github.com/containerd/nerdctl@v1.7.7/cmd/nerdctl/container_run_windows_test.go

github.com/containerd/nerdctl@v1.7.7/cmd/nerdctl/container_run_windows_test.go (about)

     1  /*
     2     Copyright The containerd Authors.
     3  
     4     Licensed under the Apache License, Version 2.0 (the "License");
     5     you may not use this file except in compliance with the License.
     6     You may obtain a copy of the License at
     7  
     8         http://www.apache.org/licenses/LICENSE-2.0
     9  
    10     Unless required by applicable law or agreed to in writing, software
    11     distributed under the License is distributed on an "AS IS" BASIS,
    12     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13     See the License for the specific language governing permissions and
    14     limitations under the License.
    15  */
    16  
    17  package main
    18  
    19  import (
    20  	"bytes"
    21  	"os/exec"
    22  	"strings"
    23  	"testing"
    24  
    25  	"github.com/containerd/nerdctl/pkg/testutil"
    26  	"gotest.tools/v3/assert"
    27  )
    28  
    29  func TestRunHostProcessContainer(t *testing.T) {
    30  	testutil.DockerIncompatible(t)
    31  	base := testutil.NewBase(t)
    32  	hostname, err := exec.Command("hostname").Output()
    33  	if err != nil {
    34  		t.Fatalf("unable to get hostname: %s", err)
    35  	}
    36  	hostname = bytes.TrimSpace(hostname)
    37  
    38  	base.Cmd("run", "--rm", "--isolation=host", testutil.WindowsNano, "hostname").AssertOutContains(string(hostname))
    39  	output := base.Cmd("run", "--rm", "--isolation=host", testutil.WindowsNano, "whoami").Out()
    40  	t.Logf("whoami %s", output)
    41  }
    42  
    43  func TestRunHostProcessContainerAsUser(t *testing.T) {
    44  	testutil.DockerIncompatible(t)
    45  	base := testutil.NewBase(t)
    46  
    47  	hostuser := "nt authority\\system"
    48  	base.Cmd("run", "--rm", "--isolation=host", "-u", "NT AUTHORITY\\SYSTEM", testutil.WindowsNano, "whoami").AssertOutContains(hostuser)
    49  }
    50  
    51  func TestRunHostProcessContainerAsService(t *testing.T) {
    52  	testutil.DockerIncompatible(t)
    53  	base := testutil.NewBase(t)
    54  	hostuser := "nt authority\\local service"
    55  	base.Cmd("run", "--rm", "--isolation=host", "-u", "NT AUTHORITY\\Local Service", testutil.WindowsNano, "whoami").AssertOutContains(hostuser)
    56  }
    57  
    58  func TestRunHostProcessContainerAslocalService(t *testing.T) {
    59  	testutil.DockerIncompatible(t)
    60  	base := testutil.NewBase(t)
    61  	hostuser := "nt authority\\network service"
    62  	base.Cmd("run", "--rm", "--isolation=host", "-u", "NT AUTHORITY\\Network Service", testutil.WindowsNano, "whoami").AssertOutContains(hostuser)
    63  }
    64  
    65  func TestRunProcessIsolated(t *testing.T) {
    66  	testutil.DockerIncompatible(t)
    67  	base := testutil.NewBase(t)
    68  
    69  	containerUser := "ContainerUser"
    70  	base.Cmd("run", "--rm", "--isolation=process", "-u", containerUser, testutil.WindowsNano, "whoami").AssertOutContains(containerUser)
    71  }
    72  
    73  func TestRunHyperVContainer(t *testing.T) {
    74  	testutil.DockerIncompatible(t)
    75  	base := testutil.NewBase(t)
    76  
    77  	if !testutil.HyperVSupported() {
    78  		t.Skip("HyperV is not enabled, skipping test")
    79  	}
    80  
    81  	// hyperv must not be in the name for this test, the output is parsed for it
    82  	containerName := "nerdctl-testwcowcontainer"
    83  	base.Cmd("run", "--isolation", "hyperv", "--name", containerName, testutil.WindowsNano).Out()
    84  	defer base.Cmd("rm", "-f", containerName).AssertOK()
    85  	inspectOutput := base.Cmd("container", "inspect", "--mode", "native", containerName).Out()
    86  
    87  	assert.Assert(t, strings.Contains(inspectOutput, "hyperv"))
    88  }
    89  
    90  func TestRunProcessContainer(t *testing.T) {
    91  	testutil.DockerIncompatible(t)
    92  	base := testutil.NewBase(t)
    93  	containerName := testutil.Identifier(t)
    94  
    95  	base.Cmd("run", "--isolation", "process", "--name", containerName, testutil.WindowsNano).Out()
    96  	defer base.Cmd("rm", "-f", containerName).AssertOK()
    97  	inspectOutput := base.Cmd("container", "inspect", "--mode", "native", containerName).Out()
    98  	t.Log(inspectOutput)
    99  
   100  	assert.Assert(t, !strings.Contains(inspectOutput, "hyperv"))
   101  }
   102  
   103  // Note that the current implementation of this test is not ideal, since it relies on internal HCS details that
   104  // Microsoft could decide to change in the future (breaking both this unit test and the one in containerd itself):
   105  // https://github.com/containerd/containerd/pull/6618#discussion_r823302852
   106  func TestRunProcessContainerWithDevice(t *testing.T) {
   107  	testutil.DockerIncompatible(t)
   108  	base := testutil.NewBase(t)
   109  
   110  	base.Cmd(
   111  		"run",
   112  		"--rm",
   113  		"--isolation=process",
   114  		"--device", "class://5B45201D-F2F2-4F3B-85BB-30FF1F953599",
   115  		testutil.WindowsNano,
   116  		"cmd", "/S", "/C", "dir C:\\Windows\\System32\\HostDriverStore",
   117  	).AssertOutContains("FileRepository")
   118  }