func setCapability(capabilityname string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxSpec.Linux.Capabilities = []string{capabilityname} utils.SetBind(&linuxRuntimeSpec, &linuxSpec) return linuxSpec, linuxRuntimeSpec }
func TestPathError() string { linuxspec := setRoot(true, testPathError) root := linuxspec.Spec.Root lr := specsinit.SetLinuxruntimeMinimum() result, err := testRoot(&linuxspec, &lr, true, testPathError) var testResult manager.TestResult testResult.Set("TestPathError", root, err, result) return testResult.Marshal() }
func TestReadOnlyFalse() string { linuxspec := setRoot(false, testPathCorrect) root := linuxspec.Spec.Root lr := specsinit.SetLinuxruntimeMinimum() result, err := testRoot(&linuxspec, &lr, false, testPathCorrect) var testResult manager.TestResult testResult.Set("TestReadOnlyFalse", root, err, result) return testResult.Marshal() }
func setMount(fsName string, fsType string, fsSrc string, fsDes string, fsOpt []string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { var linuxSpec specs.LinuxSpec = specsinit.SetLinuxspecMinimum() var linuxRuntimeSpec specs.LinuxRuntimeSpec = specsinit.SetLinuxruntimeMinimum() configMountTest := specs.MountPoint{fsName, fsDes} runtimeMountTest := specs.Mount{fsType, fsSrc, fsOpt} linuxSpec.Mounts = append(linuxSpec.Mounts, configMountTest) linuxRuntimeSpec.Mounts[fsName] = runtimeMountTest return linuxSpec, linuxRuntimeSpec }
func TestVersionError() string { ls := setVersion(testVauleError) lr := specsinit.SetLinuxruntimeMinimum() version := ls.Spec.Version result, err := testVersion(&ls, &lr, false) var testResult manager.TestResult testResult.Set("TestVersionError", version, err, result) return testResult.Marshal() }
func TestPlatformCorrect() string { linuxspec := setPlatform(runtime.GOOS, runtime.GOARCH) platform := linuxspec.Spec.Platform lr := specsinit.SetLinuxruntimeMinimum() result, err := testPlatform(&linuxspec, &lr, runtime.GOOS, runtime.GOARCH) var testResult manager.TestResult testResult.Set("TestPlatformCorrect", platform, err, result) return testResult.Marshal() }
func setProcess(process specs.Process) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() lr := specsinit.SetLinuxruntimeMinimum() //Bind containerend folder to runc container, thus we can get containerend guest programme linuxSpec.Spec.Process = process utils.SetBind(&lr, &linuxSpec) return linuxSpec, lr }
func setHooks(thooks []specs.Hook, isPre bool) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() if isPre { linuxRuntimeSpec.RuntimeSpec.Hooks.Prestart = thooks } else { linuxRuntimeSpec.RuntimeSpec.Hooks.Prestart = thooks } return linuxSpec, linuxRuntimeSpec }
func TestPlatformErr() string { osErr := "osErr" archErr := "archErr" linuxspec := setPlatform(osErr, archErr) platform := linuxspec.Spec.Platform lr := specsinit.SetLinuxruntimeMinimum() result, err := testPlatform(&linuxspec, &lr, osErr, archErr) var testResult manager.TestResult testResult.Set("TestPlatformErr", platform, err, result) return testResult.Marshal() }
func setCgroupspath(path string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.CgroupsPath = path // temporary add cgroup filesystem for test configMountTest := specs.MountPoint{"cgroup", "/sys/fs/cgroup"} runtimeMountTest := specs.Mount{"cgroup", "cgroup", []string{""}} linuxSpec.Mounts = append(linuxSpec.Mounts, configMountTest) linuxRuntimeSpec.Mounts["cgroup"] = runtimeMountTest return linuxSpec, linuxRuntimeSpec }
func setRootfsPropagation(mode string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() var initdevice specs.Device = specs.Device{ Type: 99, Path: "/dev/null", Major: 1, Minor: 3, Permissions: "rwm", FileMode: 438, UID: 0, GID: 0, } linuxRuntimeSpec.Linux.Devices = []specs.Device{initdevice} linuxRuntimeSpec.Linux.RootfsPropagation = mode return linuxSpec, linuxRuntimeSpec }
func setDevices(testdevices specs.Device) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() var initdevice specs.Device = specs.Device{ Type: 99, Path: "/dev/null", Major: 1, Minor: 3, Permissions: "rwm", FileMode: 438, UID: 0, GID: 0, } linuxRuntimeSpec.Linux.Devices = []specs.Device{initdevice} linuxRuntimeSpec.Linux.Devices = append(linuxRuntimeSpec.Linux.Devices, testdevices) return linuxSpec, linuxRuntimeSpec }
// The test func for TestCase TestVersionCorrect func TestVersionCorrect() string { // Set result to spec.Version, and get specs.LinuxSpec obj ls := setVersion(testValueCorrect) // Get smallest specs.LinuxRuntimeSpec obj lr := specsinit.SetLinuxruntimeMinimum() version := ls.Spec.Version // Do test result, err := testVersion(&ls, &lr, true) var testResult manager.TestResult // Set reusult to TestResult testResult.Set("TestVersionCorrect", version, err, result) return testResult.Marshal() }
func setResources(resources specs.Resources) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.Resources = &resources return linuxSpec, linuxRuntimeSpec }
func setRlimits(testrlimits specs.Rlimit) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.Rlimits = []specs.Rlimit{testrlimits} return linuxSpec, linuxRuntimeSpec }
func setSeccomp(sec specs.Seccomp) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.Seccomp = sec return linuxSpec, linuxRuntimeSpec }
func setSElinuxLabel(label string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxSpec := specsinit.SetLinuxspecMinimum() linuxRuntimeSpec := specsinit.SetLinuxruntimeMinimum() linuxRuntimeSpec.Linux.SelinuxProcessLabel = label return linuxSpec, linuxRuntimeSpec }
package linuxapparmorprofile import ( "errors" "github.com/huawei-openlab/oct/tools/runtimeValidator/adaptor" "github.com/huawei-openlab/oct/tools/runtimeValidator/manager" "github.com/huawei-openlab/oct/tools/runtimeValidator/utils/configconvert" "github.com/huawei-openlab/oct/tools/runtimeValidator/utils/specsinit" "github.com/opencontainers/specs" "os/exec" "strings" "time" ) var linuxSpec specs.LinuxSpec = specsinit.SetLinuxspecMinimum() var linuxRuntimeSpec specs.LinuxRuntimeSpec = specsinit.SetLinuxruntimeMinimum() var TestSuiteLinuxApparmorProfile manager.TestSuite = manager.TestSuite{Name: "LinuxSpec.Linux.ApparmorProfile"} func init() { TestSuiteLinuxApparmorProfile.AddTestCase("TestLinuxApparmorProfile", TestLinuxApparmorProfile) manager.Manager.AddTestSuite(TestSuiteLinuxApparmorProfile) } func setApparmorProfile(profilename string) (specs.LinuxSpec, specs.LinuxRuntimeSpec) { linuxRuntimeSpec.Linux.ApparmorProfile = profilename linuxSpec.Spec.Process.Args = []string{"/bin/bash", "-c", "sleep 3s"} return linuxSpec, linuxRuntimeSpec } func testApparmorProfile(linuxSpec *specs.LinuxSpec, linuxRuntimeSpec *specs.LinuxRuntimeSpec) (string, error) {