Merge branch 'main' into ollama-local

* main: feat(gcloud)!: add support to seed data when using RunBigQueryContainer (testcontainers#2523) security(deps): bump golang.org/x/crypto from 0.28.0 to 0.31.0 (testcontainers#2916) chore(ci): add Github labels based on PR title (testcontainers#2914) chore(gha): Use official setup-docker-action (testcontainers#2913) chore(ci): enforce conventional commits syntax in PR titles (testcontainers#2911) feat(nats): WithConfigFile - pass a configuration file to nats server (testcontainers#2905) chore: enable implicit default logger only in testing with -v (testcontainers#2877) fix: container binds syntax (testcontainers#2899) refactor(cockroachdb): to use request driven options (testcontainers#2883)
mdelapenya · Dec 13, 2024 · 0bebaea · 0bebaea
2 parents 8228583 + 35bf0cd
commit 0bebaea
Show file tree

Hide file tree

Showing 131 changed files with 1,412 additions and 1,068 deletions.
diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml
@@ -26,3 +26,25 @@ categories:
       - 'test flakiness'
   - title: 📦 Dependency updates
     label: 'dependencies'
+autolabeler:
+  - label: 'breaking change'
+    title:
+      - '/^[a-z]+(\(.+\))?!\:/'
+  - label: 'security'
+    title:
+      - '/^security(\(.+\))?!?\:/'
+  - label: 'feature'
+    title:
+      - '/^feat(\(.+\))?!?\:/'
+  - label: 'bug'
+    title:
+      - '/^(fix)(\(.+\))?!?\:/'
+  - label: 'documentation'
+    title:
+      - '/^docs(\(.+\))?!?\:/'
+  - label: 'chore'
+    title:
+      - '/^chore(\(.+\))?!?\:/'
+  - label: 'dependencies'
+    title:
+      - '/^deps(\(.+\))?!?\:/'
diff --git a/.github/workflows/ci-test-go.yml b/.github/workflows/ci-test-go.yml
@@ -55,11 +55,9 @@ jobs:
     steps:
       - name: Setup rootless Docker
         if: ${{ inputs.rootless-docker }}
-        uses: ScribeMD/rootless-docker@6bd157a512c2fafa4e0243a8aa87d964eb890886  # v0.2.2
-
-      - name: Remove Docker root socket
-        if: ${{ inputs.rootless-docker }}
-        run: sudo rm -rf /var/run/docker.sock
+        uses: docker/setup-docker-action@01efb57f882e3b1a22e7cf3501dbe51287b0ecb4 # v4
+        with:
+          rootless: true
 
       - name: Check out code into the Go module directory
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

diff --git a/.github/workflows/conventions.yml b/.github/workflows/conventions.yml
@@ -0,0 +1,49 @@
+name: "Enforce conventions"
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - edited
+      - synchronize
+      - reopened
+
+permissions:
+  pull-requests: read
+
+jobs:
+  lint-pr:
+    name: Validate PR title follows Conventional Commits
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          # We may not need a scope on every commit (i.e. repo-level change).
+          #
+          # feat!: read config consistenly
+          # feat(redis): support for clustering
+          # chore(redis): update tests
+          # fix(redis): trim connection string
+          # ^    ^    ^
+          # |    |    |__ Subject
+          # |    |_______ Scope
+          # |____________ Type: it can end with a ! to denote a breaking change.
+          requireScope: false
+          # Scope should be lowercase.
+          disallowScopes: |
+            [A-Z]+
+          # ensures the subject doesn't start with an uppercase character.
+          subjectPattern: ^(?![A-Z]).+$
+          subjectPatternError: |
+            The subject "{subject}" found in the pull request title "{title}"
+            didn't match the configured pattern. Please ensure that the subject
+            doesn't start with an uppercase character.
+          types: |
+            security
+            fix
+            feat
+            docs
+            chore
+            deps
diff --git a/.github/workflows/docker-moby-latest.yml b/.github/workflows/docker-moby-latest.yml
@@ -38,7 +38,7 @@ jobs:
         run: go mod tidy
 
