func init() {
// Always use the same driver (vfs) for all integration tests.
// To test other drivers, we need a dedicated driver validation suite.
os.Setenv("DOCKER_DRIVER", "vfs")
os.Setenv("TEST", "1")
os.Setenv("DOCKER_TMPDIR", unitTestDockerTmpdir)
// Hack to run sys init during unit testing
if reexec.Init() {
return
}
if uid := syscall.Geteuid(); uid != 0 {
log.Fatalf("docker tests need to be run as root")
}
// Copy dockerinit into our current testing directory, if provided (so we can test a separate dockerinit binary)
if dockerinit := os.Getenv("TEST_DOCKERINIT_PATH"); dockerinit != "" {
src, err := os.Open(dockerinit)
if err != nil {
log.Fatalf("Unable to open TEST_DOCKERINIT_PATH: %s", err)
}
defer src.Close()
dst, err := os.OpenFile(filepath.Join(filepath.Dir(utils.SelfPath()), "dockerinit"), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0555)
if err != nil {
log.Fatalf("Unable to create dockerinit in test directory: %s", err)
}
defer dst.Close()
if _, err := io.Copy(dst, src); err != nil {
log.Fatalf("Unable to copy dockerinit to TEST_DOCKERINIT_PATH: %s", err)
}
dst.Close()
src.Close()
}
// Setup the base daemon, which will be duplicated for each test.
// (no tests are run directly in the base)
setupBaseImage()
// Create the "global daemon" with a long-running daemons for integration tests
spawnGlobalDaemon()
spawnLegitHttpsDaemon()
spawnRogueHttpsDaemon()
startFds, startGoroutines = utils.GetTotalUsedFds(), runtime.NumGoroutine()
}
func main() {
if reexec.Init() {
return
}
flag.Parse()
// FIXME: validate daemon flags here
if *flVersion {
showVersion()
return
}
if *flDebug {
os.Setenv("DEBUG", "1")
}
if len(flHosts) == 0 {
defaultHost := os.Getenv("DOCKER_HOST")
if defaultHost == "" || *flDaemon {
// If we do not have a host, default to unix socket
defaultHost = fmt.Sprintf("unix://%s", api.DEFAULTUNIXSOCKET)
}
defaultHost, err := api.ValidateHost(defaultHost)
if err != nil {
log.Fatal(err)
}
flHosts = append(flHosts, defaultHost)
}
if *flDaemon {
mainDaemon()
return
}
if len(flHosts) > 1 {
log.Fatal("Please specify only one -H")
}
protoAddrParts := strings.SplitN(flHosts[0], "://", 2)
var (
cli *client.DockerCli
tlsConfig tls.Config
)
tlsConfig.InsecureSkipVerify = true
// If we should verify the server, we need to load a trusted ca
if *flTlsVerify {
*flTls = true
certPool := x509.NewCertPool()
file, err := ioutil.ReadFile(*flCa)
if err != nil {
log.Fatalf("Couldn't read ca cert %s: %s", *flCa, err)
}
certPool.AppendCertsFromPEM(file)
tlsConfig.RootCAs = certPool
tlsConfig.InsecureSkipVerify = false
}
// If tls is enabled, try to load and send client certificates
if *flTls || *flTlsVerify {
_, errCert := os.Stat(*flCert)
_, errKey := os.Stat(*flKey)
if errCert == nil && errKey == nil {
*flTls = true
cert, err := tls.LoadX509KeyPair(*flCert, *flKey)
if err != nil {
log.Fatalf("Couldn't load X509 key pair: %s. Key encrypted?", err)
}
tlsConfig.Certificates = []tls.Certificate{cert}
}
}
if *flTls || *flTlsVerify {
cli = client.NewDockerCli(os.Stdin, os.Stdout, os.Stderr, nil, protoAddrParts[0], protoAddrParts[1], &tlsConfig)
} else {
cli = client.NewDockerCli(os.Stdin, os.Stdout, os.Stderr, nil, protoAddrParts[0], protoAddrParts[1], nil)
}
if err := cli.Cmd(flag.Args()...); err != nil {
if sterr, ok := err.(*utils.StatusError); ok {
if sterr.Status != "" {
log.Infof("%s", sterr.Status)
}
os.Exit(sterr.StatusCode)
}
log.Fatal(err)
}
}
func main() {
// Running in init mode
reexec.Init()
}