mirror/ udica
1
1
Fork 0
mirror of https://github.com/containers/udica synced 2024-05-23 01:36:21 +02:00
Code Issues

Add unit test for --device-access 

Signed-off-by: Martin Skøtt <martin@skoett.name>
This commit is contained in:
Martin Skøtt 2022-08-11 21:50:57 +02:00 committed by Vit Mojzis
parent a2f0e4588e
commit 0d3e3194e2
2 changed files with 259 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

244
tests/test_device_access.podman.json Normal file
View File

@ -0,0 +1,244 @@
[
{
"Id": "68485406c4bbfd2b379beac7d80834a4ca94d7e74ada5019c7499afed62e1744",
"Created": "2022-08-11T20:54:51.026287311+02:00",
"Path": "/bin/bash",
"Args": [
"/bin/bash"
],
"State": {
"OciVersion": "1.0.2-dev",
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-08-11T20:54:51.116938836+02:00",
"FinishedAt": "2022-08-11T20:54:51.1327839+02:00",
"Health": {
"Status": "",
"FailingStreak": 0,
"Log": null
},
"CheckpointedAt": "0001-01-01T00:00:00Z",
"RestoredAt": "0001-01-01T00:00:00Z"
},
"Image": "2ecb6df959942dd2fdeb65606ca2e42a54f8c06af10eeb594fdfc3e2656c53d1",
"ImageName": "registry.fedoraproject.org/fedora:latest",
"Rootfs": "",
"Pod": "",
"ResolvConfPath": "/run/user/1000/overlay-containers/68485406c4bbfd2b379beac7d80834a4ca94d7e74ada5019c7499afed62e1744/userdata/resolv.conf",
"HostnamePath": "/run/user/1000/overlay-containers/68485406c4bbfd2b379beac7d80834a4ca94d7e74ada5019c7499afed62e1744/userdata/hostname",
"HostsPath": "/run/user/1000/overlay-containers/68485406c4bbfd2b379beac7d80834a4ca94d7e74ada5019c7499afed62e1744/userdata/hosts",
"StaticDir": "/home/martin/.local/share/containers/storage/overlay-containers/68485406c4bbfd2b379beac7d80834a4ca94d7e74ada5019c7499afed62e1744/userdata",
"OCIConfigPath": "/home/martin/.local/share/containers/storage/overlay-containers/68485406c4bbfd2b379beac7d80834a4ca94d7e74ada5019c7499afed62e1744/userdata/config.json",
"OCIRuntime": "crun",
"ConmonPidFile": "/run/user/1000/overlay-containers/68485406c4bbfd2b379beac7d80834a4ca94d7e74ada5019c7499afed62e1744/userdata/conmon.pid",
"PidFile": "/run/user/1000/overlay-containers/68485406c4bbfd2b379beac7d80834a4ca94d7e74ada5019c7499afed62e1744/userdata/pidfile",
"Name": "charming_khorana",
"RestartCount": 0,
"Driver": "overlay",
"MountLabel": "system_u:object_r:container_file_t:s0:c8,c574",
"ProcessLabel": "system_u:system_r:container_t:s0:c8,c574",
"AppArmorProfile": "",
"EffectiveCaps": [
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FOWNER",
"CAP_FSETID",
"CAP_KILL",
"CAP_NET_BIND_SERVICE",
"CAP_SETFCAP",
"CAP_SETGID",
"CAP_SETPCAP",
"CAP_SETUID",
"CAP_SYS_CHROOT"
],
"BoundingCaps": [
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FOWNER",
"CAP_FSETID",
"CAP_KILL",
"CAP_NET_BIND_SERVICE",
"CAP_SETFCAP",
"CAP_SETGID",
"CAP_SETPCAP",
"CAP_SETUID",
"CAP_SYS_CHROOT"
],
"ExecIDs": [],
"GraphDriver": {
"Name": "overlay",
"Data": {
"LowerDir": "/home/martin/.local/share/containers/storage/overlay/1da06ca5080c2ce2499e2f9802259209c7dd85c92d64852c3165425cdc18c443/diff",
"UpperDir": "/home/martin/.local/share/containers/storage/overlay/98294044df8fadc428b8a41befc0c83d574601b56076c62ce7fa93df6c48f8dc/diff",
"WorkDir": "/home/martin/.local/share/containers/storage/overlay/98294044df8fadc428b8a41befc0c83d574601b56076c62ce7fa93df6c48f8dc/work"
}
},
"Mounts": [],
"Dependencies": [],
"NetworkSettings": {
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"Bridge": "",
"SandboxID": "",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": ""
},
"Namespace": "",
"IsInfra": false,
"Config": {
"Hostname": "68485406c4bb",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"FGC=f36",
"DISTTAG=f36container",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"TERM=xterm",
"container=oci",
"HOME=/root",
"HOSTNAME=68485406c4bb"
],
"Cmd": [
"/bin/bash"
],
"Image": "registry.fedoraproject.org/fedora:latest",
"Volumes": null,
"WorkingDir": "/",
"Entrypoint": "",
"OnBuild": null,
"Labels": {
"license": "MIT",
"name": "fedora",
"vendor": "Fedora Project",
"version": "36"
},
"Annotations": {
"io.container.manager": "libpod",
"io.kubernetes.cri-o.Created": "2022-08-11T20:54:51.026287311+02:00",
"io.kubernetes.cri-o.TTY": "false",
"io.podman.annotations.autoremove": "FALSE",
"io.podman.annotations.init": "FALSE",
"io.podman.annotations.privileged": "FALSE",
"io.podman.annotations.publish-all": "FALSE",
"org.opencontainers.image.stopSignal": "15"
},
"StopSignal": 15,
"CreateCommand": [
"podman",
"run",
"--device",
"/dev/fb0",
"fedora"
],
"Umask": "0022",
"Timeout": 0,
"StopTimeout": 10,
"Passwd": true
},
"HostConfig": {
"Binds": [],
"CgroupManager": "systemd",
"CgroupMode": "private",
"ContainerIDFile": "",
"LogConfig": {
"Type": "journald",
"Config": null,
"Path": "",
"Tag": "",
"Size": "0B"
},
"NetworkMode": "slirp4netns",
"PortBindings": {},
"RestartPolicy": {
"Name": "",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": [],
"CapDrop": [
"CAP_AUDIT_WRITE",
"CAP_MKNOD",
"CAP_NET_RAW"
],
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": [],
"GroupAdd": [],
"IpcMode": "shareable",
"Cgroup": "",
"Cgroups": "default",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "private",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": [],
"Tmpfs": {},
"UTSMode": "private",
"UsernsMode": "",
"ShmSize": 65536000,
"Runtime": "oci",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "user.slice",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": 0,
"OomKillDisable": false,
"PidsLimit": 2048,
"Ulimits": [],
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"CgroupConf": null
}
}
]

15
tests/test_main.py
View File

@ -354,6 +354,21 @@ class TestBase(unittest.TestCase):
self.assert_templates(output, ["base_container"])
self.assert_policy(test_file("test_devices.podman.cil"))
def test_device_access_podman(self):
"""podman run --device /dev/fb0 fedora"""
output = self.run_udica(
[
"udica",
"-j",
"tests/test_devices.podman.json",
"--device-access",
"/dev/fd0",
"my_container",
]
)
self.assert_templates(output, ["base_container"])
self.assert_policy(test_file("test_devices.podman.cil"))
def run_udica(self, args):
with patch("sys.argv", args):
with patch("sys.stderr.write") as mock_err, patch(