vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Rename ocid to crio.

Browse source 
The ocid project was renamed to CRI-O, months ago, it is time that we moved
all of the code to the new name.  We want to elminate the name ocid from use.
Move fully to crio.

Also cric is being renamed to crioctl for the time being.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
This commit is contained in:
Dan Walsh 2017-05-12 09:36:15 -04:00
parent 81cfba283a
commit 4493b6f176
52 changed files with 677 additions and 677 deletions
Download patch file Download diff file Expand all files Collapse all files

8
test/README.md
View file

@ -79,7 +79,7 @@ make localintegration RUNTIME=cc-oci-runtime
## Writing integration tests
[Helper functions]
(https://github.com/kubernetes-incubator/ocid/blob/master/test/helpers.bash)
(https://github.com/kubernetes-incubator/crio/blob/master/test/helpers.bash)
are provided in order to facilitate writing tests.
```sh
@ -97,9 +97,9 @@ function teardown() {
cleanup_test
}
@test "ocic runtimeversion" {
start_ocid
ocic runtimeversion
@test "crioctl runtimeversion" {
start_crio
crioctl runtimeversion
[ "$status" -eq 0 ]
}

54
test/apparmor.bats
View file

@ -15,31 +15,31 @@ function teardown() {
skip "skip this test since apparmor is not enabled."
fi
start_ocid
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname1": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor1.json
run ocic pod run --name apparmor1 --config "$TESTDIR"/apparmor1.json
run crioctl pod run --name apparmor1 --config "$TESTDIR"/apparmor1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname1 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname1 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" touch test.txt
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 2. test running with loading a specific apparmor profile as ocid default apparmor profile.
# test that we can run with a specific apparmor profile which will block touching a file in `.` as ocid default apparmor profile.
# 2. test running with loading a specific apparmor profile as crio default apparmor profile.
# test that we can run with a specific apparmor profile which will block touching a file in `.` as crio default apparmor profile.
@test "load a specific apparmor profile as default apparmor and run a container with it" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
enabled=$(is_apparmor_enabled)
@ -48,31 +48,31 @@ function teardown() {
fi
load_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
start_ocid "" "$APPARMOR_TEST_PROFILE_NAME"
start_crio "" "$APPARMOR_TEST_PROFILE_NAME"
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname2": "apparmor-test-deny-write"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor2.json
run ocic pod run --name apparmor2 --config "$TESTDIR"/apparmor2.json
run crioctl pod run --name apparmor2 --config "$TESTDIR"/apparmor2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" touch test.txt
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Permission denied" ]]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
remove_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
}
# 3. test running with loading a specific apparmor profile but not as ocid default apparmor profile.
# 3. test running with loading a specific apparmor profile but not as crio default apparmor profile.
# test that we can run with a specific apparmor profile which will block touching a file in `.`
@test "load default apparmor profile and run a container with another apparmor profile" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
@ -82,27 +82,27 @@ function teardown() {
fi
load_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
start_ocid
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname3": "apparmor-test-deny-write"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor3.json
run ocic pod run --name apparmor3 --config "$TESTDIR"/apparmor3.json
run crioctl pod run --name apparmor3 --config "$TESTDIR"/apparmor3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname3 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname3 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" touch test.txt
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Permission denied" ]]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
remove_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
}
@ -115,15 +115,15 @@ function teardown() {
skip "skip this test since apparmor is not enabled."
fi
start_ocid
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname4": "not-exists"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor4.json
run ocic pod run --name apparmor4 --config "$TESTDIR"/apparmor4.json
run crioctl pod run --name apparmor4 --config "$TESTDIR"/apparmor4.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname4 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname4 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Creating container failed" ]]
@ -131,7 +131,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 5. test running with default apparmor profile unloaded.
@ -143,26 +143,26 @@ function teardown() {
skip "skip this test since apparmor is not enabled."
fi
start_ocid
start_crio
remove_apparmor_profile "$FAKE_OCID_DEFAULT_PROFILE_PATH"
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname5": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor5.json
run ocic pod run --name apparmor5 --config "$TESTDIR"/apparmor5.json
run crioctl pod run --name apparmor5 --config "$TESTDIR"/apparmor5.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname5 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname5 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" touch test.txt
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}

286
test/ctr.bats
View file

@ -7,125 +7,125 @@ function teardown() {
}
@test "ctr remove" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr remove --id "$ctr_id"
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr lifecycle" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr remove --id "$ctr_id"
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr logging" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
# Create a new container.
newconfig=$(mktemp --tmpdir ocid-config.XXXXXX.json)
newconfig=$(mktemp --tmpdir crio-config.XXXXXX.json)
cp "$TESTDATA"/container_config_logging.json "$newconfig"
sed -i 's|"%shellcommand%"|"echo here is some output \&\& echo and some from stderr >\&2"|' "$newconfig"
run ocic ctr create --config "$newconfig" --pod "$pod_id"
run crioctl ctr create --config "$newconfig" --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