       - name: Install Nightly Docker
-        uses: crazy-max/ghaction-setup-docker@master
+        uses: docker/setup-docker-action@master
         with:
           rootless: ${{ matrix.rootless-docker }}
           version: type=image,tag=master

diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml
@@ -5,6 +5,10 @@ on:
   push:
     branches:
       - main
+  # pull_request event is required only for autolabeler
+  pull_request:
+    # Only following types are handled by the action, but one can default to all as well
+    types: [opened, reopened, synchronize]
 
 permissions:
   contents: read
@@ -17,5 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # v5.19.0
+        with:
+          disable-autolabeler: false
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/container.go b/container.go
@@ -532,7 +532,7 @@ func (c *ContainerRequest) validateMounts() error {
 	if len(hostConfig.Binds) > 0 {
 		for _, bind := range hostConfig.Binds {
 			parts := strings.Split(bind, ":")
-			if len(parts) != 2 {
+			if len(parts) != 2 && len(parts) != 3 {
 				return fmt.Errorf("%w: %s", ErrInvalidBindMount, bind)
 			}
 			targetPath := parts[1]

diff --git a/container_test.go b/container_test.go
@@ -73,11 +73,33 @@ func Test_ContainerValidation(t *testing.T) {
 		},
 		{
 			Name:          "Invalid bind mount",
-			ExpectedError: "invalid bind mount: /data:/data:/data",
+			ExpectedError: "invalid bind mount: /data:/data:a:b",
 			ContainerRequest: testcontainers.ContainerRequest{
 				Image: "redis:latest",
 				HostConfigModifier: func(hc *container.HostConfig) {
-					hc.Binds = []string{"/data:/data:/data"}
+					hc.Binds = []string{"/data:/data:a:b"}
+				},
+			},
+		},
+		{
+			Name: "bind-options/provided",
+			ContainerRequest: testcontainers.ContainerRequest{
+				Image: "redis:latest",
+				HostConfigModifier: func(hc *container.HostConfig) {
+					hc.Binds = []string{
+						"/a:/a:nocopy",
+						"/b:/b:ro",
+						"/c:/c:rw",
+						"/d:/d:z",
+						"/e:/e:Z",
+						"/f:/f:shared",
+						"/g:/g:rshared",
+						"/h:/h:slave",
+						"/i:/i:rslave",
+						"/j:/j:private",
+						"/k:/k:rprivate",
+						"/l:/l:ro,z,shared",
+					}
 				},
 			},
 		},

diff --git a/docs/contributing.md b/docs/contributing.md
@@ -29,7 +29,19 @@ Please just be sure to:
 * follow the style, naming and structure conventions of the rest of the project.
 * make commits atomic and easy to merge.
 * use [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/) for the PR title. This will help us to understand the nature of the changes, and to generate the changelog after all the commits in the PR are squashed.
-* use [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/) for your commit messages, as it improves the readability of the commit history, and the review process.
+    * Please use the `feat!`, `chore!`, `fix!`... types for breaking changes, as these categories are considered as `breaking change` in the changelog. Please use the `!` to denote a breaking change.
+    * Please use the `security` type for security fixes, as these categories are considered as `security` in the changelog.
+    * Please use the `feat` type for new features, as these categories are considered as `feature` in the changelog.
+    * Please use the `fix` type for bug fixes, as these categories are considered as `bug` in the changelog.
+    * Please use the `docs` type for documentation updates, as these categories are considered as `documentation` in the changelog.
+    * Please use the `chore` type for housekeeping commits, including `build`, `ci`, `style`, `refactor`, `test`, `perf` and so on, as these categories are considered as `chore` in the changelog.
+    * Please use the `deps` type for dependency updates, as these categories are considered as `dependencies` in the changelog.
+
+!!!important
+    There is a GitHub Actions workflow that will check if your PR title follows the conventional commits convention. If not, it contributes a failed check to your PR.
+    To know more about the conventions, please refer to the [workflow file](https://github.com/testcontainers/testcontainers-go/blob/main/.github/workflows/conventions.yml).
+
+* use [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/) for your commit messages, as it improves the readability of the commit history, and the review process. Please follow the above conventions for the PR title.
 * unless necessary, please try to **avoid pushing --force** to the published branch you submitted a PR from, as it makes it harder to review the changes from a given previous state.
 * apply format running `make lint-all`. It will run `golangci-lint` for the core and modules with the configuration set in the root directory of the project. Please be aware that the lint stage on CI could fail if this is not done.
     * For linting just the modules: `make -C modules lint-modules`

diff --git a/docs/features/tls.md b/docs/features/tls.md
@@ -12,6 +12,6 @@ The example will also create a client that will connect to the server using the
 demonstrating how to use the generated certificate to communicate with a service.
 
