private string BuildTestAppImage(string stageTarget, string contextDir, params string[] customBuildArgs) { string tag = _imageData.GetIdentifier(stageTarget); List <string> buildArgs = new List <string>(); buildArgs.Add($"sdk_image={_imageData.GetImage(DotNetImageType.SDK, _dockerHelper)}"); DotNetImageType runtimeImageType = _isWeb ? DotNetImageType.AspNetCore_Runtime : DotNetImageType.Runtime; buildArgs.Add($"runtime_image={_imageData.GetImage(runtimeImageType, _dockerHelper)}"); if (DockerHelper.IsLinuxContainerModeEnabled) { buildArgs.Add($"runtime_deps_image={_imageData.GetImage(DotNetImageType.Runtime_Deps, _dockerHelper)}"); } if (customBuildArgs != null) { buildArgs.AddRange(customBuildArgs); } _dockerHelper.Build( tag: tag, target: stageTarget, contextDir: contextDir, buildArgs: buildArgs.ToArray()); return(tag); }
public void VerifySdkImage_PackageCache(ImageData imageData) { string verifyCacheCommand = null; if (imageData.Version.Major == 2) { if (DockerHelper.IsLinuxContainerModeEnabled) { verifyCacheCommand = "test -d /usr/share/dotnet/sdk/NuGetFallbackFolder"; } else { verifyCacheCommand = "CMD /S /C PUSHD \"C:\\Program Files\\dotnet\\sdk\\NuGetFallbackFolder\""; } } else { _outputHelper.WriteLine(".NET Core SDK images >= 3.0 don't include a package cache."); } if (verifyCacheCommand != null) { // Simple check to verify the NuGet package cache was created _dockerHelper.Run( image: imageData.GetImage(DotNetImageType.SDK, _dockerHelper), command: verifyCacheCommand, name: imageData.GetIdentifier("PackageCache")); } }
public void VerifyImage_InsecureFilesCheck(ImageData imageData) { if (imageData.Version < new Version("3.1") || !DockerHelper.IsLinuxContainerModeEnabled || (imageData.OS.Contains("alpine") && imageData.IsArm)) { return; } string worldWritableDirectoriesWithoutStickyBitCmd = @"find / -xdev -type d \( -perm -0002 -a ! -perm -1000 \)"; string worldWritableFilesCmd = "find / -xdev -type f -perm -o+w"; string noUserOrGroupFilesCmd; if (imageData.OS.Contains("alpine")) { // BusyBox in Alpine doesn't support the more convenient -nouser and -nogroup options for the find command noUserOrGroupFilesCmd = @"find / -xdev -exec stat -c %U-%n {} \+ | { grep ^UNKNOWN || true; }"; } else { noUserOrGroupFilesCmd = @"find / -xdev \( -nouser -o -nogroup \)"; } string command = $"/bin/sh -c \"{worldWritableDirectoriesWithoutStickyBitCmd} && {worldWritableFilesCmd} && {noUserOrGroupFilesCmd}\""; foreach (DotNetImageType imageType in Enum.GetValues(typeof(DotNetImageType))) { string output = _dockerHelper.Run( image: imageData.GetImage(imageType, _dockerHelper), name: imageData.GetIdentifier($"InsecureFiles-{imageType}"), command: command ); Assert.Empty(output); } }
public static void Validate( IEnumerable <EnvironmentVariableInfo> variables, DotNetImageType imageType, ImageData imageData, DockerHelper dockerHelper) { const char delimiter = '|'; IEnumerable <string> echoParts; string invokeCommand; char delimiterEscape; if (DockerHelper.IsLinuxContainerModeEnabled) { echoParts = variables.Select(envVar => $"${envVar.Name}"); invokeCommand = $"/bin/sh -c"; delimiterEscape = '\\'; } else { echoParts = variables.Select(envVar => $"%{envVar.Name}%"); invokeCommand = $"CMD /S /C"; delimiterEscape = '^'; } string combinedValues = dockerHelper.Run( image: imageData.GetImage(imageType, dockerHelper), name: imageData.GetIdentifier($"env"), command: $"{invokeCommand} \"echo {String.Join($"{delimiterEscape}{delimiter}", echoParts)}\""); string[] values = combinedValues.Split(delimiter); Assert.Equal(variables.Count(), values.Count()); for (int i = 0; i < values.Count(); i++) { EnvironmentVariableInfo variable = variables.ElementAt(i); string actualValue; // Process unset variables in Windows if (!DockerHelper.IsLinuxContainerModeEnabled && string.Equals(values[i], $"%{variable.Name}%", StringComparison.Ordinal)) { actualValue = string.Empty; } else { actualValue = values[i]; } if (variable.AllowAnyValue) { Assert.NotEmpty(actualValue); } else { Assert.Equal(variable.ExpectedValue, actualValue); } } }
public void VerifySDKImage_PowerShellScenario(ImageData imageData) { if (imageData.Version.Major < 3) { _outputHelper.WriteLine("PowerShell does not exist in pre-3.0 images, skip testing"); return; } // A basic test which executes an arbitrary command to validate PS is functional string output = _dockerHelper.Run( image: imageData.GetImage(DotNetImageType.SDK, _dockerHelper), name: imageData.GetIdentifier($"pwsh"), command: $"pwsh -c (Get-Childitem env:DOTNET_RUNNING_IN_CONTAINER).Value" ); Assert.Equal(output, bool.TrueString, ignoreCase: true); }