vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #495 from rhatdan/rename

Browse source 
Rename ocid to crio
This commit is contained in:
Mrunal Patel 2017-05-15 11:27:28 -07:00 committed by GitHub
commit 7ea255fcea
52 changed files with 677 additions and 677 deletions
Download patch file Download diff file Expand all files Collapse all files

8
test/README.md
View file

@ -79,7 +79,7 @@ make localintegration RUNTIME=cc-oci-runtime
## Writing integration tests
[Helper functions]
(https://github.com/kubernetes-incubator/ocid/blob/master/test/helpers.bash)
(https://github.com/kubernetes-incubator/crio/blob/master/test/helpers.bash)
are provided in order to facilitate writing tests.
```sh
@ -97,9 +97,9 @@ function teardown() {
cleanup_test
}
@test "ocic runtimeversion" {
start_ocid
ocic runtimeversion
@test "crioctl runtimeversion" {
start_crio
crioctl runtimeversion
[ "$status" -eq 0 ]
}

54
test/apparmor.bats
View file

@ -15,31 +15,31 @@ function teardown() {
skip "skip this test since apparmor is not enabled."
fi
start_ocid
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname1": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor1.json
run ocic pod run --name apparmor1 --config "$TESTDIR"/apparmor1.json
run crioctl pod run --name apparmor1 --config "$TESTDIR"/apparmor1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname1 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname1 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" touch test.txt
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 2. test running with loading a specific apparmor profile as ocid default apparmor profile.
# test that we can run with a specific apparmor profile which will block touching a file in `.` as ocid default apparmor profile.
# 2. test running with loading a specific apparmor profile as crio default apparmor profile.
# test that we can run with a specific apparmor profile which will block touching a file in `.` as crio default apparmor profile.
@test "load a specific apparmor profile as default apparmor and run a container with it" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
enabled=$(is_apparmor_enabled)
@ -48,31 +48,31 @@ function teardown() {
fi
load_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
start_ocid "" "$APPARMOR_TEST_PROFILE_NAME"
start_crio "" "$APPARMOR_TEST_PROFILE_NAME"
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname2": "apparmor-test-deny-write"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor2.json
run ocic pod run --name apparmor2 --config "$TESTDIR"/apparmor2.json
run crioctl pod run --name apparmor2 --config "$TESTDIR"/apparmor2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" touch test.txt
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Permission denied" ]]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
remove_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
}
# 3. test running with loading a specific apparmor profile but not as ocid default apparmor profile.
# 3. test running with loading a specific apparmor profile but not as crio default apparmor profile.
# test that we can run with a specific apparmor profile which will block touching a file in `.`
@test "load default apparmor profile and run a container with another apparmor profile" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
@ -82,27 +82,27 @@ function teardown() {
fi
load_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
start_ocid
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname3": "apparmor-test-deny-write"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor3.json
run ocic pod run --name apparmor3 --config "$TESTDIR"/apparmor3.json
run crioctl pod run --name apparmor3 --config "$TESTDIR"/apparmor3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname3 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname3 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" touch test.txt
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Permission denied" ]]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
remove_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
}
@ -115,15 +115,15 @@ function teardown() {
skip "skip this test since apparmor is not enabled."
fi
start_ocid
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname4": "not-exists"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor4.json
run ocic pod run --name apparmor4 --config "$TESTDIR"/apparmor4.json
run crioctl pod run --name apparmor4 --config "$TESTDIR"/apparmor4.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname4 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname4 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Creating container failed" ]]
@ -131,7 +131,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 5. test running with default apparmor profile unloaded.
@ -143,26 +143,26 @@ function teardown() {
skip "skip this test since apparmor is not enabled."
fi
start_ocid
start_crio
remove_apparmor_profile "$FAKE_OCID_DEFAULT_PROFILE_PATH"
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname5": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor5.json
run ocic pod run --name apparmor5 --config "$TESTDIR"/apparmor5.json
run crioctl pod run --name apparmor5 --config "$TESTDIR"/apparmor5.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname5 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname5 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" touch test.txt
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}

286
test/ctr.bats
View file

@ -7,125 +7,125 @@ function teardown() {
}
@test "ctr remove" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr remove --id "$ctr_id"
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr lifecycle" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr remove --id "$ctr_id"
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr logging" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
# Create a new container.
newconfig=$(mktemp --tmpdir ocid-config.XXXXXX.json)
newconfig=$(mktemp --tmpdir crio-config.XXXXXX.json)
cp "$TESTDATA"/container_config_logging.json "$newconfig"
sed -i 's|"%shellcommand%"|"echo here is some output \&\& echo and some from stderr >\&2"|' "$newconfig"
run ocic ctr create --config "$newconfig" --pod "$pod_id"
run crioctl ctr create --config "$newconfig" --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
