arno/docker-socket-proxy
1
0
Fork 0
mirror of https://github.com/Tecnativa/docker-socket-proxy synced 2025-01-03 04:10:55 +00:00
Code Issues Releases Wiki Activity

Expand tests

Browse Source
This commit is contained in:
João Marques 2020-11-09 16:34:02 +00:00
parent 0a0b6f8f12
commit 05ba0bec72
1 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
tests/test_service.py
View File

@ -85,6 +85,43 @@ def test_default_permissions():
_check_permission("forbidden", ["system", "info"]) _check_permission("forbidden", ["system", "info"])
_check_permission("forbidden", ["build", "."]) _check_permission("forbidden", ["build", "."])
_check_permission("forbidden", ["swarm", "init"]) _check_permission("forbidden", ["swarm", "init"])
finally:
pass
_stop_and_delete_proxy()
def test_container_permissions():
try:
_start_proxy(extra_args=["-e", "CONTAINERS=1"])
_check_permission("allowed", ["logs", CONTAINER_NAME])
_check_permission("allowed", ["inspect", CONTAINER_NAME])
_check_permission("forbidden", ["wait", CONTAINER_NAME])
_check_permission("forbidden", ["run", "--rm", "alpine"])
_check_permission("forbidden", ["rm", "-f", CONTAINER_NAME])
_check_permission("forbidden", ["restart", CONTAINER_NAME])
finally:
pass
_stop_and_delete_proxy()
def test_post_permissions():
try:
_start_proxy(extra_args=["-e", "POST=1"])
_check_permission("forbidden", ["rm", "-f", CONTAINER_NAME])
_check_permission("forbidden", ["pull", "alpine"])
_check_permission("forbidden", ["run", "--rm", "alpine"])
_check_permission("forbidden", ["network", "create", "foobar"])
finally:
pass
_stop_and_delete_proxy()
def test_network_post_permissions():
try:
_start_proxy(extra_args=["-e", "POST=1", "-e", "NETWORKS=1"])
_check_permission("allowed", ["network", "ls"])
_check_permission("allowed", ["network", "create", "foo"])
_check_permission("allowed", ["network", "rm", "foo"])
finally: finally:
pass pass
_stop_and_delete_proxy() _stop_and_delete_proxy()