Merge pull request #603 from runcom/test-calico

test: add a test for /etc/resolv.conf in rw/ro mode
2017-06-16 12:16:55 -07:00 · 2017-06-16 12:16:55 -07:00 · d2aa49a87b
commit d2aa49a87b
parent 2014f0e14f 8b4e3036ea
5 changed files with 188 additions and 7 deletions
--- a/test/ctr.bats
+++ b/test/ctr.bats
@ -695,7 +695,7 @@ function teardown() {
 	run crioctl ctr start --id "$ctr_id"
 	echo "$output"
 	[ "$status" -eq 0 ]
-        # Wait for container to OOM
+	# Wait for container to OOM
 	run sleep 10
 	run crioctl ctr status --id "$ctr_id"
 	echo "$output"
@ -711,3 +711,42 @@ function teardown() {
 	cleanup_pods
 	stop_crio
 }
+
+@test "ctr /etc/resolv.conf rw/ro mode" {
+	start_crio
+	run crioctl pod run --config "$TESTDATA"/sandbox_config.json
+	echo "$output"
+	[ "$status" -eq 0 ]
+	pod_id="$output"
+	run crioctl ctr create --config "$TESTDATA"/container_config_resolvconf.json --pod "$pod_id"
+	echo "$output"
+	[ "$status" -eq 0 ]
+	ctr_id="$output"
+	run crioctl ctr start --id "$ctr_id"
+	echo "$output"
+	[ "$status" -eq 0 ]
+	run crioctl ctr status --id "$ctr_id"
+	echo "$output"
+	[ "$status" -eq 0 ]
+	[[ "$output" =~ "Status: CONTAINER_EXITED" ]]
+	[[ "$output" =~ "Exit Code: 0" ]]
+	[[ "$output" =~ "Reason: Completed" ]]
+
+	run crioctl ctr create --name roctr --config "$TESTDATA"/container_config_resolvconf_ro.json --pod "$pod_id"
+	echo "$output"
+	[ "$status" -eq 0 ]
+	ctr_id="$output"
+	run crioctl ctr start --id "$ctr_id"
+	echo "$output"
+	[ "$status" -eq 0 ]
+	run crioctl ctr status --id "$ctr_id"
+	echo "$output"
+	[ "$status" -eq 0 ]
+	[[ "$output" =~ "Status: CONTAINER_EXITED" ]]
+	[[ "$output" =~ "Exit Code: 1" ]]
+	[[ "$output" =~ "Reason: Error" ]]
+
+	cleanup_ctrs
+	cleanup_pods
+	stop_crio
+}
--- a/test/testdata/container_config.json
+++ b/test/testdata/container_config.json
@ -38,7 +38,6 @@
 		"daemon": "crio"
 	},
 	"privileged": true,
-	"readonly_rootfs": true,
 	"log_path": "",
 	"stdin": false,
 	"stdin_once": false,
@ -51,6 +50,7 @@
 			"oom_score_adj": 30
 		},
 		"security_context": {
+			"readonly_rootfs": false,
 			"capabilities": {
 				"add_capabilities": [
 					"setuid",
--- a/test/testdata/container_config_resolvconf.json
+++ b/test/testdata/container_config_resolvconf.json
@ -0,0 +1,73 @@
+{
+	"metadata": {
+		"name": "container1",
+		"attempt": 1
+	},
+	"image": {
+		"image": "redis:alpine"
+	},
+	"command": [
+		"sh",
+		"-c",
+		"echo test >> /etc/resolv.conf"
+	],
+	"args": [],
+	"working_dir": "/",
+	"envs": [
+		{
+			"key": "PATH",
+			"value": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+		},
+		{
+			"key": "TERM",
+			"value": "xterm"
+		},
+		{
+			"key": "TESTDIR",
+			"value": "test/dir1"
+		},
+		{
+			"key": "TESTFILE",
+			"value": "test/file1"
+		}
+	],
+	"labels": {
+		"type": "small",
+		"batch": "no"
+	},
+	"annotations": {
+		"owner": "dragon",
+		"daemon": "crio"
+	},
+	"privileged": true,
+	"log_path": "",
+	"stdin": false,
+	"stdin_once": false,
+	"tty": false,
+	"linux": {
+		"resources": {
+			"cpu_period": 10000,
+			"cpu_quota": 20000,
+			"cpu_shares": 512,
+			"oom_score_adj": 30
+		},
+		"security_context": {
+			"readonly_rootfs": false,
+			"capabilities": {
+				"add_capabilities": [
+					"setuid",
+					"setgid"
+				],
+				"drop_capabilities": [
+					"audit_read"
+				]
+			},
+			"selinux_options": {
+				"user": "system_u",
+				"role": "system_r",
+				"type": "container_t",
+				"level": "s0:c4,c5"
+			}
+		}
+	}
+}
--- a/test/testdata/container_config_resolvconf_ro.json
+++ b/test/testdata/container_config_resolvconf_ro.json
@ -0,0 +1,73 @@
+{
+	"metadata": {
+		"name": "container1",
+		"attempt": 1
+	},
+	"image": {
+		"image": "redis:alpine"
+	},
+	"command": [
+		"sh",
+		"-c",
+		"echo test >> /etc/resolv.conf"
+	],
+	"args": [],
+	"working_dir": "/",
+	"envs": [
+		{
+			"key": "PATH",
+			"value": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+		},
+		{
+			"key": "TERM",
+			"value": "xterm"
+		},
+		{
+			"key": "TESTDIR",
+			"value": "test/dir1"
+		},
+		{
+			"key": "TESTFILE",
+			"value": "test/file1"
+		}
+	],
+	"labels": {
+		"type": "small",
+		"batch": "no"
+	},
+	"annotations": {
+		"owner": "dragon",
+		"daemon": "crio"
+	},
+	"privileged": true,
+	"log_path": "",
+	"stdin": false,
+	"stdin_once": false,
+	"tty": false,
+	"linux": {
+		"resources": {
+			"cpu_period": 10000,
+			"cpu_quota": 20000,
+			"cpu_shares": 512,
+			"oom_score_adj": 30
+		},
+		"security_context": {
+			"readonly_rootfs": true,
+			"capabilities": {
+				"add_capabilities": [
+					"setuid",
+					"setgid"
+				],
+				"drop_capabilities": [
+					"audit_read"
+				]
+			},
+			"selinux_options": {
+				"user": "system_u",
+				"role": "system_r",
+				"type": "container_t",
+				"level": "s0:c4,c5"
+			}
+		}
+	}
+}
--- a/test/testdata/sandbox_config.json
+++ b/test/testdata/sandbox_config.json
@ -7,11 +7,7 @@
 	},
 	"hostname": "crioctl_host",
 	"log_directory": "",
-	"dns_options": {
-		"servers": [
-			"server1.redhat.com",
-			"server2.redhat.com"
-		],
+	"dns_config": {
 		"searches": [
 			"8.8.8.8"
 		]