# Ignore errors on stop.
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
[ "$status" -eq 0 ]
run ocic ctr remove --id "$ctr_id"
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
@ -136,46 +136,46 @@ function teardown() {
grep -E "^[^\n]+ stdout here is some output$" "$logpath"
grep -E "^[^\n]+ stderr and some from stderr$" "$logpath"
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr logging [tty=true]" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
# Create a new container.
newconfig=$(mktemp --tmpdir ocid-config.XXXXXX.json)
newconfig=$(mktemp --tmpdir crio-config.XXXXXX.json)
cp "$TESTDATA"/container_config_logging.json "$newconfig"
sed -i 's|"%shellcommand%"|"echo here is some output"|' "$newconfig"
sed -i 's|"tty": false,|"tty": true,|' "$newconfig"
run ocic ctr create --config "$newconfig" --pod "$pod_id"
run crioctl ctr create --config "$newconfig" --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
# Ignore errors on stop.
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
[ "$status" -eq 0 ]
run ocic ctr remove --id "$ctr_id"
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
@ -185,211 +185,211 @@ function teardown() {
echo "$logpath :: $(cat "$logpath")"
grep -E "^[^\n]+ stdout here is some output$" "$logpath"
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# regression test for #127
@test "ctrs status for a pod" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list --quiet
run crioctl ctr list --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
printf '%s\n' "$output" | while IFS= read -r id
do
run ocic ctr status --id "$id"
run crioctl ctr status --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr list filtering" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json --name pod1
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod1
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod1_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
ctr1_id="$output"
run ocic ctr start --id "$ctr1_id"
run crioctl ctr start --id "$ctr1_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod run --config "$TESTDATA"/sandbox_config.json --name pod2
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod2
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod2_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
ctr2_id="$output"
run ocic pod run --config "$TESTDATA"/sandbox_config.json --name pod3
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod3
echo "$output"
[ "$status" -eq 0 ]
pod3_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod3_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
ctr3_id="$output"
run ocic ctr start --id "$ctr3_id"
run crioctl ctr start --id "$ctr3_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr3_id"
run crioctl ctr stop --id "$ctr3_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list --id "$ctr1_id" --quiet
run crioctl ctr list --id "$ctr1_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --id "${ctr1_id:0:4}" --quiet
run crioctl ctr list --id "${ctr1_id:0:4}" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --id "$ctr2_id" --pod "$pod2_id" --quiet
run crioctl ctr list --id "$ctr2_id" --pod "$pod2_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run ocic ctr list --id "$ctr2_id" --pod "$pod3_id" --quiet
run crioctl ctr list --id "$ctr2_id" --pod "$pod3_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run ocic ctr list --state created --quiet
run crioctl ctr list --state created --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run ocic ctr list --state running --quiet
run crioctl ctr list --state running --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --state stopped --quiet
run crioctl ctr list --state stopped --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr3_id" ]]
run ocic ctr list --pod "$pod1_id" --quiet
run crioctl ctr list --pod "$pod1_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --pod "$pod2_id" --quiet
run crioctl ctr list --pod "$pod2_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run ocic ctr list --pod "$pod3_id" --quiet
run crioctl ctr list --pod "$pod3_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr3_id" ]]
run ocic pod remove --id "$pod1_id"
run crioctl pod remove --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod2_id"
run crioctl pod remove --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod3_id"
run crioctl pod remove --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr list label filtering" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr1 --label "a=b" --label "c=d" --label "e=f"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr1 --label "a=b" --label "c=d" --label "e=f"
echo "$output"
[ "$status" -eq 0 ]
ctr1_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr2 --label "a=b" --label "c=d"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr2 --label "a=b" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
ctr2_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr3 --label "a=b"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr3 --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
ctr3_id="$output"
run ocic ctr list --label "tier=backend" --label "a=b" --label "c=d" --label "e=f" --quiet
run crioctl ctr list --label "tier=backend" --label "a=b" --label "c=d" --label "e=f" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --label "tier=frontend" --quiet
run crioctl ctr list --label "tier=frontend" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run ocic ctr list --label "a=b" --label "c=d" --quiet
run crioctl ctr list --label "a=b" --label "c=d" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
[[ "$output" =~ "$ctr2_id" ]]
run ocic ctr list --label "a=b" --quiet
run crioctl ctr list --label "a=b" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
[[ "$output" =~ "$ctr2_id" ]]
[[ "$output" =~ "$ctr3_id" ]]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr metadata in list & status" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr list --id "$ctr_id"
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: container1" ]]
[[ "$output" =~ "Attempt: 1" ]]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
@ -398,161 +398,161 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr execsync" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" echo HELLO
run crioctl ctr execsync --id "$ctr_id" echo HELLO
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "HELLO" ]]
run ocic ctr execsync --id "$ctr_id" --timeout 1 sleep 10
run crioctl ctr execsync --id "$ctr_id" --timeout 1 sleep 10
echo "$output"
[[ "$output" =~ "command timed out" ]]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr device add" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis_device.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis_device.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" ls /dev/mynull
run crioctl ctr execsync --id "$ctr_id" ls /dev/mynull
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "/dev/mynull" ]]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr execsync failure" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" doesnotexist
run crioctl ctr execsync --id "$ctr_id" doesnotexist
echo "$output"
[ "$status" -ne 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr execsync exit code" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" false
run crioctl ctr execsync --id "$ctr_id" false
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr execsync std{out,err}" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" "echo hello0 stdout"
run crioctl ctr execsync --id "$ctr_id" "echo hello0 stdout"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == *"$(printf "Stdout:\nhello0 stdout")"* ]]
run ocic ctr execsync --id "$ctr_id" "echo hello1 stderr >&2"
run crioctl ctr execsync --id "$ctr_id" "echo hello1 stderr >&2"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == *"$(printf "Stderr:\nhello1 stderr")"* ]]
run ocic ctr execsync --id "$ctr_id" "echo hello2 stderr >&2; echo hello3 stdout"
run crioctl ctr execsync --id "$ctr_id" "echo hello2 stderr >&2; echo hello3 stdout"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == *"$(printf "Stderr:\nhello2 stderr")"* ]]
[[ "$output" == *"$(printf "Stdout:\nhello3 stdout")"* ]]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr stop idempotent" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}

98
test/helpers.bash
View file

@ -9,10 +9,10 @@ TESTDATA="${INTEGRATION_ROOT}/testdata"
