2017-03-18 06:45:19 +08:00
#!/usr/bin/env bats
load helpers
@test "run" {
if ! which runc ; then
skip
fi
2017-07-21 01:41:51 +08:00
runc --version
2017-03-18 06:45:19 +08:00
createrandom ${TESTDIR}/randomfile
2017-03-28 02:46:35 +08:00
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
2017-03-25 00:49:22 +08:00
root=$(buildah mount $cid)
2018-02-23 23:54:23 +08:00
buildah config --workingdir /tmp $cid
2017-03-25 00:49:22 +08:00
run buildah --debug=false run $cid pwd
2017-07-21 01:41:51 +08:00
[ "$status" -eq 0 ]
2017-03-18 06:45:19 +08:00
[ "$output" = /tmp ]
2018-02-23 23:54:23 +08:00
buildah config --workingdir /root $cid
2017-03-18 06:45:19 +08:00
run buildah --debug=false run $cid pwd
2017-07-21 01:41:51 +08:00
[ "$status" -eq 0 ]
2017-03-18 06:45:19 +08:00
[ "$output" = /root ]
cp ${TESTDIR}/randomfile $root/tmp/
buildah run $cid cp /tmp/randomfile /tmp/other-randomfile
test -s $root/tmp/other-randomfile
cmp ${TESTDIR}/randomfile $root/tmp/other-randomfile
2017-07-21 01:41:51 +08:00
buildah unmount $cid
buildah rm $cid
}
@test "run--args" {
if ! which runc ; then
skip
fi
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
# This should fail, because buildah run doesn't have a -n flag.
2018-02-23 23:54:23 +08:00
run buildah --debug=false run -n $cid echo test
2017-07-21 01:41:51 +08:00
[ "$status" -ne 0 ]
# This should succeed, because buildah run stops caring at the --, which is preserved as part of the command.
run buildah --debug=false run $cid echo -- -n test
[ "$status" -eq 0 ]
echo :"$output":
[ "$output" = "-- -n test" ]
# This should succeed, because buildah run stops caring at the --, which is not part of the command.
run buildah --debug=false run $cid -- echo -n -- test
[ "$status" -eq 0 ]
echo :"$output":
2017-07-18 05:09:30 +08:00
[ "$output" = "-- test" ]
2017-07-21 01:41:51 +08:00
# This should succeed, because buildah run stops caring at the --.
run buildah --debug=false run $cid -- echo -- -n test --
[ "$status" -eq 0 ]
echo :"$output":
[ "$output" = "-- -n test --" ]
# This should succeed, because buildah run stops caring at the --.
run buildah --debug=false run $cid -- echo -n "test"
[ "$status" -eq 0 ]
echo :"$output":
2017-07-18 05:09:30 +08:00
[ "$output" = "test" ]
2017-03-24 04:45:35 +08:00
buildah rm $cid
2017-03-18 06:45:19 +08:00
}
2017-04-05 05:31:02 +08:00
2017-06-23 23:53:51 +08:00
@test "run-cmd" {
if ! which runc ; then
skip
fi
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
2018-02-23 23:54:23 +08:00
buildah config --workingdir /tmp $cid
2017-06-23 23:53:51 +08:00
2018-05-03 07:50:13 +08:00
# Configured entrypoint/cmd shouldn't modify behaviour of run with no arguments
# empty entrypoint, configured cmd, empty run arguments
2018-02-23 23:54:23 +08:00
buildah config --entrypoint "" $cid
buildah config --cmd pwd $cid
2017-06-23 23:53:51 +08:00
run buildah --debug=false run $cid
2018-05-03 07:13:28 +08:00
[ "$status" -eq 1 ]
2018-05-03 13:00:08 +08:00
[ "$output" = "command must be specified" ]
2018-05-03 13:48:50 +08:00
# empty entrypoint, configured cmd, empty run arguments, end parsing option
buildah config --entrypoint "" $cid
buildah config --cmd pwd $cid
run buildah --debug=false run $cid --
[ "$status" -eq 1 ]
[ "$output" = "command must be specified" ]
2017-06-23 23:53:51 +08:00
2018-05-03 07:50:13 +08:00
