tests/image: add booting tests
This commit makes the osbuild-image-tests binary doing the same set of tests like the old test/run script. Changes from test/run: - qemu/nspawn are now killed gracefully. Firstly, SIGTERM is sent. If the process doesn't exit till the timeout, SIGKILL is sent. I changed this because nspawn leaves some artifacts behind when killed by SIGKILL. - the unsharing of network namespace now works differently because of systemd issue #15079
This commit is contained in:
Ondřej Budai
Tom Gundersen
parent
f060c8d795
commit
b4a7bc6467
7 changed files with 538 additions and 9 deletions
146
cmd/osbuild-image-tests/netns.go
Normal file
146
cmd/osbuild-image-tests/netns.go
Normal file
|
|
@ -0,0 +1,146 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path"
|
||||
"runtime"
|
||||
"syscall"
|
||||
|
||||
"golang.org/x/sys/unix"
|
||||
)
|
||||
|
||||
const netnsDir = "/var/run/netns"
|
||||
|
||||
// Network namespace abstraction
|
||||
type netNS string
|
||||
|
||||
// newNetworkNamespace returns a new network namespace with a random
|
||||
// name. The calling goroutine remains in the same namespace
|
||||
// as before the call.
|
||||
func newNetworkNamespace() (netNS, error) {
|
||||
// This method needs to unshare the current thread. Go runtime can switch
|
||||
// the goroutine to run on a different thread at any point, so we need
|
||||
// to ensure that this method runs in the same thread for its whole
|
||||
// lifetime.
|
||||
runtime.LockOSThread()
|
||||
defer runtime.UnlockOSThread()
|
||||
|
||||
_, err := os.Stat(netnsDir)
|
||||
|
||||
if err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
err := os.Mkdir(netnsDir, 0755)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("cannot create %s: %v", netnsDir, err)
|
||||
}
|
||||
} else {
|
||||
return "", fmt.Errorf("cannot stat %s: %v", netnsDir, err)
|
||||
}
|
||||
}
|
||||
|
||||
f, err := ioutil.TempFile(netnsDir, "osbuild-composer-namespace")
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("cannot create a tempfile: %v", err)
|
||||
}
|
||||
|
||||
// We want to remove the temporary file if the namespace initialization fails.
|
||||
// The best method I could thought of is to have the following variable
|
||||
// denoting if the initialization was successful. It is set to true right
|
||||
// before the end of this function.
|
||||
initOK := false
|
||||
defer func() {
|
||||
if !initOK {
|
||||
err := os.Remove(f.Name())
|
||||
if err != nil {
|
||||
log.Printf("cannot remove the temporary namespace: %v", err)
|
||||
}
|
||||
}
|
||||
}()
|
||||
|
||||
oldNS, err := os.Open("/proc/self/ns/net")
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("cannot open the current namespace: %v", err)
|
||||
}
|
||||
|
||||
err = syscall.Unshare(syscall.CLONE_NEWNET)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("cannot unshare the network namespace")
|
||||
}
|
||||
defer func() {
|
||||
err = unix.Setns(int(oldNS.Fd()), syscall.CLONE_NEWNET)
|
||||
if err != nil {
|
||||
// We cannot return to the original namespace.
|
||||
// As we don't know nothing about affected threads, let's just
|
||||
// quit immediately.
|
||||
log.Fatalf("returning to the original namespace failed, quitting: %v", err)
|
||||
}
|
||||
}()
|
||||
|
||||
cmd := exec.Command("ip", "link", "set", "up", "dev", "lo")
|
||||
cmd.Stderr = os.Stderr
|
||||
cmd.Stdout = os.Stderr
|
||||
err = cmd.Run()
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("cannot set up a loopback device in the new namespace: %v", err)
|
||||
}
|
||||
|
||||
cmd = exec.Command("mount", "-o", "bind", "/proc/self/ns/net", f.Name())
|
||||
cmd.Stderr = os.Stderr
|
||||
cmd.Stdout = os.Stderr
|
||||
err = cmd.Run()
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("cannot bind mount the new namespace: %v", err)
|
||||
}
|
||||
|
||||
ns := netNS(path.Base(f.Name()))
|
||||
|
||||
// Initialization OK, do not delete the namespace file.
|
||||
initOK = true
|
||||
return ns, nil
|
||||
}
|
||||
|
||||
// NamespaceCommand returns an *exec.Cmd struct with the difference
|
||||
// that it's prepended by "ip netns exec NAMESPACE_NAME" command, which
|
||||
// runs the command in a namespaced environment.
|
||||
func (n netNS) NamespacedCommand(name string, arg ...string) *exec.Cmd {
|
||||
args := []string{"netns", "exec", string(n), name}
|
||||
args = append(args, arg...)
|
||||
return exec.Command("ip", args...)
|
||||
}
|
||||
|
||||
// NamespaceCommand returns an *exec.Cmd struct with the difference
|
||||
// that it's prepended by "ip netns exec NAMESPACE_NAME" command, which
|
||||
// runs the command in a namespaced environment.
|
||||
func (n netNS) NamespacedCommandContext(ctx context.Context, name string, arg ...string) *exec.Cmd {
|
||||
args := []string{"netns", "exec", string(n), name}
|
||||
args = append(args, arg...)
|
||||
return exec.CommandContext(ctx, "ip", args...)
|
||||
}
|
||||
|
||||
// Path returns the path to the namespace file
|
||||
func (n netNS) Path() string {
|
||||
return path.Join(netnsDir, string(n))
|
||||
}
|
||||
|
||||
// Delete deletes the namespaces
|
||||
func (n netNS) Delete() error {
|
||||
cmd := exec.Command("umount", n.Path())
|
||||
cmd.Stderr = os.Stderr
|
||||
cmd.Stdout = os.Stdout
|
||||
err := cmd.Run()
|
||||
if err != nil {
|
||||
return fmt.Errorf("cannot unmount the network namespace: %v", err)
|
||||
}
|
||||
|
||||
err = os.Remove(n.Path())
|
||||
if err != nil {
|
||||
return fmt.Errorf("cannot delete the network namespace file: %v", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue