diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..b7175b0 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +@test-kitchen/maintainers diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index 4722f33..0000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,85 +0,0 @@ ---- -name: Lint & Unit - -"on": - pull_request: - -jobs: - lint-unit: - uses: test-kitchen/.github/.github/workflows/lint-unit.yml@v0.1.2 - - integration-windows: - name: Windows ${{matrix.suite}} ${{matrix.os}} - runs-on: windows-latest - needs: lint-unit - strategy: - fail-fast: false - matrix: - suite: [default] - os: [ubuntu-20.04] - steps: - - uses: actions/checkout@v4 - - uses: ruby/setup-ruby@v1 - with: - ruby-version: "3.1" - bundler-cache: true - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} - - integration-linux: - name: Linux ${{matrix.suite}} ${{matrix.os}} - runs-on: ubuntu-latest - needs: lint-unit - strategy: - fail-fast: false - matrix: - suite: - - default - - no-build-context - - arm64 - - amd64 - - inspec - os: - - amazonlinux-2 - - ubuntu-1804 - - ubuntu-2004 - - fedora-latest - - centos-7 - - oraclelinux-7 - - rockylinux-8 - - debian-11 - - debian-12 - - opensuse-15 - - dockerfile - steps: - - uses: actions/checkout@v4 - - uses: ruby/setup-ruby@v1 - with: - ruby-version: "3.1" - bundler-cache: true - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} - - integration-capabilities: - name: Linux ${{matrix.suite}} ${{matrix.os}} - runs-on: ubuntu-latest - needs: lint-unit - strategy: - fail-fast: false - matrix: - suite: - - capabilities - os: [debian-11, ubuntu-1804, ubuntu-2004] - steps: - - uses: actions/checkout@v4 - - uses: ruby/setup-ruby@v1 - with: - ruby-version: "3.1" - bundler-cache: true - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..3a70929 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,88 @@ +--- +name: 'Lint, Unit & Integration Tests' + +"on": + pull_request: + +jobs: + lint-unit: + uses: test-kitchen/.github/.github/workflows/lint-unit.yml@main + + build-matrix: + name: Build test matrix from test-kitchen config + runs-on: ubuntu-latest + needs: lint-unit + steps: + - uses: actions/checkout@v4 + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: "3.3" + bundler-cache: true + - name: Discover Windows suites + id: windows + run: | + cat << "EORUBY" | bundle exec ruby >> "$GITHUB_OUTPUT" + require 'inspec' + require 'kitchen' + + windows_loader = Kitchen::Loader::YAML.new(project_config: './kitchen.windows.yml') + windows_suites = Kitchen::Config.new(loader: windows_loader).instances.map { |instance| instance.name } + + puts "suites=#{windows_suites.to_json}" + EORUBY + - name: Discover Linux suites + id: linux + run: | + cat << "EORUBY" | bundle exec ruby >> "$GITHUB_OUTPUT" + require 'inspec' + require 'kitchen' + + linux_loader = Kitchen::Loader::YAML.new(project_config: './kitchen.yml') + linux_suites = Kitchen::Config.new(loader: linux_loader).instances.map { |instance| instance.name } + + puts "suites=#{linux_suites.to_json}" + EORUBY + outputs: + windows-suites: ${{ steps.windows.outputs.suites }} + linux-suites: ${{ steps.linux.outputs.suites }} + + integration-windows: + name: Windows ${{matrix.suite}} + runs-on: windows-latest + needs: + - build-matrix + strategy: + fail-fast: false + matrix: + suite: ${{ fromJson(needs.build-matrix.outputs.windows-suites) }} + steps: + - uses: actions/checkout@v4 + - uses: ruby/setup-ruby@v1 + with: + ruby-version: "3.3" + bundler-cache: true + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - run: bundle exec kitchen test ${{ matrix.suite }} -l debug + + integration-linux: + name: Linux ${{matrix.suite}} + runs-on: ubuntu-latest + needs: + - build-matrix + strategy: + fail-fast: false + matrix: + suite: ${{ fromJson(needs.build-matrix.outputs.linux-suites) }} + steps: + - uses: actions/checkout@v4 + - uses: ruby/setup-ruby@v1 + with: + ruby-version: "3.3" + bundler-cache: true + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - run: bundle exec kitchen test ${{ matrix.suite }} -l debug diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 37c5e5c..d47a1b2 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -9,12 +9,9 @@ jobs: release-please: runs-on: ubuntu-latest steps: - - uses: google-github-actions/release-please-action@v3 + - uses: googleapis/release-please-action@v4 id: release with: - release-type: ruby - package-name: kitchen-docker - version-file: lib/kitchen/driver/docker_version.rb token: ${{ secrets.PORTER_GITHUB_TOKEN }} - name: Checkout diff --git a/.gitignore b/.gitignore index 9106b64..9b848d4 100644 --- a/.gitignore +++ b/.gitignore @@ -19,3 +19,5 @@ tmp .kitchen.local.yml Dockerfile .DS_Store +bin/* +.idea/* diff --git a/.markdownlint.yaml b/.markdownlint.yaml index 5df560a..9fd2375 100644 --- a/.markdownlint.yaml +++ b/.markdownlint.yaml @@ -1,8 +1,6 @@ +--- default: true +MD004: false +MD012: false MD013: false MD024: false -MD026: false -MD036: false -MD012: false -MD029: false -MD004: false diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 0000000..95a37e3 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "3.2.0" +} diff --git a/Gemfile b/Gemfile index 092f311..77f5a22 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,11 @@ gemspec group :development do # Integration testing gems. gem 'kitchen-inspec', '~> 2.0' + gem 'inspec', '>= 4.26.2', '< 6.0' gem 'train', '>= 2.1', '< 4.0' # validate 4.x when it's released + # Silence ruby 3.4.0 standard gem deprecation warnings + gem 'csv', '~> 3.3.0' + gem 'syslog', '~> 0.1.1' end group :test do diff --git a/kitchen.windows.yml b/kitchen.windows.yml index ef520bd..187482e 100644 --- a/kitchen.windows.yml +++ b/kitchen.windows.yml @@ -18,7 +18,7 @@ provisioner: platforms: - name: windows driver_config: - image: mcr.microsoft.com/windows/servercore:1809 + image: mcr.microsoft.com/windows/servercore:ltsc2022 platform: windows suites: diff --git a/kitchen.yml b/kitchen.yml index 94bf41e..3b90e24 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -4,7 +4,7 @@ --- driver: name: docker - provision_command: curl -L https://www.chef.io/chef/install.sh | bash + # provision_command: curl -L https://www.chef.io/chef/install.sh | bash transport: name: docker @@ -12,21 +12,34 @@ transport: provisioner: name: dummy +verifier: + name: inspec + inspec_tests: + - test/integration/inspec + platforms: - name: amazonlinux-2 - - name: ubuntu-18.04 + # - name: amazonlinux-2023 - name: ubuntu-20.04 + - name: ubuntu-22.04 + - name: ubuntu-24.04 - name: fedora-latest driver: provision_command: - yum install libxcrypt-compat -y - curl -L https://www.chef.io/chef/install.sh | bash - - name: centos-7 + - name: centos-stream-9 + driver: + image: dokken/centos-stream-9 - name: oraclelinux-7 - - name: rockylinux-8 - - name: debian-11 + - name: oraclelinux-8 + - name: oraclelinux-9 + - name: rockylinux-9 - name: debian-12 - - name: opensuse-15 + - name: opensuse-15.5 + driver: + image: opensuse/leap:15.5 + - name: opensuse-15-latest driver: image: opensuse/leap:15 - name: dockerfile @@ -42,7 +55,10 @@ suites: driver: build_context: false - name: capabilities - includes: [debian-11, ubuntu-18.04, ubuntu-20.04] + includes: + - ubuntu-20.04 + - ubuntu-22.04 + - ubuntu-24.04 driver: provision_command: - curl -L https://www.chef.io/chef/install.sh | bash @@ -55,8 +71,3 @@ suites: - name: amd64 driver: docker_platform: linux/amd64 - - name: inspec - driver: - provision_command: true - verifier: - name: inspec diff --git a/lib/kitchen/docker/helpers/container_helper.rb b/lib/kitchen/docker/helpers/container_helper.rb index 0057932..d5309d7 100644 --- a/lib/kitchen/docker/helpers/container_helper.rb +++ b/lib/kitchen/docker/helpers/container_helper.rb @@ -153,18 +153,18 @@ def remove_container(state) def dockerfile_proxy_config env_variables = "" if config[:http_proxy] - env_variables << "ENV http_proxy #{config[:http_proxy]}\n" - env_variables << "ENV HTTP_PROXY #{config[:http_proxy]}\n" + env_variables << "ENV http_proxy=#{config[:http_proxy]}\n" + env_variables << "ENV HTTP_PROXY=#{config[:http_proxy]}\n" end if config[:https_proxy] - env_variables << "ENV https_proxy #{config[:https_proxy]}\n" - env_variables << "ENV HTTPS_PROXY #{config[:https_proxy]}\n" + env_variables << "ENV https_proxy=#{config[:https_proxy]}\n" + env_variables << "ENV HTTPS_PROXY=#{config[:https_proxy]}\n" end if config[:no_proxy] - env_variables << "ENV no_proxy #{config[:no_proxy]}\n" - env_variables << "ENV NO_PROXY #{config[:no_proxy]}\n" + env_variables << "ENV no_proxy=#{config[:no_proxy]}\n" + env_variables << "ENV NO_PROXY=#{config[:no_proxy]}\n" end env_variables diff --git a/lib/kitchen/docker/helpers/dockerfile_helper.rb b/lib/kitchen/docker/helpers/dockerfile_helper.rb index beabe9b..821ccec 100644 --- a/lib/kitchen/docker/helpers/dockerfile_helper.rb +++ b/lib/kitchen/docker/helpers/dockerfile_helper.rb @@ -68,8 +68,8 @@ def debian_platform && ln -sf /bin/true /sbin/initctl CODE packages = <<-CODE - ENV DEBIAN_FRONTEND noninteractive - ENV container docker + ENV DEBIAN_FRONTEND=noninteractive + ENV container=docker RUN apt-get update RUN apt-get install -y sudo openssh-server curl lsb-release CODE @@ -78,7 +78,7 @@ def debian_platform def fedora_platform <<-CODE - ENV container docker + ENV container=docker RUN dnf clean all RUN dnf install -y sudo openssh-server openssh-clients which curl RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -106,7 +106,7 @@ def gentoo_paludis_platform def opensuse_platform <<-CODE - ENV container docker + ENV container=docker RUN zypper install -y sudo openssh which curl gawk RUN /usr/sbin/sshd-gen-keys-start CODE @@ -114,7 +114,7 @@ def opensuse_platform def rhel_platform <<-CODE - ENV container docker + ENV container=docker RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which curl RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -124,7 +124,7 @@ def rhel_platform def centosstream_platform <<-CODE - ENV container docker + ENV container=docker RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -134,7 +134,7 @@ def centosstream_platform def almalinux_platform <<-CODE - ENV container docker + ENV container=docker RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -144,7 +144,7 @@ def almalinux_platform def rockylinux_platform <<-CODE - ENV container docker + ENV container=docker RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -154,7 +154,7 @@ def rockylinux_platform def photonos_platform <<-CODE - ENV container docker + ENV container=docker RUN tdnf clean all RUN tdnf install -y sudo openssh-server openssh-clients which curl RUN [ -f "/etc/ssh/ssh_host_ecdsa_key" ] || ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' diff --git a/lib/kitchen/docker/helpers/image_helper.rb b/lib/kitchen/docker/helpers/image_helper.rb index e54deba..ffa0167 100644 --- a/lib/kitchen/docker/helpers/image_helper.rb +++ b/lib/kitchen/docker/helpers/image_helper.rb @@ -35,6 +35,11 @@ def parse_image_id(output) img_id = line.split(/\s+/).last return img_id end + # Docker ~v4.31 support + if line =~ /naming to moby-dangling@(sha256:[[:xdigit:]]{64})(?: \d*\.\ds)? done/i + img_id = line[/naming to moby-dangling@(sha256:[[:xdigit:]]{64})(?: \d*\.\ds)? done/i, 1] + return img_id + end end raise ActionFailed, "Could not parse Docker build output for image ID" end diff --git a/lib/kitchen/transport/docker.rb b/lib/kitchen/transport/docker.rb index 10b6e25..edd4870 100644 --- a/lib/kitchen/transport/docker.rb +++ b/lib/kitchen/transport/docker.rb @@ -26,7 +26,7 @@ module Transport class Docker < Kitchen::Transport::Base class DockerFailed < TransportFailed; end - kitchen_transport_api_version 1 + # kitchen_transport_api_version 1 plugin_version Kitchen::VERSION default_config :binary, "docker" @@ -105,6 +105,49 @@ def container end @container end + + def login_command + config = container.instance_variable_get(:@config) + login_config = config.dup + login_config[:interactive] = true + login_config[:tty] = true + login_config[:detach] = false + login_config[:username] = nil + login_cmd = build_login_command(login_config) + LoginCommand.new(login_cmd[0], login_cmd[1..