diff --git a/.gitignore b/.gitignore index 8cab96cbc75..6991faf08ee 100644 --- a/.gitignore +++ b/.gitignore @@ -2,12 +2,7 @@ vendor/pkg /runc /runc-* /contrib/cmd/memfd-bind/memfd-bind -/tests/cmd/recvtty/recvtty -/tests/cmd/sd-helper/sd-helper -/tests/cmd/seccompagent/seccompagent -/tests/cmd/fs-idmap/fs-idmap -/tests/cmd/pidfd-kill/pidfd-kill -/tests/cmd/remap-rootfs/remap-rootfs +/tests/cmd/_bin man/man8 release Vagrantfile diff --git a/Makefile b/Makefile index 6bdd031addc..9d36c1c9bba 100644 --- a/Makefile +++ b/Makefile @@ -80,26 +80,27 @@ runc-bin: runc-dmz $(GO_BUILD) -o runc . .PHONY: all -all: runc memfd-bind recvtty sd-helper seccompagent fs-idmap pidfd-kill remap-rootfs +all: runc memfd-bind test-helpers .PHONY: memfd-bind memfd-bind: $(GO_BUILD) -o contrib/cmd/$@/$@ ./contrib/cmd/$@ -.PHONY: recvtty sd-helper seccompagent fs-idmap pidfd-kill remap-rootfs -recvtty sd-helper seccompagent fs-idmap pidfd-kill remap-rootfs: - $(GO_BUILD) -o tests/cmd/$@/$@ ./tests/cmd/$@ +HELPERS_DIR := tests/cmd/_bin +$(HELPERS_DIR): + mkdir $(HELPERS_DIR) + +TEST_HELPERS := recvtty sd-helper seccompagent fs-idmap pidfd-kill remap-rootfs +.PHONY: test-helpers $(TEST_HELPERS) +test-helpers: $(TEST_HELPERS) +$(TEST_HELPERS): $(HELPERS_DIR) + $(GO_BUILD) -o tests/cmd/_bin ./tests/cmd/$@ .PHONY: clean clean: rm -f runc runc-* libcontainer/dmz/binary/runc-dmz rm -f contrib/cmd/memfd-bind/memfd-bind - rm -f tests/cmd/recvtty/recvtty - rm -f tests/cmd/sd-helper/sd-helper - rm -f tests/cmd/seccompagent/seccompagent - rm -f tests/cmd/fs-idmap/fs-idmap - rm -f tests/cmd/pidfd-kill/pidfd-kill - rm -f tests/cmd/remap-rootfs/remap-rootfs + rm -fr $(HELPERS_DIR) sudo rm -rf release rm -rf man/man8 diff --git a/tests/cmd/README.md b/tests/cmd/README.md new file mode 100644 index 00000000000..943770cfaea --- /dev/null +++ b/tests/cmd/README.md @@ -0,0 +1,4 @@ +These are helpers used by [integration tests](/tests/integration). + +They are compiled from the top-level Makefile via `make test-helpers`, +and the resulting binaries can be found in ./_bin. diff --git a/tests/cmd/seccompagent/README.md b/tests/cmd/seccompagent/README.md index 80638797adb..c05f96bef89 100644 --- a/tests/cmd/seccompagent/README.md +++ b/tests/cmd/seccompagent/README.md @@ -17,7 +17,7 @@ make all Run the seccomp agent in the background: ```bash -sudo ./tests/cmd/seccompagent/seccompagent & +sudo ./tests/cmd/_bin/seccompagent & ``` Prepare a container: diff --git a/tests/integration/helpers.bash b/tests/integration/helpers.bash index 76fbab3f5d1..4a0934b0b07 100755 --- a/tests/integration/helpers.bash +++ b/tests/integration/helpers.bash @@ -13,12 +13,9 @@ eval "$IMAGES" unset IMAGES : "${RUNC:="${INTEGRATION_ROOT}/../../runc"}" -RECVTTY="${INTEGRATION_ROOT}/../../tests/cmd/recvtty/recvtty" -SD_HELPER="${INTEGRATION_ROOT}/../../tests/cmd/sd-helper/sd-helper" -SECCOMP_AGENT="${INTEGRATION_ROOT}/../../tests/cmd/seccompagent/seccompagent" -FS_IDMAP="${INTEGRATION_ROOT}/../../tests/cmd/fs-idmap/fs-idmap" -PIDFD_KILL="${INTEGRATION_ROOT}/../../tests/cmd/pidfd-kill/pidfd-kill" -REMAP_ROOTFS="${INTEGRATION_ROOT}/../../tests/cmd/remap-rootfs/remap-rootfs" + +# Path to binaries compiled from packages in tests/cmd by "make test-helpers"). +CMD=${INTEGRATION_ROOT}/../cmd/_bin # Some variables may not always be set. Set those to empty value, # if unset, to avoid "unbound variable" error. @@ -143,7 +140,7 @@ function init_cgroup_paths() { function create_parent() { if [ -v RUNC_USE_SYSTEMD ]; then [ ! -v SD_PARENT_NAME ] && return - "$SD_HELPER" --parent machine.slice start "$SD_PARENT_NAME" + "$CMD/sd-helper" --parent machine.slice start "$SD_PARENT_NAME" else [ ! -v REL_PARENT_PATH ] && return if [ -v CGROUP_V2 ]; then @@ -163,7 +160,7 @@ function create_parent() { function remove_parent() { if [ -v RUNC_USE_SYSTEMD ]; then [ ! -v SD_PARENT_NAME ] && return - "$SD_HELPER" --parent machine.slice stop "$SD_PARENT_NAME" + "$CMD/sd-helper" --parent machine.slice stop "$SD_PARENT_NAME" else [ ! -v REL_PARENT_PATH ] && return if [ -v CGROUP_V2 ]; then @@ -666,7 +663,7 @@ function setup_recvtty() { export CONSOLE_SOCKET="$dir/sock" # We need to start recvtty in the background, so we double fork in the shell. - ("$RECVTTY" --pid-file "$dir/pid" --mode null "$CONSOLE_SOCKET" &) & + ("$CMD/recvtty" --pid-file "$dir/pid" --mode null "$CONSOLE_SOCKET" &) & } function teardown_recvtty() { @@ -683,7 +680,7 @@ function teardown_recvtty() { } function setup_seccompagent() { - ("${SECCOMP_AGENT}" -socketfile="$SECCCOMP_AGENT_SOCKET" -pid-file "$BATS_TMPDIR/seccompagent.pid" &) & + ("$CMD/seccompagent" -socketfile="$SECCCOMP_AGENT_SOCKET" -pid-file "$BATS_TMPDIR/seccompagent.pid" &) & } function teardown_seccompagent() { @@ -739,7 +736,7 @@ function teardown_bundle() { function remap_rootfs() { [ ! -v ROOT ] && return 0 # nothing to remap - "$REMAP_ROOTFS" "$ROOT/bundle" + "$CMD/remap-rootfs" "$ROOT/bundle" } function is_kernel_gte() { @@ -761,7 +758,7 @@ function requires_idmap_fs() { # We need to "|| true" it to avoid CI failure as this binary may return with # something different than 0. - stderr=$($FS_IDMAP "$fs" 2>&1 >/dev/null || true) + stderr=$("$CMD/fs-idmap" "$fs" 2>&1 >/dev/null || true) case $stderr in *invalid\ argument) @@ -805,7 +802,7 @@ function setup_pidfd_kill() { mkdir "${dir}" export PIDFD_SOCKET="${dir}/sock" - ("${PIDFD_KILL}" --pid-file "${dir}/pid" --signal "${signal}" "${PIDFD_SOCKET}" &) & + ("$CMD/pidfd-kill" --pid-file "${dir}/pid" --signal "${signal}" "${PIDFD_SOCKET}" &) & # ensure socket is ready retry 10 1 stat "${PIDFD_SOCKET}"