# Root directory of the repository.
OCID_ROOT=${OCID_ROOT:-$(cd "$INTEGRATION_ROOT/../.."; pwd -P)}
# Path of the ocid binary.
OCID_BINARY=${OCID_BINARY:-${OCID_ROOT}/cri-o/ocid}
# Path of the ocic binary.
OCIC_BINARY=${OCIC_BINARY:-${OCID_ROOT}/cri-o/ocic}
# Path of the crio binary.
OCID_BINARY=${OCID_BINARY:-${OCID_ROOT}/cri-o/crio}
# Path of the crioctl binary.
OCIC_BINARY=${OCIC_BINARY:-${OCID_ROOT}/cri-o/crioctl}
# Path of the conmon binary.
CONMON_BINARY=${CONMON_BINARY:-${OCID_ROOT}/cri-o/conmon/conmon}
# Path of the pause binary.
@ -20,7 +20,7 @@ PAUSE_BINARY=${PAUSE_BINARY:-${OCID_ROOT}/cri-o/pause/pause}
# Path of the default seccomp profile.
SECCOMP_PROFILE=${SECCOMP_PROFILE:-${OCID_ROOT}/cri-o/seccomp.json}
# Name of the default apparmor profile.
APPARMOR_PROFILE=${APPARMOR_PROFILE:-ocid-default}
APPARMOR_PROFILE=${APPARMOR_PROFILE:-crio-default}
# Runtime
RUNTIME=${RUNTIME:-runc}
RUNTIME_PATH=$(command -v $RUNTIME || true)
@ -29,8 +29,8 @@ RUNTIME_BINARY=${RUNTIME_PATH:-/usr/local/sbin/runc}
APPARMOR_PARSER_BINARY=${APPARMOR_PARSER_BINARY:-/sbin/apparmor_parser}
# Path of the apparmor profile for test.
APPARMOR_TEST_PROFILE_PATH=${APPARMOR_TEST_PROFILE_PATH:-${TESTDATA}/apparmor_test_deny_write}
# Path of the apparmor profile for unloading ocid-default.
FAKE_OCID_DEFAULT_PROFILE_PATH=${FAKE_OCID_DEFAULT_PROFILE_PATH:-${TESTDATA}/fake_ocid_default}
# Path of the apparmor profile for unloading crio-default.
FAKE_OCID_DEFAULT_PROFILE_PATH=${FAKE_OCID_DEFAULT_PROFILE_PATH:-${TESTDATA}/fake_crio_default}
# Name of the apparmor profile for test.
APPARMOR_TEST_PROFILE_NAME=${APPARMOR_TEST_PROFILE_NAME:-apparmor-test-deny-write}
# Path of boot config.
@ -46,7 +46,7 @@ ARTIFACTS_PATH=${ARTIFACTS_PATH:-${OCID_ROOT}/cri-o/.artifacts}
# Path of the checkseccomp binary.
CHECKSECCOMP_BINARY=${CHECKSECCOMP_BINARY:-${OCID_ROOT}/cri-o/test/checkseccomp/checkseccomp}
# XXX: This is hardcoded inside cri-o at the moment.
DEFAULT_LOG_PATH=/var/log/ocid/pods
DEFAULT_LOG_PATH=/var/log/crio/pods
TESTDIR=$(mktemp -d)
if [ -e /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
@ -54,8 +54,8 @@ if [ -e /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
filelabel=$(awk -F'"' '/^file.*=.*/ {print $2}' /etc/selinux/${SELINUXTYPE}/contexts/lxc_contexts)
chcon -R ${filelabel} $TESTDIR
fi
OCID_SOCKET="$TESTDIR/ocid.sock"
OCID_CONFIG="$TESTDIR/ocid.conf"
OCID_SOCKET="$TESTDIR/crio.sock"
OCID_CONFIG="$TESTDIR/crio.conf"
OCID_CNI_CONFIG="$TESTDIR/cni/net.d/"
OCID_CNI_PLUGIN="/opt/cni/bin/"
POD_CIDR="10.88.0.0/16"
