1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
package createconfig
import (
"runtime"
"testing"
"github.com/containers/common/pkg/sysinfo"
"github.com/containers/libpod/v2/pkg/cgroups"
"github.com/containers/libpod/v2/pkg/rootless"
"github.com/containers/storage"
"github.com/containers/storage/pkg/idtools"
"github.com/docker/go-units"
"github.com/stretchr/testify/assert"
)
var (
sysInfo = sysinfo.New(true)
)
// Make createconfig to test with
func makeTestCreateConfig() *CreateConfig {
cc := new(CreateConfig)
cc.Resources = CreateResourceConfig{}
cc.User.IDMappings = new(storage.IDMappingOptions)
cc.User.IDMappings.UIDMap = []idtools.IDMap{}
cc.User.IDMappings.GIDMap = []idtools.IDMap{}
return cc
}
func doCommonSkipChecks(t *testing.T) {
// The default configuration of podman enables seccomp, which is not available on non-Linux systems.
// Thus, any tests that use the default seccomp setting would fail.
// Skip the tests on non-Linux platforms rather than explicitly disable seccomp in the test and possibly affect the test result.
if runtime.GOOS != "linux" {
t.Skip("seccomp, which is enabled by default, is only supported on Linux")
}
if rootless.IsRootless() {
isCgroupV2, err := cgroups.IsCgroup2UnifiedMode()
if err != nil {
t.Errorf("unexpected error: %v", err)
}
if !isCgroupV2 {
t.Skip("cgroups v1 cannot be used when rootless")
}
}
}
// TestPIDsLimit verifies the given pid-limit is correctly defined in the spec
func TestPIDsLimit(t *testing.T) {
doCommonSkipChecks(t)
if !sysInfo.PidsLimit {
t.Skip("running test not supported by the host system")
}
cc := makeTestCreateConfig()
cc.Resources.PidsLimit = 22
spec, err := cc.createConfigToOCISpec(nil, nil)
assert.NoError(t, err)
assert.Equal(t, spec.Linux.Resources.Pids.Limit, int64(22))
}
// TestBLKIOWeightDevice verifies the given blkio weight is correctly set in the
// spec.
func TestBLKIOWeightDevice(t *testing.T) {
doCommonSkipChecks(t)
if !sysInfo.BlkioWeightDevice {
t.Skip("running test not supported by the host system")
}
cc := makeTestCreateConfig()
cc.Resources.BlkioWeightDevice = []string{"/dev/zero:100"}
spec, err := cc.createConfigToOCISpec(nil, nil)
assert.NoError(t, err)
// /dev/zero is guaranteed 1,5 by the Linux kernel
assert.Equal(t, spec.Linux.Resources.BlockIO.WeightDevice[0].Major, int64(1))
assert.Equal(t, spec.Linux.Resources.BlockIO.WeightDevice[0].Minor, int64(5))
assert.Equal(t, *(spec.Linux.Resources.BlockIO.WeightDevice[0].Weight), uint16(100))
}
// TestMemorySwap verifies that the given swap memory limit is correctly set in
// the spec.
func TestMemorySwap(t *testing.T) {
doCommonSkipChecks(t)
if !sysInfo.SwapLimit {
t.Skip("running test not supported by the host system")
}
swapLimit, err := units.RAMInBytes("45m")
assert.NoError(t, err)
cc := makeTestCreateConfig()
cc.Resources.MemorySwap = swapLimit
spec, err := cc.createConfigToOCISpec(nil, nil)
assert.NoError(t, err)
assert.Equal(t, *(spec.Linux.Resources.Memory.Swap), swapLimit)
}
|