self.client.inspect_container(res['Id'])
|
||||
self.assertIn('Config', inspect)
|
||||
self.assertIn('ID', inspect)
|
||||
self.assertTrue(inspect['ID'].startswith(res['Id']))
|
||||
self.assertIn('Image', inspect)
|
||||
self.assertIn('State', inspect)
|
||||
self.assertIn('Running', inspect['State'])
|
||||
if not inspect['State']['Running']:
|
||||
self.assertIn('ExitCode', inspect['State'])
|
||||
self.assertEqual(inspect['State']['ExitCode'], 0)
|
||||
# Since Nov 2013, the Privileged flag is no longer part of the
|
||||
# container's config exposed via the API (safety concerns?).
|
||||
#
|
||||
# self.assertEqual(inspect['Config']['Privileged'], True)
|
||||
|
||||
|
||||
class TestWait(BaseTestCase):
|
||||
def runTest(self):
|
||||
res = self.client.create_container('busybox', ['sleep', '10'])
|
||||
|
|
|
|||
116
tests/test.py
116
tests/test.py
|
|
@ -179,8 +179,8 @@ class DockerClientTest(unittest.TestCase):
|
|||
json.loads('''
|
||||
{"Tty": false, "Image": "busybox", "Cmd": ["true"],
|
||||
"AttachStdin": false, "Memory": 0,
|
||||
"AttachStderr": true, "Privileged": false,
|
||||
"AttachStdout": true, "OpenStdin": false}'''))
|
||||
"AttachStderr": true, "AttachStdout": true,
|
||||
"OpenStdin": false}'''))
|
||||
self.assertEqual(args[1]['headers'],
|
||||
{'Content-Type': 'application/json'})
|
||||
|
||||
|
|
@ -202,26 +202,8 @@ class DockerClientTest(unittest.TestCase):
|
|||
{"Tty": false, "Image": "busybox",
|
||||
"Cmd": ["ls", "/mnt"], "AttachStdin": false,
|
||||
"Volumes": {"/mnt": {}}, "Memory": 0,
|
||||
"AttachStderr": true, "Privileged": false,
|
||||
"AttachStdout": true, "OpenStdin": false}'''))
|
||||
self.assertEqual(args[1]['headers'],
|
||||
{'Content-Type': 'application/json'})
|
||||
|
||||
def test_create_container_privileged(self):
|
||||
try:
|
||||
self.client.create_container('busybox', 'true', privileged=True)
|
||||
except Exception as e:
|
||||
self.fail('Command should not raise exception: {0}'.format(e))
|
||||
|
||||
args = fake_request.call_args
|
||||
self.assertEqual(args[0][0],
|
||||
'unix://var/run/docker.sock/v1.6/containers/create')
|
||||
self.assertEqual(json.loads(args[1]['data']),
|
||||
json.loads('''
|
||||
{"Tty": false, "Image": "busybox", "Cmd": ["true"],
|
||||
"AttachStdin": false, "Memory": 0,
|
||||
"AttachStderr": true, "Privileged": true,
|
||||
"AttachStdout": true, "OpenStdin": false}'''))
|
||||
"AttachStderr": true, "AttachStdout": true,
|
||||
"OpenStdin": false}'''))
|
||||
self.assertEqual(args[1]['headers'],
|
||||
{'Content-Type': 'application/json'})
|
||||
|
||||
|
|
@ -239,8 +221,8 @@ class DockerClientTest(unittest.TestCase):
|
|||
json.loads('''
|
||||
{"Tty": false, "Image": "busybox", "Cmd": ["true"],
|
||||
"AttachStdin": false, "Memory": 0,
|
||||
"AttachStderr": true, "Privileged": false,
|
||||
"AttachStdout": true, "OpenStdin": false}'''))
|
||||
"AttachStderr": true, "AttachStdout": true,
|
||||
"OpenStdin": false}'''))
|
||||
self.assertEqual(args[1]['headers'],
|
||||
{'Content-Type': 'application/json'})
|
||||
self.assertEqual(args[1]['params'], {'name': 'marisa-kirisame'})
|
||||
|
|
@ -250,12 +232,22 @@ class DockerClientTest(unittest.TestCase):
|
|||
self.client.start(fake_api.FAKE_CONTAINER_ID)
|
||||
except Exception as e:
|
||||
self.fail('Command should not raise exception: {0}'.format(e))
|
||||
|
||||
fake_request.assert_called_with(
|
||||
'unix://var/run/docker.sock/v1.6/containers/3cc2351ab11b/start',
|
||||
data='{"PublishAllPorts": false}',
|
||||
headers={'Content-Type': 'application/json'},
|
||||
timeout=docker.client.DEFAULT_TIMEOUT_SECONDS
|
||||
args = fake_request.call_args
|
||||
self.assertEqual(
|
||||
args[0][0],
|
||||
'unix://var/run/docker.sock/v1.6/containers/3cc2351ab11b/start'
|
||||
)
|
||||
self.assertEqual(
|
||||
json.loads(args[1]['data']),
|
||||
{"PublishAllPorts": False, "Privileged": False}
|
||||
)
|
||||
self.assertEqual(
|
||||
args[1]['headers'],
|
||||
{'Content-Type': 'application/json'}
|
||||
)
|
||||
self.assertEqual(
|
||||
args[1]['timeout'],
|
||||
docker.client.DEFAULT_TIMEOUT_SECONDS
|
||||
)
|
||||
|
||||
def test_start_container_with_lxc_conf(self):
|
||||
|
|
@ -274,12 +266,16 @@ class DockerClientTest(unittest.TestCase):
