tyler.durden/compose
1
0
Fork 0
mirror of https://github.com/docker/compose.git synced 2025-07-26 07:04:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #804 from docker/separate_secret_code

Browse Source 
Move ACI conversion code to specific files
This commit is contained in:
Nicolas De loof 2020-10-21 10:18:47 +02:00 committed by GitHub
commit 455c08c245
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 780 additions and 661 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

250
aci/convert/convert.go
View File

@ -18,12 +18,9 @@ package convert
import ( import (
"context" "context"
"encoding/base64"
"fmt" "fmt"
"io/ioutil"
"math" "math"
"os" "os"
"path"
"strconv" "strconv"
"strings" "strings"
@ -45,14 +42,7 @@ const (
// ComposeDNSSidecarName name of the dns sidecar container // ComposeDNSSidecarName name of the dns sidecar container
ComposeDNSSidecarName = "aci--dns--sidecar" ComposeDNSSidecarName = "aci--dns--sidecar"
dnsSidecarImage = "busybox:1.31.1" dnsSidecarImage = "busybox:1.31.1"
azureFileDriverName = "azure_file"
volumeDriveroptsShareNameKey = "share_name"
volumeDriveroptsAccountNameKey = "storage_account_name"
volumeReadOnly = "read_only"
defaultSecretsPath = "/run/secrets"
serviceSecretAbsPathPrefix = "aci-service-secret-path-"
) )
// ToContainerGroup converts a compose project into a ACI container group // ToContainerGroup converts a compose project into a ACI container group
@ -138,31 +128,6 @@ func ToContainerGroup(ctx context.Context, aciContext store.AciContext, p types.
return groupDefinition, nil return groupDefinition, nil
} }
func convertPortsToAci(service serviceConfigAciHelper) ([]containerinstance.ContainerPort, []containerinstance.Port, *string, error) {
var groupPorts []containerinstance.Port
var containerPorts []containerinstance.ContainerPort
for _, portConfig := range service.Ports {
if portConfig.Published != 0 && portConfig.Published != portConfig.Target {
msg := fmt.Sprintf("Port mapping is not supported with ACI, cannot map port %d to %d for container %s",
portConfig.Published, portConfig.Target, service.Name)
return nil, nil, nil, errors.New(msg)
}
portNumber := int32(portConfig.Target)
containerPorts = append(containerPorts, containerinstance.ContainerPort{
Port: to.Int32Ptr(portNumber),
})
groupPorts = append(groupPorts, containerinstance.Port{
Port: to.Int32Ptr(portNumber),
Protocol: containerinstance.TCP,
})
}
var dnsLabelName *string = nil
if service.DomainName != "" {
dnsLabelName = &service.DomainName
}
return containerPorts, groupPorts, dnsLabelName, nil
}
func getDNSSidecar(containers []containerinstance.Container) containerinstance.Container { func getDNSSidecar(containers []containerinstance.Container) containerinstance.Container {
var commands []string var commands []string
for _, container := range containers { for _, container := range containers {
@ -190,221 +155,8 @@ func getDNSSidecar(containers []containerinstance.Container) containerinstance.C
type projectAciHelper types.Project type projectAciHelper types.Project
func getServiceSecretKey(serviceName, targetDir string) string {
return fmt.Sprintf("%s-%s--%s",
serviceSecretAbsPathPrefix, serviceName, strings.ReplaceAll(targetDir, "/", "-"))
}
func (p projectAciHelper) getAciSecretVolumes() ([]containerinstance.Volume, error) {
var secretVolumes []containerinstance.Volume
for _, svc := range p.Services {
squashedTargetVolumes := make(map[string]containerinstance.Volume)
for _, scr := range svc.Secrets {
data, err := ioutil.ReadFile(p.Secrets[scr.Source].File)
if err != nil {
return secretVolumes, err
}
if len(data) == 0 {
continue
}
dataStr := base64.StdEncoding.EncodeToString(data)
if scr.Target == "" {
scr.Target = scr.Source
}
if !path.IsAbs(scr.Target) && strings.ContainsAny(scr.Target, "\\/") {
return []containerinstance.Volume{},
errors.Errorf("in service %q, secret with source %q cannot have a relative path as target. "+
"Only absolute paths are allowed. Found %q",
svc.Name, scr.Source, scr.Target)
}
if !path.IsAbs(scr.Target) {
scr.Target = path.Join(defaultSecretsPath, scr.Target)
}
targetDir := path.Dir(scr.Target)
targetDirKey := getServiceSecretKey(svc.Name, targetDir)
if _, ok := squashedTargetVolumes[targetDir]; !ok {
squashedTargetVolumes[targetDir] = containerinstance.Volume{
Name: to.StringPtr(targetDirKey),
Secret: make(map[string]*string),
}
}
squashedTargetVolumes[targetDir].Secret[path.Base(scr.Target)] = &dataStr
}
for _, v := range squashedTargetVolumes {
secretVolumes = append(secretVolumes, v)
}
}
return secretVolumes, nil
}
func (p projectAciHelper) getAciFileVolumes(ctx context.Context, helper login.StorageLogin) (map[string]bool, []containerinstance.Volume, error) {
azureFileVolumesMap := make(map[string]bool, len(p.Volumes))
var azureFileVolumesSlice []containerinstance.Volume
for name, v := range p.Volumes {
if v.Driver == azureFileDriverName {
shareName, ok := v.DriverOpts[volumeDriveroptsShareNameKey]
if !ok {
