diff options
| author | Ed Santiago <santiago@redhat.com> | 2021-07-14 13:55:00 -0600 |
|---|---|---|
| committer | Ed Santiago <santiago@redhat.com> | 2021-07-15 05:06:33 -0600 |
| commit | 547fff27033a294d1639ee3f9125f775032f39f5 (patch) | |
| tree | 056f808343188229738ada44c71432babdcbe391 /test/e2e/run_selinux_test.go | |
| parent | 61245884abb181ee4dd46280a56dec5f25d2432d (diff) | |
| download | podman-547fff27033a294d1639ee3f9125f775032f39f5.tar.gz podman-547fff27033a294d1639ee3f9125f775032f39f5.tar.bz2 podman-547fff27033a294d1639ee3f9125f775032f39f5.zip | |
e2e tests: use Should(Exit()) and ExitWithError()
e2e test failures are rife with messages like:
Expected 1 to equal 0
These make me cry. They're anti-helpful, requiring the reader
to dive into the source code to figure out what those numbers
mean.
Solution: Go tests have a '.Should(Exit(NNN))' mechanism. I
don't know if it spits out a better diagnostic (I have no way
to run e2e tests on my laptop), but I have to fantasize that
it will, and given the state of our flakes I assume that at
least one test will fail and give me the opportunity to see
what the error message looks like.
THIS IS NOT REVIEWABLE CODE. There is no way for a human
to review it. Don't bother. Maybe look at a few random
ones for sanity. If you want to really review, here is
a reproducer of what I did:
cd test/e2e
! positive assertions. The second is the same as the first,
! with the addition of (unnecessary) parentheses because
! some invocations were written that way. The third is BeZero().
perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(Equal\((\d+)\)\)/Expect($1).Should(Exit($2))/' *_test.go
perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(\(Equal\((\d+)\)\)\)/Expect($1).Should(Exit($2))/' *_test.go
perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(BeZero\(\)\)/Expect($1).Should(Exit(0))/' *_test.go
! Same as above, but handles three non-numeric exit codes
! in run_exit_test.go
perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(Equal\((\S+)\)\)/Expect($1).Should(Exit($2))/' *_test.go
! negative assertions. Difference is the spelling of 'To(Not)',
! 'ToNot', and 'NotTo'. I assume those are all the same.
perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(Not\(Equal\((0)\)\)\)/Expect($1).To(ExitWithError())/' *_test.go
perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.ToNot\(Equal\((0)\)\)/Expect($1).To(ExitWithError())/' *_test.go
perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.NotTo\(Equal\((0)\)\)/Expect($1).To(ExitWithError())/' *_test.go
! negative, old use of BeZero()
perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.ToNot\(BeZero\(\)\)/Expect($1).Should(ExitWithError())/' *_test.go
Run those on a clean copy of main branch (at the same branch
point as my PR, of course), then diff against a checked-out
copy of my PR. There should be no differences. Then all you
have to review is that my replacements above are sane.