# Ignore errors on stop.
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
[ "$status" -eq 0 ]
run ocic ctr remove --id "$ctr_id"
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
@ -136,46 +136,46 @@ function teardown() {
grep -E "^[^\n]+ stdout here is some output$" "$logpath"
grep -E "^[^\n]+ stderr and some from stderr$" "$logpath"
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr logging [tty=true]" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
# Create a new container.
newconfig=$(mktemp --tmpdir ocid-config.XXXXXX.json)
newconfig=$(mktemp --tmpdir crio-config.XXXXXX.json)
cp "$TESTDATA"/container_config_logging.json "$newconfig"
sed -i 's|"%shellcommand%"|"echo here is some output"|' "$newconfig"
sed -i 's|"tty": false,|"tty": true,|' "$newconfig"
run ocic ctr create --config "$newconfig" --pod "$pod_id"
run crioctl ctr create --config "$newconfig" --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
# Ignore errors on stop.
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
[ "$status" -eq 0 ]
run ocic ctr remove --id "$ctr_id"
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
@ -185,211 +185,211 @@ function teardown() {
echo "$logpath :: $(cat "$logpath")"
grep -E "^[^\n]+ stdout here is some output$" "$logpath"
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# regression test for #127
@test "ctrs status for a pod" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list --quiet
run crioctl ctr list --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
printf '%s\n' "$output" | while IFS= read -r id
do
run ocic ctr status --id "$id"
run crioctl ctr status --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr list filtering" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json --name pod1
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod1
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod1_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
ctr1_id="$output"
run ocic ctr start --id "$ctr1_id"
run crioctl ctr start --id "$ctr1_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod run --config "$TESTDATA"/sandbox_config.json --name pod2
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod2
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod2_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
ctr2_id="$output"
run ocic pod run --config "$TESTDATA"/sandbox_config.json --name pod3
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod3
echo "$output"
[ "$status" -eq 0 ]
pod3_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod3_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
ctr3_id="$output"
run ocic ctr start --id "$ctr3_id"
run crioctl ctr start --id "$ctr3_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr3_id"
run crioctl ctr stop --id "$ctr3_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr list --id "$ctr1_id" --quiet
run crioctl ctr list --id "$ctr1_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --id "${ctr1_id:0:4}" --quiet
run crioctl ctr list --id "${ctr1_id:0:4}" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --id "$ctr2_id" --pod "$pod2_id" --quiet
run crioctl ctr list --id "$ctr2_id" --pod "$pod2_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run ocic ctr list --id "$ctr2_id" --pod "$pod3_id" --quiet
run crioctl ctr list --id "$ctr2_id" --pod "$pod3_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run ocic ctr list --state created --quiet
run crioctl ctr list --state created --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run ocic ctr list --state running --quiet
run crioctl ctr list --state running --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --state stopped --quiet
run crioctl ctr list --state stopped --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr3_id" ]]
run ocic ctr list --pod "$pod1_id" --quiet
run crioctl ctr list --pod "$pod1_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --pod "$pod2_id" --quiet
run crioctl ctr list --pod "$pod2_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run ocic ctr list --pod "$pod3_id" --quiet
run crioctl ctr list --pod "$pod3_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr3_id" ]]
run ocic pod remove --id "$pod1_id"
run crioctl pod remove --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod2_id"
run crioctl pod remove --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod3_id"
run crioctl pod remove --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr list label filtering" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr1 --label "a=b" --label "c=d" --label "e=f"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr1 --label "a=b" --label "c=d" --label "e=f"
echo "$output"
[ "$status" -eq 0 ]
ctr1_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr2 --label "a=b" --label "c=d"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr2 --label "a=b" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
ctr2_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr3 --label "a=b"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr3 --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
ctr3_id="$output"
run ocic ctr list --label "tier=backend" --label "a=b" --label "c=d" --label "e=f" --quiet
run crioctl ctr list --label "tier=backend" --label "a=b" --label "c=d" --label "e=f" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run ocic ctr list --label "tier=frontend" --quiet
run crioctl ctr list --label "tier=frontend" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run ocic ctr list --label "a=b" --label "c=d" --quiet
run crioctl ctr list --label "a=b" --label "c=d" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
[[ "$output" =~ "$ctr2_id" ]]
run ocic ctr list --label "a=b" --quiet
run crioctl ctr list --label "a=b" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
[[ "$output" =~ "$ctr2_id" ]]
[[ "$output" =~ "$ctr3_id" ]]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr metadata in list & status" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr list --id "$ctr_id"
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: container1" ]]
[[ "$output" =~ "Attempt: 1" ]]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
@ -398,163 +398,163 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr execsync" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" echo HELLO
run crioctl ctr execsync --id "$ctr_id" echo HELLO
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "HELLO" ]]
run ocic ctr execsync --id "$ctr_id" --timeout 1 sleep 10
run crioctl ctr execsync --id "$ctr_id" --timeout 1 sleep 10
echo "$output"
[[ "$output" =~ "command timed out" ]]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr device add" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis_device.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis_device.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" ls /dev/mynull
run crioctl ctr execsync --id "$ctr_id" ls /dev/mynull
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "/dev/mynull" ]]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr execsync failure" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" doesnotexist
run crioctl ctr execsync --id "$ctr_id" doesnotexist
echo "$output"
[ "$status" -ne 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr execsync exit code" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" false
run crioctl ctr execsync --id "$ctr_id" false
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr execsync std{out,err}" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" "echo hello0 stdout"
run crioctl ctr execsync --id "$ctr_id" "echo hello0 stdout"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == *"$(printf "Stdout:\nhello0 stdout")"* ]]
run ocic ctr execsync --id "$ctr_id" "echo hello1 stderr >&2"
run crioctl ctr execsync --id "$ctr_id" "echo hello1 stderr >&2"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == *"$(printf "Stderr:\nhello1 stderr")"* ]]
run ocic ctr execsync --id "$ctr_id" "echo hello2 stderr >&2; echo hello3 stdout"
run crioctl ctr execsync --id "$ctr_id" "echo hello2 stderr >&2; echo hello3 stdout"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == *"$(printf "Stderr:\nhello2 stderr")"* ]]
[[ "$output" == *"$(printf "Stdout:\nhello3 stdout")"* ]]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr stop idempotent" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr stop --id "$ctr_id"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "ctr caps drop" {

98
test/helpers.bash
View file

@ -9,10 +9,10 @@ TESTDATA="${INTEGRATION_ROOT}/testdata"
