Closed
Description
Testcontainers version
v0.29.1
Using the latest Testcontainers version?
Yes
Host OS
MacOS
Host arch
Arm
Go version
1.21.8
Docker version
Client:
Cloud integration: v1.0.35+desktop.11
Version: 25.0.3
API version: 1.44
Go version: go1.21.6
Git commit: 4debf41
Built: Tue Feb 6 21:13:26 2024
OS/Arch: darwin/arm64
Context: desktop-linux
Server: Docker Desktop 4.28.0 (139021)
Engine:
Version: 25.0.3
API version: 1.44 (minimum version 1.24)
Go version: go1.21.6
Git commit: f417435
Built: Tue Feb 6 21:14:22 2024
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.6.28
GitCommit: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.19.0
GitCommit: de40ad0Docker info
Client:
Version: 25.0.3
Context: desktop-linux
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.12.1-desktop.4
Path: /Users/a/.docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.24.6-desktop.1
Path: /Users/a/.docker/cli-plugins/docker-compose
debug: Get a shell into any image or container. (Docker Inc.)
Version: 0.0.24
Path: /Users/a/.docker/cli-plugins/docker-debug
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.0
Path: /Users/a/.docker/cli-plugins/docker-dev
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.22
Path: /Users/a/.docker/cli-plugins/docker-extension
feedback: Provide feedback, right in your terminal! (Docker Inc.)
Version: v1.0.4
Path: /Users/a/.docker/cli-plugins/docker-feedback
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v1.0.1
Path: /Users/a/.docker/cli-plugins/docker-init
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /Users/a/.docker/cli-plugins/docker-sbom
scout: Docker Scout (Docker Inc.)
Version: v1.5.0
Path: /Users/a/.docker/cli-plugins/docker-scout
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 250
Server Version: 25.0.3
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
runc version: v1.1.12-0-g51d5e94
init version: de40ad0
Security Options:
seccomp
Profile: unconfined
cgroupns
Kernel Version: 6.6.16-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 12
Total Memory: 19.51GiB
Name: docker-desktop
ID: c8e87756-6c7a-42fc-b2c7-7740dc3ca665
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
WARNING: daemon is not using the default seccomp profileWhat happened?
There is a miss match between running testcontainer and docker run when I mount files and cannot seem to figure out what is the reason.
Example testcontainer code:
postgresContainer, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
ContainerRequest: testcontainers.ContainerRequest{
Image: "postgresql-mock",
Name: "postgresql_mock",
Env: map[string]string{
"POSTGRES_USER": "random",
"POSTGRES_PASSWORD": "random",
"POSTGRES_DB": "random",
"POSTGRES_HOST": "postgresql",
},
Privileged: true, // tested with false also
ExposedPorts: []string{"5432/tcp", "8080/tcp"},
WaitingFor: wait.ForExec([]string{"pg_isready && curl --fail localhost:8080/api/tuner/health || exit 1"}),
Files: []testcontainers.ContainerFile{
{
HostFilePath: "../cert/server.crt",
ContainerFilePath: "/var/lib/postgresql/server.crt",
FileMode: 0o640,
},
{
HostFilePath: "../cert/server.key",
ContainerFilePath: "/var/lib/postgresql/server.key",
FileMode: 0o640,
},
{
HostFilePath: "../cert/root.crt",
ContainerFilePath: "/var/lib/postgresql/root.crt",
FileMode: 0o640,
},
}
},
})I tested with various file modes also like 0o600, 0o444 0o440 but no luck.
The errors I get are either this:
FATAL: could not load server certificate file "/var/lib/postgresql/server.crt": SSL error code 2147483661
or that:
File must have permissions u=rw (0600) or less if owned by the database user, or permissions u=rw,g=r (0640) or less if owned by root
The docker run command seems to work fine:
docker run -d -p 5432:5432 -p 8080:8080 --name postgresql-mock --memory="1250m" \
-e POSTGRES_PASSWORD=random \
-e POSTGRES_USER=random \
-e POSTGRES_DB=random \
-v "$(pwd)/../cert/server.crt:/var/lib/postgresql/server.crt:ro" \
-v "$(pwd)/../cert/server.key:/var/lib/postgresql/server.key:ro" \
-v "$(pwd)/../cert/root.crt:/var/lib/postgresql/root.crt:ro" \
-v /var/run/docker.sock:/var/run/docker.sock \
postgresql-mock
Relevant log output
FATAL: could not load server certificate file "/var/lib/postgresql/server.crt": SSL error code 2147483661Additional information
No response