opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-06 19:44:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #23995 from Luap99/netns-leak

Browse Source 
CI: netns leak checks for system and e2e
This commit is contained in:
openshift-merge-bot[bot]
2024-09-18 15:49:59 +00:00
committed by GitHub
parent 7fee222d52 755a06aa44
commit bef0aabbdd
2 changed files with 49 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
test/e2e/common_test.go
View File

@ -8,6 +8,7 @@ import (
"errors" "errors"
"fmt" "fmt"
"io" "io"
"io/fs"
"math/rand" "math/rand"
"net" "net"
"net/url" "net/url"
@ -138,10 +139,32 @@ const (
imageCacheDir = "imagecachedir" imageCacheDir = "imagecachedir"
) )
var netnsFiles []fs.DirEntry
func getNetnsDir() string {
if isRootless() {
var path string
if env, ok := os.LookupEnv("XDG_RUNTIME_DIR"); ok {
path = env
} else {
path = fmt.Sprintf("/run/user/%d", os.Getuid())
}
return filepath.Join(path, "netns")
}
// root is hard coded to
return "/run/netns"
}
var _ = SynchronizedBeforeSuite(func() []byte { var _ = SynchronizedBeforeSuite(func() []byte {
globalTmpDir, err := os.MkdirTemp("", "podman-e2e-") globalTmpDir, err := os.MkdirTemp("", "podman-e2e-")
Expect(err).ToNot(HaveOccurred()) Expect(err).ToNot(HaveOccurred())
netnsFiles, err = os.ReadDir(getNetnsDir())
// dir might not exists which is fine
if !errors.Is(err, fs.ErrNotExist) {
Expect(err).ToNot(HaveOccurred())
}
// make cache dir // make cache dir
ImageCacheDir = filepath.Join(globalTmpDir, imageCacheDir) ImageCacheDir = filepath.Join(globalTmpDir, imageCacheDir)
err = os.MkdirAll(ImageCacheDir, 0700) err = os.MkdirAll(ImageCacheDir, 0700)
@ -203,6 +226,13 @@ var _ = SynchronizedAfterSuite(func() {
timingsFile = nil timingsFile = nil
}, },
func() { func() {
// perform a netns leak check after all tests run
newNetnsFiles, err := os.ReadDir(getNetnsDir())
if !errors.Is(err, fs.ErrNotExist) {
Expect(err).ToNot(HaveOccurred())
}
Expect(newNetnsFiles).To(ConsistOf(netnsFiles), "Netns files were leaked")
testTimings := make(testResultsSorted, 0, 2000) testTimings := make(testResultsSorted, 0, 2000)
for i := 1; i <= GinkgoT().ParallelTotal(); i++ { for i := 1; i <= GinkgoT().ParallelTotal(); i++ {
f, err := os.Open(fmt.Sprintf("%s/timings-%d", LockTmpDir, i)) f, err := os.Open(fmt.Sprintf("%s/timings-%d", LockTmpDir, i))

22
test/system/setup_suite.bash
View File

@ -37,7 +37,7 @@ function setup_suite() {
touch "$BATS_SUITE_TMPDIR/all-tests-passed" touch "$BATS_SUITE_TMPDIR/all-tests-passed"
# Track network namespaces, so we can check for leaks at test end # Track network namespaces, so we can check for leaks at test end
ip netns list > $BATS_SUITE_TMPDIR/netns-pre check_netns_files > $BATS_SUITE_TMPDIR/netns-pre
} }
# Run at the very end of all tests. Useful for cleanup of non-BATS tmpdirs. # Run at the very end of all tests. Useful for cleanup of non-BATS tmpdirs.
@ -54,14 +54,30 @@ function teardown_suite() {
fi fi
# Network namespace leak check. List should match what we saw above. # Network namespace leak check. List should match what we saw above.
# When they leak we indefinitely leak resources which is bad.
echo echo
ip netns list > $BATS_SUITE_TMPDIR/netns-post check_netns_files > $BATS_SUITE_TMPDIR/netns-post
if ! diff -u $BATS_SUITE_TMPDIR/netns-{pre,post}; then if ! diff -u $BATS_SUITE_TMPDIR/netns-{pre,post}; then
echo echo
echo "^^^^^ Leaks found in /run/netns ^^^^^" echo "^^^^^ Leaks found in $NETNS_DIR ^^^^^"
exit_code=$((exit_code + 1)) exit_code=$((exit_code + 1))
fi fi
fi fi
return $exit_code return $exit_code
} }
NETNS_DIR=
# List a files in the common netns dir that is used to bind the netns files.
function check_netns_files() {
if is_rootless; then
NETNS_DIR=$XDG_RUNTIME_DIR/netns
else
NETNS_DIR=/run/netns
fi
# The dir may not exists which is fine
if [ -d "$NETNS_DIR" ]; then
ls -1 "$NETNS_DIR"
fi
}