mirror of
https://github.com/containers/youki
synced 2024-06-10 08:46:21 +02:00
WIP add readonly paths to runtimetest
This commit is contained in:
parent
78b7e942d7
commit
815c5c3922
|
@ -1293,6 +1293,10 @@ checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b"
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "runtimetest"
|
name = "runtimetest"
|
||||||
version = "0.0.1"
|
version = "0.0.1"
|
||||||
|
dependencies = [
|
||||||
|
"nix",
|
||||||
|
"oci-spec 0.5.2 (git+https://github.com/containers/oci-spec-rs?rev=54c5e386f01ab37c9305cc4a83404eb157e42440)",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "rustc_version"
|
name = "rustc_version"
|
||||||
|
|
|
@ -56,9 +56,8 @@ fn check_readonly_paths() -> TestResult {
|
||||||
];
|
];
|
||||||
|
|
||||||
let spec = get_spec(ro_paths);
|
let spec = get_spec(ro_paths);
|
||||||
test_inside_container(spec, &|bundle| {
|
test_inside_container(spec, &|bundle_path| {
|
||||||
use std::{fs, io};
|
use std::{fs, io};
|
||||||
let bundle_path = bundle.as_ref();
|
|
||||||
let test_dir = bundle_path.join(&ro_dir_sub);
|
let test_dir = bundle_path.join(&ro_dir_sub);
|
||||||
|
|
||||||
match fs::create_dir_all(&test_dir) {
|
match fs::create_dir_all(&test_dir) {
|
||||||
|
@ -108,9 +107,8 @@ fn check_readonly_rel_path() -> TestResult {
|
||||||
let ro_paths = vec![ro_rel_path.to_string()];
|
let ro_paths = vec![ro_rel_path.to_string()];
|
||||||
let spec = get_spec(ro_paths);
|
let spec = get_spec(ro_paths);
|
||||||
|
|
||||||
test_inside_container(spec, &|bundle| {
|
test_inside_container(spec, &|bundle_path| {
|
||||||
use std::{fs, io};
|
use std::{fs, io};
|
||||||
let bundle_path = bundle.as_ref();
|
|
||||||
let test_file = bundle_path.join(ro_rel_path);
|
let test_file = bundle_path.join(ro_rel_path);
|
||||||
|
|
||||||
match fs::metadata(&test_file) {
|
match fs::metadata(&test_file) {
|
||||||
|
@ -140,9 +138,8 @@ fn check_readonly_symlinks() -> TestResult {
|
||||||
|
|
||||||
let spec = get_spec(ro_paths);
|
let spec = get_spec(ro_paths);
|
||||||
|
|
||||||
test_inside_container(spec, &|bundle| {
|
test_inside_container(spec, &|bundle_path| {
|
||||||
use std::{fs, io};
|
use std::{fs, io};
|
||||||
let bundle_path = bundle.as_ref();
|
|
||||||
let test_file = bundle_path.join(ro_symlink);
|
let test_file = bundle_path.join(ro_symlink);
|
||||||
|
|
||||||
match std::os::unix::fs::symlink("../readonly_symlink", &test_file) {
|
match std::os::unix::fs::symlink("../readonly_symlink", &test_file) {
|
||||||
|
@ -185,11 +182,9 @@ fn test_node(mode: u32) -> TestResult {
|
||||||
|
|
||||||
let spec = get_spec(ro_paths);
|
let spec = get_spec(ro_paths);
|
||||||
|
|
||||||
test_inside_container(spec, &|bundle| {
|
test_inside_container(spec, &|bundle_path| {
|
||||||
use std::os::unix::fs::OpenOptionsExt;
|
use std::os::unix::fs::OpenOptionsExt;
|
||||||
use std::{fs, io};
|
use std::{fs, io};
|
||||||
|
|
||||||
let bundle_path = bundle.as_ref();
|
|
||||||
let test_file = bundle_path.join(&ro_device);
|
let test_file = bundle_path.join(&ro_device);
|
||||||
|
|
||||||
let mut opts = fs::OpenOptions::new();
|
let mut opts = fs::OpenOptions::new();
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
use super::{generate_uuid, prepare_bundle, set_config};
|
use super::{generate_uuid, prepare_bundle, set_config};
|
||||||
///! Contains utility functions for testing
|
///! Contains utility functions for testing
|
||||||
///! Similar to https://github.com/opencontainers/runtime-tools/blob/master/validation/util/test.go
|
///! Similar to https://github.com/opencontainers/runtime-tools/blob/master/validation/util/test.go
|
||||||
use super::{get_runtime_path, get_runtimetest_path, TempDir};
|
use super::{get_runtime_path, get_runtimetest_path};
|
||||||
use anyhow::{anyhow, bail, Context, Result};
|
use anyhow::{anyhow, bail, Context, Result};
|
||||||
use oci_spec::runtime::Spec;
|
use oci_spec::runtime::Spec;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
|
@ -146,13 +146,16 @@ pub fn test_outside_container(
|
||||||
// mostly needs a name that better expresses what this actually does
|
// mostly needs a name that better expresses what this actually does
|
||||||
pub fn test_inside_container(
|
pub fn test_inside_container(
|
||||||
spec: Spec,
|
spec: Spec,
|
||||||
setup_for_test: &dyn Fn(&TempDir) -> Result<()>,
|
setup_for_test: &dyn Fn(&Path) -> Result<()>,
|
||||||
) -> TestResult {
|
) -> TestResult {
|
||||||
let id = generate_uuid();
|
let id = generate_uuid();
|
||||||
let bundle = prepare_bundle(&id).unwrap();
|
let bundle = prepare_bundle(&id).unwrap();
|
||||||
|
|
||||||
// This will do the required setup for the test
|
// This will do the required setup for the test
|
||||||
test_result!(setup_for_test(&bundle));
|
test_result!(setup_for_test(
|
||||||
|
&bundle.as_ref().join("bundle").join("rootfs")
|
||||||
|
));
|
||||||
|
// std::thread::sleep_ms(50000);
|
||||||
|
|
||||||
set_config(&bundle, &spec).unwrap();
|
set_config(&bundle, &spec).unwrap();
|
||||||
// as we have to run runtimetest inside the container, and is expects
|
// as we have to run runtimetest inside the container, and is expects
|
||||||
|
|
|
@ -6,3 +6,5 @@ edition = "2021"
|
||||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
|
oci-spec = { git = "https://github.com/containers/oci-spec-rs", rev = "54c5e386f01ab37c9305cc4a83404eb157e42440" }
|
||||||
|
nix = "0.23.1"
|
|
@ -1,6 +1,6 @@
|
||||||
# Runtime test
|
# Runtime test
|
||||||
|
|
||||||
This is the binary which runs the tests inside the container process, and checks that constraints and restrictions are upheld from inside the container.
|
This is the binary which runs the tests inside the container process, and checks that constraints and restrictions are upheld from inside the container. This is supposed to be rust version of [runtimetest command](https://github.com/opencontainers/runtime-tools/tree/master/cmd/runtimetest) from runtime tools.
|
||||||
|
|
||||||
This is primarily used from the `test_inside_container` function related tests in the integration tests.
|
This is primarily used from the `test_inside_container` function related tests in the integration tests.
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,23 @@
|
||||||
fn main() {
|
mod tests;
|
||||||
println!("This is where the internal tests will go later...");
|
mod utils;
|
||||||
|
|
||||||
|
use oci_spec::runtime::Spec;
|
||||||
|
use std::path::PathBuf;
|
||||||
|
|
||||||
|
const SPEC_PATH: &'static str = "/config.json";
|
||||||
|
|
||||||
|
fn get_spec() -> Spec {
|
||||||
|
let path = PathBuf::from(SPEC_PATH);
|
||||||
|
match Spec::load(path) {
|
||||||
|
Ok(spec) => spec,
|
||||||
|
Err(e) => {
|
||||||
|
eprintln!("Error in loading spec, {:?}", e);
|
||||||
|
std::process::exit(66);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
fn main() {
|
||||||
|
let spec = get_spec();
|
||||||
|
tests::validate_readonly_paths(&spec);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue