opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-17 23:26:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove CRIO tests, disable broken kpod tests

Browse Source 
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
This commit is contained in:
Matthew Heon
2017-11-01 12:06:57 -04:00
parent 637de4d0d3
commit 6e99e1a1fd
28 changed files with 43 additions and 3030 deletions
Download Patch File Download Diff File Expand all files Collapse all files

164
test/apparmor.bats
View File

@ -1,164 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
# 1. test running with loading the default apparmor profile.
# test that we can run with the default apparmor profile which will not block touching a file in `.`
@test "load default apparmor profile and run a container with it" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
enabled=$(is_apparmor_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since apparmor is not enabled."
fi
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname1": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor1.json
run crioctl pod run --name apparmor1 --config "$TESTDIR"/apparmor1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname1 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
# 2. test running with loading a specific apparmor profile as crio default apparmor profile.
# test that we can run with a specific apparmor profile which will block touching a file in `.` as crio default apparmor profile.
@test "load a specific apparmor profile as default apparmor and run a container with it" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
enabled=$(is_apparmor_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since apparmor is not enabled."
fi
load_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
start_crio "" "$APPARMOR_TEST_PROFILE_NAME"
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname2": "apparmor-test-deny-write"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor2.json
run crioctl pod run --name apparmor2 --config "$TESTDIR"/apparmor2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Permission denied" ]]
cleanup_ctrs
cleanup_pods
stop_crio
remove_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
}
# 3. test running with loading a specific apparmor profile but not as crio default apparmor profile.
# test that we can run with a specific apparmor profile which will block touching a file in `.`
@test "load default apparmor profile and run a container with another apparmor profile" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
enabled=$(is_apparmor_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since apparmor is not enabled."
fi
load_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname3": "apparmor-test-deny-write"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor3.json
run crioctl pod run --name apparmor3 --config "$TESTDIR"/apparmor3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname3 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Permission denied" ]]
cleanup_ctrs
cleanup_pods
stop_crio
remove_apparmor_profile "$APPARMOR_TEST_PROFILE_PATH"
}
# 4. test running with wrong apparmor profile name.
# test that we can will fail when running a ctr with rong apparmor profile name.
@test "run a container with wrong apparmor profile name" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
enabled=$(is_apparmor_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since apparmor is not enabled."
fi
start_crio
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname4": "not-exists"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor4.json
run crioctl pod run --name apparmor4 --config "$TESTDIR"/apparmor4.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname4 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "Creating container failed" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
# 5. test running with default apparmor profile unloaded.
# test that we can will fail when running a ctr with rong apparmor profile name.
@test "run a container after unloading default apparmor profile" {
# this test requires apparmor, so skip this test if apparmor is not enabled.
enabled=$(is_apparmor_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since apparmor is not enabled."
fi
start_crio
remove_apparmor_profile "$FAKE_CRIO_DEFAULT_PROFILE_PATH"
sed -e 's/%VALUE%/,"container\.apparmor\.security\.beta\.kubernetes\.io\/testname5": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/apparmor5.json
run crioctl pod run --name apparmor5 --config "$TESTDIR"/apparmor5.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname5 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr execsync --id "$ctr_id" touch test.txt
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}

40
test/cgroups.bats
View File

@ -1,40 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
@test "pids limit" {
if ! grep pids /proc/self/cgroup; then
skip "pids cgroup controller is not mounted"
fi
PIDS_LIMIT=1234 start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
pids_limit_config=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin); obj["command"] = ["/bin/sleep", "600"]; json.dump(obj, sys.stdout)')
echo "$pids_limit_config" > "$TESTDIR"/container_pids_limit.json
run crioctl ctr create --config "$TESTDIR"/container_pids_limit.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" cat /sys/fs/cgroup/pids/pids.max
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "1234" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}

12
test/command.bats
View File

@ -1,12 +0,0 @@
#!/usr/bin/env bats
load helpers
@test "crio commands" {
run ${CRIO_BINARY} --config /dev/null config > /dev/null
echo "$output"
[ "$status" -eq 0 ]
run ${CRIO_BINARY} badoption > /dev/null
echo "$output"
[ "$status" -ne 0 ]
}