@ -85,14 +85,14 @@ if ! [ -d "$ARTIFACTS_PATH"/busybox-image ]; then
fi
fi
# Run ocid using the binary specified by $OCID_BINARY.
# This must ONLY be run on engines created with `start_ocid`.
function ocid() {
# Run crio using the binary specified by $OCID_BINARY.
# This must ONLY be run on engines created with `start_crio`.
function crio() {
"$OCID_BINARY" --listen "$OCID_SOCKET" "$@"
}
# Run ocic using the binary specified by $OCIC_BINARY.
function ocic() {
# Run crioctl using the binary specified by $OCIC_BINARY.
function crioctl() {
"$OCIC_BINARY" --connect "$OCID_SOCKET" "$@"
}
@ -122,13 +122,13 @@ function retry() {
false
}
# Waits until the given ocid becomes reachable.
# Waits until the given crio becomes reachable.
function wait_until_reachable() {
retry 15 1 ocic runtimeversion
retry 15 1 crioctl runtimeversion
}
# Start ocid.
function start_ocid() {
# Start crio.
function start_crio() {
if [[ -n "$1" ]]; then
seccomp="$1"
else
@ -141,12 +141,12 @@ function start_ocid() {
apparmor="$APPARMOR_PROFILE"
fi
# Don't forget: bin2img, copyimg, and ocid have their own default drivers, so if you override any, you probably need to override them all
# Don't forget: bin2img, copyimg, and crio have their own default drivers, so if you override any, you probably need to override them all
if ! [ "$3" = "--no-pause-image" ] ; then
"$BIN2IMG_BINARY" --root "$TESTDIR/ocid" $STORAGE_OPTS --runroot "$TESTDIR/ocid-run" --source-binary "$PAUSE_BINARY"
"$BIN2IMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTS --runroot "$TESTDIR/crio-run" --source-binary "$PAUSE_BINARY"
fi
"$COPYIMG_BINARY" --root "$TESTDIR/ocid" $STORAGE_OPTS --runroot "$TESTDIR/ocid-run" --image-name=redis:alpine --import-from=dir:"$ARTIFACTS_PATH"/redis-image --add-name=docker://docker.io/library/redis:alpine --signature-policy="$INTEGRATION_ROOT"/policy.json
"$OCID_BINARY" --conmon "$CONMON_BINARY" --listen "$OCID_SOCKET" --runtime "$RUNTIME_BINARY" --root "$TESTDIR/ocid" --runroot "$TESTDIR/ocid-run" $STORAGE_OPTS --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$OCID_CNI_CONFIG" --signature-policy "$INTEGRATION_ROOT"/policy.json --config /dev/null config >$OCID_CONFIG
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTS --runroot "$TESTDIR/crio-run" --image-name=redis:alpine --import-from=dir:"$ARTIFACTS_PATH"/redis-image --add-name=docker://docker.io/library/redis:alpine --signature-policy="$INTEGRATION_ROOT"/policy.json
"$OCID_BINARY" --conmon "$CONMON_BINARY" --listen "$OCID_SOCKET" --runtime "$RUNTIME_BINARY" --root "$TESTDIR/crio" --runroot "$TESTDIR/crio-run" $STORAGE_OPTS --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$OCID_CNI_CONFIG" --signature-policy "$INTEGRATION_ROOT"/policy.json --config /dev/null config >$OCID_CONFIG
# Prepare the CNI configuration files, we're running with non host networking by default
if [[ -n "$4" ]]; then
@ -159,58 +159,58 @@ function start_ocid() {
"$OCID_BINARY" --debug --config "$OCID_CONFIG" & OCID_PID=$!
wait_until_reachable
run ocic image status --id=redis:alpine
run crioctl image status --id=redis:alpine
if [ "$status" -ne 0 ] ; then
ocic image pull redis:alpine
crioctl image pull redis:alpine
fi
REDIS_IMAGEID=$(ocic image status --id=redis:alpine | head -1 | sed -e "s/ID: //g")
run ocic image status --id=busybox
REDIS_IMAGEID=$(crioctl image status --id=redis:alpine | head -1 | sed -e "s/ID: //g")
run crioctl image status --id=busybox
if [ "$status" -ne 0 ] ; then
ocic image pull busybox:latest
crioctl image pull busybox:latest
fi
BUSYBOX_IMAGEID=$(ocic image status --id=busybox | head -1 | sed -e "s/ID: //g")
BUSYBOX_IMAGEID=$(crioctl image status --id=busybox | head -1 | sed -e "s/ID: //g")
}
function cleanup_ctrs() {
run ocic ctr list --quiet
run crioctl ctr list --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
ocic ctr stop --id "$line" || true
ocic ctr remove --id "$line"
crioctl ctr stop --id "$line" || true
crioctl ctr remove --id "$line"
done
fi
fi
}
function cleanup_images() {
run ocic image list --quiet
run crioctl image list --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
ocic image remove --id "$line"
crioctl image remove --id "$line"
done
fi
fi
}
function cleanup_pods() {
run ocic pod list --quiet
run crioctl pod list --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
ocic pod stop --id "$line" || true
ocic pod remove --id "$line"
crioctl pod stop --id "$line" || true
crioctl pod remove --id "$line"
