3b0509c3e1
When developing on MacOS currently running test cases is only possible via remote execution on a linux box. With latest master version of gear it is possible to run zuul test cases also natively on MacOS with minimal modification. Since bwrap is not available on mac add a small fake bwrap script that can be linked into the PATH to make test cases work that use ansible. Change-Id: I02d7cc30b872c7406cf6641762e1f7b89e99479d
91 lines
3.4 KiB
Python
91 lines
3.4 KiB
Python
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import fixtures
|
|
import logging
|
|
import subprocess
|
|
import sys
|
|
import tempfile
|
|
import testtools
|
|
import time
|
|
import os
|
|
|
|
from zuul.driver import bubblewrap
|
|
from zuul.executor.server import SshAgent
|
|
from tests.base import iterate_timeout
|
|
from unittest import skipIf
|
|
|
|
|
|
class TestBubblewrap(testtools.TestCase):
|
|
def setUp(self):
|
|
super(TestBubblewrap, self).setUp()
|
|
self.log_fixture = self.useFixture(
|
|
fixtures.FakeLogger(level=logging.DEBUG))
|
|
self.useFixture(fixtures.NestedTempfile())
|
|
|
|
def test_bubblewrap_wraps(self):
|
|
bwrap = bubblewrap.BubblewrapDriver()
|
|
context = bwrap.getExecutionContext()
|
|
work_dir = tempfile.mkdtemp()
|
|
ssh_agent = SshAgent()
|
|
self.addCleanup(ssh_agent.stop)
|
|
ssh_agent.start()
|
|
po = context.getPopen(work_dir=work_dir,
|
|
ssh_auth_sock=ssh_agent.env['SSH_AUTH_SOCK'])
|
|
self.assertTrue(po.fds[0] > 2)
|
|
self.assertTrue(po.fds[1] > 2)
|
|
self.assertTrue(work_dir in po.command)
|
|
# Now run /usr/bin/id to verify passwd/group entries made it in
|
|
true_proc = po(['/usr/bin/id'], stdout=subprocess.PIPE,
|
|
stderr=subprocess.PIPE)
|
|
(output, errs) = true_proc.communicate()
|
|
# Make sure it printed things on stdout
|
|
self.assertTrue(len(output.strip()))
|
|
# And that it did not print things on stderr
|
|
self.assertEqual(0, len(errs.strip()))
|
|
# Make sure the _r's are closed
|
|
self.assertEqual([], po.fds)
|
|
|
|
@skipIf(sys.platform == 'darwin', 'Not supported on MacOS')
|
|
def test_bubblewrap_leak(self):
|
|
bwrap = bubblewrap.BubblewrapDriver()
|
|
context = bwrap.getExecutionContext()
|
|
work_dir = tempfile.mkdtemp()
|
|
ansible_dir = tempfile.mkdtemp()
|
|
ssh_agent = SshAgent()
|
|
self.addCleanup(ssh_agent.stop)
|
|
ssh_agent.start()
|
|
po = context.getPopen(work_dir=work_dir,
|
|
ansible_dir=ansible_dir,
|
|
ssh_auth_sock=ssh_agent.env['SSH_AUTH_SOCK'])
|
|
leak_time = 60
|
|
# Use hexadecimal notation to avoid false-positive
|
|
true_proc = po(['bash', '-c', 'sleep 0x%X & disown' % leak_time])
|
|
self.assertEqual(0, true_proc.wait())
|
|
cmdline = "sleep\x000x%X\x00" % leak_time
|
|
for x in iterate_timeout(30, "process to exit"):
|
|
try:
|
|
sleep_proc = []
|
|
for pid in os.listdir("/proc"):
|
|
if os.path.isfile("/proc/%s/cmdline" % pid):
|
|
with open("/proc/%s/cmdline" % pid) as f:
|
|
if f.read() == cmdline:
|
|
sleep_proc.append(pid)
|
|
|
|
if not sleep_proc:
|
|
break
|
|
except FileNotFoundError:
|
|
pass
|
|
except ProcessLookupError:
|
|
pass
|
|
time.sleep(1)
|