test(integration_test): port 'runtime-tools/validation/linux_sysctl'

Signed-off-by: Xiaoyang Liu <siujoeng.lau@gmail.com>
2024-05-22 07:26:07 +02:00 · 2023-11-12 18:58:40 -08:00 · 2023-11-12 18:58:40 -08:00 · dac5f3042b
parent 7b5e8f238e
commit dac5f3042b
5 changed files with 72 additions and 1 deletions
--- a/tests/integration_test/src/main.rs
+++ b/tests/integration_test/src/main.rs
@ -11,6 +11,7 @@ use crate::tests::mounts_recursive::get_mounts_recursive_test;
 use crate::tests::pidfile::get_pidfile_test;
 use crate::tests::readonly_paths::get_ro_paths_test;
 use crate::tests::seccomp_notify::get_seccomp_notify_test;
+use crate::tests::sysctl::get_sysctl_test;
 use crate::tests::tlb::get_tlb_test;
 use crate::utils::support::{set_runtime_path, set_runtimetest_path};
 use anyhow::{Context, Result};
@ -99,6 +100,7 @@ fn main() -> Result<()> {
    let hostname = get_hostname_test();
    let mounts_recursive = get_mounts_recursive_test();
    let intel_rdt = get_intel_rdt_test();
+    let sysctl = get_sysctl_test();

    tm.add_test_group(Box::new(cl));
    tm.add_test_group(Box::new(cc));
@ -117,6 +119,7 @@ fn main() -> Result<()> {
    tm.add_test_group(Box::new(hostname));
    tm.add_test_group(Box::new(mounts_recursive));
    tm.add_test_group(Box::new(intel_rdt));
+    tm.add_test_group(Box::new(sysctl));

    tm.add_cleanup(Box::new(cgroups::cleanup_v1));
    tm.add_cleanup(Box::new(cgroups::cleanup_v2));
--- a/tests/integration_test/src/tests/mod.rs
+++ b/tests/integration_test/src/tests/mod.rs
@ -9,4 +9,5 @@ pub mod mounts_recursive;
 pub mod pidfile;
 pub mod readonly_paths;
 pub mod seccomp_notify;
+pub mod sysctl;
 pub mod tlb;
--- a/tests/integration_test/src/tests/sysctl/mod.rs
+++ b/tests/integration_test/src/tests/sysctl/mod.rs
@ -0,0 +1,44 @@
+use std::collections::HashMap;
+
+use oci_spec::runtime::{LinuxBuilder, ProcessBuilder, Spec, SpecBuilder};
+use test_framework::{Test, TestGroup, TestResult};
+
+use crate::utils::test_inside_container;
+
+fn create_spec(sysctl: HashMap<String, String>) -> Spec {
+    SpecBuilder::default()
+        .linux(
+            LinuxBuilder::default()
+                .sysctl(sysctl)
+                .build()
+                .expect("error in building linux config"),
+        )
+        .process(
+            ProcessBuilder::default()
+                .args(vec!["runtimetest".to_string(), "sysctl".to_string()])
+                .build()
+                .expect("error in creating process config"),
+        )
+        .build()
+        .unwrap()
+}
+
+fn sysctl_test() -> TestResult {
+    let spec = create_spec(HashMap::from([(
+        "net.ipv4.ip_forward".to_string(),
+        "1".to_string(),
+    )]));
+    test_inside_container(spec, &|_| {
+        // As long as the container is created, we expect the kernel parameters to be determined by
+        // the spec, so nothing to prepare prior.
+        Ok(())
+    })
+}
+
+pub fn get_sysctl_test() -> TestGroup {
+    let mut test_group = TestGroup::new("sysctl");
+    let sysctl_test = Test::new("sysctl_test", Box::new(sysctl_test));
+    test_group.add(vec![Box::new(sysctl_test)]);
+
+    test_group
+}
--- a/tests/runtimetest/src/main.rs
+++ b/tests/runtimetest/src/main.rs
@ -33,6 +33,7 @@ fn main() {
        "readonly_paths" => tests::validate_readonly_paths(&spec),
        "set_host_name" => tests::validate_hostname(&spec),
        "mounts_recursive" => tests::validate_mounts_recursive(&spec),
+        "sysctl" => tests::validate_sysctl(&spec),
        _ => eprintln!("error due to unexpected execute test name: {execute_test}"),
    }
 }
--- a/tests/runtimetest/src/tests.rs
+++ b/tests/runtimetest/src/tests.rs
@ -2,7 +2,7 @@ use crate::utils::{self, test_read_access, test_write_access};
 use anyhow::{bail, Result};
 use nix::errno::Errno;
 use oci_spec::runtime::Spec;
-use std::fs::read_dir;
+use std::fs::{self, read_dir};
 use std::path::Path;

 ////////// ANCHOR: example_hello_world
@ -267,3 +267,25 @@ pub fn validate_mounts_recursive(spec: &Spec) {
        }
    }
 }
+
+pub fn validate_sysctl(spec: &Spec) {
+    let linux = spec.linux().as_ref().unwrap();
+    if let Some(expected_linux_sysctl) = linux.sysctl() {
+        for (key, expected_value) in expected_linux_sysctl {
+            let key_path = Path::new("/proc/sys").join(key.replace('.', "/"));
+            let actual_value = match fs::read(&key_path) {
+                Ok(actual_value_bytes) => String::from_utf8_lossy(&actual_value_bytes)
+                    .trim()
+                    .to_string(),
+                Err(e) => {
+                    return eprintln!("error due to fail to read the file {key_path:?}, error: {e}")
+                }
+            };
+            if &actual_value != expected_value {
+                eprintln!(
+                    "Unexpected kernel parameter, expected: {expected_value} found: {actual_value}"
+                );
+            }
+        }
+    }
+}