test: Add 2 basic networking tests

We create temporary CNI networking configurations and run 2
functional tests:

- Verify that the networking namespace interface has a valid CIDR
- Ping the networking namespace interface from the host

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>

test/helpers.bash

@@ -45,9 +45,14 @@ if [ -e /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
 fi
 OCID_SOCKET="$TESTDIR/ocid.sock"
 OCID_CONFIG="$TESTDIR/ocid.conf"
+OCID_CNI_CONFIG="$TESTDIR/cni/net.d/"
+POD_CIDR="10.88.0.0/16"
+POD_CIDR_MASK="10.88.*.*"
 
 cp "$CONMON_BINARY" "$TESTDIR/conmon"
 
+mkdir -p $OCID_CNI_CONFIG
+
 PATH=$PATH:$TESTDIR
 
 # Run ocid using the binary specified by $OCID_BINARY.
@@ -106,7 +111,7 @@ function start_ocid() {
 		apparmor="$APPARMOR_PROFILE"
 	fi
 
-	"$OCID_BINARY" --conmon "$CONMON_BINARY" --pause "$PAUSE_BINARY" --listen "$OCID_SOCKET" --runtime "$RUNC_BINARY" --root "$TESTDIR/ocid" --sandboxdir "$TESTDIR/sandboxes" --containerdir "$TESTDIR/ocid/containers" --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" config >$OCID_CONFIG
+	"$OCID_BINARY" --conmon "$CONMON_BINARY" --pause "$PAUSE_BINARY" --listen "$OCID_SOCKET" --runtime "$RUNC_BINARY" --root "$TESTDIR/ocid" --sandboxdir "$TESTDIR/sandboxes" --containerdir "$TESTDIR/ocid/containers" --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$OCID_CNI_CONFIG" config >$OCID_CONFIG
 	"$OCID_BINARY" --debug --config "$OCID_CONFIG" & OCID_PID=$!
 	wait_until_reachable
 }
@@ -189,3 +194,70 @@ function is_apparmor_enabled() {
 	fi
 	echo 0
 }
+
+function prepare_network_conf() {
+	cat >$OCID_CNI_CONFIG/10-ocid.conf <<-EOF
+{
+    "cniVersion": "0.2.0",
+    "name": "ocidnet",
+    "type": "bridge",
+    "bridge": "cni0",
+    "isGateway": true,
+    "ipMasq": true,
+    "ipam": {
+        "type": "host-local",
+        "subnet": "$1",
+        "routes": [
+            { "dst": "0.0.0.0/0"  }
+        ]
+    }
+}
+EOF
+
+	cat >$OCID_CNI_CONFIG/99-loopback.conf <<-EOF
+{
+    "cniVersion": "0.2.0",
+    "type": "loopback"
+}
+EOF
+
+	echo 0
+}
+
+function check_pod_cidr() {
+        fullnetns=`ocic pod status --id $1 | grep namespace | cut -d ' ' -f 3`
+	netns=`basename $fullnetns`
+
+	ip netns exec $netns ip addr show dev eth0 scope global | grep $POD_CIDR_MASK
+
+	echo $?
+}
+
+function parse_pod_ip() {
+  for arg
+  do
+      cidr=`echo "$arg" | grep $POD_CIDR_MASK`
+      if [ "$cidr" == "$arg" ]
+      then
+	  echo `echo "$arg" | sed "s/\/[0-9][0-9]//"`
+      fi
+  done
+}
+
+function ping_pod() {
+        netns=`ocic pod status --id $1 | grep namespace | cut -d ' ' -f 3`
+	inet=`ip netns exec \`basename $netns\` ip addr show dev eth0 scope global | grep inet`
+
+	IFS=" "
+	ip=`parse_pod_ip $inet`
+
+	ping -W 1 -c 5 $ip
+
+	echo $?
+}
+
+function cleanup_network_conf() {
+	rm -rf $OCID_CNI_CONFIG
+
+	echo 0
+}

test/network.bats

@@ -0,0 +1,45 @@
+#!/usr/bin/env bats
+
+load helpers
+
+@test "Check for valid pod netns CIDR" {
+	# this test requires docker, thus it can't yet be run in a container
+	if [ "$TRAVIS" = "true" ]; then # instead of $TRAVIS, add a function is_containerized to skip here
+		skip "cannot yet run this test in a container, use sudo make localintegration"
+	fi
+
+	prepare_network_conf $POD_CIDR
+
+	start_ocid
+	run ocic pod run --config "$TESTDATA"/sandbox_config.json
+	echo "$output"
+	[ "$status" -eq 0 ]
+	pod_id="$output"
+
+	check_pod_cidr $pod_id
+
+	cleanup_pods
+	cleanup_network_conf
+	stop_ocid
+}
+
+@test "Ping pod netns from the host" {
+	# this test requires docker, thus it can't yet be run in a container
+	if [ "$TRAVIS" = "true" ]; then # instead of $TRAVIS, add a function is_containerized to skip here
+		skip "cannot yet run this test in a container, use sudo make localintegration"
+	fi
+
+	prepare_network_conf $POD_CIDR
+
+	start_ocid
+	run ocic pod run --config "$TESTDATA"/sandbox_config.json
+	echo "$output"
+	[ "$status" -eq 0 ]
+	pod_id="$output"
+
+	ping_pod $pod_id
+
+	cleanup_pods
+	cleanup_network_conf
+	stop_ocid
+}