AfterEach(func() { helpers.StopProcesses(cellProcess) }) Describe("Running a task", func() { var guid string BeforeEach(func() { guid = helpers.GenerateGuid() }) It("runs the command as a specific user", func() { taskRequest := helpers.TaskCreateRequest( guid, &models.RunAction{ User: "******", Path: "sh", Args: []string{"-c", `[ $(whoami) = testuser ]`}, }, ) taskRequest.Privileged = true err := receptorClient.CreateTask(taskRequest) Expect(err).NotTo(HaveOccurred()) var task receptor.TaskResponse Eventually(func() interface{} { var err error task, err = receptorClient.GetTask(guid) Expect(err).NotTo(HaveOccurred())
AfterEach(func() { helpers.StopProcesses(runtime) }) Context("when a task that tries to do privileged things is requested", func() { var taskRequest receptor.TaskCreateRequest BeforeEach(func() { taskRequest = helpers.TaskCreateRequest( helpers.GenerateGuid(), &models.RunAction{ Path: "sh", // always run as root; tests change task-level privileged User: "******", Args: []string{ "-c", // writing to /proc/sysrq-trigger requires full privileges; // h is a safe thing to write "echo h > /proc/sysrq-trigger", }, }, ) }) JustBeforeEach(func() { err := receptorClient.CreateTask(taskRequest) Expect(err).NotTo(HaveOccurred()) }) Context("when the task is privileged", func() { BeforeEach(func() {
Context("Egress Rules", func() { var ( taskGuid string taskCreateRequest receptor.TaskCreateRequest ) BeforeEach(func() { taskGuid = helpers.GenerateGuid() taskCreateRequest = helpers.TaskCreateRequest( taskGuid, &models.RunAction{ User: "******", Path: "sh", Args: []string{ "-c", ` curl -s --connect-timeout 5 http://www.example.com -o /dev/null echo $? >> /tmp/result exit 0 `, }, }, ) taskCreateRequest.ResultFile = "/tmp/result" }) JustBeforeEach(func() { err := receptorClient.CreateTask(taskCreateRequest) Expect(err).NotTo(HaveOccurred()) })
Describe("Running a task", func() { var guid string BeforeEach(func() { guid = helpers.GenerateGuid() }) It("runs the command with the provided environment", func() { err := receptorClient.CreateTask(helpers.TaskCreateRequest( guid, &models.RunAction{ User: "******", Path: "sh", Args: []string{"-c", `[ "$FOO" = NEW-BAR -a "$BAZ" = WIBBLE ]`}, Env: []*models.EnvironmentVariable{ {"FOO", "OLD-BAR"}, {"BAZ", "WIBBLE"}, {"FOO", "NEW-BAR"}, }, }, )) Expect(err).NotTo(HaveOccurred()) var task receptor.TaskResponse Eventually(func() interface{} { var err error task, err = receptorClient.GetTask(guid) Expect(err).NotTo(HaveOccurred())