move dependencies to vendor

vendor/github.com/docker/machine/utils/b2d.go

@@ -0,0 +1,238 @@
+package utils
+
+import (
+	//"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"net/url"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/docker/machine/log"
+)
+
+const (
+	timeout = time.Second * 5
+)
+
+func defaultTimeout(network, addr string) (net.Conn, error) {
+	return net.DialTimeout(network, addr, timeout)
+}
+
+func getClient() *http.Client {
+	transport := http.Transport{
+		DisableKeepAlives: true,
+		Proxy:             http.ProxyFromEnvironment,
+		Dial:              defaultTimeout,
+	}
+
+	client := http.Client{
+		Transport: &transport,
+	}
+
+	return &client
+}
+
+type B2dUtils struct {
+	isoFilename      string
+	commonIsoPath    string
+	imgCachePath     string
+	githubApiBaseUrl string
+	githubBaseUrl    string
+}
+
+func NewB2dUtils(githubApiBaseUrl, githubBaseUrl, isoFilename string) *B2dUtils {
+	defaultBaseApiUrl := "https://api.github.com"
+	defaultBaseUrl := "https://github.com"
+	imgCachePath := GetMachineCacheDir()
+
+	if githubApiBaseUrl == "" {
+		githubApiBaseUrl = defaultBaseApiUrl
+	}
+
+	if githubBaseUrl == "" {
+		githubBaseUrl = defaultBaseUrl
+	}
+
+	return &B2dUtils{
+		isoFilename:      isoFilename,
+		imgCachePath:     GetMachineCacheDir(),
+		commonIsoPath:    filepath.Join(imgCachePath, isoFilename),
+		githubApiBaseUrl: githubApiBaseUrl,
+		githubBaseUrl:    githubBaseUrl,
+	}
+}
+
+// Get the latest boot2docker release tag name (e.g. "v0.6.0").
+// FIXME: find or create some other way to get the "latest release" of boot2docker since the GitHub API has a pretty low rate limit on API requests
+func (b *B2dUtils) GetLatestBoot2DockerReleaseURL() (string, error) {
+	//client := getClient()
+	//apiUrl := fmt.Sprintf("%s/repos/boot2docker/boot2docker/releases", b.githubApiBaseUrl)
+	//rsp, err := client.Get(apiUrl)
+	//if err != nil {
+	//	return "", err
+	//}
+	//defer rsp.Body.Close()
+
+	//var t []struct {
+	//	TagName    string `json:"tag_name"`
+	//	PreRelease bool   `json:"prerelease"`
+	//}
+	//if err := json.NewDecoder(rsp.Body).Decode(&t); err != nil {
+	//	return "", fmt.Errorf("Error demarshaling the Github API response: %s\nYou may be getting rate limited by Github.", err)
+	//}
+	//if len(t) == 0 {
+	//	return "", fmt.Errorf("no releases found")
+	//}
+
+	//// find the latest "released" release (i.e. not pre-release)
+	//isoUrl := ""
+	//for _, r := range t {
+	//	if !r.PreRelease {
+	//		tag := r.TagName
+	//		isoUrl = fmt.Sprintf("%s/boot2docker/boot2docker/releases/download/%s/boot2docker.iso", b.githubBaseUrl, tag)
+	//		break
+	//	}
+	//}
+	//return isoUrl, nil
+
+	// TODO: once we decide on the final versioning and location we will
+	// enable the above "check for latest"
+	u := fmt.Sprintf("https://s3.amazonaws.com/docker-mcn/public/b2d-next/%s", b.isoFilename)
+	return u, nil
+
+}
+
+func removeFileIfExists(name string) error {
+	if _, err := os.Stat(name); err == nil {
+		if err := os.Remove(name); err != nil {
+			log.Fatalf("Error removing temporary download file: %s", err)
+		}
+	}
+	return nil
+}
+
+// Download boot2docker ISO image for the given tag and save it at dest.
+func (b *B2dUtils) DownloadISO(dir, file, isoUrl string) error {
+	u, err := url.Parse(isoUrl)
+	var src io.ReadCloser
+	if u.Scheme == "file" || u.Scheme == "" {
+		s, err := os.Open(u.Path)
+		if err != nil {
+			return err
+		}
+		src = s
+	} else {
+		client := getClient()
+		s, err := client.Get(isoUrl)
+		if err != nil {
+			return err
+		}
+		src = s.Body
+	}
+
+	defer src.Close()
+
+	// Download to a temp file first then rename it to avoid partial download.
+	f, err := ioutil.TempFile(dir, file+".tmp")
+	if err != nil {
+		return err
+	}
+
+	defer func() {
+		if err := removeFileIfExists(f.Name()); err != nil {
+			log.Fatalf("Error removing file: %s", err)
+		}
+	}()
+
+	if _, err := io.Copy(f, src); err != nil {
+		// TODO: display download progress?
+		return err
+	}
+
+	if err := f.Close(); err != nil {
+		return err
+	}
+
+	// Dest is the final path of the boot2docker.iso file.
+	dest := filepath.Join(dir, file)
+
+	// Windows can't rename in place, so remove the old file before
+	// renaming the temporary downloaded file.
+	if err := removeFileIfExists(dest); err != nil {
+		return err
+	}
+
+	if err := os.Rename(f.Name(), dest); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (b *B2dUtils) DownloadLatestBoot2Docker() error {
+	latestReleaseUrl, err := b.GetLatestBoot2DockerReleaseURL()
+	if err != nil {
+		return err
+	}
+
+	return b.DownloadISOFromURL(latestReleaseUrl)
+}
+
+func (b *B2dUtils) DownloadISOFromURL(latestReleaseUrl string) error {
+	log.Infof("Downloading %s to %s...", latestReleaseUrl, b.commonIsoPath)
+	if err := b.DownloadISO(b.imgCachePath, b.isoFilename, latestReleaseUrl); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (b *B2dUtils) CopyIsoToMachineDir(isoURL, machineName string) error {
+	machinesDir := GetMachineDir()
+	machineIsoPath := filepath.Join(machinesDir, machineName, b.isoFilename)
+
+	// just in case the cache dir has been manually deleted,
+	// check for it and recreate it if it's gone
+	if _, err := os.Stat(b.imgCachePath); os.IsNotExist(err) {
+		log.Infof("Image cache does not exist, creating it at %s...", b.imgCachePath)
+		if err := os.Mkdir(b.imgCachePath, 0700); err != nil {
+			return err
+		}
+	}
+
+	// By default just copy the existing "cached" iso to
+	// the machine's directory...
+	if isoURL == "" {
+		if err := b.copyDefaultIsoToMachine(machineIsoPath); err != nil {
+			return err
+		}
+	} else {
+		// But if ISO is specified go get it directly
+		log.Infof("Downloading %s from %s...", b.isoFilename, isoURL)
+		if err := b.DownloadISO(filepath.Join(machinesDir, machineName), b.isoFilename, isoURL); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (b *B2dUtils) copyDefaultIsoToMachine(machineIsoPath string) error {
+	if _, err := os.Stat(b.commonIsoPath); os.IsNotExist(err) {
+		log.Info("No default boot2docker iso found locally, downloading the latest release...")
+		if err := b.DownloadLatestBoot2Docker(); err != nil {
+			return err
+		}
+	}
+
+	if err := CopyFile(b.commonIsoPath, machineIsoPath); err != nil {
+		return err
+	}
+
+	return nil
+}

