integration-cli/docker_cli_netmode_test.go - third_party/github.com/moby/moby - Git at Google

 package main

 import (
 	"context"
 	"strings"
 	"testing"

 	"github.com/moby/moby/v2/integration-cli/cli"
 	"gotest.tools/v3/assert"
 	is "gotest.tools/v3/assert/cmp"
 )

 // GH14530. Validates combinations of --net= with other options

 // stringCheckPS is how the output of PS starts in order to validate that
 // the command executed in a container did really run PS correctly.
 const stringCheckPS = "PID   USER"

 type DockerCLINetmodeSuite struct {
 	ds *DockerSuite
 }

 func (s *DockerCLINetmodeSuite) TearDownTest(ctx context.Context, t *testing.T) {
 	s.ds.TearDownTest(ctx, t)
 }

 func (s *DockerCLINetmodeSuite) OnTimeout(t *testing.T) {
 	s.ds.OnTimeout(t)
 }

 // DockerCmdWithFail executes a docker command that is supposed to fail and returns
 // the output. If the command returns a Nil error, it will fail and stop the tests.
 func dockerCmdWithFail(t *testing.T, args ...string) string {
 	t.Helper()
 	out, _, err := dockerCmdWithError(args...)
 	assert.Assert(t, err != nil, "%v", out)
 	return out
 }

 func (s *DockerCLINetmodeSuite) TestNetHostnameWithNetHost(c *testing.T) {
 	testRequires(c, DaemonIsLinux, NotUserNamespace)

 	out := cli.DockerCmd(c, "run", "--net=host", "busybox", "ps").Stdout()
 	assert.Assert(c, is.Contains(out, stringCheckPS))
 }

 func (s *DockerCLINetmodeSuite) TestNetHostname(c *testing.T) {
 	testRequires(c, DaemonIsLinux)

 	out := cli.DockerCmd(c, "run", "-h=name", "busybox", "ps").Stdout()
 	assert.Assert(c, is.Contains(out, stringCheckPS))
 	out = cli.DockerCmd(c, "run", "-h=name", "--net=bridge", "busybox", "ps").Stdout()
 	assert.Assert(c, is.Contains(out, stringCheckPS))
 	out = cli.DockerCmd(c, "run", "-h=name", "--net=none", "busybox", "ps").Stdout()
 	assert.Assert(c, is.Contains(out, stringCheckPS))
 	out = dockerCmdWithFail(c, "run", "-h=name", "--net=container:other", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "conflicting options: hostname and the network mode"))
 	out = dockerCmdWithFail(c, "run", "--net=container", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "invalid container format container:<name|id>"))
 	out = dockerCmdWithFail(c, "run", "--net=weird", "busybox", "ps")
 	assert.Assert(c, is.Contains(strings.ToLower(out), "not found"))
 }

 func (s *DockerCLINetmodeSuite) TestConflictContainerNetworkAndLinks(c *testing.T) {
 	testRequires(c, DaemonIsLinux)

 	out := dockerCmdWithFail(c, "run", "--net=container:other", "--link=zip:zap", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "links are only supported for user-defined networks"))
 }

 func (s *DockerCLINetmodeSuite) TestConflictContainerNetworkHostAndLinks(c *testing.T) {
 	testRequires(c, DaemonIsLinux, NotUserNamespace)

 	out := dockerCmdWithFail(c, "run", "--net=host", "--link=zip:zap", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "links are only supported for user-defined networks"))
 }

 func (s *DockerCLINetmodeSuite) TestConflictNetworkModeNetHostAndOptions(c *testing.T) {
 	c.Skip("FIXME(thaJeztah): no daemon-side validation for this case!")
 	testRequires(c, DaemonIsLinux, NotUserNamespace)

 	// This doesn't produce an error:
 	// 	docker run --rm --net=host --mac-address=92:d0:c6:0a:29:33 busybox
 	out := dockerCmdWithFail(c, "run", "--net=host", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "conflicting options: mac-address and the network mode"))
 }

 func (s *DockerCLINetmodeSuite) TestConflictNetworkModeAndOptions(c *testing.T) {
 	testRequires(c, DaemonIsLinux)

 	out := dockerCmdWithFail(c, "run", "--net=container:other", "--dns=8.8.8.8", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "conflicting options: dns and the network mode"))
 	out = dockerCmdWithFail(c, "run", "--net=container:other", "--add-host=name:8.8.8.8", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "conflicting options: custom host-to-IP mapping and the network mode"))
 	out = dockerCmdWithFail(c, "run", "--net=container:other", "-P", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "conflicting options: port publishing and the container type network mode"))
 	out = dockerCmdWithFail(c, "run", "--net=container:other", "-p", "8080", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "conflicting options: port publishing and the container type network mode"))
 	out = dockerCmdWithFail(c, "run", "--net=container:other", "--expose", "8000-9000", "busybox", "ps")
 	assert.Assert(c, is.Contains(out, "conflicting options: port exposing and the container type network mode"))
 }
	package main

	import (
	"context"
	"strings"
	"testing"