return nil, nil, fmt.Errorf("cannot retrieve fileshare name for Azurefile")
}
accountName, ok := v.DriverOpts[volumeDriveroptsAccountNameKey]
if !ok {
return nil, nil, fmt.Errorf("cannot retrieve account name for Azurefile")
}
readOnly, ok := v.DriverOpts[volumeReadOnly]
if !ok {
readOnly = "false"
}
ro, err := strconv.ParseBool(readOnly)
if err != nil {
return nil, nil, fmt.Errorf("invalid mode %q for volume", readOnly)
}
accountKey, err := helper.GetAzureStorageAccountKey(ctx, accountName)
if err != nil {
return nil, nil, err
}
aciVolume := containerinstance.Volume{
Name: to.StringPtr(name),
AzureFile: &containerinstance.AzureFileVolume{
ShareName: to.StringPtr(shareName),
StorageAccountName: to.StringPtr(accountName),
StorageAccountKey: to.StringPtr(accountKey),
ReadOnly: &ro,
},
}
azureFileVolumesMap[name] = true
azureFileVolumesSlice = append(azureFileVolumesSlice, aciVolume)
}
}
return azureFileVolumesMap, azureFileVolumesSlice, nil
}
func (p projectAciHelper) getRestartPolicy() (containerinstance.ContainerGroupRestartPolicy, error) {
var restartPolicyCondition containerinstance.ContainerGroupRestartPolicy
if len(p.Services) >= 1 {
alreadySpecified := false
restartPolicyCondition = containerinstance.Always
for _, service := range p.Services {
if service.Deploy != nil &&
service.Deploy.RestartPolicy != nil {
if !alreadySpecified {
alreadySpecified = true
restartPolicyCondition = toAciRestartPolicy(service.Deploy.RestartPolicy.Condition)
}
if alreadySpecified && restartPolicyCondition != toAciRestartPolicy(service.Deploy.RestartPolicy.Condition) {
return "", errors.New("ACI integration does not support specifying different restart policies on services in the same compose application")
}
}
}
}
return restartPolicyCondition, nil
}
func toAciRestartPolicy(restartPolicy string) containerinstance.ContainerGroupRestartPolicy {
switch restartPolicy {
case containers.RestartPolicyNone:
return containerinstance.Never
case containers.RestartPolicyAny:
return containerinstance.Always
case containers.RestartPolicyOnFailure:
return containerinstance.OnFailure
default:
return containerinstance.Always
}
}
func toContainerRestartPolicy(aciRestartPolicy containerinstance.ContainerGroupRestartPolicy) string {
switch aciRestartPolicy {
case containerinstance.Never:
return containers.RestartPolicyNone
case containerinstance.Always:
return containers.RestartPolicyAny
case containerinstance.OnFailure:
return containers.RestartPolicyOnFailure
default:
return containers.RestartPolicyAny
}
}
type serviceConfigAciHelper types.ServiceConfig type serviceConfigAciHelper types.ServiceConfig
func (s serviceConfigAciHelper) getAciFileVolumeMounts(volumesCache map[string]bool) ([]containerinstance.VolumeMount, error) {
var aciServiceVolumes []containerinstance.VolumeMount
for _, sv := range s.Volumes {
if !volumesCache[sv.Source] {
return []containerinstance.VolumeMount{}, fmt.Errorf("could not find volume source %q", sv.Source)
}
aciServiceVolumes = append(aciServiceVolumes, containerinstance.VolumeMount{
Name: to.StringPtr(sv.Source),
MountPath: to.StringPtr(sv.Target),
})
}
return aciServiceVolumes, nil
}
func (s serviceConfigAciHelper) getAciSecretsVolumeMounts() ([]containerinstance.VolumeMount, error) {
vms := []containerinstance.VolumeMount{}
presenceSet := make(map[string]bool)
for _, scr := range s.Secrets {
if scr.Target == "" {
scr.Target = scr.Source
}
if !path.IsAbs(scr.Target) {
scr.Target = path.Join(defaultSecretsPath, scr.Target)
}
presenceKey := path.Dir(scr.Target)
if !presenceSet[presenceKey] {
vms = append(vms, containerinstance.VolumeMount{
Name: to.StringPtr(getServiceSecretKey(s.Name, path.Dir(scr.Target))),
MountPath: to.StringPtr(path.Dir(scr.Target)),
ReadOnly: to.BoolPtr(true),
})
presenceSet[presenceKey] = true
}
}
err := validateMountPathCollisions(vms)
if err != nil {
return []containerinstance.VolumeMount{}, err
}
return vms, nil
}
func validateMountPathCollisions(vms []containerinstance.VolumeMount) error {
for i, vm1 := range vms {
for j, vm2 := range vms {
if i == j {
continue
}
var (
biggerVMPath = strings.Split(*vm1.MountPath, "/")
smallerVMPath = strings.Split(*vm2.MountPath, "/")
)
if len(smallerVMPath) > len(biggerVMPath) {
tmp := biggerVMPath
biggerVMPath = smallerVMPath
smallerVMPath = tmp
}
isPrefixed := true
for i := 0; i < len(smallerVMPath); i++ {
if smallerVMPath[i] != biggerVMPath[i] {
isPrefixed = false
break
}
}
if isPrefixed {
return errors.Errorf("mount paths %q and %q collide. A volume mount cannot include another one.", *vm1.MountPath, *vm2.MountPath)
}
}
}
return nil
}
func (s serviceConfigAciHelper) getAciContainer(volumesCache map[string]bool) (containerinstance.Container, error) { func (s serviceConfigAciHelper) getAciContainer(volumesCache map[string]bool) (containerinstance.Container, error) {
aciServiceVolumes, err := s.getAciFileVolumeMounts(volumesCache) aciServiceVolumes, err := s.getAciFileVolumeMounts(volumesCache)
if err != nil { if err != nil {