UPDATE: nope, that's not enough, you also need to add gomega/gexec
to the files that don't have it:
perl -pi -e '$_ .= "$1/gexec\"\n" if m!^(.*/onsi/gomega)"!' $(grep -L gomega/gexec $(git log -1 --stat | awk '$1 ~ /test\/e2e\// { print $1}'))
UPDATE 2: hand-edit run_volume_test.go
UPDATE 3: sigh, add WaitWithDefaultTimeout() to a couple of places
UPDATE 4: skip a test due to bug #10935 (race condition)
Signed-off-by: Ed Santiago <santiago@redhat.com>
Diffstat (limited to 'test/e2e/run_selinux_test.go')
| -rw-r--r-- | test/e2e/run_selinux_test.go | 87 |
1 files changed, 44 insertions, 43 deletions
diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go index 2886f06c1..1a5ef4d5d 100644 --- a/test/e2e/run_selinux_test.go +++ b/test/e2e/run_selinux_test.go @@ -7,6 +7,7 @@ import ( . "github.com/containers/podman/v3/test/utils" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" + . "github.com/onsi/gomega/gexec" "github.com/opencontainers/selinux/go-selinux" ) @@ -40,7 +41,7 @@ var _ = Describe("Podman run", func() { It("podman run selinux", func() { session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_t") Expect(match).Should(BeTrue()) }) @@ -48,7 +49,7 @@ var _ = Describe("Podman run", func() { It("podman run selinux grep test", func() { session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=level:s0:c1,c2", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("s0:c1,c2") Expect(match).Should(BeTrue()) }) @@ -56,7 +57,7 @@ var _ = Describe("Podman run", func() { It("podman run selinux disable test", func() { session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=disable", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("spc_t") Expect(match).Should(BeTrue()) }) @@ -64,7 +65,7 @@ var _ = Describe("Podman run", func() { It("podman run selinux type check test", func() { session := podmanTest.Podman([]string{"run", "-it", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match1, _ := session.GrepString("container_t") match2, _ := session.GrepString("svirt_lxc_net_t") Expect(match1 || match2).Should(BeTrue()) @@ -73,7 +74,7 @@ var _ = Describe("Podman run", func() { It("podman run selinux type setup test", func() { session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=type:spc_t", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("spc_t") Expect(match).Should(BeTrue()) }) @@ -81,7 +82,7 @@ var _ = Describe("Podman run", func() { It("podman privileged selinux", func() { session := podmanTest.Podman([]string{"run", "--privileged", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("spc_t") Expect(match).Should(BeTrue()) }) @@ -89,7 +90,7 @@ var _ = Describe("Podman run", func() { It("podman test selinux label resolv.conf", func() { session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_file_t") Expect(match).Should(BeTrue()) }) @@ -97,7 +98,7 @@ var _ = Describe("Podman run", func() { It("podman test selinux label hosts", func() { session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hosts"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_file_t") Expect(match).Should(BeTrue()) }) @@ -105,7 +106,7 @@ var _ = Describe("Podman run", func() { It("podman test selinux label hostname", func() { session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-Z", "/etc/hostname"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_file_t") Expect(match).Should(BeTrue()) }) @@ -113,7 +114,7 @@ var _ = Describe("Podman run", func() { It("podman test selinux label /run/secrets", func() { session := podmanTest.Podman([]string{"run", fedoraMinimal, "ls", "-dZ", "/run/secrets"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_file_t") Expect(match).Should(BeTrue()) }) @@ -121,7 +122,7 @@ var _ = Describe("Podman run", func() { It("podman test selinux --privileged label resolv.conf", func() { session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/resolv.conf"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_file_t") Expect(match).Should(BeTrue()) }) @@ -129,7 +130,7 @@ var _ = Describe("Podman run", func() { It("podman test selinux --privileged label hosts", func() { session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hosts"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_file_t") Expect(match).Should(BeTrue()) }) @@ -137,7 +138,7 @@ var _ = Describe("Podman run", func() { It("podman test selinux --privileged label hostname", func() { session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-Z", "/etc/hostname"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_file_t") Expect(match).Should(BeTrue()) }) @@ -145,7 +146,7 @@ var _ = Describe("Podman run", func() { It("podman test selinux --privileged label /run/secrets", func() { session := podmanTest.Podman([]string{"run", "--privileged", fedoraMinimal, "ls", "-dZ", "/run/secrets"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_file_t") Expect(match).Should(BeTrue()) }) @@ -153,19 +154,19 @@ var _ = Describe("Podman run", func() { It("podman run selinux file type setup test", func() { session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=type:spc_t", "--security-opt", "label=filetype:container_var_lib_t", fedoraMinimal, "ls", "-Z", "/dev"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("container_var_lib_t") Expect(match).Should(BeTrue()) session = podmanTest.Podman([]string{"run", "-it", "--security-opt", "label=type:spc_t", "--security-opt", "label=filetype:foobar", fedoraMinimal, "ls", "-Z", "/dev"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(126)) + Expect(session).Should(Exit(126)) }) It("podman exec selinux check", func() { setup := podmanTest.RunTopContainer("test1") setup.WaitWithDefaultTimeout() - Expect(setup.ExitCode()).To(Equal(0)) + Expect(setup).Should(Exit(0)) session := podmanTest.Podman([]string{"exec", "test1", "cat", "/proc/1/attr/current"}) session.WaitWithDefaultTimeout() @@ -177,7 +178,7 @@ var _ = Describe("Podman run", func() { It("podman run --privileged and --security-opt SELinux options", func() { session := podmanTest.Podman([]string{"run", "-it", "--privileged", "--security-opt", "label=type:spc_t", "--security-opt", "label=level:s0:c1,c2", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString("spc_t") Expect(match).To(BeTrue()) match2, _ := session.GrepString("s0:c1,c2") @@ -187,90 +188,90 @@ var _ = Describe("Podman run", func() { It("podman pod container share SELinux labels", func() { session := podmanTest.Podman([]string{"pod", "create"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) podID := session.OutputToString() session = podmanTest.Podman([]string{"run", "--pod", podID, ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) label1 := session.OutputToString() session = podmanTest.Podman([]string{"run", "--pod", podID, ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Equal(label1)) session = podmanTest.Podman([]string{"pod", "rm", podID, "--force"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) }) It("podman pod container --infra=false doesn't share SELinux labels", func() { session := podmanTest.Podman([]string{"pod", "create", "--infra=false"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) podID := session.OutputToString() session = podmanTest.Podman([]string{"run", "--pod", podID, ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) label1 := session.OutputToString() session = podmanTest.Podman([]string{"run", "--pod", podID, ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Not(Equal(label1))) session = podmanTest.Podman([]string{"pod", "rm", podID, "--force"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) }) It("podman shared IPC NS container share SELinux labels", func() { session := podmanTest.RunTopContainer("test1") session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"exec", "test1", "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) label1 := session.OutputToString() session = podmanTest.Podman([]string{"run", "--ipc", "container:test1", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Equal(label1)) }) It("podman shared PID NS container share SELinux labels", func() { session := podmanTest.RunTopContainer("test1") session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"exec", "test1", "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) label1 := session.OutputToString() session = podmanTest.Podman([]string{"run", "--pid", "container:test1", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Equal(label1)) }) It("podman shared NET NS container doesn't share SELinux labels", func() { session := podmanTest.RunTopContainer("test1") session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"exec", "test1", "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) label1 := session.OutputToString() session = podmanTest.Podman([]string{"run", "--net", "container:test1", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Not(Equal(label1))) }) @@ -278,35 +279,35 @@ var _ = Describe("Podman run", func() { SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") session := podmanTest.Podman([]string{"run", "--pid=host", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("spc_t")) }) It("podman test --ipc=host", func() { session := podmanTest.Podman([]string{"run", "--ipc=host", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("spc_t")) }) It("podman test --ipc=net", func() { session := podmanTest.Podman([]string{"run", "--net=host", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("container_t")) }) It("podman test --ipc=net", func() { session := podmanTest.Podman([]string{"run", "--net=host", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("container_t")) }) It("podman test --ipc=net", func() { session := podmanTest.Podman([]string{"run", "--net=host", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("container_t")) }) @@ -321,7 +322,7 @@ var _ = Describe("Podman run", func() { } session := podmanTest.Podman([]string{"create", ALPINE}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) cid := session.OutputToString() session = podmanTest.Podman([]string{"inspect", "--format", "{{ .ProcessLabel }}", cid}) session.WaitWithDefaultTimeout() @@ -337,7 +338,7 @@ var _ = Describe("Podman run", func() { It("podman test init labels", func() { session := podmanTest.Podman([]string{"create", ubi_init, "/sbin/init"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) cid := session.OutputToString() session = podmanTest.Podman([]string{"inspect", "--format", "{{ .ProcessLabel }}", cid}) session.WaitWithDefaultTimeout() @@ -347,7 +348,7 @@ var _ = Describe("Podman run", func() { It("podman relabels named volume with :Z", func() { session := podmanTest.Podman([]string{"run", "-v", "testvol:/test1/test:Z", fedoraMinimal, "ls", "-alZ", "/test1"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + Expect(session).Should(Exit(0)) match, _ := session.GrepString(":s0:") Expect(match).Should(BeTrue()) }) |