# configured entrypoint, empty cmd, empty run arguments
2018-04-18 04:00:12 +08:00
buildah config --entrypoint pwd $cid
2018-02-23 23:54:23 +08:00
buildah config --cmd "" $cid
2017-06-23 23:53:51 +08:00
run buildah --debug=false run $cid
2018-05-03 07:13:28 +08:00
[ "$status" -eq 1 ]
2018-05-03 13:00:08 +08:00
[ "$output" = "command must be specified" ]
2018-05-03 13:48:50 +08:00
# configured entrypoint, empty cmd, empty run arguments, end parsing option
buildah config --entrypoint pwd $cid
buildah config --cmd "" $cid
run buildah --debug=false run $cid --
[ "$status" -eq 1 ]
[ "$output" = "command must be specified" ]
2017-06-23 23:53:51 +08:00
2018-05-03 07:50:13 +08:00
# configured entrypoint only, empty run arguments
2018-04-18 04:00:12 +08:00
buildah config --entrypoint pwd $cid
run buildah --debug=false run $cid
2018-05-03 07:13:28 +08:00
[ "$status" -eq 1 ]
2018-05-03 13:00:08 +08:00
[ "$output" = "command must be specified" ]
2018-05-03 13:48:50 +08:00
# configured entrypoint only, empty run arguments, end parsing option
buildah config --entrypoint pwd $cid
run buildah --debug=false run $cid --
[ "$status" -eq 1 ]
[ "$output" = "command must be specified" ]
2017-06-23 23:53:51 +08:00
2018-05-03 07:50:13 +08:00
# cofigured cmd only, empty run arguments
2018-05-03 07:13:28 +08:00
buildah config --cmd pwd $cid
2018-04-18 04:00:12 +08:00
run buildah --debug=false run $cid
2018-05-03 07:13:28 +08:00
[ "$status" -eq 1 ]
2018-05-03 13:00:08 +08:00
[ "$output" = "command must be specified" ]
2018-05-03 07:13:28 +08:00
2018-05-03 13:48:50 +08:00
# cofigured cmd only, empty run arguments, end parsing option
buildah config --cmd pwd $cid
run buildah --debug=false run $cid --
[ "$status" -eq 1 ]
[ "$output" = "command must be specified" ]
2018-05-03 07:50:13 +08:00
# configured entrypoint, configured cmd, empty run arguments
2018-05-03 07:13:28 +08:00
buildah config --entrypoint "pwd" $cid
buildah config --cmd "whoami" $cid
run buildah --debug=false run $cid
[ "$status" -eq 1 ]
2018-05-03 13:00:08 +08:00
[ "$output" = "command must be specified" ]
2018-05-03 13:48:50 +08:00
# configured entrypoint, configured cmd, empty run arguments, end parsing option
buildah config --entrypoint "pwd" $cid
buildah config --cmd "whoami" $cid
run buildah --debug=false run $cid --
[ "$status" -eq 1 ]
[ "$output" = "command must be specified" ]
2017-06-23 23:53:51 +08:00
2018-05-03 07:50:13 +08:00
# Configured entrypoint/cmd shouldn't modify behaviour of run with argument
# Note: entrypoint and cmd can be invalid in below tests as they should never execute
# empty entrypoint, configured cmd, configured run arguments
buildah config --entrypoint "" $cid
buildah config --cmd "/invalid/cmd" $cid
run buildah --debug=false run $cid -- pwd
[ "$status" -eq 0 ]
[ "$output" = "/tmp" ]
# configured entrypoint, empty cmd, configured run arguments
buildah config --entrypoint "/invalid/entrypoint" $cid
buildah config --cmd "" $cid
run buildah --debug=false run $cid -- pwd
[ "$status" -eq 0 ]
[ "$output" = "/tmp" ]
# configured entrypoint only, configured run arguments
buildah config --entrypoint "/invalid/entrypoint" $cid
run buildah --debug=false run $cid -- pwd
[ "$status" -eq 0 ]
[ "$output" = "/tmp" ]
# cofigured cmd only, configured run arguments
buildah config --cmd "/invalid/cmd" $cid
run buildah --debug=false run $cid -- pwd