873
test/ctr.bats
View File

@ -1,873 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
@test "ctr not found correct error message" {
start_crio
run crioctl ctr status --id randomid
echo "$output"
[ "$status" -eq 1 ]
[[ "$output" =~ "container with ID starting with randomid not found" ]]
stop_crio
}
@test "ctr termination reason Completed" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Reason: Completed" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr termination reason Error" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
errorconfig=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["command"] = ["false"]; json.dump(obj, sys.stdout)')
echo "$errorconfig" > "$TESTDIR"/container_config_error.json
run crioctl ctr create --config "$TESTDIR"/container_config_error.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Reason: Error" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr remove" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr lifecycle" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr logging" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
# Create a new container.
newconfig=$(mktemp --tmpdir crio-config.XXXXXX.json)
cp "$TESTDATA"/container_config_logging.json "$newconfig"
sed -i 's|"%shellcommand%"|"echo here is some output \&\& echo and some from stderr >\&2"|' "$newconfig"
run crioctl ctr create --config "$newconfig" --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr stop --id "$ctr_id"
echo "$output"
# Ignore errors on stop.
run crioctl ctr status --id "$ctr_id"
[ "$status" -eq 0 ]
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# Check that the output is what we expect.
logpath="$DEFAULT_LOG_PATH/$pod_id/$ctr_id.log"
[ -f "$logpath" ]
echo "$logpath :: $(cat "$logpath")"
grep -E "^[^\n]+ stdout here is some output$" "$logpath"
grep -E "^[^\n]+ stderr and some from stderr$" "$logpath"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr logging [tty=true]" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
# Create a new container.
newconfig=$(mktemp --tmpdir crio-config.XXXXXX.json)
cp "$TESTDATA"/container_config_logging.json "$newconfig"
sed -i 's|"%shellcommand%"|"echo here is some output"|' "$newconfig"
sed -i 's|"tty": false,|"tty": true,|' "$newconfig"
run crioctl ctr create --config "$newconfig" --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr stop --id "$ctr_id"
echo "$output"
# Ignore errors on stop.
run crioctl ctr status --id "$ctr_id"
[ "$status" -eq 0 ]
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# Check that the output is what we expect.
logpath="$DEFAULT_LOG_PATH/$pod_id/$ctr_id.log"
[ -f "$logpath" ]
echo "$logpath :: $(cat "$logpath")"
grep --binary -P "^[^\n]+ stdout here is some output\x0d$" "$logpath"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr log max" {
LOG_SIZE_MAX_LIMIT=10000 start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
# Create a new container.
newconfig=$(mktemp --tmpdir crio-config.XXXXXX.json)
cp "$TESTDATA"/container_config_logging.json "$newconfig"
sed -i 's|"%shellcommand%"|"for i in $(seq 250); do echo $i; done"|' "$newconfig"
run crioctl ctr create --config "$newconfig" --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
sleep 6
run crioctl ctr status --id "$ctr_id"
[ "$status" -eq 0 ]
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# Check that the output is what we expect.
logpath="$DEFAULT_LOG_PATH/$pod_id/$ctr_id.log"
[ -f "$logpath" ]
echo "$logpath :: $(cat "$logpath")"
len=$(wc -l "$logpath" | awk '{print $1}')
[ $len -lt 250 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
# regression test for #127
@test "ctrs status for a pod" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr list --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
printf '%s\n' "$output" | while IFS= read -r id
do
run crioctl ctr status --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr list filtering" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod1
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
ctr1_id="$output"
run crioctl ctr start --id "$ctr1_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod2
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
ctr2_id="$output"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json --name pod3
echo "$output"
[ "$status" -eq 0 ]
pod3_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
ctr3_id="$output"
run crioctl ctr start --id "$ctr3_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr stop --id "$ctr3_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr list --id "$ctr1_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run crioctl ctr list --id "${ctr1_id:0:4}" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run crioctl ctr list --id "$ctr2_id" --pod "$pod2_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run crioctl ctr list --id "$ctr2_id" --pod "$pod3_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run crioctl ctr list --state created --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run crioctl ctr list --state running --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run crioctl ctr list --state stopped --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr3_id" ]]
run crioctl ctr list --pod "$pod1_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run crioctl ctr list --pod "$pod2_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr2_id" ]]
run crioctl ctr list --pod "$pod3_id" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr3_id" ]]
run crioctl pod stop --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr list label filtering" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr1 --label "a=b" --label "c=d" --label "e=f"
echo "$output"
[ "$status" -eq 0 ]
ctr1_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr2 --label "a=b" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
ctr2_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id" --name ctr3 --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
ctr3_id="$output"
run crioctl ctr list --label "tier=backend" --label "a=b" --label "c=d" --label "e=f" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
run crioctl ctr list --label "tier=frontend" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run crioctl ctr list --label "a=b" --label "c=d" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
[[ "$output" =~ "$ctr2_id" ]]
run crioctl ctr list --label "a=b" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$ctr1_id" ]]
[[ "$output" =~ "$ctr2_id" ]]
[[ "$output" =~ "$ctr3_id" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr metadata in list & status" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: container1" ]]
[[ "$output" =~ "Attempt: 1" ]]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: container1" ]]
[[ "$output" =~ "Attempt: 1" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr execsync conflicting with conmon flags parsing" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" sh -c "echo hello world"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "hello world" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr execsync" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" echo HELLO
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "HELLO" ]]
run crioctl ctr execsync --id "$ctr_id" --timeout 1 sleep 10
echo "$output"
[[ "$output" =~ "command timed out" ]]
[ "$status" -ne 0 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr device add" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis_device.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" ls /dev/mynull
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "/dev/mynull" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr execsync failure" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" doesnotexist
echo "$output"
[ "$status" -ne 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr execsync exit code" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" false
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr execsync std{out,err}" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" echo hello0 stdout
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == *"$(printf "Stdout:\nhello0 stdout")"* ]]
stderrconfig=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["image"]["image"] = "runcom/stderr-test"; obj["command"] = ["/bin/sleep", "600"]; json.dump(obj, sys.stdout)')
echo "$stderrconfig" > "$TESTDIR"/container_config_stderr.json
run crioctl ctr create --config "$TESTDIR"/container_config_stderr.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" stderr
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == *"$(printf "Stderr:\nthis goes to stderr")"* ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr stop idempotent" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr caps drop" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
capsconfig=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["linux"]["security_context"]["capabilities"] = {u"add_capabilities": [], u"drop_capabilities": [u"mknod", u"kill", u"sys_chroot", u"setuid", u"setgid"]}; json.dump(obj, sys.stdout)')
echo "$capsconfig" > "$TESTDIR"/container_config_caps.json
run crioctl ctr create --config "$TESTDIR"/container_config_caps.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "run ctr with image with Config.Volumes" {
start_crio
run crioctl image pull gcr.io/k8s-testimages/redis:e2e
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
volumesconfig=$(cat "$TESTDATA"/container_redis.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["image"]["image"] = "gcr.io/k8s-testimages/redis:e2e"; obj["args"] = []; json.dump(obj, sys.stdout)')
echo "$volumesconfig" > "$TESTDIR"/container_config_volumes.json
run crioctl ctr create --config "$TESTDIR"/container_config_volumes.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr oom" {
if [[ "$TRAVIS" == "true" ]]; then
skip "travis container tests don't support testing OOM"
fi
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
oomconfig=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["image"]["image"] = "mrunalp/oom"; obj["linux"]["resources"]["memory_limit_in_bytes"] = 5120000; obj["command"] = ["/oom"]; json.dump(obj, sys.stdout)')
echo "$oomconfig" > "$TESTDIR"/container_config_oom.json
run crioctl ctr create --config "$TESTDIR"/container_config_oom.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
# Wait for container to OOM
attempt=0
while [ $attempt -le 100 ]; do
attempt=$((attempt+1))
run crioctl ctr status --id "$ctr_id"
echo "$output"
if [[ "$output" =~ "OOMKilled" ]]; then
break
fi
sleep 10
done
[[ "$output" =~ "OOMKilled" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr /etc/resolv.conf rw/ro mode" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_config_resolvconf.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Status: CONTAINER_EXITED" ]]
[[ "$output" =~ "Exit Code: 0" ]]
[[ "$output" =~ "Reason: Completed" ]]
run crioctl ctr create --name roctr --config "$TESTDATA"/container_config_resolvconf_ro.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Status: CONTAINER_EXITED" ]]
[[ "$output" =~ "Exit Code: 1" ]]
[[ "$output" =~ "Reason: Error" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr create with non-existent command" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
newconfig=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["command"] = ["nonexistent"]; json.dump(obj, sys.stdout)')
echo "$newconfig" > "$TESTDIR"/container_nonexistent.json
run crioctl ctr create --config "$TESTDIR"/container_nonexistent.json --pod "$pod_id"
[ "$status" -ne 0 ]
[[ "$output" =~ "executable file not found" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr create with non-existent command [tty]" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
newconfig=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["command"] = ["nonexistent"]; obj["tty"] = True; json.dump(obj, sys.stdout)')
echo "$newconfig" > "$TESTDIR"/container_nonexistent.json
run crioctl ctr create --config "$TESTDIR"/container_nonexistent.json --pod "$pod_id"
[ "$status" -ne 0 ]
[[ "$output" =~ "executable file not found" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}