410
aci/convert/convert_test.go
View File

@ -18,14 +18,9 @@ package convert
import ( import (
"context" "context"
"fmt"
"io/ioutil"
"os" "os"
"path"
"testing" "testing"
"github.com/stretchr/testify/mock"
"github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance" "github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance"
"github.com/Azure/go-autorest/autorest/to" "github.com/Azure/go-autorest/autorest/to"
"github.com/compose-spec/compose-go/types" "github.com/compose-spec/compose-go/types"
@ -209,181 +204,6 @@ func TestComposeSingleContainerGroupToContainerNoDnsSideCarSide(t *testing.T) {
assert.Equal(t, *(*group.Containers)[0].Image, "image1") assert.Equal(t, *(*group.Containers)[0].Image, "image1")
} }
func TestComposeVolumes(t *testing.T) {
ctx := context.TODO()
accountName := "myAccount"
mockStorageHelper.On("GetAzureStorageAccountKey", ctx, accountName).Return("123456", nil)
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
},
},
Volumes: types.Volumes{
"vol1": types.VolumeConfig{
Driver: "azure_file",
DriverOpts: map[string]string{
"share_name": "myFileshare",
"storage_account_name": accountName,
},
},
},
}
group, err := ToContainerGroup(ctx, convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 1))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
expectedGroupVolume := containerinstance.Volume{
Name: to.StringPtr("vol1"),
AzureFile: &containerinstance.AzureFileVolume{
ShareName: to.StringPtr("myFileshare"),
StorageAccountName: &accountName,
StorageAccountKey: to.StringPtr("123456"),
ReadOnly: to.BoolPtr(false),
},
}
assert.Equal(t, len(*group.Volumes), 1)
assert.DeepEqual(t, (*group.Volumes)[0], expectedGroupVolume)
}
func TestComposeVolumesRO(t *testing.T) {
ctx := context.TODO()
accountName := "myAccount"
mockStorageHelper.On("GetAzureStorageAccountKey", ctx, accountName).Return("123456", nil)
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
},
},
Volumes: types.Volumes{
"vol1": types.VolumeConfig{
Driver: "azure_file",
DriverOpts: map[string]string{
"share_name": "myFileshare",
"storage_account_name": accountName,
"read_only": "true",
},
},
},
}
group, err := ToContainerGroup(ctx, convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 1))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
expectedGroupVolume := containerinstance.Volume{
Name: to.StringPtr("vol1"),
AzureFile: &containerinstance.AzureFileVolume{
ShareName: to.StringPtr("myFileshare"),
StorageAccountName: &accountName,
StorageAccountKey: to.StringPtr("123456"),
ReadOnly: to.BoolPtr(true),
},
}
assert.Equal(t, len(*group.Volumes), 1)
assert.DeepEqual(t, (*group.Volumes)[0], expectedGroupVolume)
}
type mockStorageLogin struct {
mock.Mock
}
func (s *mockStorageLogin) GetAzureStorageAccountKey(ctx context.Context, accountName string) (string, error) {
args := s.Called(ctx, accountName)
return args.String(0), args.Error(1)
}
func TestComposeSingleContainerRestartPolicy(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "on-failure",
},
},
},
},
}
group, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 1))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
assert.Equal(t, group.RestartPolicy, containerinstance.OnFailure)
}
func TestComposeMultiContainerRestartPolicy(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "on-failure",
},
},
},
{
Name: "service2",
Image: "image2",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "on-failure",
},
},
},
},
}
group, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 3))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
assert.Equal(t, group.RestartPolicy, containerinstance.OnFailure)
assert.Equal(t, *(*group.Containers)[1].Name, "service2")
assert.Equal(t, group.RestartPolicy, containerinstance.OnFailure)
}
func TestComposeInconsistentMultiContainerRestartPolicy(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "any",
},
},
},
{
Name: "service2",
Image: "image2",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "on-failure",
},
},
},
},
}
_, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.Error(t, err, "ACI integration does not support specifying different restart policies on services in the same compose application")
}
func TestLabelsErrorMessage(t *testing.T) { func TestLabelsErrorMessage(t *testing.T) {
project := types.Project{ project := types.Project{
Services: []types.ServiceConfig{ Services: []types.ServiceConfig{
@ -401,71 +221,6 @@ func TestLabelsErrorMessage(t *testing.T) {
assert.Error(t, err, "ACI integration does not support labels in compose applications") assert.Error(t, err, "ACI integration does not support labels in compose applications")
} }
func TestComposeSingleContainerGroupToContainerDefaultRestartPolicy(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
},
},
}
group, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 1))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
assert.Equal(t, group.RestartPolicy, containerinstance.Always)
}
func TestComposeContainerGroupToContainerMultiplePorts(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
Ports: []types.ServicePortConfig{
{
Published: 80,
Target: 80,
},
},
},
{
Name: "service2",
Image: "image2",
Ports: []types.ServicePortConfig{
{
Published: 8080,
Target: 8080,
},
},
},
},
}
group, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 3))
container1 := (*group.Containers)[0]
assert.Equal(t, *container1.Name, "service1")
assert.Equal(t, *container1.Image, "image1")
assert.Equal(t, *(*container1.Ports)[0].Port, int32(80))
container2 := (*group.Containers)[1]
assert.Equal(t, *container2.Name, "service2")
assert.Equal(t, *container2.Image, "image2")
assert.Equal(t, *(*container2.Ports)[0].Port, int32(8080))
groupPorts := *group.IPAddress.Ports
assert.Assert(t, is.Len(groupPorts, 2))
assert.Equal(t, *groupPorts[0].Port, int32(80))
assert.Equal(t, *groupPorts[1].Port, int32(8080))
assert.Assert(t, group.IPAddress.DNSNameLabel == nil)
}