done
fi
fi
}
# Stop ocid.
function stop_ocid() {
# Stop crio.
function stop_crio() {
if [ "$OCID_PID" != "" ]; then
kill "$OCID_PID" >/dev/null 2>&1
wait "$OCID_PID"
@ -220,13 +220,13 @@ function stop_ocid() {
cleanup_network_conf
}
function restart_ocid() {
function restart_crio() {
if [ "$OCID_PID" != "" ]; then
kill "$OCID_PID" >/dev/null 2>&1
wait "$OCID_PID"
start_ocid
start_crio
else
echo "you must start ocid first"
echo "you must start crio first"
exit 1
fi
}
@ -265,10 +265,10 @@ function is_apparmor_enabled() {
function prepare_network_conf() {
mkdir -p $OCID_CNI_CONFIG
cat >$OCID_CNI_CONFIG/10-ocid.conf <<-EOF
cat >$OCID_CNI_CONFIG/10-crio.conf <<-EOF
{
"cniVersion": "0.2.0",
"name": "ocidnet",
"name": "crionet",
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
@ -298,7 +298,7 @@ function prepare_plugin_test_args_network_conf() {
cat >$OCID_CNI_CONFIG/10-plugin-test-args.conf <<-EOF
{
"cniVersion": "0.2.0",
"name": "ocidnet",
"name": "crionet",
"type": "plugin_test_args.bash"
}
EOF
@ -307,7 +307,7 @@ EOF
}
function check_pod_cidr() {
fullnetns=`ocic pod status --id $1 | grep namespace | cut -d ' ' -f 3`
fullnetns=`crioctl pod status --id $1 | grep namespace | cut -d ' ' -f 3`
netns=`basename $fullnetns`
run ip netns exec $netns ip addr show dev eth0 scope global 2>&1
@ -328,7 +328,7 @@ function parse_pod_ip() {
}
function ping_pod() {
netns=`ocic pod status --id $1 | grep namespace | cut -d ' ' -f 3`
netns=`crioctl pod status --id $1 | grep namespace | cut -d ' ' -f 3`
inet=`ip netns exec \`basename $netns\` ip addr show dev eth0 scope global | grep inet`
IFS=" "
@ -340,8 +340,8 @@ function ping_pod() {
}
function ping_pod_from_pod() {
pod_ip=`ocic pod status --id $1 | grep "IP Address" | cut -d ' ' -f 3`
netns=`ocic pod status --id $2 | grep namespace | cut -d ' ' -f 3`
pod_ip=`crioctl pod status --id $1 | grep "IP Address" | cut -d ' ' -f 3`
netns=`crioctl pod status --id $2 | grep namespace | cut -d ' ' -f 3`
ip netns exec `basename $netns` ping -W 1 -c 2 $pod_ip

66
test/image.bats
View file

@ -9,73 +9,73 @@ function teardown() {
}
@test "run container in pod with image ID" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
sed -e "s/%VALUE%/$REDIS_IMAGEID/g" "$TESTDATA"/container_config_by_imageid.json > "$TESTDIR"/ctr_by_imageid.json
run ocic ctr create --config "$TESTDIR"/ctr_by_imageid.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDIR"/ctr_by_imageid.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "image pull" {
start_ocid "" "" --no-pause-image
run ocic image pull "$IMAGE"
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
cleanup_images
stop_ocid
stop_crio
}
@test "image pull and list by digest" {
start_ocid "" "" --no-pause-image
run ocic image pull nginx@sha256:4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
start_crio "" "" --no-pause-image
run crioctl image pull nginx@sha256:4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
echo "$output"
[ "$status" -eq 0 ]
run ocic image list --quiet nginx@sha256:4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
run crioctl image list --quiet nginx@sha256:4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run ocic image list --quiet nginx@4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
run crioctl image list --quiet nginx@4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run ocic image list --quiet @4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
run crioctl image list --quiet @4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run ocic image list --quiet 4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
run crioctl image list --quiet 4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
cleanup_images
stop_ocid
stop_crio
}
@test "image list with filter" {
start_ocid "" "" --no-pause-image
run ocic image pull "$IMAGE"
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run ocic image list --quiet "$IMAGE"
run crioctl image list --quiet "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
printf '%s\n' "$output" | while IFS= read -r id; do
run ocic image remove --id "$id"
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
printf '%s\n' "$output" | while IFS= read -r id; do
@ -83,24 +83,24 @@ function teardown() {
status=1
done
cleanup_images
stop_ocid
stop_crio
}
@test "image list/remove" {
start_ocid "" "" --no-pause-image
run ocic image pull "$IMAGE"
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
run ocic image remove --id "$id"
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" = "" ]
@ -109,28 +109,28 @@ function teardown() {
status=1
done
cleanup_images
stop_ocid
stop_crio
}
@test "image status/remove" {
start_ocid "" "" --no-pause-image
run ocic image pull "$IMAGE"
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
run ocic image status --id "$id"
run crioctl image status --id "$id"
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
run ocic image remove --id "$id"
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" = "" ]
@ -139,5 +139,5 @@ function teardown() {
status=1
done
cleanup_images
stop_ocid
stop_crio
}

30
test/network.bats
View file

@ -3,8 +3,8 @@
load helpers
@test "Check for valid pod netns CIDR" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
@ -12,12 +12,12 @@ load helpers
check_pod_cidr $pod_id
cleanup_pods
stop_ocid
stop_crio
}
@test "Ping pod from the host" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
@ -25,19 +25,19 @@ load helpers
ping_pod $pod_id
cleanup_pods
stop_ocid
stop_crio
}
