Open
Description
openedon Mar 20, 2024
Testcontainers version
v0.29.1
Using the latest Testcontainers version?
Yes
Host OS
MacOS
Host arch
Arm
Go version
1.21.8
Docker version
Client:
Cloud integration: v1.0.35+desktop.11
Version: 25.0.3
API version: 1.44
Go version: go1.21.6
Git commit: 4debf41
Built: Tue Feb 6 21:13:26 2024
OS/Arch: darwin/arm64
Context: desktop-linux
Server: Docker Desktop 4.28.0 (139021)
Engine:
Version: 25.0.3
API version: 1.44 (minimum version 1.24)
Go version: go1.21.6
Git commit: f417435
Built: Tue Feb 6 21:14:22 2024
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.6.28
GitCommit: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Docker info
Client:
Version: 25.0.3
Context: desktop-linux
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.12.1-desktop.4
Path: /Users/a/.docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.24.6-desktop.1
Path: /Users/a/.docker/cli-plugins/docker-compose
debug: Get a shell into any image or container. (Docker Inc.)
Version: 0.0.24
Path: /Users/a/.docker/cli-plugins/docker-debug
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.0
Path: /Users/a/.docker/cli-plugins/docker-dev
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.22
Path: /Users/a/.docker/cli-plugins/docker-extension
feedback: Provide feedback, right in your terminal! (Docker Inc.)
Version: v1.0.4
Path: /Users/a/.docker/cli-plugins/docker-feedback
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v1.0.1
Path: /Users/a/.docker/cli-plugins/docker-init
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /Users/a/.docker/cli-plugins/docker-sbom
scout: Docker Scout (Docker Inc.)
Version: v1.5.0
Path: /Users/a/.docker/cli-plugins/docker-scout
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 250
Server Version: 25.0.3
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
runc version: v1.1.12-0-g51d5e94
init version: de40ad0
Security Options:
seccomp
Profile: unconfined
cgroupns
Kernel Version: 6.6.16-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 12
Total Memory: 19.51GiB
Name: docker-desktop
ID: c8e87756-6c7a-42fc-b2c7-7740dc3ca665
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
WARNING: daemon is not using the default seccomp profile
What happened?
There is a miss match between running testcontainer
and docker run
when I mount files and cannot seem to figure out what is the reason.
Example testcontainer code:
postgresContainer, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
ContainerRequest: testcontainers.ContainerRequest{
Image: "postgresql-mock",
Name: "postgresql_mock",
Env: map[string]string{
"POSTGRES_USER": "random",
"POSTGRES_PASSWORD": "random",
"POSTGRES_DB": "random",
"POSTGRES_HOST": "postgresql",
},
Privileged: true, // tested with false also
ExposedPorts: []string{"5432/tcp", "8080/tcp"},
WaitingFor: wait.ForExec([]string{"pg_isready && curl --fail localhost:8080/api/tuner/health || exit 1"}),
Files: []testcontainers.ContainerFile{
{
HostFilePath: "../cert/server.crt",
ContainerFilePath: "/var/lib/postgresql/server.crt",
FileMode: 0o640,
},
{
HostFilePath: "../cert/server.key",
ContainerFilePath: "/var/lib/postgresql/server.key",
FileMode: 0o640,
},
{
HostFilePath: "../cert/root.crt",
ContainerFilePath: "/var/lib/postgresql/root.crt",
FileMode: 0o640,
},
}
},
})
I tested with various file modes also like 0o600
, 0o444
0o440
but no luck.
The errors I get are either this:
FATAL: could not load server certificate file "/var/lib/postgresql/server.crt": SSL error code 2147483661
or that:
File must have permissions u=rw (0600) or less if owned by the database user, or permissions u=rw,g=r (0640) or less if owned by root
The docker run command seems to work fine:
docker run -d -p 5432:5432 -p 8080:8080 --name postgresql-mock --memory="1250m" \
-e POSTGRES_PASSWORD=random \
-e POSTGRES_USER=random \
-e POSTGRES_DB=random \
-v "$(pwd)/../cert/server.crt:/var/lib/postgresql/server.crt:ro" \
-v "$(pwd)/../cert/server.key:/var/lib/postgresql/server.key:ro" \
-v "$(pwd)/../cert/root.crt:/var/lib/postgresql/root.crt:ro" \
-v /var/run/docker.sock:/var/run/docker.sock \
postgresql-mock
Relevant log output
FATAL: could not load server certificate file "/var/lib/postgresql/server.crt": SSL error code 2147483661
Additional information
No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Metadata
Assignees
Labels
An issue with the libraryAn issue with the library