Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add OnBuild and usernamespace test to baseline #1127

Closed
wants to merge 1 commit into from
Closed

Add OnBuild and usernamespace test to baseline #1127

wants to merge 1 commit into from

Conversation

TomSweeneyRedHat
Copy link
Member

Signed-off-by: TomSweeneyRedHat tsweeney@redhat.com

Added tests to check OnBuild handling as noted in containers/buildah#658 and also Usernamespace testing as noted: https://github.com/marcov/userns-test.

For my own insane reasons, I moved the whalesays test back to the bottom, moving the xfsquota test up. It's just easier to quickly see the graphic from the whalesays test and know that everything is done.

This test is not run by the CI Tests, it is only run "by hand" to verify that a new kit is happy.

@TomSweeneyRedHat
Copy link
Member Author

In case you're interested, here's the new test output.

########
# Make directories for UserNamespace testsing
########
mkdir -p /tmp/voltest/vol-0
mkdir -p /tmp/voltest/vol-1000
mkdir -p /tmp/voltest/vol-100000
mkdir -p /tmp/voltest/vol-101000
UIDGID=`/usr/bin/tr -cd "[:digit:]" <<< /tmp/voltest/vol-0`

chown $UIDGID:$UIDGID /tmp/voltest/vol-0
chown $UIDGID:$UIDGID /tmp/voltest/vol-1000
chown $UIDGID:$UIDGID /tmp/voltest/vol-100000
chown $UIDGID:$UIDGID /tmp/voltest/vol-101000

########
# Make run test script
########
FILE=./runtest.sh
/bin/cat <<EOM >$FILE
#!/usr/bin/env bash
ls -n /mnt
for i in $(find /mnt -mindepth 1 -type d); do
    touch "$i/foobar" 2>/dev/null;
    echo "create $i/foobar: $?";
    /bin/rm "$i/foobar" 2>/dev/null;
done;
exit 0
EOM
chmod +x $FILE

########
# Make Dockerfile
########
FILE=./Dockerfile
/bin/cat <<EOM >$FILE
FROM debian
ADD ./runtest.sh /runtest.sh
EOM
chmod +x $FILE

########
# Build container
########
podman build -t usernamespace -f ./Dockerfile .
STEP 1: FROM debian
Getting image source signatures
Copying blob sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6
 43.21 MB / 43.21 MB [======================================================] 6s
Copying config sha256:3bbb526d26083e7a65a7a112ed72e1ec58e81384412f2d3fcdbbd87d49fd588d
 1.47 KB / 1.47 KB [========================================================] 0s
Writing manifest to image destination
Storing signatures
STEP 2: ADD ./runtest.sh /runtest.sh
STEP 3: COMMIT containers-storage:[overlay@/var/lib/containers/storage+/var/run/containers/storage:overlay.override_kernel_check=true]localhost/usernamespace:latest
Getting image source signatures
Skipping fetch of repeat blob sha256:3b10514a95bec77489a57d6e2fbfddb7ddfdb643907470ce5de0f1b05c603706
Copying blob sha256:a3bb0dd395b0fb8cd67ffc851e38017e38416165ef4b82a9af267e3c9cf879fb
 210 B / 210 B [============================================================] 0s
Copying config sha256:2fffe655345f9f538d4e3068673fab6c4afa43ea0af6f0d6a61ad490f11a6a80
 715 B / 715 B [============================================================] 0s
Writing manifest to image destination
Storing signatures
--> 2fffe655345f9f538d4e3068673fab6c4afa43ea0af6f0d6a61ad490f11a6a80

########
# Run the tests for UserNamespaces
########
echo "Run as root with no user NS"
Run as root with no user NS
podman run $PODMAN_OPTS usernamespace /bin/bash runtest.sh
total 0
drwxr-xr-x. 2 0 0 40 Jul 21 22:56 vol-0
drwxr-xr-x. 2 0 0 40 Jul 21 22:56 vol-1000
drwxr-xr-x. 2 0 0 40 Jul 21 22:56 vol-100000
drwxr-xr-x. 2 0 0 40 Jul 21 22:56 vol-101000
echo ""


echo "Run as user 1000 with no user NS"
Run as user 1000 with no user NS
podman run --user=1000 $PODMAN_OPTS usernamespace /bin/bash /runtest.sh
total 0
drwxr-xr-x. 2 0 0 40 Jul 21 22:56 vol-0
drwxr-xr-x. 2 0 0 40 Jul 21 22:56 vol-1000
drwxr-xr-x. 2 0 0 40 Jul 21 22:56 vol-100000
drwxr-xr-x. 2 0 0 40 Jul 21 22:56 vol-101000
echo ""


echo "Run as root with user NS "
Run as root with user NS 
podman run $PODMAN_ID_MAPS $PODMAN_OPTS usernamespace /bin/bash /runtest.sh
total 0
drwxr-xr-x. 2 65534 65534 40 Jul 21 22:56 vol-0
drwxr-xr-x. 2 65534 65534 40 Jul 21 22:56 vol-1000
drwxr-xr-x. 2 65534 65534 40 Jul 21 22:56 vol-100000
drwxr-xr-x. 2 65534 65534 40 Jul 21 22:56 vol-101000
echo ""


echo "Run as user 1000 with user NS "
Run as user 1000 with user NS 
podman run --user=1000 $PODMAN_ID_MAPS $PODMAN_OPTS usernamespace /bin/bash /runtest.sh
total 0
drwxr-xr-x. 2 65534 65534 40 Jul 21 22:56 vol-0
drwxr-xr-x. 2 65534 65534 40 Jul 21 22:56 vol-1000
drwxr-xr-x. 2 65534 65534 40 Jul 21 22:56 vol-100000
drwxr-xr-x. 2 65534 65534 40 Jul 21 22:56 vol-101000
echo ""