@test "Ping pod from another pod" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
temp_sandbox_conf cni_test
run ocic pod run --config "$TESTDIR"/sandbox_config_cni_test.json
run crioctl pod run --config "$TESTDIR"/sandbox_config_cni_test.json
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
@ -49,21 +49,21 @@ load helpers
[ "$status" -eq 0 ]
cleanup_pods
stop_ocid
stop_crio
}
@test "Ensure correct CNI plugin namespace/name/container-id arguments" {
start_ocid "" "" "" "prepare_plugin_test_args_network_conf"
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio "" "" "" "prepare_plugin_test_args_network_conf"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
[ "$status" -eq 0 ]
. /tmp/plugin_test_args.out
[ "$FOUND_CNI_CONTAINERID" != "redhat.test.ocid" ]
[ "$FOUND_CNI_CONTAINERID" != "redhat.test.crio" ]
[ "$FOUND_CNI_CONTAINERID" != "podsandbox1" ]
[ "$FOUND_K8S_POD_NAMESPACE" = "redhat.test.ocid" ]
[ "$FOUND_K8S_POD_NAMESPACE" = "redhat.test.crio" ]
[ "$FOUND_K8S_POD_NAME" = "podsandbox1" ]
cleanup_pods
stop_ocid
stop_crio
}

148
test/pod.bats
View file

@ -8,282 +8,282 @@ function teardown() {
# PR#59
@test "pod release name on remove" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
id="$output"
run ocic pod stop --id "$id"
run crioctl pod stop --id "$id"
echo "$output"
[ "$status" -eq 0 ]
echo "$output"
run ocic pod remove --id "$id"
run crioctl pod remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod run --config "$TESTDATA"/sandbox_config.json
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
id="$output"
run ocic pod stop --id "$id"
run crioctl pod stop --id "$id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$id"
run crioctl pod remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "pod remove" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "pod list filtering" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json -name pod1 --label "a=b" --label "c=d" --label "e=f"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod1 --label "a=b" --label "c=d" --label "e=f"
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
run ocic pod run --config "$TESTDATA"/sandbox_config.json -name pod2 --label "a=b" --label "c=d"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod2 --label "a=b" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
run ocic pod run --config "$TESTDATA"/sandbox_config.json -name pod3 --label "a=b"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod3 --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
pod3_id="$output"
run ocic pod list --label "a=b" --label "c=d" --label "e=f" --quiet
run crioctl pod list --label "a=b" --label "c=d" --label "e=f" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run ocic pod list --label "g=h" --quiet
run crioctl pod list --label "g=h" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run ocic pod list --label "a=b" --label "c=d" --quiet
run crioctl pod list --label "a=b" --label "c=d" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
[[ "$output" =~ "$pod2_id" ]]
run ocic pod list --label "a=b" --quiet
run crioctl pod list --label "a=b" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
[[ "$output" =~ "$pod2_id" ]]
[[ "$output" =~ "$pod3_id" ]]
run ocic pod list --id "$pod1_id"
run crioctl pod list --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
# filter by truncated id should work as well
run ocic pod list --id "${pod1_id:0:4}"
run crioctl pod list --id "${pod1_id:0:4}"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run ocic pod list --id "$pod2_id"
run crioctl pod list --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod2_id" ]]
run ocic pod list --id "$pod3_id"
run crioctl pod list --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod3_id" ]]
run ocic pod list --id "$pod1_id" --label "a=b"
run crioctl pod list --id "$pod1_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run ocic pod list --id "$pod2_id" --label "a=b"
run crioctl pod list --id "$pod2_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod2_id" ]]
run ocic pod list --id "$pod3_id" --label "a=b"
run crioctl pod list --id "$pod3_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod3_id" ]]
run ocic pod list --id "$pod3_id" --label "c=d"
run crioctl pod list --id "$pod3_id" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run ocic pod remove --id "$pod1_id"
run crioctl pod remove --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod2_id"
run crioctl pod remove --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod3_id"
run crioctl pod remove --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_pods
stop_ocid
stop_crio
}
@test "pod metadata in list & status" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list --id "$pod_id"
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: podsandbox1" ]]
[[ "$output" =~ "UID: redhat-test-ocid" ]]
[[ "$output" =~ "Namespace: redhat.test.ocid" ]]
[[ "$output" =~ "UID: redhat-test-crio" ]]
[[ "$output" =~ "Namespace: redhat.test.crio" ]]
[[ "$output" =~ "Attempt: 1" ]]
run ocic pod status --id "$pod_id"
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: podsandbox1" ]]
[[ "$output" =~ "UID: redhat-test-ocid" ]]
[[ "$output" =~ "Namespace: redhat.test.ocid" ]]
[[ "$output" =~ "UID: redhat-test-crio" ]]
[[ "$output" =~ "Namespace: redhat.test.crio" ]]
[[ "$output" =~ "Attempt: 1" ]]
cleanup_pods
stop_ocid
stop_crio
}
@test "pass pod sysctls to runtime" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --pod "$pod_id" --config "$TESTDATA"/container_redis.json
