github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/e2e/isolation/chroot_test.go (about) 1 package isolation 2 3 import ( 4 "regexp" 5 "testing" 6 7 "github.com/hashicorp/nomad/e2e/e2eutil" 8 "github.com/hashicorp/nomad/helper/uuid" 9 "github.com/shoenig/test/must" 10 ) 11 12 func TestChrootFS(t *testing.T) { 13 nomad := e2eutil.NomadClient(t) 14 15 e2eutil.WaitForLeader(t, nomad) 16 e2eutil.WaitForNodesReady(t, nomad, 1) 17 18 t.Run("testTaskEnvChroot", testExecUsesChroot) 19 t.Run("testTaskImageChroot", testImageUsesChroot) 20 t.Run("testDownloadChrootExec", testDownloadChrootExec) 21 } 22 23 func testExecUsesChroot(t *testing.T) { 24 nomad := e2eutil.NomadClient(t) 25 26 jobID := "exec-chroot-" + uuid.Short() 27 jobIDs := []string{jobID} 28 t.Cleanup(e2eutil.CleanupJobsAndGC(t, &jobIDs)) 29 30 // start job 31 e2eutil.RegisterAndWaitForAllocs(t, nomad, "./input/chroot_exec.nomad", jobID, "") 32 33 // get allocation 34 allocations, err := e2eutil.AllocsForJob(jobID, "") 35 must.NoError(t, err) 36 must.Len(t, 1, allocations) 37 allocID := allocations[0]["ID"] 38 39 // wait for allocation stopped 40 e2eutil.WaitForAllocsStopped(t, nomad, []string{allocID}) 41 42 // assert log contents 43 logs, err := e2eutil.AllocLogs(allocID, e2eutil.LogsStdOut) 44 must.NoError(t, err) 45 must.RegexMatch(t, regexp.MustCompile(`(?m:^/alloc\b)`), logs) 46 must.RegexMatch(t, regexp.MustCompile(`(?m:^/local\b)`), logs) 47 must.RegexMatch(t, regexp.MustCompile(`(?m:^/secrets\b)`), logs) 48 must.StrContains(t, logs, "/bin") 49 } 50 51 func testImageUsesChroot(t *testing.T) { 52 nomad := e2eutil.NomadClient(t) 53 54 jobID := "docker-chroot-" + uuid.Short() 55 jobIDs := []string{jobID} 56 t.Cleanup(e2eutil.CleanupJobsAndGC(t, &jobIDs)) 57 58 // start job 59 e2eutil.RegisterAndWaitForAllocs(t, nomad, "./input/chroot_docker.nomad", jobID, "") 60 61 // get allocation 62 allocations, err := e2eutil.AllocsForJob(jobID, "") 63 must.NoError(t, err) 64 must.Len(t, 1, allocations) 65 allocID := allocations[0]["ID"] 66 67 // wait for allocation stopped 68 e2eutil.WaitForAllocsStopped(t, nomad, []string{allocID}) 69 70 // assert log contents 71 logs, err := e2eutil.AllocLogs(allocID, e2eutil.LogsStdOut) 72 must.NoError(t, err) 73 must.RegexMatch(t, regexp.MustCompile(`(?m:^/alloc\b)`), logs) 74 must.RegexMatch(t, regexp.MustCompile(`(?m:^/local\b)`), logs) 75 must.RegexMatch(t, regexp.MustCompile(`(?m:^/secrets\b)`), logs) 76 must.StrContains(t, logs, "/bin") 77 } 78 79 func testDownloadChrootExec(t *testing.T) { 80 nomad := e2eutil.NomadClient(t) 81 82 jobID := "dl-chroot-exec" + uuid.Short() 83 jobIDs := []string{jobID} 84 t.Cleanup(e2eutil.CleanupJobsAndGC(t, &jobIDs)) 85 86 // start job 87 e2eutil.RegisterAndWaitForAllocs(t, nomad, "./input/chroot_dl_exec.nomad", jobID, "") 88 89 // get allocation 90 allocations, err := e2eutil.AllocsForJob(jobID, "") 91 must.NoError(t, err) 92 must.Len(t, 1, allocations) 93 allocID := allocations[0]["ID"] 94 95 // wait for allocation stopped 96 e2eutil.WaitForAllocsStopped(t, nomad, []string{allocID}) 97 98 allocStatuses, err := e2eutil.AllocStatuses(jobID, "") 99 must.NoError(t, err) 100 t.Log("DEBUG", "job_id", jobID, "allocStatuses", allocStatuses) 101 102 allocEvents, err := e2eutil.AllocTaskEventsForJob(jobID, "") 103 must.NoError(t, err) 104 t.Log("DEBUG", "job_id", jobID, "allocEvents", allocEvents) 105 106 // wait for task complete (is the alloc stopped state not enough??) 107 e2eutil.WaitForAllocTaskComplete(t, nomad, allocID, "run-script") 108 109 // assert log contents 110 logs, err := e2eutil.AllocTaskLogs(allocID, "run-script", e2eutil.LogsStdOut) 111 must.NoError(t, err) 112 must.StrContains(t, logs, "this output is from a script") 113 }