[ "$status" -eq 0 ]
[ "$output" = "/tmp" ]
# configured entrypoint, configured cmd, configured run arguments
buildah config --entrypoint "/invalid/entrypoint" $cid
buildah config --cmd "/invalid/cmd" $cid
run buildah --debug=false run $cid -- pwd
[ "$status" -eq 0 ]
[ "$output" = "/tmp" ]
2017-06-23 23:53:51 +08:00
buildah rm $cid
}
2017-04-05 05:31:02 +08:00
@test "run-user" {
if ! which runc ; then
skip
fi
eval $(go env)
echo CGO_ENABLED=${CGO_ENABLED}
if test "$CGO_ENABLED" -ne 1; then
skip
fi
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
root=$(buildah mount $cid)
testuser=jimbo
2017-11-04 01:32:19 +08:00
testbogususer=nosuchuser
2017-04-05 05:31:02 +08:00
testgroup=jimbogroup
testuid=$RANDOM
2017-11-03 01:39:56 +08:00
testotheruid=$RANDOM
2017-04-05 05:31:02 +08:00
testgid=$RANDOM
testgroupid=$RANDOM
echo "$testuser:x:$testuid:$testgid:Jimbo Jenkins:/home/$testuser:/bin/sh" >> $root/etc/passwd
echo "$testgroup:x:$testgroupid:" >> $root/etc/group
2018-02-23 23:54:23 +08:00
buildah config -u "" $cid
2017-04-05 05:31:02 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = 0 ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = 0 ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testuser} $cid
2017-04-05 05:31:02 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testuid ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testgid ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testuid} $cid
2017-04-05 05:31:02 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testuid ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testgid ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testuser}:${testgroup} $cid
2017-04-05 05:31:02 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testuid ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testgroupid ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testuid}:${testgroup} $cid
2017-04-05 05:31:02 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testuid ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testgroupid ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testotheruid}:${testgroup} $cid
2017-11-03 01:39:56 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-11-03 01:39:56 +08:00
[ "$output" = $testotheruid ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-11-03 01:39:56 +08:00
[ "$output" = $testgroupid ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testotheruid} $cid
2017-11-03 01:39:56 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-11-03 01:39:56 +08:00
[ "$output" = $testotheruid ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-11-03 01:39:56 +08:00
[ "$output" = 0 ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testuser}:${testgroupid} $cid
2017-04-05 05:31:02 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testuid ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testgroupid ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testuid}:${testgroupid} $cid
2017-04-05 05:31:02 +08:00
buildah run -- $cid id
run buildah --debug=false run -- $cid id -u
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testuid ]
run buildah --debug=false run -- $cid id -g
2017-11-08 06:19:51 +08:00
[ "$status" -eq 0 ]
2017-04-05 05:31:02 +08:00
[ "$output" = $testgroupid ]
2018-02-23 23:54:23 +08:00
buildah config -u ${testbogususer} $cid
2017-11-04 01:32:19 +08:00
