From b98e508767333ae17b02e1034641ff6bd5cdd4fa Mon Sep 17 00:00:00 2001
From: wiegratz <wiegratz@uni-bremen.de>
Date: Fri, 15 Mar 2024 23:54:44 +0000
Subject: [PATCH] run nft tests in netns

---
 .github/workflows/rust.yml |  2 +-
 tests/run_nft_tests.sh     | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100755 tests/run_nft_tests.sh

diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
index baa5f26..dd64215 100644
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -26,5 +26,5 @@ jobs:
     - name: Run tests
       run: cargo test --verbose
     - name: Run tests (rootful)
-      run: nft --version; sudo -E $(which cargo) test --verbose -- --ignored
+      run: sudo -E env "PATH=$PATH" $(which cargo) test --verbose -- --ignored
 
diff --git a/tests/run_nft_tests.sh b/tests/run_nft_tests.sh
new file mode 100755
index 0000000..3ef636b
--- /dev/null
+++ b/tests/run_nft_tests.sh
@@ -0,0 +1,18 @@
+#!/bin/sh -e
+NETNS=nft-$(cat /proc/sys/kernel/random/uuid)
+
+function nsexec {
+  ip netns exec $NETNS $@
+}
+
+function cleanup {
+  ip netns delete "$NETNS"
+  exit 0
+}
+trap cleanup EXIT
+
+# create net namespace
+(ip netns ls | grep -Fx "$NETNS" 2>/dev/null) || ip netns add "$NETNS"
+
+nft --version;
+nsexec cargo test --verbose -- --ignored