run crioctl ctr create --pod "$pod_id" --config "$TESTDATA"/container_redis.json
echo "$output"
[ "$status" -eq 0 ]
container_id="$output"
run ocic ctr start --id "$container_id"
run crioctl ctr start --id "$container_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$container_id" sysctl kernel.shm_rmid_forced
run crioctl ctr execsync --id "$container_id" sysctl kernel.shm_rmid_forced
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "kernel.shm_rmid_forced = 1" ]]
run ocic ctr execsync --id "$container_id" sysctl kernel.msgmax
run crioctl ctr execsync --id "$container_id" sysctl kernel.msgmax
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "kernel.msgmax = 8192" ]]
run ocic ctr execsync --id "$container_id" sysctl net.ipv4.ip_local_port_range
run crioctl ctr execsync --id "$container_id" sysctl net.ipv4.ip_local_port_range
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "net.ipv4.ip_local_port_range = 1024 65000" ]]
cleanup_pods
stop_ocid
stop_crio
}
@test "pod stop idempotent" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "pod remove idempotent" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "pod stop idempotent with ctrs already stopped" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "restart ocid and still get pod status" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
@test "restart crio and still get pod status" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
restart_ocid
run ocic pod status --id "$pod_id"
restart_crio
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}

34
test/restore.bats
View file

@ -6,74 +6,74 @@ function teardown() {
cleanup_test
}
@test "ocid restore" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
@test "crio restore" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list --id "$pod_id"
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
pod_list_info="$output"
run ocic pod status --id "$pod_id"
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
pod_status_info="$output"
run ocic ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr list --id "$ctr_id"
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_list_info="$output"
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_status_info="$output"
stop_ocid
stop_crio
start_ocid
run ocic pod list
start_crio
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
[[ "${output}" =~ "${pod_id}" ]]
run ocic pod list --id "$pod_id"
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${pod_list_info}" ]]
run ocic pod status --id "$pod_id"
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${pod_status_info}" ]]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
[[ "${output}" =~ "${pod_id}" ]]
run ocic ctr list --id "$ctr_id"
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${ctr_list_info}" ]]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${ctr_status_info}" ]]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}

8
test/runtimeversion.bats
View file

@ -6,10 +6,10 @@ function teardown() {
cleanup_test
}
@test "ocic runtimeversion" {
start_ocid
run ocic runtimeversion
@test "crioctl runtimeversion" {
start_crio
run crioctl runtimeversion
echo "$output"
[ "$status" -eq 0 ]
stop_ocid
stop_crio
}

102
test/seccomp.bats
View file

@ -19,27 +19,27 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp1-1-testname-0": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
run ocic pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp1-1-testname-0": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
run crioctl pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 2. test running with ctr runtime/default
@ -55,21 +55,21 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp2-1-testname2-0": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run ocic pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp2-1-testname2-0": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run crioctl pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
@ -77,7 +77,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 3. test running with ctr wrong profile name
@ -92,14 +92,14 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp3-1-testname3-1": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
run ocic pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp3-1-testname3-1": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
run crioctl pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname3 --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --name testname3 --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "unknown seccomp profile option:" ]]
@ -107,7 +107,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# TODO(runcom): need https://issues.k8s.io/36997
@ -123,7 +123,7 @@ function teardown() {
#sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
#sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
#start_ocid "$TESTDIR"/seccomp_profile1.json
#start_crio "$TESTDIR"/seccomp_profile1.json
skip "need https://issues.k8s.io/36997"
}
@ -143,21 +143,21 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp2-1-testname2-0-not-exists": "unconfined", "security\.alpha\.kubernetes\.io\/seccomp\/pod": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp5.json
run ocic pod run --name seccomp5 --config "$TESTDIR"/seccomp5.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp2-1-testname2-0-not-exists": "unconfined", "security\.alpha\.kubernetes\.io\/seccomp\/pod": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp5.json
