Merge pull request #872 from docker/ecs_secrets_e2e

Changed test img to `dockerinternal` org + ECS E2E secret validation

tests/composefiles/aci_secrets_resources/compose.yml

@@ -1,7 +1,7 @@
 services:
   web1:
-    build: ./web1
-    image: dockereng/e2e_test_secret_server1
+    build: ./web
+    image: dockerinternal/e2e_test_secret_server
     ports:
       - "80:80"
     secrets:
@@ -18,10 +18,12 @@ services:
           memory: 0.5G
 
   web2:
-    build: ./web2
-    image:  dockereng/e2e_test_secret_server2
+    build: ./web
+    image:  dockerinternal/e2e_test_secret_server
     ports:
       - "8080:8080"
+    environment:
+      - PORT=8080
     deploy:
       resources:
         reservations:

tests/composefiles/aci_secrets_resources/web1/Dockerfile → tests/composefiles/aci_secrets_resources/web/Dockerfile

@@ -15,6 +15,4 @@
 FROM python:3.8
 WORKDIR /run/secrets
 
-EXPOSE 80
-ENTRYPOINT ["python"]
-CMD ["-m", "http.server", "80"]
+CMD python -m http.server ${PORT:-80}

tests/composefiles/aci_secrets_resources/web2/Dockerfile

@@ -1,20 +0,0 @@
-#   Copyright 2020 Docker Compose CLI authors
-
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-
-#       http://www.apache.org/licenses/LICENSE-2.0
-
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
-
-FROM python:3.8
-WORKDIR /run/secrets
-
-EXPOSE 8080
-ENTRYPOINT ["python"]
-CMD ["-m", "http.server", "8080"]

tests/composefiles/ecs_e2e/multi_port_secrets.yaml

@@ -0,0 +1,24 @@
+services:
+  db:
+    image: gtardif/sentences-db
+
+  words:
+    image: gtardif/sentences-api
+    ports:
+      - "8080:8080"
+  web:
+    image: gtardif/sentences-web
+    ports:
+      - "80:80"
+  websecrets:
+    image:  dockerinternal/e2e_test_secret_server
+    ports:
+      - "90:90"
+    environment:
+      - "PORT=90"
+    secrets:
+      - mysecret1
+
+secrets:
+  mysecret1:
+    file: ./my_secret1.txt

tests/composefiles/ecs_e2e/my_secret1.txt

@@ -0,0 +1 @@
+myPassword1

tests/ecs-e2e/e2e-ecs_test.go

@@ -81,18 +81,18 @@ func TestCompose(t *testing.T) {
 	c, stack := setupTest(t)
 
 	t.Run("compose up", func(t *testing.T) {
-		c.RunDockerCmd("compose", "up", "--project-name", stack, "-f", "../composefiles/demo_multi_port.yaml")
+		c.RunDockerCmd("compose", "up", "--project-name", stack, "-f", "../composefiles/ecs_e2e/multi_port_secrets.yaml")
 	})
 
-	var webURL, wordsURL string
+	var webURL, wordsURL, secretsURL string
 	t.Run("compose ps", func(t *testing.T) {
 		res := c.RunDockerCmd("compose", "ps", "--project-name", stack)
 		fmt.Println(strings.TrimSpace(res.Stdout()))
 		lines := strings.Split(strings.TrimSpace(res.Stdout()), "\n")
 
-		assert.Equal(t, 4, len(lines))
+		assert.Equal(t, 5, len(lines))
 
-		var dbDisplayed, wordsDisplayed, webDisplayed bool
+		var dbDisplayed, wordsDisplayed, webDisplayed, secretsDisplayed bool
 		for _, line := range lines {
 			fields := strings.Fields(line)
 			containerID := fields[0]
@@ -107,15 +107,19 @@ func TestCompose(t *testing.T) {
 				wordsURL = "http://" + strings.Replace(fields[3], "->8080/tcp", "", 1) + "/noun"
 			case "web":
 				webDisplayed = true
-				assert.Equal(t, fields[1], "web")
 				assert.Check(t, strings.Contains(fields[3], ":80->80/tcp"))
 				webURL = "http://" + strings.Replace(fields[3], "->80/tcp", "", 1)
+			case "websecrets":
+				secretsDisplayed = true
+				assert.Check(t, strings.Contains(fields[3], ":90->90/tcp"))
+				secretsURL = "http://" + strings.Replace(fields[3], "->90/tcp", "", 1)
 			}
 		}
 
 		assert.Check(t, dbDisplayed)
 		assert.Check(t, wordsDisplayed)
 		assert.Check(t, webDisplayed)
+		assert.Check(t, secretsDisplayed)
 	})
 
 	t.Run("compose ls", func(t *testing.T) {
@@ -142,6 +146,12 @@ func TestCompose(t *testing.T) {
 		assert.Assert(t, strings.Contains(out, `"word":`))
 	})
 
+	t.Run("access secret", func(t *testing.T) {
+		out := HTTPGetWithRetry(t, secretsURL+"/mysecret1", http.StatusOK, 3*time.Second, 120*time.Second)
+		out = strings.ReplaceAll(out, "\r", "")
+		assert.Equal(t, out, "myPassword1\n")
+	})
+
 	t.Run("compose down", func(t *testing.T) {
 		cmd := c.NewDockerCmd("compose", "down", "--project-name", stack)
 		res := icmd.StartCmd(cmd)
@@ -166,9 +176,7 @@ func setupTest(t *testing.T) (*E2eCLI, string) {
 		localTestProfile := os.Getenv("TEST_AWS_PROFILE")
 		var res *icmd.Result
 		if localTestProfile != "" {
-			region := os.Getenv("TEST_AWS_REGION")
-			assert.Check(t, region != "")
-			res = c.RunDockerCmd("context", "create", "ecs", contextName, "--from-env")
+			res = c.RunDockerCmd("context", "create", "ecs", contextName, "--profile", localTestProfile)
 		} else {
 			region := os.Getenv("AWS_DEFAULT_REGION")
 			secretKey := os.Getenv("AWS_SECRET_ACCESS_KEY")