projectatomic/atomic
1
0
Fork 0
mirror of https://github.com/projectatomic/atomic.git synced 2026-02-05 18:45:01 +01:00
Code Issues Releases Activity

tests: add tests for RPM generation of system containers

Browse Source 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #949
Approved by: baude
This commit is contained in:
Giuseppe Scrivano
2017-03-23 16:16:13 +01:00
committed by Atomic Bot
parent eee8824bdf
commit 2d59ef8399
12 changed files with 320 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.redhat-ci.yml
View File

@@ -62,3 +62,4 @@ context: fedora/25/cloud
packages:
- atomic
- python3-coverage
- rpm-build

7
test.sh
View File

@@ -100,11 +100,16 @@ make_docker_images () {
cp ./tests/test-images/show-hostname.sh ${WORK_DIR}
fi
# Copy install.sh into atomic-test-system
# Copy needed files into atomic-test-system
if [[ ${iname} = "atomic-test-system" ]]; then
cp ./tests/test-images/system-container-files/* ${WORK_DIR}
fi
# Copy needed files atomic-test-system-hostfs
if [[ ${iname} = "atomic-test-system-hostfs" ]]; then
cp ./tests/test-images/system-container-files-hostfs/* ${WORK_DIR}
fi
# Remove the old image... Though there may not be one.
set +e
${DOCKER} rmi ${iname} &>> ${LOG}

92
tests/integration/test_system_containers_rpm.sh Executable file
View File

@@ -0,0 +1,92 @@
#!/bin/bash -x
set -euo pipefail
IFS=$'\n\t'
assert_not_reached() {
echo $@ 1>&2
exit 1
}
assert_not_matches() {
if grep -q -e $@; then
sed -e s',^,| ,' < $2
assert_not_reached "Matched: " $@
fi
}
assert_matches() {
if ! grep -q -e $@; then
sed -e s',^,| ,' < $2
assert_not_reached "Failed to match: " $@
fi
}
assert_equal() {
if ! test $1 = $2; then
assert_not_reached "Failed: not equal " $1 $2
fi
}
OUTPUT=$(/bin/true)
PYTHON=${PYTHON:-/usr/bin/python}
# Skip the test if OSTree, runc, rpmbuild are not installed, or atomic has not --install --system
ostree --version &>/dev/null || exit 77
runc --version &>/dev/null || exit 77
rpmbuild --version &>/dev/null || exit 77
${ATOMIC} install --help 2>&1 > help.out
grep -q -- --system help.out || exit 77
export ATOMIC_OSTREE_REPO=${WORK_DIR}/repo
export ATOMIC_OSTREE_CHECKOUT_PATH=${WORK_DIR}/checkout
${ATOMIC} pull --storage ostree docker:atomic-test-system-hostfs:latest
${ATOMIC} install --system --system-package=build atomic-test-system-hostfs
rpm -qip atomic-container-atomic-test-system-*.x86_64.rpm > rpm_info
assert_matches "atomic-container-atomic-test-system" rpm_info
assert_matches "^Release.*:.*1" rpm_info
rpm -qlp atomic-container-atomic-test-system-*.x86_64.rpm > rpm_file_list
assert_matches "/usr/local/lib/secret-message" rpm_file_list
# A --system-package=build includes also the files for running
# the container itself, let's check it...
assert_matches "/usr/lib/containers/atomic/atomic-test-system" rpm_file_list
# now install the package to the system
${ATOMIC} install --system --system-package=yes atomic-test-system-hostfs
teardown () {
set +o pipefail
${ATOMIC} uninstall --storage ostree atomic-test-system-hostfs
exit 0
}
trap teardown EXIT
RPM_NAME=$(rpm -qa | grep ^atomic-container-atomic-test-system)
rpm -ql $RPM_NAME > rpm_file_list
# --system-package=yes doesn't include the files of the container rootfs
assert_not_matches "/usr/lib/containers/atomic/atomic-test-system" rpm_file_list
for i in /usr/lib/systemd/system/atomic-test-system.service \
/usr/lib/tmpfiles.d/atomic-test-system.conf \
/usr/local/lib/renamed-atomic-test-system \
/usr/local/lib/secret-message \
/usr/local/lib/secret-message-template;
do
assert_matches $i rpm_file_list
done
# This is not a template file, the $RECEIVER is not replaced
assert_matches "\$RECEIVER" /usr/local/lib/secret-message
# Instead this is a template file, the $RECEIVER must be replaced
assert_not_matches "\$RECEIVER" /usr/local/lib/secret-message-template
assert_matches "Hello World" /usr/local/lib/secret-message

17
tests/test-images/Dockerfile.system-hostfs Normal file
View File

@@ -0,0 +1,17 @@
FROM centos
RUN yum -y install nmap-ncat && yum clean all
LABEL "Name"="atomic-test-system-hostfs"
# Add a file that can be handled by the rpm generator
RUN mkdir -p /exports/hostfs/usr/local/lib
ADD message /exports/hostfs/usr/local/lib/secret-message
ADD message-template /exports/hostfs/usr/local/lib/secret-message-template
# this is going to be renamed
ADD message /exports/hostfs/usr/local/lib/placeholder-file
ADD run.sh greet.sh /usr/bin/
# Export the files used for the system container
ADD tmpfiles.template manifest.json service.template config.json.template /exports/