69
test/default_mounts.bats
View File

@ -1,69 +0,0 @@
#!/usr/bin/env bats
load helpers
IMAGE="redis:alpine"
function teardown() {
cleanup_test
}
@test "bind secrets mounts to container" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl image pull "$IMAGE"
[ "$status" -eq 0 ]
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr execsync --id "$ctr_id" cat /proc/mounts
echo "$output"
[ "$status" -eq 0 ]
mount_info="$output"
run grep /container/path1 <<< "$mount_info"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "default mounts correctly sorted with other mounts" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl image pull "$IMAGE"
[ "$status" -eq 0 ]
host_path="$TESTDIR"/clash
mkdir "$host_path"
echo "clashing..." > "$host_path"/clashing.txt
sed -e "s,%HPATH%,$host_path,g" "$TESTDATA"/container_redis_default_mounts.json > "$TESTDIR"/defmounts_pre.json
sed -e 's,%CPATH%,\/container\/path1\/clash,g' "$TESTDIR"/defmounts_pre.json > "$TESTDIR"/defmounts.json
run crioctl ctr create --config "$TESTDIR"/defmounts.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr execsync --id "$ctr_id" ls -la /container/path1/clash
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" cat /container/path1/clash/clashing.txt
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "clashing..." ]]
run crioctl ctr execsync --id "$ctr_id" ls -la /container/path1
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" cat /container/path1/test.txt
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Testing secrets mounts!" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}

143
test/helpers.bash
View File

@ -9,17 +9,9 @@ TESTDATA="${INTEGRATION_ROOT}/testdata"
# Root directory of the repository.
CRIO_ROOT=${CRIO_ROOT:-$(cd "$INTEGRATION_ROOT/../.."; pwd -P)}
# Path of the crio binary.
CRIO_BINARY=${CRIO_BINARY:-${CRIO_ROOT}/cri-o/bin/crio}
# Path of the crictl binary.
CRICTL_PATH=$(command -v crictl || true)
CRICTL_BINARY=${CRICTL_PATH:-/usr/bin/crictl}
# Path to kpod binary.
KPOD_BINARY=${KPOD_BINARY:-${CRIO_ROOT}/cri-o/bin/kpod}
# Path of the conmon binary.
CONMON_BINARY=${CONMON_BINARY:-${CRIO_ROOT}/cri-o/bin/conmon}
# Path of the pause binary.
PAUSE_BINARY=${PAUSE_BINARY:-${CRIO_ROOT}/cri-o/bin/pause}
# Path of the default seccomp profile.
SECCOMP_PROFILE=${SECCOMP_PROFILE:-${CRIO_ROOT}/cri-o/seccomp.json}
# Name of the default apparmor profile.
@ -92,7 +84,6 @@ if [ -e /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
filelabel=$(awk -F'"' '/^file.*=.*/ {print $2}' /etc/selinux/${SELINUXTYPE}/contexts/lxc_contexts)
chcon -R ${filelabel} $TESTDIR
fi
CRIO_SOCKET="$TESTDIR/crio.sock"
CRIO_CONFIG="$TESTDIR/crio.conf"
CRIO_CNI_CONFIG="$TESTDIR/cni/net.d/"
CRIO_CNI_PLUGIN=${CRIO_CNI_PLUGIN:-/opt/cni/bin/}
@ -216,140 +207,6 @@ function wait_until_reachable() {
retry 15 1 crictl status
}
# Start crio.
function start_crio() {
if [[ -n "$1" ]]; then
seccomp="$1"
else
seccomp="$SECCOMP_PROFILE"
fi
if [[ -n "$2" ]]; then
apparmor="$2"
else
apparmor="$APPARMOR_PROFILE"
fi
# Don't forget: bin2img, copyimg, and crio have their own default drivers, so if you override any, you probably need to override them all
if ! [ "$3" = "--no-pause-image" ] ; then
"$BIN2IMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --source-binary "$PAUSE_BINARY"
fi
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=docker.io/library/redis:alpine --import-from=dir:"$ARTIFACTS_PATH"/redis-image --signature-policy="$INTEGRATION_ROOT"/policy.json
# TODO: remove the code below for copying redis:alpine in using a canonical reference once
# https://github.com/kubernetes-incubator/cri-o/issues/531 is complete and we can
# copy the image using a tagged reference and then subsequently find the image without
# having to explicitly record the canonical reference as one of the image's names
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=docker.io/library/redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b --import-from=dir:"$ARTIFACTS_PATH"/redis-image-digest --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=mrunalp/oom --import-from=dir:"$ARTIFACTS_PATH"/oom-image --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=docker.io/library/mrunalp/image-volume-test --import-from=dir:"$ARTIFACTS_PATH"/image-volume-test-image --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=docker.io/library/busybox:latest --import-from=dir:"$ARTIFACTS_PATH"/busybox-image --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=docker.io/library/runcom/stderr-test:latest --import-from=dir:"$ARTIFACTS_PATH"/stderr-test --signature-policy="$INTEGRATION_ROOT"/policy.json
"$CRIO_BINARY" ${DEFAULT_MOUNTS_OPTS} ${HOOKS_OPTS} --conmon "$CONMON_BINARY" --listen "$CRIO_SOCKET" --cgroup-manager "$CGROUP_MANAGER" --registry "docker.io" --runtime "$RUNTIME_BINARY" --root "$TESTDIR/crio" --runroot "$TESTDIR/crio-run" $STORAGE_OPTIONS --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$CRIO_CNI_CONFIG" --cni-plugin-dir "$CRIO_CNI_PLUGIN" --signature-policy "$INTEGRATION_ROOT"/policy.json --image-volumes "$IMAGE_VOLUMES" --pids-limit "$PIDS_LIMIT" --log-size-max "$LOG_SIZE_MAX_LIMIT" --config /dev/null config >$CRIO_CONFIG
# Prepare the CNI configuration files, we're running with non host networking by default
if [[ -n "$4" ]]; then
netfunc="$4"
else
netfunc="prepare_network_conf"
fi
${netfunc} $POD_CIDR
"$CRIO_BINARY" --log-level debug --config "$CRIO_CONFIG" & CRIO_PID=$!
wait_until_reachable
run crictl inspecti redis:alpine
if [ "$status" -ne 0 ] ; then
crictl pull redis:alpine
fi
REDIS_IMAGEID=$(crictl inspecti redis:alpine | head -1 | sed -e "s/ID: //g")
run crictl inspecti redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b
if [ "$status" -ne 0 ] ; then
crictl pull redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b
fi
REDIS_IMAGEID_DIGESTED=$(crictl inspecti redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b | head -1 | sed -e "s/ID: //g")
run crictl inspecti mrunalp/oom
if [ "$status" -ne 0 ] ; then
crictl pull mrunalp/oom
fi
OOM_IMAGEID=$(crictl inspecti mrunalp/oom | head -1 | sed -e "s/ID: //g")
run crioctl image status --id=runcom/stderr-test
if [ "$status" -ne 0 ] ; then
crictl pull runcom/stderr-test:latest
fi
STDERR_IMAGEID=$(crictl inspecti runcom/stderr-test | head -1 | sed -e "s/ID: //g")
run crictl inspecti busybox
if [ "$status" -ne 0 ] ; then
crictl pull busybox:latest
fi
BUSYBOX_IMAGEID=$(crictl inspecti busybox | head -1 | sed -e "s/ID: //g")
run crictl inspecti mrunalp/image-volume-test
if [ "$status" -ne 0 ] ; then
crictl pull mrunalp/image-volume-test:latest
fi
VOLUME_IMAGEID=$(crictl inspecti mrunalp/image-volume-test | head -1 | sed -e "s/ID: //g")
}
function cleanup_ctrs() {
run crictl ps --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
crictl stop "$line"
crictl rm "$line"
done
fi
fi
rm -f /run/hookscheck
}
function cleanup_images() {
run crictl images --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
crictl rmi "$line"
done
fi
fi
}
function cleanup_pods() {
run crictl sandboxes --quiet
if [ "$status" -eq 0 ]; then
if [ "$output" != "" ]; then
printf '%s\n' "$output" | while IFS= read -r line
do
crictl stops "$line"
crictl rms "$line"
done
fi
fi
}
# Stop crio.
function stop_crio() {
if [ "$CRIO_PID" != "" ]; then
kill "$CRIO_PID" >/dev/null 2>&1
wait "$CRIO_PID"
rm -f "$CRIO_CONFIG"
fi
cleanup_network_conf
}
function restart_crio() {
if [ "$CRIO_PID" != "" ]; then
kill "$CRIO_PID" >/dev/null 2>&1
wait "$CRIO_PID"
start_crio
else
echo "you must start crio first"
exit 1
fi
}
function cleanup_test() {
rm -rf "$TESTDIR"
}