# Root directory of the repository.
OCID_ROOT=${OCID_ROOT:-$(cd "$INTEGRATION_ROOT/../.."; pwd -P)}
# Path of the ocid binary.
OCID_BINARY=${OCID_BINARY:-${OCID_ROOT}/cri-o/ocid}
# Path of the ocic binary.
OCIC_BINARY=${OCIC_BINARY:-${OCID_ROOT}/cri-o/ocic}
# Path of the crio binary.
OCID_BINARY=${OCID_BINARY:-${OCID_ROOT}/cri-o/crio}
# Path of the crioctl binary.
OCIC_BINARY=${OCIC_BINARY:-${OCID_ROOT}/cri-o/crioctl}
# Path of the conmon binary.
CONMON_BINARY=${CONMON_BINARY:-${OCID_ROOT}/cri-o/conmon/conmon}
# Path of the pause binary.
@ -20,7 +20,7 @@ PAUSE_BINARY=${PAUSE_BINARY:-${OCID_ROOT}/cri-o/pause/pause}
# Path of the default seccomp profile.
SECCOMP_PROFILE=${SECCOMP_PROFILE:-${OCID_ROOT}/cri-o/seccomp.json}
# Name of the default apparmor profile.
APPARMOR_PROFILE=${APPARMOR_PROFILE:-ocid-default}
APPARMOR_PROFILE=${APPARMOR_PROFILE:-crio-default}
# Runtime
RUNTIME=${RUNTIME:-runc}
RUNTIME_PATH=$(command -v $RUNTIME || true)
@ -29,8 +29,8 @@ RUNTIME_BINARY=${RUNTIME_PATH:-/usr/local/sbin/runc}
APPARMOR_PARSER_BINARY=${APPARMOR_PARSER_BINARY:-/sbin/apparmor_parser}
# Path of the apparmor profile for test.
APPARMOR_TEST_PROFILE_PATH=${APPARMOR_TEST_PROFILE_PATH:-${TESTDATA}/apparmor_test_deny_write}
# Path of the apparmor profile for unloading ocid-default.
FAKE_OCID_DEFAULT_PROFILE_PATH=${FAKE_OCID_DEFAULT_PROFILE_PATH:-${TESTDATA}/fake_ocid_default}
# Path of the apparmor profile for unloading crio-default.
FAKE_OCID_DEFAULT_PROFILE_PATH=${FAKE_OCID_DEFAULT_PROFILE_PATH:-${TESTDATA}/fake_crio_default}
# Name of the apparmor profile for test.
APPARMOR_TEST_PROFILE_NAME=${APPARMOR_TEST_PROFILE_NAME:-apparmor-test-deny-write}
# Path of boot config.
@ -46,7 +46,7 @@ ARTIFACTS_PATH=${ARTIFACTS_PATH:-${OCID_ROOT}/cri-o/.artifacts}
# Path of the checkseccomp binary.
CHECKSECCOMP_BINARY=${CHECKSECCOMP_BINARY:-${OCID_ROOT}/cri-o/test/checkseccomp/checkseccomp}
# XXX: This is hardcoded inside cri-o at the moment.
DEFAULT_LOG_PATH=/var/log/ocid/pods
DEFAULT_LOG_PATH=/var/log/crio/pods
TESTDIR=$(mktemp -d)
if [ -e /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
@ -54,8 +54,8 @@ if [ -e /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
filelabel=$(awk -F'"' '/^file.*=.*/ {print $2}' /etc/selinux/${SELINUXTYPE}/contexts/lxc_contexts)
chcon -R ${filelabel} $TESTDIR
fi
OCID_SOCKET="$TESTDIR/ocid.sock"
OCID_CONFIG="$TESTDIR/ocid.conf"
OCID_SOCKET="$TESTDIR/crio.sock"
OCID_CONFIG="$TESTDIR/crio.conf"
OCID_CNI_CONFIG="$TESTDIR/cni/net.d/"
OCID_CNI_PLUGIN="/opt/cni/bin/"
POD_CIDR="10.88.0.0/16"