vendor/github.com/docker/machine/utils/b2d_test.go

@@ -0,0 +1,63 @@
+package utils
+
+import (
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"path/filepath"
+	"testing"
+)
+
+func TestGetLatestBoot2DockerReleaseUrl(t *testing.T) {
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		respText := `[{"tag_name": "0.2", "prerelease": true, "tag_name": "0.1", "prerelease": false}]`
+		w.Write([]byte(respText))
+	}))
+	defer ts.Close()
+
+	b := NewB2dUtils(ts.URL, ts.URL, "virtualbox")
+	isoUrl, err := b.GetLatestBoot2DockerReleaseURL()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// TODO: update to release URL once we get the releases worked
+	// out for b2d-ng
+	//expectedUrl := fmt.Sprintf("%s/boot2docker/boot2docker/releases/download/0.1/boot2docker.iso", ts.URL)
+	//if isoUrl != expectedUrl {
+	//	t.Fatalf("expected url %s; received %s", isoUrl)
+	//}
+
+	if isoUrl == "" {
+		t.Fatalf("expected a url for the iso")
+	}
+}
+
+func TestDownloadIso(t *testing.T) {
+	testData := "test-download"
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Write([]byte(testData))
+	}))
+	defer ts.Close()
+
+	filename := "test"
+
+	tmpDir, err := ioutil.TempDir("", "machine-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	b := NewB2dUtils(ts.URL, ts.URL, "")
+	if err := b.DownloadISO(tmpDir, filename, ts.URL); err != nil {
+		t.Fatal(err)
+	}
+
+	data, err := ioutil.ReadFile(filepath.Join(tmpDir, filename))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if string(data) != testData {
+		t.Fatalf("expected data \"%s\"; received \"%s\"", testData, string(data))
+	}
+}