-1]) + end + + def build_login_command(config) + # This function duplicates a lot of CliHelper functionality, but I think I'd need to refactor + # things to override some aspects of Configurable in order to reuse that code. + docker = [config[:binary].dup] + docker << "-H #{config[:socket]}" if config[:socket] + docker << "--tls" if config[:tls] + docker << "--tlsverify" if config[:tls_verify] + docker << "--tlscacert=#{config[:tls_cacert]}" if config[:tls_cacert] + docker << "--tlscert=#{config[:tls_cert]}" if config[:tls_cert] + docker << "--tlskey=#{config[:tls_key]}" if config[:tls_key] + logger.debug("docker_command: #{docker.join(" ")}") + + cmd = ["exec"] + cmd << "-d" if config[:detach] + if config[:env_variables] + config[:env_variables].each do |var| + cmd << "-e #{var}" + end + end + cmd << "--privileged" if config[:privileged] + cmd << "-t" if config[:tty] + cmd << "-i" if config[:interactive] + cmd << "-u #{config[:username]}" if config[:username] + cmd << "-w #{config[:working_dir]}" if config[:working_dir] + cmd << "#{config[:container_id]}" + cmd << "/bin/bash" + cmd << "-login" + cmd << "-i" + logger.debug("build_exec_command: #{cmd.join(" ")}") + docker + cmd + end end end end diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 0000000..2cad467 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,12 @@ +{ + "packages": { + ".": { + "package-name": "kitchen-docker", + "changelog-path": "CHANGELOG.md", + "release-type": "ruby", + "include-component-in-tag": false, + "version-file": "lib/kitchen/docker/docker_version.rb" + } + }, + "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json" +} diff --git a/test/Dockerfile b/test/Dockerfile index 4ecf596..e1e3904 100644 --- a/test/Dockerfile +++ b/test/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:7 +FROM oraclelinux:7 RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which curl htop RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key diff --git a/test/integration/capabilities/disabled/capabilities_drop_spec.rb b/test/integration/capabilities/disabled/capabilities_drop_spec.rb deleted file mode 100644 index 6d3e7b7..0000000 --- a/test/integration/capabilities/disabled/capabilities_drop_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Disable now busser-serever is gone. -# require 'serverspec' -# set :backend, :exec - -# describe command('/sbin/ifconfig eth0 multicast') do -# its(:exit_status) { is_expected.to_not eq 0 } -# its(:stderr) { is_expected.to match /Operation not permitted/ } -# end diff --git a/test/integration/default/disabled/default_spec.rb b/test/integration/default/disabled/default_spec.rb deleted file mode 100644 index 3a18256..0000000 --- a/test/integration/default/disabled/default_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Disable now busser-serever is gone. -# require 'serverspec' -# require 'spec_helper' - -# # Just make sure the image launched and is reachable. -# describe command('true') do -# its(:exit_status) { is_expected.to eq 0 } -# end diff --git a/test/integration/default/disabled/spec_helper.rb b/test/integration/default/disabled/spec_helper.rb deleted file mode 100644 index c1ce986..0000000 --- a/test/integration/default/disabled/spec_helper.rb +++ /dev/null @@ -1,21 +0,0 @@ -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# case RbConfig::CONFIG['host_os'] -# when /mswin|msys|mingw|cygwin|bccwin|wince|emc/ -# set :backend, :cmd -# set :os, :family => 'windows' -# else -# set :backend, :exec -# end