38
test/hooks.bats
View File

@ -1,38 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
cp hooks/checkhook.sh ${HOOKSDIR}
sed "s|HOOKSDIR|${HOOKSDIR}|" hooks/checkhook.json > ${HOOKSDIR}/checkhook.json
@test "pod test hooks" {
rm -f /run/hookscheck
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run cat /run/hookscheck
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}

250
test/image.bats
View File

@ -1,250 +0,0 @@
#!/usr/bin/env bats
load helpers
IMAGE=kubernetes/pause
SIGNED_IMAGE=registry.access.redhat.com/rhel7-atomic:latest
UNSIGNED_IMAGE=docker.io/library/hello-world:latest
function teardown() {
cleanup_test
}
@test "run container in pod with image ID" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
sed -e "s/%VALUE%/$REDIS_IMAGEID/g" "$TESTDATA"/container_config_by_imageid.json > "$TESTDIR"/ctr_by_imageid.json
run crioctl ctr create --config "$TESTDIR"/ctr_by_imageid.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "container status return image:tag if created by image ID" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
sed -e "s/%VALUE%/$REDIS_IMAGEID/g" "$TESTDATA"/container_config_by_imageid.json > "$TESTDIR"/ctr_by_imageid.json
run crioctl ctr create --config "$TESTDIR"/ctr_by_imageid.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Image: redis:alpine" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "container status return image@digest if created by image ID" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
sed -e "s/%VALUE%/$REDIS_IMAGEID_DIGESTED/g" "$TESTDATA"/container_config_by_imageid.json > "$TESTDIR"/ctr_by_imageid.json
run crioctl ctr create --config "$TESTDIR"/ctr_by_imageid.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "ImageRef: redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "image pull and list" {
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run crioctl image list --quiet "$IMAGE"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
imageid="$output"
run crioctl image list --quiet @"$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run crioctl image list --quiet "$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
cleanup_images
stop_crio
}
@test "image pull with signature" {
start_crio "" "" --no-pause-image
run crioctl image pull "$SIGNED_IMAGE"
echo "$output"
[ "$status" -eq 0 ]
cleanup_images
stop_crio
}
@test "image pull without signature" {
start_crio "" "" --no-pause-image
run crioctl image pull "$UNSIGNED_IMAGE"
echo "$output"
[ "$status" -ne 0 ]
cleanup_images
stop_crio
}
@test "image pull and list by tag and ID" {
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE:go"
echo "$output"
[ "$status" -eq 0 ]
run crioctl image list --quiet "$IMAGE:go"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
imageid="$output"
run crioctl image list --quiet @"$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run crioctl image list --quiet "$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
cleanup_images
stop_crio
}
@test "image pull and list by digest and ID" {
start_crio "" "" --no-pause-image
run crioctl image pull nginx@sha256:33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
echo "$output"
[ "$status" -eq 0 ]
run crioctl image list --quiet nginx@sha256:33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
imageid="$output"
run crioctl image list --quiet @"$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run crioctl image list --quiet "$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
cleanup_images
stop_crio
}
@test "image list with filter" {
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run crioctl image list --quiet "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
printf '%s\n' "$output" | while IFS= read -r id; do
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
printf '%s\n' "$output" | while IFS= read -r id; do
echo "$id"
status=1
done
cleanup_images
stop_crio
}
@test "image list/remove" {
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" = "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
echo "$id"
status=1
done
cleanup_images
stop_crio
}
@test "image status/remove" {
start_crio "" "" --no-pause-image
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
run crioctl image status --id "$id"
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" = "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
echo "$id"
status=1
done
cleanup_images
stop_crio
}

