$ chmod +x ./test.sh
$ ./test.sh ./test.sh alpine-app
Starting a container for 'alpine-app'
=============== test session starts =======================================================
platform linux2 -- Python 2.7.15, pytest-4.3.0, py-1.8.0, pluggy-0.9.0 -- /usr/bin/python2
rootdir: /tests, inifile:
plugins: testinfra-1.19.0
collected 1 item
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# A simple script to start a Docker container | |
# and run Testinfra in it | |
# Original script: https://gist.github.com/renatomefi/bbf44d4e8a2614b1390416c6189fbb8e | |
# Author: @renatomefi https://twitter.com/renatomefi | |
# | |
set -eEuo pipefail |
Let's update from 3.8 to 3.9
FROM alpine:3.9
RUN addgroup -g 1000 app \
&& adduser -u 1000 -D -G app app
Build it again
Let's first build and run our newly image with a sleep time, thus pytest will have time to execute the test in it, no worries, this won't be the final solution
$ docker build -t alpine-app .
$ docker run --rm -d alpine-app sleep 60
7ecbe3205a3e9e871d4bc73237ee374d75e1e8508b008d578f2538ce937b2aa5
We want now to copy the running container ID, and let's put it in the Testinfra command so it knows what container we want to test
./test/test_user.py
def test_user_is_present(host):
user_name = 'app'
group_name = 'app'
home_dir = '/home/app'
shell = '/sbin/halt'
$ docker build -t alpine-app -f - . <<Dockerfile
FROM alpine:3.8
RUN addgroup -g 1000 app \
&& adduser -u 1000 -D -G app app
Dockerfile
Sending build context to Docker daemon 69.68kB
Step 1/2 : FROM alpine:3.8
---> 491e0ff7a8d5
Step 2/2 : RUN addgroup -g 1000 app && adduser -u 1000 -D -G app app
./Dockerfile
FROM alpine:3.8
RUN addgroup -g 1000 app \
&& adduser -u 1000 -D -G app app
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM mongo:4.0 | |
# Works with Mongo 3.2 till 4.0 | |
WORKDIR /etc/ssl | |
# If you want to validate the certifacate you should have it somewhere else an copy here, otherwise you won't be able to | |
RUN set -xe \ | |
&& openssl req -newkey rsa:2048 -new -x509 -days 365 -nodes -out mongodb-cert.crt -keyout mongodb-cert.key -subj "/C=NL/ST=Noord Holland/L=Amsterdam/O=Me/OU=Somewhere/CN=mongo" \ | |
&& cat mongodb-cert.key mongodb-cert.crt > mongodb.pem | |
ENTRYPOINT ["mongod", "--sslMode", "requireSSL", "--sslPEMKeyFile", "/etc/ssl/mongodb.pem"] |
$ clair-scanner --ip 172.17.0.1 quay.io/coreos/clair:v2.0.0
2018/09/17 20:15:31 [INFO] ▶ Start clair-scanner
2018/09/17 20:15:35 [INFO] ▶ Server listening on port 9279
2018/09/17 20:15:35 [INFO] ▶ Analyzing 30784cae2b30e82860239f7de81fc755f69bc58a77d52c2d8318ac1162247f66
2018/09/17 20:15:35 [INFO] ▶ Analyzing 858cb12d7179e8919fe9eb4d9235f3c6c5b42a3a990b4bc4d98b7d065cd6d410
2018/09/17 20:15:35 [INFO] ▶ Analyzing dcb049bb3bf0b86e0066e3aed414200c380d6d5ca00fd583ed958b2ac897596c
2018/09/17 20:15:35 [INFO] ▶ Analyzing 8c676d6c9c7d6b0b5d635bda83b80bea5ee2464ef7c5f22540c541d6345f7713
2018/09/17 20:15:35 [INFO] ▶ Analyzing 97d0cd0812dcf22015d9ffb01bc8d634765aab9774a134daedd75456abc3490a
2018/09/17 20:15:35 [INFO] ▶ Analyzing ea9c1b92c10ef25434adf1a68b87bd82830286fca881dcef5d11df9ce84847b3
NewerOlder