vendor/github.com/docker/machine/utils/certs.go

@@ -0,0 +1,202 @@
+package utils
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/tls"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/pem"
+	"io/ioutil"
+	"math/big"
+	"net"
+	"os"
+	"time"
+)
+
+func getTLSConfig(caCert, cert, key []byte, allowInsecure bool) (*tls.Config, error) {
+	// TLS config
+	var tlsConfig tls.Config
+	tlsConfig.InsecureSkipVerify = allowInsecure
+	certPool := x509.NewCertPool()
+
+	certPool.AppendCertsFromPEM(caCert)
+	tlsConfig.RootCAs = certPool
+	keypair, err := tls.X509KeyPair(cert, key)
+	if err != nil {
+		return &tlsConfig, err
+	}
+	tlsConfig.Certificates = []tls.Certificate{keypair}
+	if allowInsecure {
+		tlsConfig.InsecureSkipVerify = true
+	}
+
+	return &tlsConfig, nil
+}
+
+func newCertificate(org string) (*x509.Certificate, error) {
+	now := time.Now()
+	// need to set notBefore slightly in the past to account for time
+	// skew in the VMs otherwise the certs sometimes are not yet valid
+	notBefore := time.Date(now.Year(), now.Month(), now.Day(), now.Hour(), now.Minute()-5, 0, 0, time.Local)
+	notAfter := notBefore.Add(time.Hour * 24 * 1080)
+
+	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
+	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
+	if err != nil {
+		return nil, err
+	}
+
+	return &x509.Certificate{
+		SerialNumber: serialNumber,
+		Subject: pkix.Name{
+			Organization: []string{org},
+		},
+		NotBefore: notBefore,
+		NotAfter:  notAfter,
+
+		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageKeyAgreement,
+		BasicConstraintsValid: true,
+	}, nil
+
+}
+
+// GenerateCACertificate generates a new certificate authority from the specified org
+// and bit size and stores the resulting certificate and key file
+// in the arguments.
+func GenerateCACertificate(certFile, keyFile, org string, bits int) error {
+	template, err := newCertificate(org)
+	if err != nil {
+		return err
+	}
+
+	template.IsCA = true
+	template.KeyUsage |= x509.KeyUsageCertSign
+	template.KeyUsage |= x509.KeyUsageKeyEncipherment
+	template.KeyUsage |= x509.KeyUsageKeyAgreement
+
+	priv, err := rsa.GenerateKey(rand.Reader, bits)
+	if err != nil {
+		return err
+	}
+
+	derBytes, err := x509.CreateCertificate(rand.Reader, template, template, &priv.PublicKey, priv)
+	if err != nil {
+		return err
+	}
+
+	certOut, err := os.Create(certFile)
+	if err != nil {
+		return err
+	}
+
+	pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
+	certOut.Close()
+
+	keyOut, err := os.OpenFile(keyFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return err
+
+	}
+
+	pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
+	keyOut.Close()
+
+	return nil
+}
+
+// GenerateCert generates a new certificate signed using the provided
+// certificate authority files and stores the result in the certificate
+// file and key provided.  The provided host names are set to the
+// appropriate certificate fields.
+func GenerateCert(hosts []string, certFile, keyFile, caFile, caKeyFile, org string, bits int) error {
+	template, err := newCertificate(org)
+	if err != nil {
+		return err
+	}
+	// client
+	if len(hosts) == 1 && hosts[0] == "" {
+		template.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}
+		template.KeyUsage = x509.KeyUsageDigitalSignature
+	} else { // server
+		template.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}
+		for _, h := range hosts {
+			if ip := net.ParseIP(h); ip != nil {
+				template.IPAddresses = append(template.IPAddresses, ip)
+			} else {
+				template.DNSNames = append(template.DNSNames, h)
+			}
+		}
+	}
+
+	tlsCert, err := tls.LoadX509KeyPair(caFile, caKeyFile)
+	if err != nil {
+		return err
+	}
+
+	priv, err := rsa.GenerateKey(rand.Reader, bits)
+	if err != nil {
+		return err
+	}
+
+	x509Cert, err := x509.ParseCertificate(tlsCert.Certificate[0])
+	if err != nil {
+		return err
+	}
+
+	derBytes, err := x509.CreateCertificate(rand.Reader, template, x509Cert, &priv.PublicKey, tlsCert.PrivateKey)
+	if err != nil {
+		return err
+	}
+
+	certOut, err := os.Create(certFile)
+	if err != nil {
+		return err
+	}
+
+	pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
+	certOut.Close()
+
+	keyOut, err := os.OpenFile(keyFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return err
+	}
+
+	pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
+	keyOut.Close()
+
+	return nil
+}
+
+func ValidateCertificate(addr, caCertPath, serverCertPath, serverKeyPath string) (bool, error) {
+	caCert, err := ioutil.ReadFile(caCertPath)
+	if err != nil {
+		return false, err
+	}
+
+	serverCert, err := ioutil.ReadFile(serverCertPath)
+	if err != nil {
+		return false, err
+	}
+
+	serverKey, err := ioutil.ReadFile(serverKeyPath)
+	if err != nil {
+		return false, err
+	}
+
+	tlsConfig, err := getTLSConfig(caCert, serverCert, serverKey, false)
+	if err != nil {
+		return false, err
+	}
+
+	dialer := &net.Dialer{
+		Timeout: time.Second * 2,
+	}
+
+	_, err = tls.DialWithDialer(dialer, "tcp", addr, tlsConfig)
+	if err != nil {
+		return false, nil
+	}
+
+	return true, nil
+}