func TestComposeContainerGroupToContainerWithDomainName(t *testing.T) { func TestComposeContainerGroupToContainerWithDomainName(t *testing.T) {
project := types.Project{ project := types.Project{
Services: []types.ServiceConfig{ Services: []types.ServiceConfig{
@ -691,20 +446,6 @@ func TestComposeContainerGroupToContainerenvVar(t *testing.T) {
assert.Assert(t, is.Contains(envVars, containerinstance.EnvironmentVariable{Name: to.StringPtr("key2"), Value: to.StringPtr("value2")})) assert.Assert(t, is.Contains(envVars, containerinstance.EnvironmentVariable{Name: to.StringPtr("key2"), Value: to.StringPtr("value2")}))
} }
func TestConvertToAciRestartPolicyCondition(t *testing.T) {
assert.Equal(t, toAciRestartPolicy("none"), containerinstance.Never)
assert.Equal(t, toAciRestartPolicy("always"), containerinstance.Always)
assert.Equal(t, toAciRestartPolicy("on-failure"), containerinstance.OnFailure)
assert.Equal(t, toAciRestartPolicy("on-failure:5"), containerinstance.Always)
}
func TestConvertToDockerRestartPolicyCondition(t *testing.T) {
assert.Equal(t, toContainerRestartPolicy(containerinstance.Never), "none")
assert.Equal(t, toContainerRestartPolicy(containerinstance.Always), "any")
assert.Equal(t, toContainerRestartPolicy(containerinstance.OnFailure), "on-failure")
assert.Equal(t, toContainerRestartPolicy(""), "any")
}
func TestConvertContainerGroupStatus(t *testing.T) { func TestConvertContainerGroupStatus(t *testing.T) {
assert.Equal(t, "Running", GetStatus(container(to.StringPtr("Running")), group(to.StringPtr("Started")))) assert.Equal(t, "Running", GetStatus(container(to.StringPtr("Running")), group(to.StringPtr("Started"))))
assert.Equal(t, "Terminated", GetStatus(container(to.StringPtr("Terminated")), group(to.StringPtr("Stopped")))) assert.Equal(t, "Terminated", GetStatus(container(to.StringPtr("Terminated")), group(to.StringPtr("Stopped"))))
@ -715,157 +456,6 @@ func TestConvertContainerGroupStatus(t *testing.T) {
assert.Equal(t, "Unknown", GetStatus(container(nil), group(nil))) assert.Equal(t, "Unknown", GetStatus(container(nil), group(nil)))
} }
func TestConvertSecrets(t *testing.T) {
serviceName := "testservice"
secretName := "testsecret"
absBasePath := "/home/user"
tmpFile, err := ioutil.TempFile(os.TempDir(), "TestConvertProjectSecrets-")
assert.NilError(t, err)
_, err = tmpFile.Write([]byte("test content"))
assert.NilError(t, err)
t.Cleanup(func() {
_ = os.Remove(tmpFile.Name())
})
t.Run("mix default and absolute", func(t *testing.T) {
pSquashedDefaultAndAbs := projectAciHelper{
Services: []types.ServiceConfig{
{
Name: serviceName,
Secrets: []types.ServiceSecretConfig{
{
Source: secretName,
Target: "some_target1",
},
{
Source: secretName,
},
{
Source: secretName,
Target: path.Join(defaultSecretsPath, "some_target2"),
},
{
Source: secretName,
Target: path.Join(absBasePath, "some_target3"),
},
{
Source: secretName,
Target: path.Join(absBasePath, "some_target4"),
},
},
},
},
Secrets: map[string]types.SecretConfig{
secretName: {
File: tmpFile.Name(),
},
},
}
volumes, err := pSquashedDefaultAndAbs.getAciSecretVolumes()
assert.NilError(t, err)
assert.Equal(t, len(volumes), 2)
defaultVolumeName := getServiceSecretKey(serviceName, defaultSecretsPath)
homeVolumeName := getServiceSecretKey(serviceName, absBasePath)
// random order since this was created from a map...
for _, vol := range volumes {
switch *vol.Name {
case defaultVolumeName:
assert.Equal(t, len(vol.Secret), 3)
case homeVolumeName:
assert.Equal(t, len(vol.Secret), 2)
default:
assert.Assert(t, false, "unexpected volume name: "+*vol.Name)
}
}
s := serviceConfigAciHelper(pSquashedDefaultAndAbs.Services[0])
vms, err := s.getAciSecretsVolumeMounts()
assert.NilError(t, err)
assert.Equal(t, len(vms), 2)
assert.Equal(t, *vms[0].Name, defaultVolumeName)
assert.Equal(t, *vms[0].MountPath, defaultSecretsPath)
assert.Equal(t, *vms[1].Name, homeVolumeName)
assert.Equal(t, *vms[1].MountPath, absBasePath)
})
t.Run("convert invalid target", func(t *testing.T) {
targetName := "some/invalid/relative/path/target"
pInvalidRelativePathTarget := projectAciHelper{
Services: []types.ServiceConfig{
{
Name: serviceName,
Secrets: []types.ServiceSecretConfig{
{
Source: secretName,
Target: targetName,
},
},
},
},
Secrets: map[string]types.SecretConfig{
secretName: {
File: tmpFile.Name(),
},
},
}
_, err := pInvalidRelativePathTarget.getAciSecretVolumes()
assert.Equal(t, err.Error(),
fmt.Sprintf(`in service %q, secret with source %q cannot have a relative path as target. Only absolute paths are allowed. Found %q`,
serviceName, secretName, targetName))
})
t.Run("convert colliding default targets", func(t *testing.T) {
targetName1 := path.Join(defaultSecretsPath, "target1")
targetName2 := path.Join(defaultSecretsPath, "sub/folder/target2")
service := serviceConfigAciHelper{
Name: serviceName,
Secrets: []types.ServiceSecretConfig{
{
Source: secretName,
Target: targetName1,
},
{
Source: secretName,
Target: targetName2,
},
},
}
_, err := service.getAciSecretsVolumeMounts()
assert.Equal(t, err.Error(),
fmt.Sprintf(`mount paths %q and %q collide. A volume mount cannot include another one.`,
path.Dir(targetName1), path.Dir(targetName2)))
})
t.Run("convert colliding absolute targets", func(t *testing.T) {
targetName1 := path.Join(absBasePath, "target1")
targetName2 := path.Join(absBasePath, "sub/folder/target2")
service := serviceConfigAciHelper{
Name: serviceName,
Secrets: []types.ServiceSecretConfig{
{
Source: secretName,
Target: targetName1,
},
{
Source: secretName,
Target: targetName2,
},
},
}
_, err := service.getAciSecretsVolumeMounts()
assert.Equal(t, err.Error(),
fmt.Sprintf(`mount paths %q and %q collide. A volume mount cannot include another one.`,
path.Dir(targetName1), path.Dir(targetName2)))
})
}
func container(status *string) containerinstance.Container { func container(status *string) containerinstance.Container {
var state *containerinstance.ContainerState = nil var state *containerinstance.ContainerState = nil
if status != nil { if status != nil {

28
aci/convert/ports.go
View File

@ -17,13 +17,41 @@
package convert package convert
import ( import (
"fmt"
"strings" "strings"
"github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance" "github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance"
"github.com/Azure/go-autorest/autorest/to"
"github.com/pkg/errors"
"github.com/docker/compose-cli/api/containers" "github.com/docker/compose-cli/api/containers"
) )
func convertPortsToAci(service serviceConfigAciHelper) ([]containerinstance.ContainerPort, []containerinstance.Port, *string, error) {
var groupPorts []containerinstance.Port
var containerPorts []containerinstance.ContainerPort
for _, portConfig := range service.Ports {
if portConfig.Published != 0 && portConfig.Published != portConfig.Target {
msg := fmt.Sprintf("Port mapping is not supported with ACI, cannot map port %d to %d for container %s",
portConfig.Published, portConfig.Target, service.Name)
return nil, nil, nil, errors.New(msg)
}
portNumber := int32(portConfig.Target)
containerPorts = append(containerPorts, containerinstance.ContainerPort{
Port: to.Int32Ptr(portNumber),
})
groupPorts = append(groupPorts, containerinstance.Port{
Port: to.Int32Ptr(portNumber),
Protocol: containerinstance.TCP,
})
}
var dnsLabelName *string = nil
if service.DomainName != "" {
dnsLabelName = &service.DomainName
}
return containerPorts, groupPorts, dnsLabelName, nil
}
// ToPorts converts Azure container ports to api ports // ToPorts converts Azure container ports to api ports
func ToPorts(ipAddr *containerinstance.IPAddress, ports []containerinstance.ContainerPort) []containers.Port { func ToPorts(ipAddr *containerinstance.IPAddress, ports []containerinstance.ContainerPort) []containers.Port {
var result []containers.Port var result []containers.Port

50
aci/convert/ports_test.go
View File

@ -17,15 +17,65 @@
package convert package convert
import ( import (
"context"
"testing" "testing"
"github.com/Azure/azure-sdk-for-go/profiles/latest/containerinstance/mgmt/containerinstance" "github.com/Azure/azure-sdk-for-go/profiles/latest/containerinstance/mgmt/containerinstance"
"github.com/Azure/go-autorest/autorest/to" "github.com/Azure/go-autorest/autorest/to"
"github.com/compose-spec/compose-go/types"
"gotest.tools/v3/assert" "gotest.tools/v3/assert"
is "gotest.tools/v3/assert/cmp"
"github.com/docker/compose-cli/api/containers" "github.com/docker/compose-cli/api/containers"
) )
func TestComposeContainerGroupToContainerMultiplePorts(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
Ports: []types.ServicePortConfig{
{
Published: 80,
Target: 80,
},
},
},
{
Name: "service2",
Image: "image2",
Ports: []types.ServicePortConfig{
{
Published: 8080,
Target: 8080,
},
},
},
},
}
group, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 3))
container1 := (*group.Containers)[0]
assert.Equal(t, *container1.Name, "service1")
assert.Equal(t, *container1.Image, "image1")
assert.Equal(t, *(*container1.Ports)[0].Port, int32(80))
container2 := (*group.Containers)[1]
assert.Equal(t, *container2.Name, "service2")
assert.Equal(t, *container2.Image, "image2")
assert.Equal(t, *(*container2.Ports)[0].Port, int32(8080))
groupPorts := *group.IPAddress.Ports
assert.Assert(t, is.Len(groupPorts, 2))
assert.Equal(t, *groupPorts[0].Port, int32(80))
assert.Equal(t, *groupPorts[1].Port, int32(8080))
assert.Assert(t, group.IPAddress.DNSNameLabel == nil)
}
func TestPortConvert(t *testing.T) { func TestPortConvert(t *testing.T) {
expectedPorts := []containers.Port{ expectedPorts := []containers.Port{
{ {

72
aci/convert/restartpolicy.go Normal file
View File

@ -0,0 +1,72 @@
/*
Copyright 2020 Docker Compose CLI authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package convert
import (
"github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance"
"github.com/pkg/errors"
"github.com/docker/compose-cli/api/containers"
)
func (p projectAciHelper) getRestartPolicy() (containerinstance.ContainerGroupRestartPolicy, error) {
var restartPolicyCondition containerinstance.ContainerGroupRestartPolicy
if len(p.Services) >= 1 {
alreadySpecified := false
restartPolicyCondition = containerinstance.Always
for _, service := range p.Services {
if service.Deploy != nil &&
service.Deploy.RestartPolicy != nil {
if !alreadySpecified {
alreadySpecified = true
restartPolicyCondition = toAciRestartPolicy(service.Deploy.RestartPolicy.Condition)
}
if alreadySpecified && restartPolicyCondition != toAciRestartPolicy(service.Deploy.RestartPolicy.Condition) {
return "", errors.New("ACI integration does not support specifying different restart policies on services in the same compose application")
}
}
}
}
return restartPolicyCondition, nil
}
func toAciRestartPolicy(restartPolicy string) containerinstance.ContainerGroupRestartPolicy {
switch restartPolicy {
case containers.RestartPolicyNone:
return containerinstance.Never
case containers.RestartPolicyAny:
return containerinstance.Always
case containers.RestartPolicyOnFailure:
return containerinstance.OnFailure
default:
return containerinstance.Always
}
}
func toContainerRestartPolicy(aciRestartPolicy containerinstance.ContainerGroupRestartPolicy) string {
switch aciRestartPolicy {
case containerinstance.Never:
return containers.RestartPolicyNone
case containerinstance.Always:
return containers.RestartPolicyAny
case containerinstance.OnFailure:
return containers.RestartPolicyOnFailure
default:
return containers.RestartPolicyAny
}
}

144
aci/convert/restartpolicy_test.go Normal file
View File

@ -0,0 +1,144 @@
/*
Copyright 2020 Docker Compose CLI authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package convert
import (
"context"
"testing"
"github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance"
"github.com/compose-spec/compose-go/types"
"gotest.tools/v3/assert"
is "gotest.tools/v3/assert/cmp"
)
func TestComposeSingleContainerRestartPolicy(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "on-failure",
},
},
},
},
}
group, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 1))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
assert.Equal(t, group.RestartPolicy, containerinstance.OnFailure)
}
func TestComposeMultiContainerRestartPolicy(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "on-failure",
},
},
},
{
Name: "service2",
Image: "image2",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "on-failure",
},
},
},
},
}
group, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 3))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
assert.Equal(t, group.RestartPolicy, containerinstance.OnFailure)
assert.Equal(t, *(*group.Containers)[1].Name, "service2")
assert.Equal(t, group.RestartPolicy, containerinstance.OnFailure)
}
func TestComposeInconsistentMultiContainerRestartPolicy(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "any",
},
},
},
{
Name: "service2",
Image: "image2",
Deploy: &types.DeployConfig{
RestartPolicy: &types.RestartPolicy{
Condition: "on-failure",
},
},
},
},
}
_, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.Error(t, err, "ACI integration does not support specifying different restart policies on services in the same compose application")
}
func TestComposeSingleContainerGroupToContainerDefaultRestartPolicy(t *testing.T) {
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
},
},
}
group, err := ToContainerGroup(context.TODO(), convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 1))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
assert.Equal(t, group.RestartPolicy, containerinstance.Always)
}
func TestConvertToAciRestartPolicyCondition(t *testing.T) {
assert.Equal(t, toAciRestartPolicy("none"), containerinstance.Never)
assert.Equal(t, toAciRestartPolicy("always"), containerinstance.Always)
assert.Equal(t, toAciRestartPolicy("on-failure"), containerinstance.OnFailure)
assert.Equal(t, toAciRestartPolicy("on-failure:5"), containerinstance.Always)
}
func TestConvertToDockerRestartPolicyCondition(t *testing.T) {
assert.Equal(t, toContainerRestartPolicy(containerinstance.Never), "none")
assert.Equal(t, toContainerRestartPolicy(containerinstance.Always), "any")
assert.Equal(t, toContainerRestartPolicy(containerinstance.OnFailure), "on-failure")
assert.Equal(t, toContainerRestartPolicy(""), "any")
}

144
aci/convert/secrets.go Normal file
View File

@ -0,0 +1,144 @@
/*
Copyright 2020 Docker Compose CLI authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package convert
import (
"encoding/base64"
"fmt"
"io/ioutil"
"path"
"strings"
"github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance"
"github.com/Azure/go-autorest/autorest/to"
"github.com/pkg/errors"
)
const (
defaultSecretsPath = "/run/secrets"
serviceSecretAbsPathPrefix = "aci-service-secret-path-"
)
func getServiceSecretKey(serviceName, targetDir string) string {
return fmt.Sprintf("%s-%s--%s",
serviceSecretAbsPathPrefix, serviceName, strings.ReplaceAll(targetDir, "/", "-"))
}
func (p projectAciHelper) getAciSecretVolumes() ([]containerinstance.Volume, error) {
var secretVolumes []containerinstance.Volume
for _, svc := range p.Services {
squashedTargetVolumes := make(map[string]containerinstance.Volume)
for _, scr := range svc.Secrets {
data, err := ioutil.ReadFile(p.Secrets[scr.Source].File)
if err != nil {
return secretVolumes, err
}
if len(data) == 0 {
continue
}
dataStr := base64.StdEncoding.EncodeToString(data)
if scr.Target == "" {
scr.Target = scr.Source
}
if !path.IsAbs(scr.Target) && strings.ContainsAny(scr.Target, "\\/") {
return []containerinstance.Volume{},
errors.Errorf("in service %q, secret with source %q cannot have a relative path as target. "+
"Only absolute paths are allowed. Found %q",
svc.Name, scr.Source, scr.Target)
}
if !path.IsAbs(scr.Target) {
scr.Target = path.Join(defaultSecretsPath, scr.Target)
}
targetDir := path.Dir(scr.Target)
targetDirKey := getServiceSecretKey(svc.Name, targetDir)
if _, ok := squashedTargetVolumes[targetDir]; !ok {
squashedTargetVolumes[targetDir] = containerinstance.Volume{
Name: to.StringPtr(targetDirKey),
Secret: make(map[string]*string),
}
}
squashedTargetVolumes[targetDir].Secret[path.Base(scr.Target)] = &dataStr
}
for _, v := range squashedTargetVolumes {
secretVolumes = append(secretVolumes, v)
}
}
return secretVolumes, nil
}
func (s serviceConfigAciHelper) getAciSecretsVolumeMounts() ([]containerinstance.VolumeMount, error) {
vms := []containerinstance.VolumeMount{}
presenceSet := make(map[string]bool)
for _, scr := range s.Secrets {
if scr.Target == "" {
scr.Target = scr.Source
}
if !path.IsAbs(scr.Target) {
scr.Target = path.Join(defaultSecretsPath, scr.Target)
}
presenceKey := path.Dir(scr.Target)
if !presenceSet[presenceKey] {
vms = append(vms, containerinstance.VolumeMount{
Name: to.StringPtr(getServiceSecretKey(s.Name, path.Dir(scr.Target))),
MountPath: to.StringPtr(path.Dir(scr.Target)),
ReadOnly: to.BoolPtr(true),
})
presenceSet[presenceKey] = true
}
}
err := validateMountPathCollisions(vms)
if err != nil {
return []containerinstance.VolumeMount{}, err
}
return vms, nil
}
func validateMountPathCollisions(vms []containerinstance.VolumeMount) error {
for i, vm1 := range vms {
for j, vm2 := range vms {
if i == j {
continue
}
var (
biggerVMPath = strings.Split(*vm1.MountPath, "/")
smallerVMPath = strings.Split(*vm2.MountPath, "/")
)
if len(smallerVMPath) > len(biggerVMPath) {
tmp := biggerVMPath
biggerVMPath = smallerVMPath
smallerVMPath = tmp
}
isPrefixed := true
for i := 0; i < len(smallerVMPath); i++ {
if smallerVMPath[i] != biggerVMPath[i] {
isPrefixed = false
break
}
}
if isPrefixed {
return errors.Errorf("mount paths %q and %q collide. A volume mount cannot include another one.", *vm1.MountPath, *vm2.MountPath)
}
}
}
return nil
}

179
aci/convert/secrets_test.go Normal file
View File

@ -0,0 +1,179 @@
/*
Copyright 2020 Docker Compose CLI authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package convert
import (
"fmt"
"io/ioutil"
"os"
"path"
"testing"
"github.com/compose-spec/compose-go/types"
"gotest.tools/v3/assert"
)
func TestConvertSecrets(t *testing.T) {
serviceName := "testservice"
secretName := "testsecret"
absBasePath := "/home/user"
tmpFile, err := ioutil.TempFile(os.TempDir(), "TestConvertProjectSecrets-")
assert.NilError(t, err)
_, err = tmpFile.Write([]byte("test content"))
assert.NilError(t, err)
t.Cleanup(func() {
_ = os.Remove(tmpFile.Name())
})
t.Run("mix default and absolute", func(t *testing.T) {
pSquashedDefaultAndAbs := projectAciHelper{
Services: []types.ServiceConfig{
{
Name: serviceName,
Secrets: []types.ServiceSecretConfig{
{
Source: secretName,
Target: "some_target1",
},
{
Source: secretName,
},
{
Source: secretName,
Target: path.Join(defaultSecretsPath, "some_target2"),
},
{
Source: secretName,
Target: path.Join(absBasePath, "some_target3"),
},
{
Source: secretName,
Target: path.Join(absBasePath, "some_target4"),
},
},
},
},
Secrets: map[string]types.SecretConfig{
secretName: {
File: tmpFile.Name(),
},
},
}
volumes, err := pSquashedDefaultAndAbs.getAciSecretVolumes()
assert.NilError(t, err)
assert.Equal(t, len(volumes), 2)
defaultVolumeName := getServiceSecretKey(serviceName, defaultSecretsPath)
homeVolumeName := getServiceSecretKey(serviceName, absBasePath)
// random order since this was created from a map...
for _, vol := range volumes {
switch *vol.Name {
case defaultVolumeName:
assert.Equal(t, len(vol.Secret), 3)
case homeVolumeName:
assert.Equal(t, len(vol.Secret), 2)
default:
assert.Assert(t, false, "unexpected volume name: "+*vol.Name)
}
}
s := serviceConfigAciHelper(pSquashedDefaultAndAbs.Services[0])
vms, err := s.getAciSecretsVolumeMounts()
assert.NilError(t, err)
assert.Equal(t, len(vms), 2)
assert.Equal(t, *vms[0].Name, defaultVolumeName)
assert.Equal(t, *vms[0].MountPath, defaultSecretsPath)
assert.Equal(t, *vms[1].Name, homeVolumeName)
assert.Equal(t, *vms[1].MountPath, absBasePath)
})
t.Run("convert invalid target", func(t *testing.T) {
targetName := "some/invalid/relative/path/target"
pInvalidRelativePathTarget := projectAciHelper{
Services: []types.ServiceConfig{
{
Name: serviceName,
Secrets: []types.ServiceSecretConfig{
{
Source: secretName,
Target: targetName,
},
},
},
},
Secrets: map[string]types.SecretConfig{
secretName: {
File: tmpFile.Name(),
},
},
}
_, err := pInvalidRelativePathTarget.getAciSecretVolumes()
assert.Equal(t, err.Error(),
fmt.Sprintf(`in service %q, secret with source %q cannot have a relative path as target. Only absolute paths are allowed. Found %q`,
serviceName, secretName, targetName))
})
t.Run("convert colliding default targets", func(t *testing.T) {
targetName1 := path.Join(defaultSecretsPath, "target1")
targetName2 := path.Join(defaultSecretsPath, "sub/folder/target2")
service := serviceConfigAciHelper{
Name: serviceName,
Secrets: []types.ServiceSecretConfig{
{
Source: secretName,
Target: targetName1,
},
{
Source: secretName,
Target: targetName2,
},
},
}
_, err := service.getAciSecretsVolumeMounts()
assert.Equal(t, err.Error(),
fmt.Sprintf(`mount paths %q and %q collide. A volume mount cannot include another one.`,
path.Dir(targetName1), path.Dir(targetName2)))
})
t.Run("convert colliding absolute targets", func(t *testing.T) {
targetName1 := path.Join(absBasePath, "target1")
targetName2 := path.Join(absBasePath, "sub/folder/target2")
service := serviceConfigAciHelper{
Name: serviceName,
Secrets: []types.ServiceSecretConfig{
{
Source: secretName,
Target: targetName1,
},
{
Source: secretName,
Target: targetName2,
},
},
}
_, err := service.getAciSecretsVolumeMounts()
assert.Equal(t, err.Error(),
fmt.Sprintf(`mount paths %q and %q collide. A volume mount cannot include another one.`,
path.Dir(targetName1), path.Dir(targetName2)))
})
}