 <!--codeinclude-->
-[Create a self-signed certificate](../../modules/cockroachdb/certs.go) inside_block:exampleSelfSignedCert
-[Sign a self-signed certificate](../../modules/cockroachdb/certs.go) inside_block:exampleSignSelfSignedCert
+[Create a self-signed certificate](../../modules/rabbitmq/examples_test.go) inside_block:exampleSelfSignedCert
+[Sign a self-signed certificate](../../modules/rabbitmq/examples_test.go) inside_block:exampleSignSelfSignedCert
 <!--/codeinclude-->
diff --git a/docs/modules/cockroachdb.md b/docs/modules/cockroachdb.md
@@ -10,7 +10,7 @@ The Testcontainers module for CockroachDB.
 
 Please run the following command to add the CockroachDB module to your Go dependencies:
 
-```
+```shell
 go get github.com/testcontainers/testcontainers-go/modules/cockroachdb
 ```
 
@@ -54,23 +54,33 @@ E.g. `Run(context.Background(), "cockroachdb/cockroach:latest-v23.1")`.
 
 Set the database that is created & dialled with `cockroachdb.WithDatabase`.
 
-#### Password authentication
+#### User and Password
+
+You can configured the container to create a user with a password by setting `cockroachdb.WithUser` and `cockroachdb.WithPassword`.
 
-Disable insecure mode and connect with password authentication by setting `cockroachdb.WithUser` and `cockroachdb.WithPassword`.
+`cockroachdb.WithPassword` is incompatible with `cockroachdb.WithInsecure`.
 
 #### Store size
 
 Control the maximum amount of memory used for storage, by default this is 100% but can be changed by provided a valid option to `WithStoreSize`. Checkout https://www.cockroachlabs.com/docs/stable/cockroach-start#store for the full range of options available.
 
 #### TLS authentication
 
-`cockroachdb.WithTLS` lets you provide the CA certificate along with the certicate and key for the node & clients to connect with.
-Internally CockroachDB requires a client certificate for the user to connect with.
+`cockroachdb.WithInsecure` lets you disable the use of TLS on connections.
+
+`cockroachdb.WithInsecure` is incompatible with `cockroachdb.WithPassword`.
+
+#### Initialization Scripts
+
+`cockroachdb.WithInitScripts` adds the given scripts to those automatically run when the container starts.
+These will be ignored if data exists in the `/cockroach/cockroach-data` directory within the container.
 
-A helper `cockroachdb.NewTLSConfig` exists to generate all of this for you.
+`cockroachdb.WithNoClusterDefaults` disables the default cluster settings script.
 
-!!!warning
-    When TLS is enabled there's a very small, unlikely chance that the underlying driver can panic when registering the driver as part of waiting for CockroachDB to be ready to accept connections. If this is repeatedly happening please open an issue.
+Without this option Cockroach containers run `data/cluster-defaults.sql` on startup
+which configures the settings recommended by Cockroach Labs for
+[local testing clusters](https://www.cockroachlabs.com/docs/stable/local-testing)
+unless data exists in the `/cockroach/cockroach-data` directory within the container.
 
 ### Container Methods
 
@@ -87,3 +97,10 @@ Same as `ConnectionString` but any error to generate the address will raise a pa
 #### TLSConfig
 
 Returns `*tls.Config` setup to allow you to dial your client over TLS, if enabled, else this will error with `cockroachdb.ErrTLSNotEnabled`.
+
+!!!info
+    The `TLSConfig()` function is deprecated and will be removed in the next major release of _Testcontainers for Go_.
+
+#### ConnectionConfig
+
+Returns `*pgx.ConnConfig` which can be passed to `pgx.ConnectConfig` to open a new connection.
diff --git a/docs/modules/gcloud.md b/docs/modules/gcloud.md
@@ -17,7 +17,7 @@ go get github.com/testcontainers/testcontainers-go/modules/gcloud
 ## Usage example
 
 !!!info
-    By default, the all the emulators use `gcr.io/google.com/cloudsdktool/cloud-sdk:367.0.0-emulators` as the default Docker image, except for the BigQuery emulator, which uses `ghcr.io/goccy/bigquery-emulator:0.4.3`, and Spanner, which uses `gcr.io/cloud-spanner-emulator/emulator:1.4.0`.
+    By default, the all the emulators use `gcr.io/google.com/cloudsdktool/cloud-sdk:367.0.0-emulators` as the default Docker image, except for the BigQuery emulator, which uses `ghcr.io/goccy/bigquery-emulator:0.6.1`, and Spanner, which uses `gcr.io/cloud-spanner-emulator/emulator:1.4.0`.
 