74
test/image_remove.bats
View File

@ -1,74 +0,0 @@
#!/usr/bin/env bats
load helpers
IMAGE=docker.io/kubernetes/pause
function teardown() {
cleanup_test
}
@test "image remove with multiple names, by name" {
start_crio "" "" --no-pause-image
# Pull the image, giving it one name.
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
# Add a second name to the image.
run "$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name="$IMAGE":latest --add-name="$IMAGE":othertag --signature-policy="$INTEGRATION_ROOT"/policy.json
echo "$output"
[ "$status" -eq 0 ]
# Get the list of image names and IDs.
run crioctl image list
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
# Cycle through each name, removing it by name. The image that we assigned a second
# name to should still be around when we get to removing its second name.
grep ^Tag: <<< "$output" | while read -r header tag ; do
run crioctl image remove --id "$tag"
echo "$output"
[ "$status" -eq 0 ]
done
# List all images and their names. There should be none now.
run crioctl image list --quiet
echo "$output"
[ "$status" -eq 0 ]
[ "$output" = "" ]
printf '%s\n' "$output" | while IFS= read -r id; do
echo "$id"
done
# All done.
cleanup_images
stop_crio
}
@test "image remove with multiple names, by ID" {
start_crio "" "" --no-pause-image
# Pull the image, giving it one name.
run crioctl image pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
# Add a second name to the image.
run "$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name="$IMAGE":latest --add-name="$IMAGE":othertag --signature-policy="$INTEGRATION_ROOT"/policy.json
echo "$output"
[ "$status" -eq 0 ]
# Get the image ID of the image we just saved.
run crioctl image status --id="$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
# Try to remove the image using its ID. That should succeed because removing by ID always works.
grep ^ID: <<< "$output" | while read -r header id ; do
run crioctl image remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
done
# The image should be gone.
run crioctl image status --id="$IMAGE"
echo "$output"
[ "$status" -ne 0 ]
# All done.
cleanup_images
stop_crio
}

68
test/image_volume.bats
View File

@ -1,68 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
@test "image volume ignore" {
IMAGE_VOLUMES=ignore start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
image_volume_config=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["image"]["image"] = "mrunalp/image-volume-test"; obj["command"] = ["/bin/sleep", "600"]; json.dump(obj, sys.stdout)')
echo "$image_volume_config" > "$TESTDIR"/container_image_volume.json
run crioctl ctr create --config "$TESTDIR"/container_image_volume.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" ls /imagevolume
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
[[ "$output" =~ "ls: /imagevolume: No such file or directory" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "image volume bind" {
IMAGE_VOLUMES=bind start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
image_volume_config=$(cat "$TESTDATA"/container_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["image"]["image"] = "mrunalp/image-volume-test"; obj["command"] = ["/bin/sleep", "600"]; json.dump(obj, sys.stdout)')
echo "$image_volume_config" > "$TESTDIR"/container_image_volume.json
run crioctl ctr create --config "$TESTDIR"/container_image_volume.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" touch /imagevolume/test_file
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 0" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}

72
test/inspect.bats
View File

@ -1,72 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
@test "info inspect" {
start_crio
out=`echo -e "GET /info HTTP/1.1\r\nHost: crio\r\n" | socat - UNIX-CONNECT:$CRIO_SOCKET`
echo "$out"
[[ "$out" =~ "\"cgroup_driver\":\"$CGROUP_MANAGER\"" ]]
[[ "$out" =~ "\"storage_root\":\"$TESTDIR/crio\"" ]]
run crioctl info
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "\"cgroup_driver\": \"$CGROUP_MANAGER\"" ]]
[[ "$output" =~ "\"storage_root\": \"$TESTDIR/crio\"" ]]
stop_crio
}
@test "ctr inspect" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
out=`echo -e "GET /containers/$ctr_id HTTP/1.1\r\nHost: crio\r\n" | socat - UNIX-CONNECT:$CRIO_SOCKET`
echo "$out"
[[ "$out" =~ "\"sandbox\":\"$pod_id\"" ]]
[[ "$out" =~ "\"image\":\"redis:alpine\"" ]]
run crioctl ctr inspect --id $ctr_id
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "\"sandbox\": \"$pod_id\"" ]]
[[ "$output" =~ "\"image\": \"redis:alpine\"" ]]
inet=`crioctl ctr execsync --id $ctr_id ip addr show dev eth0 scope global 2>&1 | grep inet`
IFS=" "
ip=`parse_pod_ip $inet`
[[ "$out" =~ "\"ip_address\":\"$ip\"" ]]
[[ "$out" =~ "\"name\":\"k8s_container1_podsandbox1_redhat.test.crio_redhat-test-crio_1\"" ]]
[[ "$output" =~ "\"ip_address\": \"$ip\"" ]]
[[ "$output" =~ "\"name\": \"k8s_container1_podsandbox1_redhat.test.crio_redhat-test-crio_1\"" ]]
# TODO: add some other check based on the json below:
#
# {"name":"k8s_container1_podsandbox1_redhat.test.crio_redhat-test-crio_1","pid":27477,"image":"redis:alpine","created_time":1505223601111546169,"labels":{"batch":"no","type":"small"},"annotations":{"daemon":"crio","owner":"dragon"},"log_path":"/var/log/crio/pods/297d014ba2c54236779da0c2f80dfba45dc31b106e4cd126a1c3c6d78edc2201/81567e9573ea798d6494c9aab156103ee91b72180fd3841a7c24d2ca39886ba2.log","root":"/tmp/tmp.0bkjphWudF/crio/overlay/d7cfc1de83cab9f377a4a1542427d2a019e85a70c1c660a9e6cf9e254df68873/merged","sandbox":"297d014ba2c54236779da0c2f80dfba45dc31b106e4cd126a1c3c6d78edc2201","ip_address":"10.88.9.153"}
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "ctr inspect not found" {
start_crio
out=`echo -e "GET /containers/notexists HTTP/1.1\r\nHost: crio\r\n" | socat - UNIX-CONNECT:$CRIO_SOCKET`
echo "$out"
[[ "$out" =~ "can't find the container with id notexists" ]]
stop_crio
}

1
test/kpod_export.bats
View File

@ -9,6 +9,7 @@ function teardown() {
}
@test "kpod export output flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"

4
test/kpod_kill.bats
View File

@ -19,6 +19,7 @@ function start_sleep_container () {
}
@test "kill a running container by id" {
skip "Test needs to be converted to kpod run"
start_crio
${KPOD_BINARY} ${KPOD_OPTIONS} pull docker.io/library/busybox:latest
ctr_id=$( start_sleep_container )
@ -35,6 +36,7 @@ function start_sleep_container () {
}
@test "kill a running container by id with TERM" {
skip "Test needs to be converted to kpod run"
start_crio
${KPOD_BINARY} ${KPOD_OPTIONS} pull docker.io/library/busybox:latest
ctr_id=$( start_sleep_container )
@ -51,6 +53,7 @@ function start_sleep_container () {
}
@test "kill a running container by name" {
skip "Test needs to be converted to kpod run"
start_crio
${KPOD_BINARY} ${KPOD_OPTIONS} pull docker.io/library/busybox:latest
ctr_id=$( start_sleep_container )
@ -68,6 +71,7 @@ function start_sleep_container () {
}
@test "kill a running container by id with a bogus signal" {
skip "Test needs to be converted to kpod run"
start_crio
${KPOD_BINARY} ${KPOD_OPTIONS} pull docker.io/library/busybox:latest
ctr_id=$( start_sleep_container )

3
test/kpod_logs.bats
View File

@ -9,6 +9,7 @@ function teardown() {
}
@test "display logs for container" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -30,6 +31,7 @@ function teardown() {
}
@test "tail three lines of logs for container" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -53,6 +55,7 @@ function teardown() {
}
@test "display logs for container since a given time" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"

1
test/kpod_mount.bats
View File

@ -9,6 +9,7 @@ function teardown() {
}
@test "mount" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"

5
test/kpod_pause.bats
View File

@ -21,6 +21,7 @@ function teardown() {
}
@test "pause a created container by id" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -46,6 +47,7 @@ function teardown() {
}
@test "pause a running container by id" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -75,6 +77,7 @@ function teardown() {
}
@test "pause a running container by name" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -103,6 +106,7 @@ function teardown() {
}
@test "remove a paused container by id" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -141,6 +145,7 @@ function teardown() {
}
@test "stop a paused container created by id" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"

14
test/kpod_ps.bats
View File

@ -11,6 +11,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps default" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -35,6 +36,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps all flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -58,6 +60,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps size flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -81,6 +84,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps quiet flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -104,6 +108,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps latest flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -127,6 +132,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps last flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -150,6 +156,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps no-trunc flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -170,6 +177,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps namespace flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -192,6 +200,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps namespace flag and format flag = json" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -212,6 +221,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps without namespace flag and format flag = json" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -231,6 +241,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps format flag = go template" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -251,6 +262,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps filter flag - ancestor" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -271,6 +283,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps filter flag - id" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -292,6 +305,7 @@ IMAGE="redis:alpine"
}
@test "kpod ps filter flag - status" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"

1
test/kpod_rename.bats
View File

@ -9,6 +9,7 @@ function teardown() {
}
@test "kpod rename successful" {
skip "Test needs to be converted to kpod run"
start_crio
run ${KPOD_BINARY} ${KPOD_OPTIONS} pull $IMAGE
echo "$output"

4
test/kpod_rm.bats
View File

@ -9,6 +9,7 @@ function teardown() {
}
@test "remove a stopped container" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -32,6 +33,7 @@ function teardown() {
}
@test "refuse to remove a running container" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -53,6 +55,7 @@ function teardown() {
}
@test "remove a created container" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -70,6 +73,7 @@ function teardown() {
}
@test "remove a running container" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"

5
test/kpod_stats.bats
View File

@ -7,6 +7,7 @@ function teardown() {
}
@test "stats single output" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -28,6 +29,7 @@ function teardown() {
}
@test "stats does not output stopped container" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -46,6 +48,7 @@ function teardown() {
}
@test "stats outputs stopped container with all flag" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -64,6 +67,7 @@ function teardown() {
}
@test "stats output only id" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -86,6 +90,7 @@ function teardown() {
}
@test "stats streaming output" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"

2
test/kpod_stop.bats
View File

@ -13,6 +13,7 @@ function teardown() {
}
@test "stop a running container by id" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
@ -34,6 +35,7 @@ function teardown() {
}
@test "stop a running container by name" {
skip "Test needs to be converted to kpod run"
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"

3
test/kpod_wait.bats
View File

@ -24,6 +24,7 @@ function container_start() {
}
@test "wait on a bogus container" {
skip "Needs to be converted to kpod run"
start_crio
run ${KPOD_BINARY} ${KPOD_OPTIONS} wait 12343
echo $output
@ -32,6 +33,7 @@ function container_start() {
}
@test "wait on a stopped container" {
skip "Needs to be converted to kpod run"
run ${KPOD_BINARY} ${KPOD_OPTIONS} pull docker.io/library/busybox:latest
echo $output
[ "$status" -eq 0 ]
@ -49,6 +51,7 @@ function container_start() {
}
@test "wait on a sleeping container" {
skip "Needs to be converted to kpod run"
run ${KPOD_BINARY} ${KPOD_OPTIONS} pull docker.io/library/busybox:latest
echo $output
[ "$status" -eq 0 ]

186
test/network.bats
View File

@ -1,186 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_ctrs
cleanup_pods
stop_crio
rm -f /var/lib/cni/networks/crionet_test_args/*
chmod 0755 $CONMON_BINARY
cleanup_test
}
@test "ensure correct hostname" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" sh -c "hostname"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "crioctl_host" ]]
run crioctl ctr execsync --id "$ctr_id" sh -c "echo \$HOSTNAME"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "crioctl_host" ]]
run crioctl ctr execsync --id "$ctr_id" sh -c "cat /etc/hostname"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "crioctl_host" ]]
}
@test "ensure correct hostname for hostnetwork:true" {
start_crio
hostnetworkconfig=$(cat "$TESTDATA"/sandbox_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["linux"]["security_context"]["namespace_options"]["host_network"] = True; obj["annotations"] = {}; obj["hostname"] = ""; json.dump(obj, sys.stdout)')
echo "$hostnetworkconfig" > "$TESTDIR"/sandbox_hostnetwork_config.json
run crioctl pod run --config "$TESTDIR"/sandbox_hostnetwork_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" sh -c "hostname"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "$HOSTNAME" ]]
run crioctl ctr execsync --id "$ctr_id" sh -c "echo \$HOSTNAME"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "$HOSTNAME" ]]
run crioctl ctr execsync --id "$ctr_id" sh -c "cat /etc/hostname"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "$HOSTNAME" ]]
}
@test "Check for valid pod netns CIDR" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
check_pod_cidr $ctr_id
}
@test "Ping pod from the host" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
ping_pod $ctr_id
}
@test "Ping pod from another pod" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
ctr1_id="$output"
temp_sandbox_conf cni_test
run crioctl pod run --config "$TESTDIR"/sandbox_config_cni_test.json
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
ctr2_id="$output"
ping_pod_from_pod $ctr1_id $ctr2_id
ping_pod_from_pod $ctr2_id $ctr1_id
}
@test "Ensure correct CNI plugin namespace/name/container-id arguments" {
start_crio "" "" "" "prepare_plugin_test_args_network_conf"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
[ "$status" -eq 0 ]
. /tmp/plugin_test_args.out
[ "$FOUND_CNI_CONTAINERID" != "redhat.test.crio" ]
[ "$FOUND_CNI_CONTAINERID" != "podsandbox1" ]
[ "$FOUND_K8S_POD_NAMESPACE" = "redhat.test.crio" ]
[ "$FOUND_K8S_POD_NAME" = "podsandbox1" ]
rm -rf /tmp/plugin_test_args.out
}
@test "Connect to pod hostport from the host" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config_hostport.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
get_host_ip
echo $host_ip
run crioctl ctr create --config "$TESTDATA"/container_config_hostport.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run nc -w 5 $host_ip 4888 </dev/null
echo "$output"
[ "$output" = "crioctl_host" ]
[ "$status" -eq 0 ]
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
}
@test "Clean up network if pod sandbox fails" {
start_crio "" "" "" "prepare_plugin_test_args_network_conf"
# make conmon non-executable to cause the sandbox setup to fail after
# networking has been configured
chmod 0644 $CONMON_BINARY
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
chmod 0755 $CONMON_BINARY
echo "$output"
[ "$status" -ne 0 ]
# ensure that the server cleaned up sandbox networking if the sandbox
# failed after network setup
rm -f /var/lib/cni/networks/crionet_test_args/last_reserved_ip
num_allocated=$(ls /var/lib/cni/networks/crionet_test_args | wc -l)
[[ "${num_allocated}" == "0" ]]
}