69
aci/convert/volume.go
View File

@ -17,17 +17,82 @@
package convert package convert
import ( import (
"context"
"fmt" "fmt"
"strconv" "strconv"
"strings" "strings"
"github.com/pkg/errors" "github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance"
"github.com/Azure/go-autorest/autorest/to"
"github.com/compose-spec/compose-go/types" "github.com/compose-spec/compose-go/types"
"github.com/docker/compose-cli/aci/login"
"github.com/pkg/errors"
"github.com/docker/compose-cli/errdefs" "github.com/docker/compose-cli/errdefs"
) )
const (
azureFileDriverName = "azure_file"
volumeDriveroptsShareNameKey = "share_name"
volumeDriveroptsAccountNameKey = "storage_account_name"
volumeReadOnly = "read_only"
)
func (p projectAciHelper) getAciFileVolumes(ctx context.Context, helper login.StorageLogin) (map[string]bool, []containerinstance.Volume, error) {
azureFileVolumesMap := make(map[string]bool, len(p.Volumes))
var azureFileVolumesSlice []containerinstance.Volume
for name, v := range p.Volumes {
if v.Driver == azureFileDriverName {
shareName, ok := v.DriverOpts[volumeDriveroptsShareNameKey]
if !ok {
return nil, nil, fmt.Errorf("cannot retrieve fileshare name for Azurefile")
}
accountName, ok := v.DriverOpts[volumeDriveroptsAccountNameKey]
if !ok {
return nil, nil, fmt.Errorf("cannot retrieve account name for Azurefile")
}
readOnly, ok := v.DriverOpts[volumeReadOnly]
if !ok {
readOnly = "false"
}
ro, err := strconv.ParseBool(readOnly)
if err != nil {
return nil, nil, fmt.Errorf("invalid mode %q for volume", readOnly)
}
accountKey, err := helper.GetAzureStorageAccountKey(ctx, accountName)
if err != nil {
return nil, nil, err
}
aciVolume := containerinstance.Volume{
Name: to.StringPtr(name),
AzureFile: &containerinstance.AzureFileVolume{
ShareName: to.StringPtr(shareName),
StorageAccountName: to.StringPtr(accountName),
StorageAccountKey: to.StringPtr(accountKey),
ReadOnly: &ro,
},
}
azureFileVolumesMap[name] = true
azureFileVolumesSlice = append(azureFileVolumesSlice, aciVolume)
}
}
return azureFileVolumesMap, azureFileVolumesSlice, nil
}
func (s serviceConfigAciHelper) getAciFileVolumeMounts(volumesCache map[string]bool) ([]containerinstance.VolumeMount, error) {
var aciServiceVolumes []containerinstance.VolumeMount
for _, sv := range s.Volumes {
if !volumesCache[sv.Source] {
return []containerinstance.VolumeMount{}, fmt.Errorf("could not find volume source %q", sv.Source)
}
aciServiceVolumes = append(aciServiceVolumes, containerinstance.VolumeMount{
Name: to.StringPtr(sv.Source),
MountPath: to.StringPtr(sv.Target),
})
}
return aciServiceVolumes, nil
}
// GetRunVolumes return volume configurations for a project and a single service // GetRunVolumes return volume configurations for a project and a single service
// this is meant to be used as a compose project of a single service // this is meant to be used as a compose project of a single service
func GetRunVolumes(volumes []string) (map[string]types.VolumeConfig, []types.ServiceVolumeConfig, error) { func GetRunVolumes(volumes []string) (map[string]types.VolumeConfig, []types.ServiceVolumeConfig, error) {

95
aci/convert/volume_test.go
View File

@ -17,11 +17,16 @@
package convert package convert
import ( import (
"context"
"strconv" "strconv"
"testing" "testing"
"github.com/Azure/azure-sdk-for-go/services/containerinstance/mgmt/2018-10-01/containerinstance"
"github.com/Azure/go-autorest/autorest/to"
"github.com/compose-spec/compose-go/types" "github.com/compose-spec/compose-go/types"
"github.com/stretchr/testify/mock"
"gotest.tools/v3/assert" "gotest.tools/v3/assert"
is "gotest.tools/v3/assert/cmp"
) )
func TestGetRunVolumes(t *testing.T) { func TestGetRunVolumes(t *testing.T) {
@ -74,6 +79,96 @@ func TestGetRunVolumesInvalidOption(t *testing.T) {
assert.ErrorContains(t, err, `volume specification "myuser4/myshare4:/my/path/to/target4:invalid" has an invalid mode "invalid"`) assert.ErrorContains(t, err, `volume specification "myuser4/myshare4:/my/path/to/target4:invalid" has an invalid mode "invalid"`)
} }
func TestComposeVolumes(t *testing.T) {
ctx := context.TODO()
accountName := "myAccount"
mockStorageHelper.On("GetAzureStorageAccountKey", ctx, accountName).Return("123456", nil)
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
},
},
Volumes: types.Volumes{
"vol1": types.VolumeConfig{
Driver: "azure_file",
DriverOpts: map[string]string{
"share_name": "myFileshare",
"storage_account_name": accountName,
},
},
},
}
group, err := ToContainerGroup(ctx, convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 1))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
expectedGroupVolume := containerinstance.Volume{
Name: to.StringPtr("vol1"),
AzureFile: &containerinstance.AzureFileVolume{
ShareName: to.StringPtr("myFileshare"),
StorageAccountName: &accountName,
StorageAccountKey: to.StringPtr("123456"),
ReadOnly: to.BoolPtr(false),
},
}
assert.Equal(t, len(*group.Volumes), 1)
assert.DeepEqual(t, (*group.Volumes)[0], expectedGroupVolume)
}
func TestComposeVolumesRO(t *testing.T) {
ctx := context.TODO()
accountName := "myAccount"
mockStorageHelper.On("GetAzureStorageAccountKey", ctx, accountName).Return("123456", nil)
project := types.Project{
Services: []types.ServiceConfig{
{
Name: "service1",
Image: "image1",
},
},
Volumes: types.Volumes{
"vol1": types.VolumeConfig{
Driver: "azure_file",
DriverOpts: map[string]string{
"share_name": "myFileshare",
"storage_account_name": accountName,
"read_only": "true",
},
},
},
}
group, err := ToContainerGroup(ctx, convertCtx, project, mockStorageHelper)
assert.NilError(t, err)
assert.Assert(t, is.Len(*group.Containers, 1))
assert.Equal(t, *(*group.Containers)[0].Name, "service1")
expectedGroupVolume := containerinstance.Volume{
Name: to.StringPtr("vol1"),
AzureFile: &containerinstance.AzureFileVolume{
ShareName: to.StringPtr("myFileshare"),
StorageAccountName: &accountName,
StorageAccountKey: to.StringPtr("123456"),
ReadOnly: to.BoolPtr(true),
},
}
assert.Equal(t, len(*group.Volumes), 1)
assert.DeepEqual(t, (*group.Volumes)[0], expectedGroupVolume)
}
type mockStorageLogin struct {
mock.Mock
}
func (s *mockStorageLogin) GetAzureStorageAccountKey(ctx context.Context, accountName string) (string, error) {
args := s.Called(ctx, accountName)
return args.String(0), args.Error(1)
}
func getServiceVolumeConfig(source string, target string, readOnly bool) types.ServiceVolumeConfig { func getServiceVolumeConfig(source string, target string, readOnly bool) types.ServiceVolumeConfig {
return types.ServiceVolumeConfig{ return types.ServiceVolumeConfig{
Type: "azure_file", Type: "azure_file",