@ -85,14 +85,14 @@ if ! [ -d "$ARTIFACTS_PATH"/busybox-image ]; then
fi
fi
# Run ocid using the binary specified by $OCID_BINARY.
# This must ONLY be run on engines created with `start_ocid`.
function ocid() {
# Run crio using the binary specified by $OCID_BINARY.
# This must ONLY be run on engines created with `start_crio`.
function crio() {
"$OCID_BINARY" --listen "$OCID_SOCKET" "$@"
}
# Run ocic using the binary specified by $OCIC_BINARY.
function ocic() {
# Run crioctl using the binary specified by $OCIC_BINARY.
function crioctl() {
"$OCIC_BINARY" --connect "$OCID_SOCKET" "$@"
}
@ -122,13 +122,13 @@ function retry() {
false
}
# Waits until the given ocid becomes reachable.
# Waits until the given crio becomes reachable.
function wait_until_reachable() {
retry 15 1 ocic runtimeversion
retry 15 1 crioctl runtimeversion
}
# Start ocid.
function start_ocid() {
# Start crio.
function start_crio() {
if [[ -n "$1" ]]; then
seccomp="$1"
else
@ -141,12 +141,12 @@ function start_ocid() {
apparmor="$APPARMOR_PROFILE"
fi
# Don't forget: bin2img, copyimg, and ocid have their own default drivers, so if you override any, you probably need to override them all
# Don't forget: bin2img, copyimg, and crio have their own default drivers, so if you override any, you probably need to override them all
if ! [ "$3" = "--no-pause-image" ] ; then
"$BIN2IMG_BINARY" --root "$TESTDIR/ocid" $STORAGE_OPTS --runroot "$TESTDIR/ocid-run" --source-binary "$PAUSE_BINARY"
"$BIN2IMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTS --runroot "$TESTDIR/crio-run" --source-binary "$PAUSE_BINARY"
fi
"$COPYIMG_BINARY" --root "$TESTDIR/ocid" $STORAGE_OPTS --runroot "$TESTDIR/ocid-run" --image-name=redis:alpine --import-from=dir:"$ARTIFACTS_PATH"/redis-image --add-name=docker://docker.io/library/redis:alpine --signature-policy="$INTEGRATION_ROOT"/policy.json
"$OCID_BINARY" --conmon "$CONMON_BINARY" --listen "$OCID_SOCKET" --runtime "$RUNTIME_BINARY" --root "$TESTDIR/ocid" --runroot "$TESTDIR/ocid-run" $STORAGE_OPTS --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$OCID_CNI_CONFIG" --signature-policy "$INTEGRATION_ROOT"/policy.json --config /dev/null config >$OCID_CONFIG
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTS --runroot "$TESTDIR/crio-run" --image-name=redis:alpine --import-from=dir:"$ARTIFACTS_PATH"/redis-image --add-name=docker://docker.io/library/redis:alpine --signature-policy="$INTEGRATION_ROOT"/policy.json
"$OCID_BINARY" --conmon "$CONMON_BINARY" --listen "$OCID_SOCKET" --runtime "$RUNTIME_BINARY" --root "$TESTDIR/crio" --runroot "$TESTDIR/crio-run" $STORAGE_OPTS --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$OCID_CNI_CONFIG" --signature-policy "$INTEGRATION_ROOT"/policy.json --config /dev/null config >$OCID_CONFIG
# Prepare the CNI configuration files, we're running with non host networking by default
if [[ -n "$4" ]]; then
@ -159,58 +159,58 @@ function start_ocid() {
"$OCID_BINARY" --debug --config "$OCID_CONFIG" & OCID_PID=$!
wait_until_reachable
run ocic image status --id=redis:alpine
run crioctl image status --id=redis:alpine
if [ "$status" -ne 0 ] ; then
ocic image pull redis:alpine
crioctl image pull redis:alpine
fi
REDIS_IMAGEID=$(ocic image status --id=redis:alpine | head -1 | sed -e "s/ID: //g")
run ocic image status --id=busybox
REDIS_IMAGEID=$(crioctl image status --id=redis:alpine | head -1 | sed -e "s/ID: //g")
run crioctl image status --id=busybox
if [ "$status" -ne 0 ] ; then
ocic image pull busybox:latest
crioctl image pull busybox:latest
fi
BUSYBOX_IMAGEID=$(ocic image status --id=busybox | head -1 | sed -e "s/ID: //g")
BUSYBOX_IMAGEID=$(crioctl image status --id=busybox | head -1 | sed -e "s/ID: //g")
}
function cleanup_ctrs() {
run ocic ctr list --quiet
run crioctl ctr list --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
ocic ctr stop --id "$line" || true
ocic ctr remove --id "$line"
crioctl ctr stop --id "$line" || true
crioctl ctr remove --id "$line"
done
fi
fi
}
function cleanup_images() {
run ocic image list --quiet
run crioctl image list --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
ocic image remove --id "$line"
crioctl image remove --id "$line"
done
fi
fi
}
function cleanup_pods() {
run ocic pod list --quiet
run crioctl pod list --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
ocic pod stop --id "$line" || true
ocic pod remove --id "$line"
crioctl pod stop --id "$line" || true
crioctl pod remove --id "$line"
done
fi
fi
}
# Stop ocid.
function stop_ocid() {
# Stop crio.
function stop_crio() {
if [ "$OCID_PID" != "" ]; then
kill "$OCID_PID" >/dev/null 2>&1
wait "$OCID_PID"
@ -220,13 +220,13 @@ function stop_ocid() {
cleanup_network_conf
}
function restart_ocid() {
function restart_crio() {
if [ "$OCID_PID" != "" ]; then
kill "$OCID_PID" >/dev/null 2>&1
wait "$OCID_PID"
start_ocid
start_crio
else
echo "you must start ocid first"
echo "you must start crio first"
exit 1
fi
}
@ -265,10 +265,10 @@ function is_apparmor_enabled() {
function prepare_network_conf() {
mkdir -p $OCID_CNI_CONFIG
cat >$OCID_CNI_CONFIG/10-ocid.conf <<-EOF
cat >$OCID_CNI_CONFIG/10-crio.conf <<-EOF
{
"cniVersion": "0.2.0",
"name": "ocidnet",
"name": "crionet",
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
@ -298,7 +298,7 @@ function prepare_plugin_test_args_network_conf() {
cat >$OCID_CNI_CONFIG/10-plugin-test-args.conf <<-EOF
{
"cniVersion": "0.2.0",
"name": "ocidnet",
"name": "crionet",
"type": "plugin_test_args.bash"
}
EOF
@ -307,7 +307,7 @@ EOF
}
function check_pod_cidr() {
fullnetns=`ocic pod status --id $1 | grep namespace | cut -d ' ' -f 3`
fullnetns=`crioctl pod status --id $1 | grep namespace | cut -d ' ' -f 3`
netns=`basename $fullnetns`
run ip netns exec $netns ip addr show dev eth0 scope global 2>&1
@ -328,7 +328,7 @@ function parse_pod_ip() {
}
function ping_pod() {
netns=`ocic pod status --id $1 | grep namespace | cut -d ' ' -f 3`
netns=`crioctl pod status --id $1 | grep namespace | cut -d ' ' -f 3`
inet=`ip netns exec \`basename $netns\` ip addr show dev eth0 scope global | grep inet`
IFS=" "
@ -340,8 +340,8 @@ function ping_pod() {
}
function ping_pod_from_pod() {
pod_ip=`ocic pod status --id $1 | grep "IP Address" | cut -d ' ' -f 3`
netns=`ocic pod status --id $2 | grep namespace | cut -d ' ' -f 3`
pod_ip=`crioctl pod status --id $1 | grep "IP Address" | cut -d ' ' -f 3`
netns=`crioctl pod status --id $2 | grep namespace | cut -d ' ' -f 3`
ip netns exec `basename $netns` ping -W 1 -c 2 $pod_ip

66
test/image.bats
View file

@ -9,73 +9,73 @@ function teardown() {
}
@test "run container in pod with image ID" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
sed -e "s/%VALUE%/$REDIS_IMAGEID/g" "$TESTDATA"/container_config_by_imageid.json > "$TESTDIR"/ctr_by_imageid.json
run ocic ctr create --config "$TESTDIR"/ctr_by_imageid.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDIR"/ctr_by_imageid.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "image pull" {
start_ocid "" "" --no-pause-image
run ocic image pull "$IMAGE"
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
cleanup_images
stop_ocid
stop_crio
}
@test "image pull and list by digest" {
start_ocid "" "" --no-pause-image
run ocic image pull nginx@sha256:4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
start_crio "" "" --no-pause-image
run crioctl image pull nginx@sha256:4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
echo "$output"
[ "$status" -eq 0 ]
run ocic image list --quiet nginx@sha256:4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
run crioctl image list --quiet nginx@sha256:4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run ocic image list --quiet nginx@4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
run crioctl image list --quiet nginx@4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run ocic image list --quiet @4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
run crioctl image list --quiet @4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run ocic image list --quiet 4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
run crioctl image list --quiet 4aacdcf186934dcb02f642579314075910f1855590fd3039d8fa4c9f96e48315
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
cleanup_images
stop_ocid
stop_crio
}
@test "image list with filter" {
start_ocid "" "" --no-pause-image
run ocic image pull "$IMAGE"
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run ocic image list --quiet "$IMAGE"
run crioctl image list --quiet "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
printf '%s\n' "$output" | while IFS= read -r id; do
run ocic image remove --id "$id"
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
printf '%s\n' "$output" | while IFS= read -r id; do
@ -83,24 +83,24 @@ function teardown() {
status=1
done
cleanup_images
stop_ocid
stop_crio
}
@test "image list/remove" {
start_ocid "" "" --no-pause-image
run ocic image pull "$IMAGE"
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
run ocic image remove --id "$id"
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" = "" ]
@ -109,28 +109,28 @@ function teardown() {
status=1
done
cleanup_images
stop_ocid
stop_crio
}
@test "image status/remove" {
start_ocid "" "" --no-pause-image
run ocic image pull "$IMAGE"
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
run ocic image status --id "$id"
run crioctl image status --id "$id"
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
run ocic image remove --id "$id"
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run ocic image list --quiet
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" = "" ]
@ -139,5 +139,5 @@ function teardown() {
status=1
done
cleanup_images
stop_ocid
stop_crio
}

30
test/network.bats
View file

@ -3,8 +3,8 @@
load helpers
@test "Check for valid pod netns CIDR" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
@ -12,12 +12,12 @@ load helpers
check_pod_cidr $pod_id
cleanup_pods
stop_ocid
stop_crio
}
@test "Ping pod from the host" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
@ -25,19 +25,19 @@ load helpers
ping_pod $pod_id
cleanup_pods
stop_ocid
stop_crio
}
@test "Ping pod from another pod" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
temp_sandbox_conf cni_test
run ocic pod run --config "$TESTDIR"/sandbox_config_cni_test.json
run crioctl pod run --config "$TESTDIR"/sandbox_config_cni_test.json
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
@ -49,21 +49,21 @@ load helpers
[ "$status" -eq 0 ]
cleanup_pods
stop_ocid
stop_crio
}
@test "Ensure correct CNI plugin namespace/name/container-id arguments" {
start_ocid "" "" "" "prepare_plugin_test_args_network_conf"
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio "" "" "" "prepare_plugin_test_args_network_conf"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
[ "$status" -eq 0 ]
. /tmp/plugin_test_args.out
[ "$FOUND_CNI_CONTAINERID" != "redhat.test.ocid" ]
[ "$FOUND_CNI_CONTAINERID" != "redhat.test.crio" ]
[ "$FOUND_CNI_CONTAINERID" != "podsandbox1" ]
[ "$FOUND_K8S_POD_NAMESPACE" = "redhat.test.ocid" ]
[ "$FOUND_K8S_POD_NAMESPACE" = "redhat.test.crio" ]
[ "$FOUND_K8S_POD_NAME" = "podsandbox1" ]
cleanup_pods
stop_ocid
stop_crio
}

148
test/pod.bats
View file

@ -8,282 +8,282 @@ function teardown() {
# PR#59
@test "pod release name on remove" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
id="$output"
run ocic pod stop --id "$id"
run crioctl pod stop --id "$id"
echo "$output"
[ "$status" -eq 0 ]
echo "$output"
run ocic pod remove --id "$id"
run crioctl pod remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod run --config "$TESTDATA"/sandbox_config.json
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
id="$output"
run ocic pod stop --id "$id"
run crioctl pod stop --id "$id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$id"
run crioctl pod remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "pod remove" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "pod list filtering" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json -name pod1 --label "a=b" --label "c=d" --label "e=f"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod1 --label "a=b" --label "c=d" --label "e=f"
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
run ocic pod run --config "$TESTDATA"/sandbox_config.json -name pod2 --label "a=b" --label "c=d"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod2 --label "a=b" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
run ocic pod run --config "$TESTDATA"/sandbox_config.json -name pod3 --label "a=b"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod3 --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
pod3_id="$output"
run ocic pod list --label "a=b" --label "c=d" --label "e=f" --quiet
run crioctl pod list --label "a=b" --label "c=d" --label "e=f" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run ocic pod list --label "g=h" --quiet
run crioctl pod list --label "g=h" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run ocic pod list --label "a=b" --label "c=d" --quiet
run crioctl pod list --label "a=b" --label "c=d" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
[[ "$output" =~ "$pod2_id" ]]
run ocic pod list --label "a=b" --quiet
run crioctl pod list --label "a=b" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
[[ "$output" =~ "$pod2_id" ]]
[[ "$output" =~ "$pod3_id" ]]
run ocic pod list --id "$pod1_id"
run crioctl pod list --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
# filter by truncated id should work as well
run ocic pod list --id "${pod1_id:0:4}"
run crioctl pod list --id "${pod1_id:0:4}"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run ocic pod list --id "$pod2_id"
run crioctl pod list --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod2_id" ]]
run ocic pod list --id "$pod3_id"
run crioctl pod list --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod3_id" ]]
run ocic pod list --id "$pod1_id" --label "a=b"
run crioctl pod list --id "$pod1_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run ocic pod list --id "$pod2_id" --label "a=b"
run crioctl pod list --id "$pod2_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod2_id" ]]
run ocic pod list --id "$pod3_id" --label "a=b"
run crioctl pod list --id "$pod3_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod3_id" ]]
run ocic pod list --id "$pod3_id" --label "c=d"
run crioctl pod list --id "$pod3_id" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run ocic pod remove --id "$pod1_id"
run crioctl pod remove --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod2_id"
run crioctl pod remove --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod3_id"
run crioctl pod remove --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_pods
stop_ocid
stop_crio
}
@test "pod metadata in list & status" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list --id "$pod_id"
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: podsandbox1" ]]
[[ "$output" =~ "UID: redhat-test-ocid" ]]
[[ "$output" =~ "Namespace: redhat.test.ocid" ]]
[[ "$output" =~ "UID: redhat-test-crio" ]]
[[ "$output" =~ "Namespace: redhat.test.crio" ]]
[[ "$output" =~ "Attempt: 1" ]]
run ocic pod status --id "$pod_id"
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: podsandbox1" ]]
[[ "$output" =~ "UID: redhat-test-ocid" ]]
[[ "$output" =~ "Namespace: redhat.test.ocid" ]]
[[ "$output" =~ "UID: redhat-test-crio" ]]
[[ "$output" =~ "Namespace: redhat.test.crio" ]]
[[ "$output" =~ "Attempt: 1" ]]
cleanup_pods
stop_ocid
stop_crio
}
@test "pass pod sysctls to runtime" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --pod "$pod_id" --config "$TESTDATA"/container_redis.json
run crioctl ctr create --pod "$pod_id" --config "$TESTDATA"/container_redis.json
echo "$output"
[ "$status" -eq 0 ]
container_id="$output"
run ocic ctr start --id "$container_id"
run crioctl ctr start --id "$container_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$container_id" sysctl kernel.shm_rmid_forced
run crioctl ctr execsync --id "$container_id" sysctl kernel.shm_rmid_forced
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "kernel.shm_rmid_forced = 1" ]]
run ocic ctr execsync --id "$container_id" sysctl kernel.msgmax
run crioctl ctr execsync --id "$container_id" sysctl kernel.msgmax
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "kernel.msgmax = 8192" ]]
run ocic ctr execsync --id "$container_id" sysctl net.ipv4.ip_local_port_range
run crioctl ctr execsync --id "$container_id" sysctl net.ipv4.ip_local_port_range
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "net.ipv4.ip_local_port_range = 1024 65000" ]]
cleanup_pods
stop_ocid
stop_crio
}
@test "pod stop idempotent" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "pod remove idempotent" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod remove --id "$pod_id"
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "pod stop idempotent with ctrs already stopped" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
@test "restart ocid and still get pod status" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
@test "restart crio and still get pod status" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod stop --id "$pod_id"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
restart_ocid
run ocic pod status --id "$pod_id"
restart_crio
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}

34
test/restore.bats
View file

@ -6,74 +6,74 @@ function teardown() {
cleanup_test
}
@test "ocid restore" {
start_ocid
run ocic pod run --config "$TESTDATA"/sandbox_config.json
@test "crio restore" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic pod list --id "$pod_id"
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
pod_list_info="$output"
run ocic pod status --id "$pod_id"
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
pod_status_info="$output"
run ocic ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr list --id "$ctr_id"
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_list_info="$output"
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_status_info="$output"
stop_ocid
stop_crio
start_ocid
run ocic pod list
start_crio
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
[[ "${output}" =~ "${pod_id}" ]]
run ocic pod list --id "$pod_id"
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${pod_list_info}" ]]
run ocic pod status --id "$pod_id"
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${pod_status_info}" ]]
run ocic ctr list
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
[[ "${output}" =~ "${pod_id}" ]]
run ocic ctr list --id "$ctr_id"
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${ctr_list_info}" ]]
run ocic ctr status --id "$ctr_id"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${ctr_status_info}" ]]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}

8
test/runtimeversion.bats
View file

@ -6,10 +6,10 @@ function teardown() {
cleanup_test
}
@test "ocic runtimeversion" {
start_ocid
run ocic runtimeversion
@test "crioctl runtimeversion" {
start_crio
run crioctl runtimeversion
echo "$output"
[ "$status" -eq 0 ]
stop_ocid
stop_crio
}

102
test/seccomp.bats
View file

@ -19,27 +19,27 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp1-1-testname-0": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
run ocic pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp1-1-testname-0": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
run crioctl pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 2. test running with ctr runtime/default
@ -55,21 +55,21 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp2-1-testname2-0": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run ocic pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp2-1-testname2-0": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run crioctl pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
@ -77,7 +77,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 3. test running with ctr wrong profile name
@ -92,14 +92,14 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp3-1-testname3-1": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
run ocic pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp3-1-testname3-1": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
run crioctl pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname3 --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --name testname3 --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "unknown seccomp profile option:" ]]
@ -107,7 +107,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# TODO(runcom): need https://issues.k8s.io/36997
@ -123,7 +123,7 @@ function teardown() {
#sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
#sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
#start_ocid "$TESTDIR"/seccomp_profile1.json
#start_crio "$TESTDIR"/seccomp_profile1.json
skip "need https://issues.k8s.io/36997"
}
@ -143,21 +143,21 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp2-1-testname2-0-not-exists": "unconfined", "security\.alpha\.kubernetes\.io\/seccomp\/pod": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp5.json
run ocic pod run --name seccomp5 --config "$TESTDIR"/seccomp5.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp2-1-testname2-0-not-exists": "unconfined", "security\.alpha\.kubernetes\.io\/seccomp\/pod": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp5.json
run crioctl pod run --name seccomp5 --config "$TESTDIR"/seccomp5.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
@ -165,7 +165,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 6. test running with unkwown ctr profile and no pod, falls back to unconfined
@ -183,27 +183,27 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.ocid-seccomp6-1-testname6-0-not-exists": "runtime-default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp6.json
run ocic pod run --name seccomp6 --config "$TESTDIR"/seccomp6.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/container\/redhat\.test\.crio-seccomp6-1-testname6-0-not-exists": "runtime-default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp6.json
run crioctl pod run --name seccomp6 --config "$TESTDIR"/seccomp6.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --name testname6 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --name testname6 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 1. test running with pod unconfined
@ -219,27 +219,27 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/pod": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
run ocic pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
run crioctl pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 2. test running with pod runtime/default
@ -255,21 +255,21 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/pod": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run ocic pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
run crioctl pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run ocic ctr start --id "$ctr_id"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run ocic ctr execsync --id "$ctr_id" chmod 777 .
