From 35ddf5ebb94b646b4af82f47d85eb7c3408d312e Mon Sep 17 00:00:00 2001 From: Martin Pitt Date: Mon, 18 Mar 2024 15:47:50 +0100 Subject: [PATCH] TEST nspawn --- test/browser/browser.sh | 32 +++++++++++++++++--------------- test/browser/main.fmf | 2 +- test/browser/run-test.sh | 5 ++--- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/test/browser/browser.sh b/test/browser/browser.sh index 5e52f84d2..ca64c97ac 100755 --- a/test/browser/browser.sh +++ b/test/browser/browser.sh @@ -49,25 +49,27 @@ for retry in $(seq 5); do sleep $((5 * retry * retry)) done +CONTAINER="$(cat .cockpit-ci/container)" + +# import the test CONTAINER image as a directory tree for nspawn +mkdir /var/tmp/tasks +podman export "$(podman create --name tasks-import $CONTAINER)" | tar -x -C /var/tmp/tasks +podman rm tasks-import +podman rmi $CONTAINER + # image setup, shared with upstream tests sh -x test/vm.install systemctl enable --now cockpit.socket podman.socket # Run tests in the cockpit tasks container, as unprivileged user -CONTAINER="$(cat .cockpit-ci/container)" - -# Use docker to avoid the tests killing the tasks container itself -# docker doesn't have --volume=,U so we have to apply hax +# Use nspawn to avoid the tests killing the tasks container itself chown -R 1111:1111 "${TMT_TEST_DATA}" . -systemctl start docker -exec docker \ - run \ - --rm \ - --shm-size=1024m \ - --security-opt=label=disable \ - --volume="${TMT_TEST_DATA}":/logs:rw --env=LOGS=/logs \ - --volume="$(pwd)":/source:rw --env=SOURCE=/source \ - --name=cockpit-tasks \ - "${CONTAINER}" \ - sh /source/test/browser/run-test.sh "$@" + +SYSTEMD_SECCOMP=0 systemd-nspawn \ + -D /var/tmp/tasks/ \ + --ephemeral \ + --user user \ + --bind="${TMT_TEST_DATA}":/logs --setenv=LOGS=/logs \ + --bind="$(pwd)":/source:rw --setenv=SOURCE=/source \ + sh /source/test/browser/run-test.sh "$@" diff --git a/test/browser/main.fmf b/test/browser/main.fmf index dfa81e826..e0fcac878 100644 --- a/test/browser/main.fmf +++ b/test/browser/main.fmf @@ -1,5 +1,5 @@ require: - - docker + - systemd-container - cockpit-podman - cockpit-ws - cockpit-system diff --git a/test/browser/run-test.sh b/test/browser/run-test.sh index 3326bbc3c..70bd431f2 100644 --- a/test/browser/run-test.sh +++ b/test/browser/run-test.sh @@ -42,12 +42,11 @@ EXCLUDES="" echo "TEST_ALLOW_JOURNAL_MESSAGES: ${TEST_ALLOW_JOURNAL_MESSAGES:-}" echo "TEST_AUDIT_NO_SELINUX: ${TEST_AUDIT_NO_SELINUX:-}" -GATEWAY="$(python3 -c 'import socket; print(socket.gethostbyname("_gateway"))')" RC=0 ./test/common/run-tests \ --nondestructive \ - --machine "${GATEWAY}":22 \ - --browser "${GATEWAY}":9090 \ + --machine localhost:22 \ + --browser localhost:9090 \ $TESTS \ $EXCLUDES \ || RC=$?