365
test/pod.bats
View File

@ -1,365 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
# PR#59
@test "pod release name on remove" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
id="$output"
run crioctl pod stop --id "$id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
id="$output"
run crioctl pod stop --id "$id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "pod remove" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "pod stop ignores not found sandboxes" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "pod list filtering" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod1 --label "a=b" --label "c=d" --label "e=f"
echo "$output"
[ "$status" -eq 0 ]
pod1_id="$output"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod2 --label "a=b" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
pod2_id="$output"
run crioctl pod run --config "$TESTDATA"/sandbox_config.json -name pod3 --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
pod3_id="$output"
run crioctl pod list --label "a=b" --label "c=d" --label "e=f" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run crioctl pod list --label "g=h" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run crioctl pod list --label "a=b" --label "c=d" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
[[ "$output" =~ "$pod2_id" ]]
run crioctl pod list --label "a=b" --quiet
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
[[ "$output" =~ "$pod2_id" ]]
[[ "$output" =~ "$pod3_id" ]]
run crioctl pod list --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
# filter by truncated id should work as well
run crioctl pod list --id "${pod1_id:0:4}"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run crioctl pod list --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod2_id" ]]
run crioctl pod list --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod3_id" ]]
run crioctl pod list --id "$pod1_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod1_id" ]]
run crioctl pod list --id "$pod2_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod2_id" ]]
run crioctl pod list --id "$pod3_id" --label "a=b"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" != "" ]]
[[ "$output" =~ "$pod3_id" ]]
run crioctl pod list --id "$pod3_id" --label "c=d"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" == "" ]]
run crioctl pod stop --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod1_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod2_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod3_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_pods
stop_crio
}
@test "pod metadata in list & status" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: podsandbox1" ]]
[[ "$output" =~ "UID: redhat-test-crio" ]]
[[ "$output" =~ "Namespace: redhat.test.crio" ]]
[[ "$output" =~ "Attempt: 1" ]]
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
# TODO: expected value should not hard coded here
[[ "$output" =~ "Name: podsandbox1" ]]
[[ "$output" =~ "UID: redhat-test-crio" ]]
[[ "$output" =~ "Namespace: redhat.test.crio" ]]
[[ "$output" =~ "Attempt: 1" ]]
cleanup_pods
stop_crio
}
@test "pass pod sysctls to runtime" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --pod "$pod_id" --config "$TESTDATA"/container_redis.json
echo "$output"
[ "$status" -eq 0 ]
container_id="$output"
run crioctl ctr start --id "$container_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$container_id" sysctl kernel.shm_rmid_forced
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "kernel.shm_rmid_forced = 1" ]]
run crioctl ctr execsync --id "$container_id" sysctl kernel.msgmax
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "kernel.msgmax = 8192" ]]
run crioctl ctr execsync --id "$container_id" sysctl net.ipv4.ip_local_port_range
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "net.ipv4.ip_local_port_range = 1024 65000" ]]
cleanup_pods
stop_crio
}
@test "pod stop idempotent" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "pod remove idempotent" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "pod stop idempotent with ctrs already stopped" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "restart crio and still get pod status" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
restart_crio
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[ "$output" != "" ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "invalid systemd cgroup_parent fail" {
if [[ "$CGROUP_MANAGER" != "systemd" ]]; then
skip "need systemd cgroup manager"
fi
wrong_cgroup_parent_config=$(cat "$TESTDATA"/sandbox_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["linux"]["cgroup_parent"] = "podsandbox1.slice:container:infra"; json.dump(obj, sys.stdout)')
echo "$wrong_cgroup_parent_config" > "$TESTDIR"/sandbox_wrong_cgroup_parent.json
start_crio
run crioctl pod run --config "$TESTDIR"/sandbox_wrong_cgroup_parent.json
echo "$output"
[ "$status" -eq 1 ]
stop_crio
}
@test "systemd cgroup_parent correctly set" {
if [[ "$CGROUP_MANAGER" != "systemd" ]]; then
skip "need systemd cgroup manager"
fi
cgroup_parent_config=$(cat "$TESTDATA"/sandbox_config.json | python -c 'import json,sys;obj=json.load(sys.stdin);obj["linux"]["cgroup_parent"] = "/Burstable/pod_integration_tests-123"; json.dump(obj, sys.stdout)')
echo "$cgroup_parent_config" > "$TESTDIR"/sandbox_systemd_cgroup_parent.json
start_crio
run crioctl pod run --config "$TESTDIR"/sandbox_systemd_cgroup_parent.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run systemctl list-units --type=slice
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Burstable-pod_integration_tests_123.slice" ]]
cleanup_pods
stop_crio
}

267
test/restore.bats
View File

@ -1,267 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
@test "crio restore" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
pod_list_info="$output"
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
pod_status_info="$output"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_list_info="$output"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_status_info="$output"
stop_crio
start_crio
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
[[ "${output}" =~ "${pod_id}" ]]
run crioctl pod list --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${pod_list_info}" ]]
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${pod_status_info}" ]]
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
[[ "${output}" =~ "${ctr_id}" ]]
run crioctl ctr list --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${ctr_list_info}" ]]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" == "${ctr_status_info}" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "crio restore with bad state and pod stopped" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
stop_crio
# simulate reboot with runc state going away
for i in $("$RUNTIME" list -q | xargs); do "$RUNTIME" delete -f $i; done
start_crio
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_pods
stop_crio
}
@test "crio restore with bad state and ctr stopped" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
stop_crio
# simulate reboot with runc state going away
for i in $("$RUNTIME" list -q | xargs); do "$RUNTIME" delete -f $i; done
start_crio
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "crio restore with bad state and ctr removed" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr remove --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
stop_crio
# simulate reboot with runc state going away
for i in $("$RUNTIME" list -q | xargs); do "$RUNTIME" delete -f $i; done
start_crio
run crioctl ctr stop --id "$ctr_id"
echo "$output"
[ "$status" -eq 1 ]
[[ "${output}" =~ "not found" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "crio restore with bad state and pod removed" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
stop_crio
# simulate reboot with runc state going away
for i in $("$RUNTIME" list -q | xargs); do "$RUNTIME" delete -f $i; done
start_crio
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_pods
stop_crio
}
@test "crio restore with bad state" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" =~ "SANDBOX_READY" ]]
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" =~ "CONTAINER_CREATED" ]]
stop_crio
# simulate reboot with runc state going away
for i in $("$RUNTIME" list -q | xargs); do "$RUNTIME" delete -f $i; done
start_crio
run crioctl pod list
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
[[ "${output}" =~ "${pod_id}" ]]
run crioctl pod status --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" =~ "SANDBOX_NOTREADY" ]]
run crioctl ctr list
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" != "" ]]
[[ "${output}" =~ "${ctr_id}" ]]
run crioctl ctr status --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "${output}" =~ "CONTAINER_EXITED" ]]
[[ "${output}" =~ "Exit Code: 255" ]]
run crioctl pod stop --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl pod remove --id "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}

15
test/runtimeversion.bats
View File

@ -1,15 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
@test "crioctl runtimeversion" {
start_crio
run crioctl runtimeversion
echo "$output"
[ "$status" -eq 0 ]
stop_crio
}

368
test/seccomp.bats
View File

@ -1,368 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
# 1. test running with ctr unconfined
# test that we can run with a syscall which would be otherwise blocked
@test "ctr seccomp profiles unconfined" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"container\.seccomp\.security\.alpha\.kubernetes\.io\/testname": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
run crioctl pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
# 2. test running with ctr runtime/default
# test that we cannot run with a syscall blocked by the default seccomp profile
@test "ctr seccomp profiles runtime/default" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"container\.seccomp\.security\.alpha\.kubernetes\.io\/testname2": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run crioctl pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
[[ "$output" =~ "Operation not permitted" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
# 3. test running with ctr wrong profile name
@test "ctr seccomp profiles wrong profile name" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"container\.seccomp\.security\.alpha\.kubernetes\.io\/testname3": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
run crioctl pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname3 --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "unknown seccomp profile option:" ]]
[[ "$output" =~ "notgood" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
# TODO(runcom): need https://issues.k8s.io/36997
# 4. test running with ctr localhost/profile_name
@test "ctr seccomp profiles localhost/profile_name" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
#sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
#sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
#sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
#start_crio "$TESTDIR"/seccomp_profile1.json
skip "need https://issues.k8s.io/36997"
}
# 5. test running with unkwown ctr profile falls back to pod profile
# unknown ctr -> unconfined
# pod -> runtime/default
# result: fail chmod
@test "ctr seccomp profiles falls back to pod profile" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"container\.seccomp\.security\.alpha\.kubernetes\.io\/redhat\.test\.crio-seccomp2-1-testname2-0-not-exists": "unconfined", "seccomp\.security\.alpha\.kubernetes\.io\/pod": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp5.json
run crioctl pod run --name seccomp5 --config "$TESTDIR"/seccomp5.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
[[ "$output" =~ "Operation not permitted" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
# 6. test running with unkwown ctr profile and no pod, falls back to unconfined
# unknown ctr -> runtime/default
# pod -> NO
# result: success, running unconfined
@test "ctr seccomp profiles falls back to unconfined" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"container\.seccomp\.security\.alpha\.kubernetes\.io\/redhat\.test\.crio-seccomp6-1-testname6-0-not-exists": "runtime-default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp6.json
run crioctl pod run --name seccomp6 --config "$TESTDIR"/seccomp6.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname6 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
# 1. test running with pod unconfined
# test that we can run with a syscall which would be otherwise blocked
@test "pod seccomp profiles unconfined" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"seccomp\.security\.alpha\.kubernetes\.io\/pod": "unconfined"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp1.json
run crioctl pod run --name seccomp1 --config "$TESTDIR"/seccomp1.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}
# 2. test running with pod runtime/default
# test that we cannot run with a syscall blocked by the default seccomp profile
@test "pod seccomp profiles runtime/default" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"seccomp\.security\.alpha\.kubernetes\.io\/pod": "runtime\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run crioctl pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
[[ "$output" =~ "Operation not permitted" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
# 3. test running with pod wrong profile name
@test "pod seccomp profiles wrong profile name" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
# 3. test running with pod wrong profile name
sed -e 's/%VALUE%/,"seccomp\.security\.alpha\.kubernetes\.io\/pod": "notgood"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp3.json
run crioctl pod run --name seccomp3 --config "$TESTDIR"/seccomp3.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_config.json --pod "$pod_id"
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "unknown seccomp profile option:" ]]
[[ "$output" =~ "notgood" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
# TODO(runcom): need https://issues.k8s.io/36997
# 4. test running with pod localhost/profile_name
@test "pod seccomp profiles localhost/profile_name" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
#sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
#sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
#sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
#start_crio "$TESTDIR"/seccomp_profile1.json
skip "need https://issues.k8s.io/36997"
}
# test running with ctr docker/default
# test that we cannot run with a syscall blocked by the default seccomp profile
@test "ctr seccomp profiles docker/default" {
# this test requires seccomp, so skip this test if seccomp is not enabled.
enabled=$(is_seccomp_enabled)
if [[ "$enabled" -eq 0 ]]; then
skip "skip this test since seccomp is not enabled."
fi
sed -e 's/"chmod",//' "$CRIO_ROOT"/cri-o/seccomp.json > "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmod",//' "$TESTDIR"/seccomp_profile1.json
sed -i 's/"fchmodat",//g' "$TESTDIR"/seccomp_profile1.json
start_crio "$TESTDIR"/seccomp_profile1.json
sed -e 's/%VALUE%/,"container\.seccomp\.security\.alpha\.kubernetes\.io\/testname2": "docker\/default"/g' "$TESTDATA"/sandbox_config_seccomp.json > "$TESTDIR"/seccomp2.json
run crioctl pod run --name seccomp2 --config "$TESTDIR"/seccomp2.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --name testname2 --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
run crioctl ctr execsync --id "$ctr_id" chmod 777 .
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "Exit code: 1" ]]
[[ "$output" =~ "Operation not permitted" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}

26
test/selinux.bats
View File

@ -1,26 +0,0 @@
#!/usr/bin/env bats
load helpers
function teardown() {
cleanup_test
}
@test "ctr termination reason Completed" {
start_crio
run crioctl pod run --config "$TESTDATA"/sandbox_config_selinux.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crioctl ctr start --id "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
cleanup_ctrs
cleanup_pods
stop_crio
}