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
@ -277,7 +277,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# 3. test running with pod wrong profile name
@ -292,15 +292,15 @@ function teardown() {
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_ocid "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
# 3. test running with pod wrong profile name
sed -e 's/%VALUE%/,"security\.alpha\.kubernetes\.io\/seccomp\/pod": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
run ocic pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
run crioctl pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run ocic ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "unknown seccomp profile option:" ]]
@ -308,7 +308,7 @@ function teardown() {
cleanup_ctrs
cleanup_pods
stop_ocid
stop_crio
}
# TODO(runcom): need https://issues.k8s.io/36997
@ -324,7 +324,7 @@ function teardown() {
#sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
#sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
#start_ocid "$TESTDIR"/seccomp_profile1.json
#start_crio "$TESTDIR"/seccomp_profile1.json
skip "need https://issues.k8s.io/36997"
}

8
test/testdata/README.md vendored
View file

@ -1,15 +1,15 @@
In terminal 1:
```
sudo ./ocid
sudo ./crio
```
In terminal 2:
```
sudo ./ocic runtimeversion
sudo ./crioctl runtimeversion
sudo rm -rf /var/lib/containers/storage/sandboxes/podsandbox1
sudo ./ocic pod run --config testdata/sandbox_config.json
sudo ./crioctl pod run --config testdata/sandbox_config.json
sudo rm -rf /var/lib/containers/storage/containers/container1
sudo ./ocic container create --pod podsandbox1 --config testdata/container_config.json
sudo ./crioctl container create --pod podsandbox1 --config testdata/container_config.json
```

2
test/testdata/container_config.json vendored
View file

@ -35,7 +35,7 @@
},
"annotations": {
"owner": "dragon",
"daemon": "ocid"
"daemon": "crio"
},
"privileged": true,
"readonly_rootfs": true,

2
test/testdata/container_config_by_imageid.json vendored
View file

@ -35,7 +35,7 @@
},
"annotations": {
"owner": "dragon",
"daemon": "ocid"
"daemon": "crio"
},
"privileged": true,
"readonly_rootfs": true,

2
test/testdata/container_config_logging.json vendored
View file

@ -37,7 +37,7 @@
},
"annotations": {
"owner": "dragon",
"daemon": "ocid"
"daemon": "crio"
},
"privileged": true,
"readonly_rootfs": true,

2
test/testdata/container_config_seccomp.json vendored
View file

@ -37,7 +37,7 @@
},
"annotations": {
"owner": "dragon",
"daemon": "ocid"
"daemon": "crio"
},
"privileged": true,
"readonly_rootfs": true,

2
test/testdata/fake_ocid_default vendored
View file

@ -1 +1 @@
profile ocid-default flags=(attach_disconnected) {}
profile crio-default flags=(attach_disconnected) {}

8
test/testdata/sandbox_config.json vendored
View file

@ -1,11 +1,11 @@
{
"metadata": {
"name": "podsandbox1",
"uid": "redhat-test-ocid",
"namespace": "redhat.test.ocid",
"uid": "redhat-test-crio",
"namespace": "redhat.test.crio",
"attempt": 1
},
"hostname": "ocic_host",
"hostname": "crioctl_host",
"log_directory": "",
"dns_options": {
"servers": [
@ -52,7 +52,7 @@
"security.alpha.kubernetes.io/seccomp/pod": "unconfined"
},
"linux": {
"cgroup_parent": "/ocid-podsandbox1",
"cgroup_parent": "/crio-podsandbox1",
"security_context": {
"namespace_options": {
"host_network": false,

8
test/testdata/sandbox_config_hostnet.json vendored
View file

@ -1,11 +1,11 @@
{
"metadata": {
"name": "podsandbox1",
"uid": "redhat-test-ocid",
"namespace": "redhat.test.ocid",
"uid": "redhat-test-crio",
"namespace": "redhat.test.crio",
"attempt": 1
},
"hostname": "ocic_host",
"hostname": "crioctl_host",
"log_directory": "",
"dns_options": {
"servers": [
@ -51,7 +51,7 @@
"security.alpha.kubernetes.io/seccomp/pod": "unconfined"
},
"linux": {
"cgroup_parent": "/ocid-podsandbox1",
"cgroup_parent": "/crio-podsandbox1",
"security_context": {
"namespace_options": {
"host_network": true,

6
test/testdata/sandbox_config_seccomp.json vendored
View file

@ -1,11 +1,11 @@
{
"metadata": {
"name": "podsandbox1",
"uid": "redhat-test-ocid",
"namespace": "redhat.test.ocid",
"uid": "redhat-test-crio",
"namespace": "redhat.test.crio",
"attempt": 1
},
"hostname": "ocic_host",
"hostname": "crioctl_host",
"log_directory": "",
"dns_options": {
"servers": [