run buildah --debug=false run -- $cid id -u
[ "$status" -ne 0 ]
2017-11-08 06:19:51 +08:00
[[ "$output" =~ "unknown user" ]]
2017-11-04 01:32:19 +08:00
run buildah --debug=false run -- $cid id -g
[ "$status" -ne 0 ]
2017-11-08 06:19:51 +08:00
[[ "$output" =~ "unknown user" ]]
2017-11-04 01:32:19 +08:00
2017-04-13 01:35:48 +08:00
ln -vsf /etc/passwd $root/etc/passwd
2018-02-23 23:54:23 +08:00
buildah config -u ${testuser}:${testgroup} $cid
2017-04-13 01:35:48 +08:00
run buildah --debug=false run -- $cid id -u
echo "$output"
[ "$status" -ne 0 ]
[[ "$output" =~ "unknown user" ]]
2017-04-05 05:31:02 +08:00
buildah unmount $cid
buildah rm $cid
}
2017-09-21 19:39:39 +08:00
@test "run --hostname" {
2018-07-20 02:41:02 +08:00
if test "$BUILDAH_ISOLATION" = "rootless" ; then
skip
fi
2017-09-21 19:39:39 +08:00
if ! which runc ; then
skip
fi
runc --version
2017-11-10 01:23:47 +08:00
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
2017-09-21 19:39:39 +08:00
run buildah --debug=false run $cid hostname
2017-11-10 01:02:22 +08:00
echo "$output"
2017-09-21 19:39:39 +08:00
[ "$status" -eq 0 ]
[ "$output" != "foobar" ]
run buildah --debug=false run --hostname foobar $cid hostname
2017-11-10 01:02:22 +08:00
echo "$output"
2017-09-21 19:39:39 +08:00
[ "$status" -eq 0 ]
[ "$output" = "foobar" ]
buildah rm $cid
}
2018-05-31 22:56:40 +08:00
@test "run --volume" {
if ! which runc ; then
skip
fi
2018-07-21 05:58:48 +08:00
zflag=
if which selinuxenabled > /dev/null 2> /dev/null ; then
if selinuxenabled ; then
zflag=z
fi
fi
2018-05-31 22:56:40 +08:00
runc --version
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
mkdir -p ${TESTDIR}/was-empty
# As a baseline, this should succeed.
2018-07-21 05:58:48 +08:00
run buildah --debug=false run -v ${TESTDIR}/was-empty:/var/not-empty${zflag:+:${zflag}} $cid touch /var/not-empty/testfile
2018-05-31 22:56:40 +08:00
echo "$output"
[ "$status" -eq 0 ]
# If we're parsing the options at all, this should be read-only, so it should fail.
2018-07-21 05:58:48 +08:00
run buildah --debug=false run -v ${TESTDIR}/was-empty:/var/not-empty:ro${zflag:+,${zflag}} $cid touch /var/not-empty/testfile
2018-05-31 22:56:40 +08:00
echo "$output"
[ "$status" -ne 0 ]
2018-09-11 02:23:26 +08:00
# Even if the parent directory doesn't exist yet, this should succeed.
run buildah --debug=false run -v ${TESTDIR}/was-empty:/var/multi-level/subdirectory $cid touch /var/multi-level/subdirectory/testfile
echo "$output"
# And check the same for file volumes.
run buildah --debug=false run -v ${TESTDIR}/was-empty/testfile:/var/different-multi-level/subdirectory/testfile $cid touch /var/different-multi-level/subdirectory/testfile
echo "$output"
[ "$status" -eq 0 ]
2018-05-31 22:56:40 +08:00
}
2018-06-02 02:54:45 +08:00
@test "run symlinks" {
if ! which runc ; then
skip
fi
runc --version
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
mkdir -p ${TESTDIR}/tmp
ln -s tmp ${TESTDIR}/tmp2
export TMPDIR=${TESTDIR}/tmp2
run buildah --debug=false run $cid id
echo "$output"
[ "$status" -eq 0 ]
}
2018-06-05 05:36:26 +08:00
@test "run --cap-add/--cap-drop" {
if ! which runc ; then
skip
fi
runc --version
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
# Try with default caps.
run buildah --debug=false run $cid grep ^CapEff /proc/self/status
echo "$output"
[ "$status" -eq 0 ]
defaultcaps="$output"