	"github.com/moby/moby/v2/integration-cli/cli"
	"gotest.tools/v3/assert"
	is "gotest.tools/v3/assert/cmp"
	)

	// GH14530. Validates combinations of --net= with other options

	// stringCheckPS is how the output of PS starts in order to validate that
	// the command executed in a container did really run PS correctly.
	const stringCheckPS = "PID USER"

	type DockerCLINetmodeSuite struct {
	ds *DockerSuite
	}

	func (s DockerCLINetmodeSuite) TearDownTest(ctx context.Context, t testing.T) {
	s.ds.TearDownTest(ctx, t)
	}

	func (s DockerCLINetmodeSuite) OnTimeout(t testing.T) {
	s.ds.OnTimeout(t)
	}

	// DockerCmdWithFail executes a docker command that is supposed to fail and returns
	// the output. If the command returns a Nil error, it will fail and stop the tests.
	func dockerCmdWithFail(t *testing.T, args ...string) string {
	t.Helper()
	out, _, err := dockerCmdWithError(args...)
	assert.Assert(t, err != nil, "%v", out)
	return out
	}

	func (s DockerCLINetmodeSuite) TestNetHostnameWithNetHost(c testing.T) {
	testRequires(c, DaemonIsLinux, NotUserNamespace)

	out := cli.DockerCmd(c, "run", "--net=host", "busybox", "ps").Stdout()
	assert.Assert(c, is.Contains(out, stringCheckPS))
	}

	func (s DockerCLINetmodeSuite) TestNetHostname(c testing.T) {
	testRequires(c, DaemonIsLinux)

	out := cli.DockerCmd(c, "run", "-h=name", "busybox", "ps").Stdout()
	assert.Assert(c, is.Contains(out, stringCheckPS))
	out = cli.DockerCmd(c, "run", "-h=name", "--net=bridge", "busybox", "ps").Stdout()
	assert.Assert(c, is.Contains(out, stringCheckPS))
	out = cli.DockerCmd(c, "run", "-h=name", "--net=none", "busybox", "ps").Stdout()
	assert.Assert(c, is.Contains(out, stringCheckPS))
	out = dockerCmdWithFail(c, "run", "-h=name", "--net=container:other", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "conflicting options: hostname and the network mode"))
	out = dockerCmdWithFail(c, "run", "--net=container", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "invalid container format container:<name\|id>"))
	out = dockerCmdWithFail(c, "run", "--net=weird", "busybox", "ps")
	assert.Assert(c, is.Contains(strings.ToLower(out), "not found"))
	}

	func (s DockerCLINetmodeSuite) TestConflictContainerNetworkAndLinks(c testing.T) {
	testRequires(c, DaemonIsLinux)

	out := dockerCmdWithFail(c, "run", "--net=container:other", "--link=zip:zap", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "links are only supported for user-defined networks"))
	}

	func (s DockerCLINetmodeSuite) TestConflictContainerNetworkHostAndLinks(c testing.T) {
	testRequires(c, DaemonIsLinux, NotUserNamespace)

	out := dockerCmdWithFail(c, "run", "--net=host", "--link=zip:zap", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "links are only supported for user-defined networks"))
	}

	func (s DockerCLINetmodeSuite) TestConflictNetworkModeNetHostAndOptions(c testing.T) {
	c.Skip("FIXME(thaJeztah): no daemon-side validation for this case!")
	testRequires(c, DaemonIsLinux, NotUserNamespace)

	// This doesn't produce an error:
	// docker run --rm --net=host --mac-address=92:d0:c6:0a:29:33 busybox
	out := dockerCmdWithFail(c, "run", "--net=host", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "conflicting options: mac-address and the network mode"))
	}

	func (s DockerCLINetmodeSuite) TestConflictNetworkModeAndOptions(c testing.T) {
	testRequires(c, DaemonIsLinux)

	out := dockerCmdWithFail(c, "run", "--net=container:other", "--dns=8.8.8.8", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "conflicting options: dns and the network mode"))
	out = dockerCmdWithFail(c, "run", "--net=container:other", "--add-host=name:8.8.8.8", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "conflicting options: custom host-to-IP mapping and the network mode"))
	out = dockerCmdWithFail(c, "run", "--net=container:other", "-P", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "conflicting options: port publishing and the container type network mode"))
	out = dockerCmdWithFail(c, "run", "--net=container:other", "-p", "8080", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "conflicting options: port publishing and the container type network mode"))
	out = dockerCmdWithFail(c, "run", "--net=container:other", "--expose", "8000-9000", "busybox", "ps")
	assert.Assert(c, is.Contains(out, "conflicting options: port exposing and the container type network mode"))
	}