156
tests/test-images/system-container-files-hostfs/config.json.template Normal file
View File

@@ -0,0 +1,156 @@
{
"ociVersion": "0.3.0",
"platform": {
"os": "linux",
"arch": "amd64"
},
"process": {
"terminal": false,
"user": {
"uid": 0,
"gid": 0
},
"args": [
"/usr/bin/run.sh"
],
"env": [
"PORT=$PORT",
"RECEIVER=$RECEIVER",
"UUID=$UUID",
"NAME=$NAME",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"TERM=xterm"
],
"cwd": "/"
},
"root": {
"path": "rootfs",
"readonly": true
},
"mounts": [
{
"destination": "/proc",
"type": "proc",
"source": "proc"
},
{
"destination": "/dev",
"type": "tmpfs",
"source": "tmpfs",
"options": [
"nosuid",
"strictatime",
"mode=755",
"size=65536k"
]
},
{
"destination": "/dev/pts",
"type": "devpts",
"source": "devpts",
"options": [
"nosuid",
"noexec",
"newinstance",
"ptmxmode=0666",
"mode=0620",
"gid=5"
]
},
{
"destination": "/dev/shm",
"type": "tmpfs",
"source": "shm",
"options": [
"nosuid",
"noexec",
"nodev",
"mode=1777",
"size=65536k"
]
},
{
"destination": "/dev/mqueue",
"type": "mqueue",
"source": "mqueue",
"options": [
"nosuid",
"noexec",
"nodev"
]
},
{
"destination": "/sys",
"type": "sysfs",
"source": "sysfs",
"options": [
"nosuid",
"noexec",
"nodev"
]
},
{
"destination": "/sys/fs/cgroup",
"type": "cgroup",
"source": "cgroup",
"options": [
"nosuid",
"noexec",
"nodev",
"relatime",
"ro"
]
},
{
"type": "bind",
"source": "${RUN_DIRECTORY}/${NAME}",
"destination": "/var/run/",
"options": [
"rbind",
"rw",
"mode=755"
]
}
],
"hooks": {},
"linux": {
"capabilities": [
"CAP_AUDIT_WRITE",
"CAP_KILL",
"CAP_NET_BIND_SERVICE"
],
"rlimits": [
{
"type": "RLIMIT_NOFILE",
"hard": 1024,
"soft": 1024
}
],
"resources": {
"devices": [
{
"allow": false,
"access": "rwm"
}
]
},
"namespaces": [
{
"type": "pid"
},
{
"type": "ipc"
},
{
"type": "mount"
}
],
"devices": null,
"apparmorProfile": "",
"selinuxProcessLabel": "",
"seccomp": {
"defaultAction": "",
"architectures": null
}
}
}

7
tests/test-images/system-container-files-hostfs/greet.sh Executable file
View File

@@ -0,0 +1,7 @@
#/bin/sh
printf "HTTP/1.1 200 OK\r\n"
printf "Connection: Close\r\n"
printf "\r\n"
printf "Hi $RECEIVER from container $NAME with UUID=$UUID\r\n"

13
tests/test-images/system-container-files-hostfs/manifest.json Normal file
View File

@@ -0,0 +1,13 @@
{
"version": "1.0",
"defaultValues": {
"PORT": "8081",
"RECEIVER": "World"
},
"renameFiles" : {
"/usr/local/lib/placeholder-file" : "/usr/local/lib/renamed-$NAME"
},
"installedFilesTemplate" : [
"/usr/local/lib/secret-message-template"
]
}

1
tests/test-images/system-container-files-hostfs/message Normal file
View File

@@ -0,0 +1 @@
Hello unknown $RECEIVER

1
tests/test-images/system-container-files-hostfs/message-template Normal file
View File

@@ -0,0 +1 @@
hello $RECEIVER

13
tests/test-images/system-container-files-hostfs/run.sh Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/sh
nc --verbose -k -l ${PORT:-8081} --sh-exec /usr/bin/greet.sh &
cleanup ()
{
kill -9 $!
exit 0
}
trap cleanup SIGINT SIGTERM
wait $!

12
tests/test-images/system-container-files-hostfs/service.template Normal file
View File

@@ -0,0 +1,12 @@
[Unit]
Description=Hello World System Container
[Service]
ExecStart=$EXEC_START
ExecStop=$EXEC_STOP
Restart=on-failure
WorkingDirectory=$DESTDIR
[Install]
WantedBy=multi-user.target

1
tests/test-images/system-container-files-hostfs/tmpfiles.template Normal file
View File

@@ -0,0 +1 @@
D ${RUN_DIRECTORY}/${NAME} 0700 - - - -