 ### BigQuery
 
@@ -28,6 +28,22 @@ go get github.com/testcontainers/testcontainers-go/modules/gcloud
 
 It's important to set the `option.WithEndpoint()` option using the container's URI, as shown in the client example above.
 
+#### Data YAML (Seed File)
+
+- Not available until the next release of testcontainers-go <a href="https://github.com/testcontainers/testcontainers-go"><span class="tc-version">:material-tag: main</span></a>
+
+If you would like to do additional initialization in the BigQuery container, add a `data.yaml` file represented by an `io.Reader` to the container request with the `WithDataYAML` function.
+That file is copied after the container is created but before it's started. The startup command then used will look like `--project test --data-from-yaml /testcontainers-data.yaml`.
+
+An example of a `data.yaml` file that seeds the BigQuery instance with datasets and tables is shown below:
+
+<!--codeinclude-->
+[Data Yaml content](../../modules/gcloud/testdata/data.yaml)
+<!--/codeinclude-->
+
+!!!warning
+    This feature is only available for the `BigQuery` container, and if you pass multiple `WithDataYAML` options, an error is returned.
+
 ### BigTable
 
 <!--codeinclude-->

diff --git a/docs/modules/nats.md b/docs/modules/nats.md
@@ -75,6 +75,15 @@ These arguments are passed to the NATS server when it starts, as part of the com
 [Passing arguments](../../modules/nats/examples_test.go) inside_block:withArguments
 <!--/codeinclude-->
 
+#### Custom configuration file
+
+- Not available until the next release of testcontainers-go <a href="https://github.com/testcontainers/testcontainers-go"><span class="tc-version">:material-tag: main</span></a>
+
+It's possible to pass a custom config file to NATS container using `nats.WithConfigFile(strings.NewReader(config))`. The content of `io.Reader` is passed as a `-config /etc/nats.conf` arguments to an entrypoint. 
+
+!!! note
+    Changing the connectivity (listen address or ports) can break the container setup. So configuration must be done with care.
+
 ### Container Methods
 
 The NATS container exposes the following methods:
@@ -102,4 +111,4 @@ Exactly like `ConnectionString`, but it panics if an error occurs, returning jus
 
 <!--codeinclude-->
 [NATS Cluster](../../modules/nats/examples_test.go) inside_block:cluster
-<!--/codeinclude-->
+<!--/codeinclude-->
diff --git a/examples/nginx/go.mod b/examples/nginx/go.mod
@@ -54,9 +54,9 @@ require (
 	go.opentelemetry.io/otel v1.24.0 // indirect
 	go.opentelemetry.io/otel/metric v1.24.0 // indirect
 	go.opentelemetry.io/otel/trace v1.24.0 // indirect
-	golang.org/x/crypto v0.28.0 // indirect
+	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/net v0.26.0 // indirect
-	golang.org/x/sys v0.26.0 // indirect
+	golang.org/x/sys v0.28.0 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect

diff --git a/examples/nginx/go.sum b/examples/nginx/go.sum
@@ -131,8 +131,8 @@ go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v8
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
-golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
+golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@@ -154,14 +154,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
-golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24=
-golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M=
+golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
+golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
-golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 h1:vVKdlvoWBphwdxWKrFZEuM0kGgGLxUOYcY4U/2Vjg44=
 golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

diff --git a/examples/toxiproxy/go.mod b/examples/toxiproxy/go.mod
@@ -56,9 +56,9 @@ require (
 	go.opentelemetry.io/otel v1.24.0 // indirect
 	go.opentelemetry.io/otel/metric v1.24.0 // indirect
 	go.opentelemetry.io/otel/trace v1.24.0 // indirect
-	golang.org/x/crypto v0.28.0 // indirect
+	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/net v0.26.0 // indirect
-	golang.org/x/sys v0.26.0 // indirect
+	golang.org/x/sys v0.28.0 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect