Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ffi: Adding sysctl test case. #448

Merged
merged 1 commit into from
Jun 2, 2024
Merged

ffi: Adding sysctl test case. #448

merged 1 commit into from
Jun 2, 2024

Conversation

weiwang-linda
Copy link
Contributor

@weiwang-linda weiwang-linda commented May 29, 2024
edited by Yarboa
Loading

Adding a ffi test to execute sysctl inside nested container running on top of QM
resolve #370

Verify attempts to change OS level are denied inside QM container, like below

Setting sysctl parameters...
sysctl: permission denied on key "net.ipv4.ip_forward"
sysctl: permission denied on key "net.ipv4.conf.all.rp_filter"
sysctl: permission denied on key "net.ipv4.tcp_max_syn_backlog"
sysctl: permission denied on key "vm.swappiness"
sysctl: permission denied on key "vm.overcommit_memory"

@weiwang-linda weiwang-linda self-assigned this May 29, 2024
dougsland
dougsland reviewed May 30, 2024
View reviewed changes
tests/ffi/sysctl/test.sh Outdated Show resolved Hide resolved
dougsland
dougsland reviewed May 30, 2024
View reviewed changes
tests/ffi/sysctl/test.sh Outdated Show resolved Hide resolved
@Yarboa
Copy link
Collaborator

Yarboa commented May 30, 2024
edited
Loading

Adding a ffi test to execute sysctl inside nested container running on top of QM. Test with PACKIT_COPR_PROJECT="packit/containers-qm-443", the case run passed.

                out: sysctl: permission denied on key "net.ipv4.ip_forward"
                out: sysctl: permission denied on key "net.ipv4.conf.all.rp_filter"
                out: sysctl: permission denied on key "net.ipv4.tcp_max_syn_backlog"
                out: sysctl: permission denied on key "vm.swappiness"
                out: sysctl: permission denied on key "vm.overcommit_memory"
                out: Shared connection to xx.xx.xx.xxx closed.
        Copy '/var/tmp/tmt/run-003/plans/e2e/ffi/execute/data/guest/default-0/tests/ffi/sysctl-1' from the guest to '/'.
        Extract results of '/tests/ffi/sysctl'.
        Copy '/var/tmp/tmt/run-003/plans/e2e/ffi/execute/data/guest/default-0/tests/ffi/sysctl-1' from the guest to '/'.
                00:02:49 pass /tests/ffi/sysctl (on default-0) [1/1]

        Copy '/var/tmp/tmt/run-003/plans/e2e/ffi/data' from the guest to '/'.
    
        summary: 1 test executed

@weiwang-linda Please add in the description resolve issue_id

@dougsland dougsland mentioned this pull request May 30, 2024
Merged
Yarboa
Yarboa reviewed May 30, 2024
View reviewed changes
Copy link
Collaborator

@Yarboa Yarboa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not understand what needed to be tested.
It should be in description

tests/ffi/sysctl/test.sh Outdated Show resolved Hide resolved
@weiwang-linda
Copy link
Contributor Author

Adding a ffi test to execute sysctl inside nested container running on top of QM. Test with PACKIT_COPR_PROJECT="packit/containers-qm-443", the case run passed.

                out: sysctl: permission denied on key "net.ipv4.ip_forward"
                out: sysctl: permission denied on key "net.ipv4.conf.all.rp_filter"
                out: sysctl: permission denied on key "net.ipv4.tcp_max_syn_backlog"
                out: sysctl: permission denied on key "vm.swappiness"
                out: sysctl: permission denied on key "vm.overcommit_memory"
                out: Shared connection to xx.xx.xx.xxx closed.
        Copy '/var/tmp/tmt/run-003/plans/e2e/ffi/execute/data/guest/default-0/tests/ffi/sysctl-1' from the guest to '/'.
        Extract results of '/tests/ffi/sysctl'.
        Copy '/var/tmp/tmt/run-003/plans/e2e/ffi/execute/data/guest/default-0/tests/ffi/sysctl-1' from the guest to '/'.
                00:02:49 pass /tests/ffi/sysctl (on default-0) [1/1]

        Copy '/var/tmp/tmt/run-003/plans/e2e/ffi/data' from the guest to '/'.
    
        summary: 1 test executed

@weiwang-linda Please add in the description resolve issue_id

Done

@weiwang-linda
Copy link
Contributor Author

I do not understand what needed to be tested. It should be in description

Done!

Yarboa
Yarboa reviewed May 30, 2024
View reviewed changes
Copy link
Collaborator

@Yarboa Yarboa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are issues in TestingFarm,
Please make sure that tests are Passing

tests/ffi/sysctl/test.sh Outdated Show resolved Hide resolved
tests/ffi/sysctl/test.sh Outdated Show resolved Hide resolved
@weiwang-linda weiwang-linda force-pushed the sysctl branch 2 times, most recently from 265b592 to e708dea Compare May 31, 2024 06:26
@weiwang-linda weiwang-linda requested a review from Yarboa May 31, 2024 08:24
Yarboa
Yarboa reviewed May 31, 2024
View reviewed changes
tests/ffi/sysctl/test.sh Outdated Show resolved Hide resolved
@Yarboa
Copy link
Collaborator

Yarboa commented May 31, 2024

/packit tests --identifier e2e-ffi

@weiwang-linda weiwang-linda requested a review from Yarboa May 31, 2024 11:42
@Yarboa
Copy link
Collaborator

Yarboa commented Jun 1, 2024
edited
Loading

/packit test --identifier e2e-ffi

@Yarboa
Copy link
Collaborator

Yarboa commented Jun 1, 2024

/packit test --identifier e2e-tiers

Yarboa
Yarboa approved these changes Jun 1, 2024
View reviewed changes
Copy link
Collaborator

@Yarboa Yarboa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

dougsland
dougsland reviewed Jun 1, 2024
View reviewed changes
tests/ffi/sysctl/test.sh Outdated Show resolved Hide resolved
@weiwang-linda
Add sysctl case for FFI
0a2eb66 
Test case will execute sysctl inside nested container running on top of QM

Jira-URL: https://issues.redhat.com/browse/VROOM-19309
Signed-off-by: weiwang <[email protected]>
Yarboa
Yarboa approved these changes Jun 2, 2024
View reviewed changes
Copy link
Collaborator

@Yarboa Yarboa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Yarboa Yarboa merged commit 27a35df into containers:main Jun 2, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Yarboa Yarboa Yarboa approved these changes

@rhatdan rhatdan Awaiting requested review from rhatdan rhatdan is a code owner

@lsm5 lsm5 Awaiting requested review from lsm5 lsm5 is a code owner

@odra odra Awaiting requested review from odra

@sandrobonazzola sandrobonazzola Awaiting requested review from sandrobonazzola sandrobonazzola is a code owner

@dennisbrendel dennisbrendel Awaiting requested review from dennisbrendel

@priyverm priyverm Awaiting requested review from priyverm

@dougsland dougsland Awaiting requested review from dougsland dougsland is a code owner

Assignees

@weiwang-linda weiwang-linda

Labels
ffi testing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

FFI: create a test case for executing sysctl inside nested container running on top of QM
3 participants
@weiwang-linda @Yarboa @dougsland