# Try adding DAC_OVERRIDE.
run buildah --debug=false run --cap-add CAP_DAC_OVERRIDE $cid grep ^CapEff /proc/self/status
echo "$output"
[ "$status" -eq 0 ]
addedcaps="$output"
# Try dropping DAC_OVERRIDE.
run buildah --debug=false run --cap-drop CAP_DAC_OVERRIDE $cid grep ^CapEff /proc/self/status
echo "$output"
[ "$status" -eq 0 ]
droppedcaps="$output"
# Okay, now the "dropped" and "added" should be different.
test "$addedcaps" != "$droppedcaps"
# And one or the other should be different from the default, with the other being the same.
if test "$defaultcaps" == "$addedcaps" ; then
test "$defaultcaps" != "$droppedcaps"
fi
if test "$defaultcaps" == "$droppedcaps" ; then
test "$defaultcaps" != "$addedcaps"
fi
}
2018-07-30 23:54:15 +08:00
@test "Check if containers run with correct open files/processes limits" {
if ! which runc ; then
skip
fi
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json alpine)
run buildah --debug=false run $cid awk '/open files/{print $4}' /proc/self/limits
2018-10-25 03:15:40 +08:00
echo $output
2018-07-30 23:54:15 +08:00
[ "$status" -eq 0 ]
[ "$output" = 1048576 ]
run buildah --debug=false run $cid awk '/processes/{print $3}' /proc/self/limits
2018-10-25 03:15:40 +08:00
echo $output
2018-07-30 23:54:15 +08:00
[ "$status" -eq 0 ]
[ "$output" = 1048576 ]
buildah rm $cid
cid=$(buildah from --ulimit nofile=300:400 --pull --signature-policy ${TESTSDIR}/policy.json alpine)
run buildah --debug=false run $cid awk '/open files/{print $4}' /proc/self/limits
2018-10-25 03:15:40 +08:00
echo $output
2018-07-30 23:54:15 +08:00
[ "$status" -eq 0 ]
[ "$output" = 300 ]
run buildah --debug=false run $cid awk '/processes/{print $3}' /proc/self/limits
echo $output
[ "$status" -eq 0 ]
[ "$output" = 1048576 ]
buildah rm $cid
cid=$(buildah from --ulimit nproc=100:200 --ulimit nofile=300:400 --pull --signature-policy ${TESTSDIR}/policy.json alpine)
run buildah --debug=false run $cid awk '/open files/{print $4}' /proc/self/limits
2018-10-25 03:15:40 +08:00
echo $output
2018-07-30 23:54:15 +08:00
[ "$status" -eq 0 ]
[ "$output" = 300 ]
run buildah --debug=false run $cid awk '/processes/{print $3}' /proc/self/limits
2018-10-25 03:15:40 +08:00
echo $output
2018-07-30 23:54:15 +08:00
[ "$status" -eq 0 ]
[ "$output" = 100 ]
buildah rm $cid
}
2018-10-25 03:15:40 +08:00
@test "run-builtin-volume-omitted" {
# This image is known to include a volume, but not include the mountpoint
# in the image.
cid=$(buildah from --pull --signature-policy ${TESTSDIR}/policy.json docker.io/library/registry@sha256:a25e4660ed5226bdb59a5e555083e08ded157b1218282840e55d25add0223390)
mnt=$(buildah mount $cid)
# By default, the mountpoint should not be there.
run test -d "$mnt"/var/lib/registry
echo "$output"
[ "$status" -ne 0 ]
# We'll create the mountpoint for "run".
run buildah --debug=false run $cid ls -1 /var/lib
echo "$output"
[[ "$output" =~ registry ]]
[ "$status" -eq 0 ]
# Double-check that the mountpoint is there.
run test -d "$mnt"/var/lib/registry
echo "$output"
[ "$status" -eq 0 ]
}