########
# Clean up Podman
########
podman rm --all
podman rmi --all
Untagged: docker.io/library/debian:latest
3bbb526d26083e7a65a7a112ed72e1ec58e81384412f2d3fcdbbd87d49fd588d
2fffe655345f9f538d4e3068673fab6c4afa43ea0af6f0d6a61ad490f11a6a80
rm -f ./runtest.sh
rm -rf /tmp/voltest
rm -f ./Dockerfile

########
# Build Dockerfiles for OnBuild Test
# (Thanks @clcollins!)
########
FILE=./Dockerfile
/bin/cat <<EOM >$FILE
FROM alpine
RUN touch /foo
ONBUILD RUN touch /bar
EOM
chmod +x $FILE

FILE=./Dockerfile-2
/bin/cat <<EOM >$FILE
FROM onbuild-image
RUN touch /baz
EOM
chmod +x $FILE

########
# Build with Dockerfiles
########
podman build -f ./Dockerfile --format=docker -t onbuild-image .
STEP 1: FROM alpine
Getting image source signatures
Copying blob sha256:8e3ba11ec2a2b39ab372c60c16b421536e50e5ce64a0bc81765c2e38381bcff6
 2.10 MB / 2.10 MB [========================================================] 0s
Copying config sha256:11cd0b38bc3ceb958ffb2f9bd70be3fb317ce7d255c8a4c3f4af30e298aa1aab
 1.48 KB / 1.48 KB [========================================================] 0s
Writing manifest to image destination
Storing signatures
STEP 2: RUN touch /foo
STEP 3: ONBUILD RUN touch /bar
STEP 4: COMMIT containers-storage:[overlay@/var/lib/containers/storage+/var/run/containers/storage:overlay.override_kernel_check=true]localhost/onbuild-image:latest
Getting image source signatures
Skipping fetch of repeat blob sha256:73046094a9b835e443af1a9d736fcfc11a994107500e474d0abf399499ed280c
Copying blob sha256:a12de6a1fcd1aa196f212e03f2054fbeaab0a2f9295d13a8eae4d123c2a02ba1
 175 B / 175 B [============================================================] 0s
Copying config sha256:17e507881dccb334c43adef248c09445e5bfd9a0c8e755fcdded29f4487ff1b7
 1.62 KB / 1.62 KB [========================================================] 0s
Writing manifest to image destination
Storing signatures
--> 17e507881dccb334c43adef248c09445e5bfd9a0c8e755fcdded29f4487ff1b7
podman build -f ./Dockerfile-2 --format=docker -t result-image .
STEP 1: FROM onbuild-image
STEP 2: RUN touch /bar
STEP 3: RUN touch /baz
STEP 4: COMMIT containers-storage:[overlay@/var/lib/containers/storage+/var/run/containers/storage:overlay.override_kernel_check=true]localhost/result-image:latest
Getting image source signatures
Skipping fetch of repeat blob sha256:73046094a9b835e443af1a9d736fcfc11a994107500e474d0abf399499ed280c
Skipping fetch of repeat blob sha256:652acb09a0ed55bc780e018fe4c5e0f7bcf85e8370eb7efbaf883fd6e2a05924
Copying blob sha256:2fb654e86d1fe668803ce6c4b7a1f91c5be26cbc1e9d87591637ba4ac9c424d0
 112 B / 112 B [============================================================] 0s
Copying config sha256:5e2895c7d98085575c20827c7754f68a3f57fa905b367a1dd4c1b36bfb92c33f
 1.70 KB / 1.70 KB [========================================================] 0s
Writing manifest to image destination
Storing signatures
--> 5e2895c7d98085575c20827c7754f68a3f57fa905b367a1dd4c1b36bfb92c33f

########
# Check for /bar /baz and /foo files
########
podman run --network=host result-image ls -alF /bar /baz /foo
-rw-r--r--    1 root     root             0 Jul 21 22:57 /bar
-rw-r--r--    1 root     root             0 Jul 21 22:57 /baz
-rw-r--r--    1 root     root             0 Jul 21 22:57 /foo

########
# Clean up Podman
########
podman rm --all
37065603803af5aed9c8c9b63669577c67e155c91f1faa5f5ee0b1e03a349368
podman rmi --all
Untagged: docker.io/library/alpine:latest
Untagged: localhost/onbuild-image:latest
17e507881dccb334c43adef248c09445e5bfd9a0c8e755fcdded29f4487ff1b7
11cd0b38bc3ceb958ffb2f9bd70be3fb317ce7d255c8a4c3f4af30e298aa1aab
5e2895c7d98085575c20827c7754f68a3f57fa905b367a1dd4c1b36bfb92c33f
rm ./Dockerfile*

@TomSweeneyRedHat
Add OnBuild and usernamespace test to baseline
eb0f9d1 
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
@rhatdan
Copy link
Member

rhatdan commented Jul 22, 2018

bot, retest this please

@vrothberg
Copy link
Member

LGTM

@marcov, your tests are about to get upstream :-)

@mheon
Copy link
Member

mheon commented Jul 23, 2018

Oh my, the tests are actually green. LGTM
@rh-atomic-bot r+

@rh-atomic-bot
Copy link
Collaborator

📌 Commit eb0f9d1 has been approved by mheon

@rh-atomic-bot
Copy link
Collaborator

⚡ Test exempted: pull fully rebased and already tested.

@TomSweeneyRedHat TomSweeneyRedHat deleted the dev/tsweeney/baselineun branch July 24, 2018 13:26
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 27, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@TomSweeneyRedHat @rhatdan @vrothberg @mheon @rh-atomic-bot