|
|||
self.assertEqual(
|
||||
json.loads(args[1]['data']),
|
||||
{"LxcConf": [{"Value": "lxc.conf.value", "Key": "lxc.conf.k"}],
|
||||
"PublishAllPorts": False}
|
||||
"PublishAllPorts": False, "Privileged": False}
|
||||
)
|
||||
self.assertEqual(
|
||||
args[1]['headers'],
|
||||
{'Content-Type': 'application/json'}
|
||||
)
|
||||
self.assertEqual(
|
||||
args[1]['timeout'],
|
||||
docker.client.DEFAULT_TIMEOUT_SECONDS
|
||||
)
|
||||
|
||||
def test_start_container_with_lxc_conf_compat(self):
|
||||
try:
|
||||
|
|
@ -296,12 +292,17 @@ class DockerClientTest(unittest.TestCase):
|
|||
self.assertEqual(
|
||||
json.loads(args[1]['data']),
|
||||
{
|
||||
"LxcConf": [{"Value": "lxc.conf.value", "Key": "lxc.conf.k"}],
|
||||
"PublishAllPorts": False
|
||||
"LxcConf": [{"Key": "lxc.conf.k", "Value": "lxc.conf.value"}],
|
||||
"PublishAllPorts": False,
|
||||
"Privileged": False,
|
||||
}
|
||||
)
|
||||
self.assertEqual(args[1]['headers'],
|
||||
{'Content-Type': 'application/json'})
|
||||
self.assertEqual(
|
||||
args[1]['timeout'],
|
||||
docker.client.DEFAULT_TIMEOUT_SECONDS
|
||||
)
|
||||
|
||||
def test_start_container_with_binds(self):
|
||||
try:
|
||||
|
|
@ -316,7 +317,9 @@ class DockerClientTest(unittest.TestCase):
|
|||
self.assertEqual(args[0][0], 'unix://var/run/docker.sock/v1.6/'
|
||||
'containers/3cc2351ab11b/start')
|
||||
self.assertEqual(json.loads(args[1]['data']),
|
||||
{"Binds": ["/tmp:/mnt"], "PublishAllPorts": False})
|
||||
{"Binds": ["/tmp:/mnt"],
|
||||
"PublishAllPorts": False,
|
||||
"Privileged": False})
|
||||
self.assertEqual(args[1]['headers'],
|
||||
{'Content-Type': 'application/json'})
|
||||
self.assertEqual(
|
||||
|
|
@ -341,7 +344,8 @@ class DockerClientTest(unittest.TestCase):
|
|||
)
|
||||
self.assertEqual(
|
||||
json.loads(args[1]['data']),
|
||||
{"PublishAllPorts": False, "Links": ["path:alias"]}
|
||||
{"PublishAllPorts": False, "Privileged": False,
|
||||
"Links": ["path:alias"]}
|
||||
)
|
||||
self.assertEqual(
|
||||
args[1]['headers'],
|
||||
|
|
@ -371,6 +375,7 @@ class DockerClientTest(unittest.TestCase):
|
|||
json.loads(args[1]['data']),
|
||||
{
|
||||
"PublishAllPorts": False,
|
||||
"Privileged": False,
|
||||
"Links": ["path2:alias2", "path1:alias1"]
|
||||
}
|
||||
)
|
||||
|
|
@ -379,16 +384,47 @@ class DockerClientTest(unittest.TestCase):
|
|||
{'Content-Type': 'application/json'}
|
||||
)
|
||||
|
||||
def test_start_container_privileged(self):
|
||||
try:
|
||||
self.client.start(fake_api.FAKE_CONTAINER_ID, privileged=True)
|
||||
except Exception as e:
|
||||
self.fail('Command should not raise exception: {0}'.format(e))
|
||||
|
||||
args = fake_request.call_args
|
||||
self.assertEqual(
|
||||
args[0][0],
|
||||
'unix://var/run/docker.sock/v1.6/containers/3cc2351ab11b/start'
|
||||
)
|
||||
self.assertEqual(json.loads(args[1]['data']),
|
||||
{"PublishAllPorts": False, "Privileged": True})
|
||||
self.assertEqual(args[1]['headers'],
|
||||
{'Content-Type': 'application/json'})
|
||||
self.assertEqual(
|
||||
args[1]['timeout'],
|
||||
docker.client.DEFAULT_TIMEOUT_SECONDS
|
||||
)
|
||||
|
||||
def test_start_container_with_dict_instead_of_id(self):
|
||||
try:
|
||||
self.client.start({'Id': fake_api.FAKE_CONTAINER_ID})
|
||||
except Exception as e:
|
||||
self.fail('Command should not raise exception: {0}'.format(e))
|
||||
fake_request.assert_called_with(
|
||||
'unix://var/run/docker.sock/v1.6/containers/3cc2351ab11b/start',
|
||||
data='{"PublishAllPorts": false}',
|
||||
headers={'Content-Type': 'application/json'},
|
||||
timeout=docker.client.DEFAULT_TIMEOUT_SECONDS
|
||||
args = fake_request.call_args
|
||||
self.assertEqual(
|
||||
args[0][0],
|
||||
'unix://var/run/docker.sock/v1.6/containers/3cc2351ab11b/start'
|
||||
)
|
||||
self.assertEqual(
|
||||
json.loads(args[1]['data']),
|
||||
{"PublishAllPorts": False, "Privileged": False}
|
||||
)
|
||||
self.assertEqual(
|
||||
args[1]['headers'],
|
||||
{'Content-Type': 'application/json'}
|
||||
)
|
||||
self.assertEqual(
|
||||
args[1]['timeout'],
|
||||
docker.client.DEFAULT_TIMEOUT_SECONDS
|
||||
)
|
||||
|
||||
def test_wait(self):
|
||||
|
|
|
|||
Loading…
Reference in New Issue