From 1553518214088a89d6a2360a6fcdddbd3915628a Mon Sep 17 00:00:00 2001
From: Dusty Mabe <dusty@dustymabe.com>
Date: Sun, 14 May 2023 22:50:49 -0400
Subject: [PATCH] tests/kola: add podman.rootless-pasta-networking test

See: https://github.com/coreos/fedora-coreos-tracker/issues/1436
---
 tests/kola/podman/rootless-pasta-networking | 53 +++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100755 tests/kola/podman/rootless-pasta-networking

diff --git a/tests/kola/podman/rootless-pasta-networking b/tests/kola/podman/rootless-pasta-networking
new file mode 100755
index 0000000000..1cc72c5fc3
--- /dev/null
+++ b/tests/kola/podman/rootless-pasta-networking
@@ -0,0 +1,53 @@
+#!/bin/bash
+## kola:
+##   description: Verify that rootless pasta networking passt works.
+##   # This test downloads containers and curls from the net.
+##   tags: "platform-independent needs-internet"
+##   # This test doesn't make meaningful changes to the system and
+##   # should be able to be combined with other tests.
+##   exclusive: false
+##   # This test reaches out to the internet and it could take more
+##   # time to pull down the container.
+##   timeoutMin: 3
+
+# See https://github.com/coreos/fedora-coreos-tracker/issues/1436
+
+set -xeuo pipefail
+. $KOLA_EXT_DATA/commonlib.sh
+
+runascoreuserscript='#!/bin/bash
+set -euxo pipefail
+# Just a basic test that uses pasta network and sets the gateway
+podman run -i --net=pasta:-g,8.8.8.8 registry.fedoraproject.org/fedora:38 bash <<"EOF"
+set -euxo pipefail
+# Verify the 8.8.8.8 got set as the gateway. No /sbin/ip so just use /proc/net/route
+cat /proc/net/route | grep 08080808
+# Download something from the internet. Here we use one of the test
+# fixtures from the ignition.resource.remote test.
+result=$(curl https://ignition-test-fixtures.s3.amazonaws.com/resources/anonymous)
+[ "$result" == "kola-anonymous" ] || exit 1
+EOF
+'
+
+runascoreuser() {
+    # NOTE: If we don't use `| cat` the output won't get copied
+    # to our unit and won't show up in the `systemctl status` output
+    # of the ext test.
+    sudo -u core "$@" | cat
+}
+
+main() {
+
+    # Execute script as the core user to exercise rootless podman
+    runascoreuserscriptpath=$(mktemp --suffix=runascoreuser)
+    echo "$runascoreuserscript" > $runascoreuserscriptpath
+    chmod +x $runascoreuserscriptpath
+    chown core $runascoreuserscriptpath
+    if runascoreuser $runascoreuserscriptpath; then
+        ok "Podman with pasta networking succeeded!"
+    else
+        fatal "Podman with pasta networking failed"
+    fi
+}
+
+main