def test_private_repository_mesos_app(): """ Test private docker registry with mesos containerizer using "config" container's image field.""" requires_marathon_version("1.5") if not common.is_enterprise_cli_package_installed(): common.install_enterprise_cli_package() username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "dockerPullConfig" secret_value_json = common.create_docker_pull_config_json(username, password) secret_value = json.dumps(secret_value_json) client = marathon.create_client() common.create_secret(secret_name, secret_value) try: app_def = common.private_mesos_container_app(secret_name) client.add_app(app_def) shakedown.deployment_wait() common.assert_app_tasks_running(client, app_def) finally: common.delete_secret(secret_name)
def test_create_pod_with_private_image(): """Deploys a pod with a private Docker image, using Mesos containerizer. This method relies on the global `install_enterprise_cli` fixture to install the enterprise-cli-package. """ username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullconfig" secret_value_json = common.create_docker_pull_config_json(username, password) secret_value = json.dumps(secret_value_json) pod_def = pods.private_docker_pod() pod_id = pod_def['id'] common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_pod(pod_def) deployment_wait(service_id=pod_id, max_attempts=300) pod = client.show_pod(pod_id) assert pod is not None, "The pod has not been created" finally: common.delete_secret(secret_name)
def test_private_repository_mesos_app(): """Deploys an app with a private Docker image, using Mesos containerizer. It relies on the global `install_enterprise_cli` fixture to install the enterprise-cli-package. """ username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullconfig" secret_value_json = common.create_docker_pull_config_json( username, password) secret_value = json.dumps(secret_value_json) app_def = apps.private_ucr_docker_app() app_id = app_def["id"] # In strict mode all tasks are started as user `nobody` by default and `nobody` # doesn't have permissions to write to /var/log within the container. if is_strict(): app_def['user'] = '******' common.add_dcos_marathon_user_acls() common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_app(app_def) deployment_wait(service_id=app_id) common.assert_app_tasks_running(client, app_def) finally: common.delete_secret(secret_name)
def test_private_repository_mesos_app(): """Deploys an app with a private Docker image, using Mesos containerizer. It relies on the global `install_enterprise_cli` fixture to install the enterprise-cli-package. """ username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullconfig" secret_value_json = common.create_docker_pull_config_json(username, password) secret_value = json.dumps(secret_value_json) app_def = apps.private_ucr_docker_app() app_id = app_def["id"] # In strict mode all tasks are started as user `nobody` by default and `nobody` # doesn't have permissions to write to /var/log within the container. if is_strict(): app_def['user'] = '******' common.add_dcos_marathon_user_acls() common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_app(app_def) deployment_wait(service_id=app_id) common.assert_app_tasks_running(client, app_def) finally: common.delete_secret(secret_name)
def test_create_pod_with_private_image(): """Deploys a pod with a private Docker image, using Mesos containerizer. This method relies on the global `install_enterprise_cli` fixture to install the enterprise-cli-package. """ username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullconfig" secret_value_json = common.create_docker_pull_config_json( username, password) secret_value = json.dumps(secret_value_json) pod_def = pods.private_docker_pod() pod_id = pod_def['id'] common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_pod(pod_def) deployment_wait(service_id=pod_id, max_attempts=300) pod = client.show_pod(pod_id) assert pod is not None, "The pod has not been created" finally: common.delete_secret(secret_name)
def test_create_pod_with_private_image(): """Deploys a pod with a private Docker image, using Mesos containerizer.""" if not common.is_enterprise_cli_package_installed(): common.install_enterprise_cli_package() username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullconfig" secret_value_json = common.create_docker_pull_config_json(username, password) secret_value = json.dumps(secret_value_json) pod_def = pods.private_docker_pod() pod_id = pod_def['id'] common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_pod(pod_def) common.deployment_wait(timeout=timedelta(minutes=5).total_seconds(), service_id=pod_id) pod = client.show_pod(pod_id) assert pod is not None, "The pod has not been created" finally: common.delete_secret(secret_name)
def test_create_pod_with_private_image(): """Deploys a pod with a private Docker image, using Mesos containerizer.""" if not common.is_enterprise_cli_package_installed(): common.install_enterprise_cli_package() username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullConfig" secret_value_json = common.create_docker_pull_config_json( username, password) secret_value = json.dumps(secret_value_json) pod_def = pods.private_docker_pod() pod_id = pod_def['id'] common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_pod(pod_def) common.deployment_wait(timeout=timedelta(minutes=5).total_seconds(), service_id=pod_id) pod = client.show_pod(pod_id) assert pod is not None, "The pod has not been created" finally: common.delete_secret(secret_name)
def test_private_repository_mesos_app(): """Deploys an app with a private Docker image, using Mesos containerizer.""" if not common.is_enterprise_cli_package_installed(): common.install_enterprise_cli_package() username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullConfig" secret_value_json = common.create_docker_pull_config_json(username, password) secret_value = json.dumps(secret_value_json) app_def = apps.private_ucr_docker_app() # In strict mode all tasks are started as user `nobody` by default and `nobody` # doesn't have permissions to write to /var/log within the container. if shakedown.ee_version() == 'strict': app_def['user'] = '******' common.add_dcos_marathon_root_user_acls() common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_app(app_def) shakedown.deployment_wait() common.assert_app_tasks_running(client, app_def) finally: common.delete_secret(secret_name)
def test_private_repository_mesos_app(): """ Test private docker registry with mesos containerizer using "config" container's image field.""" # marathon version captured here will work for root and mom requires_marathon_version('1.5') username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "dockerPullConfig" secret_value_json = common.create_docker_pull_config_json( username, password) import json secret_value = json.dumps(secret_value_json) client = marathon.create_client() common.create_secret(secret_name, secret_value) try: app_def = common.private_mesos_container_app(secret_name) client.add_app(app_def) shakedown.deployment_wait() common.assert_app_tasks_running(client, app_def) finally: common.delete_secret(secret_name)
def test_private_repository_mesos_app(): """Deploys an app with a private Docker image, using Mesos containerizer.""" if not common.is_enterprise_cli_package_installed(): common.install_enterprise_cli_package() username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullConfig" secret_value_json = common.create_docker_pull_config_json( username, password) secret_value = json.dumps(secret_value_json) app_def = apps.private_ucr_docker_app() # Here we're starting an nignx server in a container. In a strict mode however # all tasks are started as user `nobody` and `nobody` doesn't have permissions # to write to /var/log within the container. To avoid this we override the cmd # with a simple `sleep`. This is a hacky workaround but the test is still valid # since we're testing `pullConfig` feature. if shakedown.ee_version() == 'strict': app_def['cmd'] = 'sleep 10000000' common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_app(app_def) shakedown.deployment_wait() common.assert_app_tasks_running(client, app_def) finally: common.delete_secret(secret_name)
def secret_fixture(): if not common.is_enterprise_cli_package_installed(): common.install_enterprise_cli_package() secret_name = '/mysecret' secret_value = 'super_secret_password' common.create_secret(secret_name, secret_value) yield secret_name, secret_value common.delete_secret(secret_name)
def ensure_docker_config_secret(): # Docker username and password should be passed as environment variables `DOCKER_HUB_USERNAME` # and `DOCKER_HUB_PASSWORD` (usually by jenkins) assert 'DOCKER_HUB_USERNAME' in os.environ, "Couldn't find docker hub username. $DOCKER_HUB_USERNAME is not set" assert 'DOCKER_HUB_PASSWORD' in os.environ, "Couldn't find docker hub password. $DOCKER_HUB_PASSWORD is not set" if common.has_secret(MOM_EE_DOCKER_CONFIG_SECRET_NAME): common.delete_secret(MOM_EE_DOCKER_CONFIG_SECRET_NAME) username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] config_json = common.create_docker_pull_config_json(username, password) common.create_secret(MOM_EE_DOCKER_CONFIG_SECRET_NAME, value=json.dumps(config_json)) assert common.has_secret(MOM_EE_DOCKER_CONFIG_SECRET_NAME)
def ensure_docker_config_secret(): """Method creates a secret with the docker credentials that is later used to pull the image from our private docker repository. It relies on the global `install_enterprise_cli` fixture to install the enterprise-cli-package. """ # Docker username and password should be passed as environment variables `DOCKER_HUB_USERNAME` # and `DOCKER_HUB_PASSWORD` (usually by jenkins) assert 'DOCKER_HUB_USERNAME' in os.environ, "Couldn't find docker hub username. $DOCKER_HUB_USERNAME is not set" assert 'DOCKER_HUB_PASSWORD' in os.environ, "Couldn't find docker hub password. $DOCKER_HUB_PASSWORD is not set" if common.has_secret(MOM_EE_DOCKER_CONFIG_SECRET_NAME): common.delete_secret(MOM_EE_DOCKER_CONFIG_SECRET_NAME) username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] config_json = common.create_docker_pull_config_json(username, password) common.create_secret(MOM_EE_DOCKER_CONFIG_SECRET_NAME, value=json.dumps(config_json)) assert common.has_secret(MOM_EE_DOCKER_CONFIG_SECRET_NAME)
def test_create_pod_with_private_image(): username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "dockerPullConfig" secret_value_json = common.create_docker_pull_config_json( username, password) import json secret_value = json.dumps(secret_value_json) client = marathon.create_client() common.create_secret(secret_name, secret_value) try: pod_def = common.private_docker_pod(secret_name) client.add_pod(pod_def) shakedown.deployment_wait(timeout=timedelta(minutes=5).total_seconds()) pod = client.show_pod(pod_def["id"]) assert pod is not None finally: common.delete_secret(secret_name)
def test_private_repository_mesos_app(): """ Test private docker registry with mesos containerizer using "config" container's image field.""" username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "dockerPullConfig" secret_value_json = common.create_docker_pull_config_json(username, password) import json secret_value = json.dumps(secret_value_json) client = marathon.create_client() common.create_secret(secret_name, secret_value) try: app_def = common.private_mesos_container_app(secret_name) client.add_app(app_def) shakedown.deployment_wait() common.assert_app_tasks_running(client, app_def) finally: common.delete_secret(secret_name)
def test_private_repository_mesos_app(): """Deploys an app with a private Docker image, using Mesos containerizer.""" if not common.is_enterprise_cli_package_installed(): common.install_enterprise_cli_package() username = os.environ['DOCKER_HUB_USERNAME'] password = os.environ['DOCKER_HUB_PASSWORD'] secret_name = "pullConfig" secret_value_json = common.create_docker_pull_config_json(username, password) secret_value = json.dumps(secret_value_json) app_def = apps.private_ucr_docker_app() common.create_secret(secret_name, secret_value) client = marathon.create_client() try: client.add_app(app_def) shakedown.deployment_wait() common.assert_app_tasks_running(client, app_def) finally: common.delete_secret(secret_name)
def secret_fixture(): secret_name = '/mysecret' secret_value = 'super_secret_password' common.create_secret(secret_name, secret_value) yield secret_name, secret_value common.delete_secret(secret_name)