vendor/github.com/docker/machine/utils/certs_test.go

@@ -0,0 +1,74 @@
+package utils
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+func TestGenerateCACertificate(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "machine-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	// cleanup
+	defer os.RemoveAll(tmpDir)
+
+	os.Setenv("MACHINE_DIR", tmpDir)
+	caCertPath := filepath.Join(tmpDir, "ca.pem")
+	caKeyPath := filepath.Join(tmpDir, "key.pem")
+	testOrg := "test-org"
+	bits := 2048
+	if err := GenerateCACertificate(caCertPath, caKeyPath, testOrg, bits); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := os.Stat(caCertPath); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := os.Stat(caKeyPath); err != nil {
+		t.Fatal(err)
+	}
+	os.Setenv("MACHINE_DIR", "")
+}
+
+func TestGenerateCert(t *testing.T) {
+	tmpDir, err := ioutil.TempDir("", "machine-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	// cleanup
+	defer os.RemoveAll(tmpDir)
+
+	os.Setenv("MACHINE_DIR", tmpDir)
+	caCertPath := filepath.Join(tmpDir, "ca.pem")
+	caKeyPath := filepath.Join(tmpDir, "key.pem")
+	certPath := filepath.Join(tmpDir, "cert.pem")
+	keyPath := filepath.Join(tmpDir, "cert-key.pem")
+	testOrg := "test-org"
+	bits := 2048
+	if err := GenerateCACertificate(caCertPath, caKeyPath, testOrg, bits); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := os.Stat(caCertPath); err != nil {
+		t.Fatal(err)
+	}
+	if _, err := os.Stat(caKeyPath); err != nil {
+		t.Fatal(err)
+	}
+	os.Setenv("MACHINE_DIR", "")
+
+	if err := GenerateCert([]string{}, certPath, keyPath, caCertPath, caKeyPath, testOrg, bits); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := os.Stat(certPath); err != nil {
+		t.Fatalf("certificate not created at %s", certPath)
+	}
+
+	if _, err := os.Stat(keyPath); err != nil {
+		t.Fatalf("key not created at %s", keyPath)
+	}
+}

vendor/github.com/docker/machine/utils/utils.go

@@ -0,0 +1,170 @@
+package utils
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strconv"
+	"time"
+
+	"github.com/docker/machine/log"
+)
+
+func GetHomeDir() string {
+	if runtime.GOOS == "windows" {
+		return os.Getenv("USERPROFILE")
+	}
+	return os.Getenv("HOME")
+}
+
+func GetBaseDir() string {
+	baseDir := os.Getenv("MACHINE_STORAGE_PATH")
+	if baseDir == "" {
+		baseDir = filepath.Join(GetHomeDir(), ".docker", "machine")
+	}
+	return baseDir
+}
+
+func GetDockerDir() string {
+	return filepath.Join(GetHomeDir(), ".docker")
+}
+
+func GetMachineDir() string {
+	return filepath.Join(GetBaseDir(), "machines")
+}
+
+func GetMachineCertDir() string {
+	return filepath.Join(GetBaseDir(), "certs")
+}
+
+func GetMachineCacheDir() string {
+	return filepath.Join(GetBaseDir(), "cache")
+}
+
+func GetUsername() string {
+	u := "unknown"
+	osUser := ""
+
+	switch runtime.GOOS {
+	case "darwin", "linux":
+		osUser = os.Getenv("USER")
+	case "windows":
+		osUser = os.Getenv("USERNAME")
+	}
+
+	if osUser != "" {
+		u = osUser
+	}
+
+	return u
+}
+
+func CopyFile(src, dst string) error {
+	in, err := os.Open(src)
+	if err != nil {
+		return err
+	}
+
+	defer in.Close()
+
+	out, err := os.Create(dst)
+	if err != nil {
+		return err
+	}
+
+	if _, err = io.Copy(out, in); err != nil {
+		return err
+	}
+
+	fi, err := os.Stat(src)
+	if err != nil {
+		return err
+	}
+
+	if err := os.Chmod(dst, fi.Mode()); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func WaitForSpecificOrError(f func() (bool, error), maxAttempts int, waitInterval time.Duration) error {
+	for i := 0; i < maxAttempts; i++ {
+		stop, err := f()
+		if err != nil {
+			return err
+		}
+		if stop {
+			return nil
+		}
+		time.Sleep(waitInterval)
+	}
+	return fmt.Errorf("Maximum number of retries (%d) exceeded", maxAttempts)
+}
+
+func WaitForSpecific(f func() bool, maxAttempts int, waitInterval time.Duration) error {
+	return WaitForSpecificOrError(func() (bool, error) {
+		return f(), nil
+	}, maxAttempts, waitInterval)
+}
+
+func WaitFor(f func() bool) error {
+	return WaitForSpecific(f, 60, 3*time.Second)
+}
+
+func WaitForDocker(ip string, daemonPort int) error {
+	return WaitFor(func() bool {
+		conn, err := net.Dial("tcp", fmt.Sprintf("%s:%d", ip, daemonPort))
+		if err != nil {
+			log.Debugf("Daemon not responding yet: %s", err)
+			return false
+		}
+		conn.Close()
+		return true
+	})
+}
+
+func DumpVal(vals ...interface{}) {
+	for _, val := range vals {
+		prettyJSON, err := json.MarshalIndent(val, "", "    ")
+		if err != nil {
+			log.Fatal(err)
+		}
+		log.Debug(string(prettyJSON))
+	}
+}
+
+// Following two functions are from github.com/docker/docker/utils module. It
+// was way overkill to include the whole module, so we just have these bits
+// that we're using here.
+func TruncateID(id string) string {
+	shortLen := 12
+	if len(id) < shortLen {
+		shortLen = len(id)
+	}
+	return id[:shortLen]
+}
+
+// GenerateRandomID returns an unique id
+func GenerateRandomID() string {
+	for {
+		id := make([]byte, 32)
+		if _, err := io.ReadFull(rand.Reader, id); err != nil {
+			panic(err) // This shouldn't happen
+		}
+		value := hex.EncodeToString(id)
+		// if we try to parse the truncated for as an int and we don't have
+		// an error then the value is all numberic and causes issues when
+		// used as a hostname. ref #3869
+		if _, err := strconv.ParseInt(TruncateID(value), 10, 64); err == nil {
+			continue
+		}
+		return value
+	}
+}

vendor/github.com/docker/machine/utils/utils_test.go

@@ -0,0 +1,139 @@
+package utils
+
+import (
+	"io/ioutil"
+	"os"
+	"path"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"testing"
+)
+
+func TestGetBaseDir(t *testing.T) {
+	// reset any override env var
+	homeDir := GetHomeDir()
+	baseDir := GetBaseDir()
+
+	if strings.Index(baseDir, homeDir) != 0 {
+		t.Fatalf("expected base dir with prefix %s; received %s", homeDir, baseDir)
+	}
+}
+
+func TestGetCustomBaseDir(t *testing.T) {
+	root := "/tmp"
+	os.Setenv("MACHINE_STORAGE_PATH", root)
+	baseDir := GetBaseDir()
+
+	if strings.Index(baseDir, root) != 0 {
+		t.Fatalf("expected base dir with prefix %s; received %s", root, baseDir)
+	}
+	os.Setenv("MACHINE_STORAGE_PATH", "")
+}
+
+func TestGetDockerDir(t *testing.T) {
+	homeDir := GetHomeDir()
+	baseDir := GetBaseDir()
+
+	if strings.Index(baseDir, homeDir) != 0 {
+		t.Fatalf("expected base dir with prefix %s; received %s", homeDir, baseDir)
+	}
+}
+
+func TestGetMachineDir(t *testing.T) {
+	root := "/tmp"
+	os.Setenv("MACHINE_STORAGE_PATH", root)
+	machineDir := GetMachineDir()
+
+	if strings.Index(machineDir, root) != 0 {
+		t.Fatalf("expected machine dir with prefix %s; received %s", root, machineDir)
+	}
+
+	path, filename := path.Split(machineDir)
+	if strings.Index(path, root) != 0 {
+		t.Fatalf("expected base path of %s; received %s", root, path)
+	}
+	if filename != "machines" {
+		t.Fatalf("expected machine dir \"machines\"; received %s", filename)
+	}
+	os.Setenv("MACHINE_STORAGE_PATH", "")
+}
+
+func TestGetMachineCertDir(t *testing.T) {
+	root := "/tmp"
+	os.Setenv("MACHINE_STORAGE_PATH", root)
+	clientDir := GetMachineCertDir()
+
+	if strings.Index(clientDir, root) != 0 {
+		t.Fatalf("expected machine client cert dir with prefix %s; received %s", root, clientDir)
+	}
+
+	path, filename := path.Split(clientDir)
+	if strings.Index(path, root) != 0 {
+		t.Fatalf("expected base path of %s; received %s", root, path)
+	}
+	if filename != "certs" {
+		t.Fatalf("expected machine client dir \"certs\"; received %s", filename)
+	}
+	os.Setenv("MACHINE_STORAGE_PATH", "")
+}
+
+func TestCopyFile(t *testing.T) {
+	testStr := "test-machine"
+
+	srcFile, err := ioutil.TempFile("", "machine-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+	srcFi, err := srcFile.Stat()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	srcFile.Write([]byte(testStr))
+	srcFile.Close()
+
+	srcFilePath := filepath.Join(os.TempDir(), srcFi.Name())
+
+	destFile, err := ioutil.TempFile("", "machine-copy-test-")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	destFi, err := destFile.Stat()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	destFile.Close()
+
+	destFilePath := filepath.Join(os.TempDir(), destFi.Name())
+
+	if err := CopyFile(srcFilePath, destFilePath); err != nil {
+		t.Fatal(err)
+	}
+
+	data, err := ioutil.ReadFile(destFilePath)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if string(data) != testStr {
+		t.Fatalf("expected data \"%s\"; received \"%\"", testStr, string(data))
+	}
+}
+
+func TestGetUsername(t *testing.T) {
+	currentUser := "unknown"
+	switch runtime.GOOS {
+	case "darwin", "linux":
+		currentUser = os.Getenv("USER")
+	case "windows":
+		currentUser = os.Getenv("USERNAME")
+	}
+
+	username := GetUsername()
+	if username != currentUser {
+		t.Fatalf("expected username %s; received %s", currentUser, username)
+	}
+}