run crioctl pod run --name seccomp5 --config "$TESTDIR"/seccomp5.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
@ -165,7 +165,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 6. test running with unkwown ctr profile and no pod, falls back to unconfined
@ -183,27 +183,27 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp6-1-testname6-0-not-exists": "runtime-default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp6.json
run ocic pod run --name seccomp6 --config "$TESTDIR"/seccomp6.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp6-1-testname6-0-not-exists": "runtime-default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp6.json
run crioctl pod run --name seccomp6 --config "$TESTDIR"/seccomp6.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname6 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname6 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 1. test running with pod unconfined
@ -219,27 +219,27 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/pod": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
run ocic pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
run crioctl pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 2. test running with pod runtime/default
@ -255,21 +255,21 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/pod": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run ocic pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
run crioctl pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
@ -277,7 +277,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 3. test running with pod wrong profile name
@ -292,15 +292,15 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
# 3. test running with pod wrong profile name
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/pod": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
run ocic pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
run crioctl pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "unknown seccomp profile option:" ]]
@ -308,7 +308,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# TODO(runcom): need https://issues.k8s.io/36997
@ -324,7 +324,7 @@ function teardown() {
#sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
#sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
#start_ocid "$TESTDIR"/seccomp_profile1.json
#start_crio "$TESTDIR"/seccomp_profile1.json
skip "need https://issues.k8s.io/36997"
}

8
test/testdata/README.md vendored
View file

@ -1,15 +1,15 @@
In terminal 1:
```
sudo ./ocid
sudo ./crio
```
In terminal 2:
```
sudo ./ocic runtimeversion
sudo ./crioctl runtimeversion
sudo rm -rf /var/lib/containers/storage/sandboxes/podsandbox1
sudo ./ocic pod run --config testdata/sandbox_config.json
sudo ./crioctl pod run --config testdata/sandbox_config.json
sudo rm -rf /var/lib/containers/storage/containers/container1
sudo ./ocic container create --pod podsandbox1 --config testdata/container_config.json
sudo ./crioctl container create --pod podsandbox1 --config testdata/container_config.json
```

2
test/testdata/container_config.json vendored
View file

@ -35,7 +35,7 @@
},
"annotations": {
"owner": "dragon",
"daemon": "ocid"
"daemon": "crio"
},
"privileged": true,
"readonly_rootfs": true,

2
test/testdata/container_config_by_imageid.json vendored
View file

@ -35,7 +35,7 @@
},
"annotations": {
"owner": "dragon",
"daemon": "ocid"
"daemon": "crio"
},
"privileged": true,
"readonly_rootfs": true,

2
test/testdata/container_config_logging.json vendored
View file

@ -37,7 +37,7 @@
},
"annotations": {
"owner": "dragon",
"daemon": "ocid"
"daemon": "crio"
},
"privileged": true,
"readonly_rootfs": true,

2
test/testdata/container_config_seccomp.json vendored
View file

@ -37,7 +37,7 @@
},
"annotations": {
"owner": "dragon",
"daemon": "ocid"
"daemon": "crio"
},
"privileged": true,
"readonly_rootfs": true,

2
test/testdata/fake_ocid_default vendored
View file

@ -1 +1 @@
profile ocid-default flags=(attach_disconnected) {}
profile crio-default flags=(attach_disconnected) {}

8
test/testdata/sandbox_config.json vendored
View file

@ -1,11 +1,11 @@
{
"metadata": {
"name": "podsandbox1",
"uid": "redhat-test-ocid",
"namespace": "redhat.test.ocid",
"uid": "redhat-test-crio",
"namespace": "redhat.test.crio",
"attempt": 1
},
"hostname": "ocic_host",
"hostname": "crioctl_host",
"log_directory": "",
"dns_options": {
"servers": [
@ -52,7 +52,7 @@
"security.alpha.kubernetes.io/seccomp/pod": "unconfined"
},
"linux": {
"cgroup_parent": "/ocid-podsandbox1",
"cgroup_parent": "/crio-podsandbox1",
"security_context": {
"namespace_options": {
"host_network": false,

8
test/testdata/sandbox_config_hostnet.json vendored
View file

@ -1,11 +1,11 @@
{
"metadata": {
"name": "podsandbox1",
"uid": "redhat-test-ocid",
"namespace": "redhat.test.ocid",
"uid": "redhat-test-crio",
"namespace": "redhat.test.crio",
"attempt": 1
},
"hostname": "ocic_host",
"hostname": "crioctl_host",
"log_directory": "",
"dns_options": {
"servers": [
@ -51,7 +51,7 @@
"security.alpha.kubernetes.io/seccomp/pod": "unconfined"
},
"linux": {
"cgroup_parent": "/ocid-podsandbox1",
"cgroup_parent": "/crio-podsandbox1",
"security_context": {
"namespace_options": {
"host_network": true,

6
test/testdata/sandbox_config_seccomp.json vendored
View file

@ -1,11 +1,11 @@
{
"metadata": {
"name": "podsandbox1",
"uid": "redhat-test-ocid",
"namespace": "redhat.test.ocid",
"uid": "redhat-test-crio",
"namespace": "redhat.test.crio",
"attempt": 1
},
"hostname": "ocic_host",
"hostname": "crioctl_host",
"log_directory": "",
"dns_options": {
"servers": [