summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--Makefile158
-rw-r--r--images/Makefile7
-rw-r--r--images/basic/hostoverlaytest/Dockerfile (renamed from images/hostoverlaytest/Dockerfile)0
-rw-r--r--images/basic/hostoverlaytest/test.c (renamed from images/hostoverlaytest/test.c)0
-rw-r--r--images/basic/hostoverlaytest/testfile.txt (renamed from images/hostoverlaytest/testfile.txt)0
-rw-r--r--images/basic/tmpfile/Dockerfile (renamed from images/tmpfile/Dockerfile)0
-rw-r--r--pkg/test/criutil/criutil.go8
-rw-r--r--test/e2e/integration_test.go29
-rw-r--r--test/image/image_test.go21
-rw-r--r--test/packetdrill/defs.bzl12
-rw-r--r--test/packetimpact/runner/defs.bzl15
-rw-r--r--test/root/crictl_test.go7
-rw-r--r--tools/bazel.mk27
13 files changed, 212 insertions, 72 deletions
diff --git a/Makefile b/Makefile
index 599cb350f..9806e9901 100644
--- a/Makefile
+++ b/Makefile
@@ -14,6 +14,10 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+# Helpful pretty-printer.
+MAKEBANNER := \033[1;34mmake\033[0m
+submake = echo -e '$(MAKEBANNER) $1' >&2; sh -c '$(MAKE) $1'
+
# Described below.
OPTIONS :=
STARTUP_OPTIONS :=
@@ -85,7 +89,7 @@ endif
##
define images
$(1)-%: ## Image tool: $(1) a given image (also may use 'all-images').
- @$(MAKE) -C images $$@
+ @$(call submake,-C images $$@)
endef
rebuild-...: ## Rebuild the given image. Also may use 'rebuild-all-images'.
$(eval $(call images,rebuild))
@@ -96,7 +100,7 @@ $(eval $(call images,push))
load-...: ## Load (pull or rebuild) the given image. Also may use 'load-all-images'.
$(eval $(call images,load))
list-images: ## List all available images.
- @$(MAKE) -C images $$@
+ @$(call submake, -C images $$@)
##
## Canonical build and test targets.
@@ -106,21 +110,113 @@ list-images: ## List all available images.
## new subsystem or workflow, consider adding a new target here.
##
runsc: ## Builds the runsc binary.
- @$(MAKE) build TARGETS="//runsc"
+ @$(call submake,build OPTIONS="-c opt" TARGETS="//runsc")
.PHONY: runsc
+debian: ## Builds the debian packages.
+ @$(call submake,build OPTIONS="-c opt" TARGETS="//runsc:runsc-debian")
+.PHONY: debian
+
smoke-test: ## Runs a simple smoke test after build runsc.
- @$(MAKE) run DOCKER_PRIVILEGED="" ARGS="--alsologtostderr --network none --debug --TESTONLY-unsafe-nonroot=true --rootless do true"
+ @$(call submake,run DOCKER_PRIVILEGED="" ARGS="--alsologtostderr --network none --debug --TESTONLY-unsafe-nonroot=true --rootless do true")
.PHONY: smoke-tests
-unit-tests: ## Runs all unit tests in pkg runsc and tools.
- @$(MAKE) test OPTIONS="pkg/... runsc/... tools/..."
-.PHONY: unit-tests
+unit-tests: ## Local package unit tests in pkg/..., runsc/, tools/.., etc.
+ @$(call submake,test TARGETS="pkg/... runsc/... tools/... benchmarks/... benchmarks/runner:runner_test")
-tests: ## Runs all local ptrace system call tests.
- @$(MAKE) test OPTIONS="--test_tag_filters runsc_ptrace test/syscalls/..."
+tests: ## Runs all unit tests and syscall tests.
+tests: unit-tests
+ @$(call submake,test TARGETS="test/syscalls/...")
.PHONY: tests
+
+integration-tests: ## Run all standard integration tests.
+integration-tests: docker-tests overlay-tests hostnet-tests swgso-tests
+integration-tests: do-tests kvm-tests root-tests containerd-tests
+.PHONY: integration-tests
+
+network-tests: ## Run all networking integration tests.
+network-tests: iptables-tests packetdrill-tests packetimpact-tests
+.PHONY: network-tests
+
+# Standard integration targets.
+INTEGRATION_TARGETS := //test/image:image_test //test/e2e:integration_test
+
+syscall-%-tests:
+ @$(call submake,test OPTIONS="--test_tag_filters runsc_$* test/syscalls/...")
+
+syscall-native-tests:
+ @$(call submake,test OPTIONS="--test_tag_filters native test/syscalls/...")
+.PHONY: syscall-native-tests
+
+syscall-tests: ## Run all system call tests.
+syscall-tests: syscall-ptrace-tests syscall-kvm-tests syscall-native-tests
+.PHONY: syscall-tests
+
+%-runtime-tests: load-runtimes_%
+ @$(call submake,install-test-runtime)
+ @$(call submake,test-runtime TARGETS="//test/runtimes:$*")
+
+do-tests: runsc
+ @$(call submake,run TARGETS="//runsc" ARGS="--rootless do true")
+ @$(call submake,run TARGETS="//runsc" ARGS="--rootless -network=none do true")
+ @$(call submake,sudo TARGETS="//runsc" ARGS="do true")
+.PHONY: do-tests
+
+simple-tests: unit-tests # Compatibility target.
+.PHONY: simple-tests
+
+docker-tests: load-basic-images
+ @$(call submake,install-test-runtime RUNTIME="vfs1")
+ @$(call submake,test-runtime RUNTIME="vfs1" TARGETS="$(INTEGRATION_TARGETS)")
+ @$(call submake,install-test-runtime RUNTIME="vfs2" ARGS="--vfs2")
+ @$(call submake,test-runtime RUNTIME="vfs2" OPTIONS="--test_filter=.*TestHelloWorld" TARGETS="$(INTEGRATION_TARGETS)")
+.PHONY: docker-tests
+
+overlay-tests: load-basic-images
+ @$(call submake,install-test-runtime RUNTIME="overlay" ARGS="--overlay")
+ @$(call submake,test-runtime RUNTIME="overlay" TARGETS="$(INTEGRATION_TARGETS)")
+.PHONY: overlay-tests
+
+swgso-tests: load-basic-images
+ @$(call submake,install-test-runtime RUNTIME="swgso" ARGS="--software-gso=true --gso=false")
+ @$(call submake,test-runtime RUNTIME="swgso" TARGETS="$(INTEGRATION_TARGETS)")
+.PHONY: swgso-tests
+
+hostnet-tests: load-basic-images
+ @$(call submake,install-test-runtime RUNTIME="hostnet" ARGS="--network=host")
+ @$(call submake,test-runtime RUNTIME="hostnet" OPTIONS="--test_arg=-checkpoint=false" TARGETS="$(INTEGRATION_TARGETS)")
+.PHONY: hostnet-tests
+
+kvm-tests: load-basic-images
+ @(lsmod | grep -E '^(kvm_intel|kvm_amd)') || sudo modprobe kvm
+ @if ! [[ -w /dev/kvm ]]; then sudo chmod a+rw /dev/kvm; fi
+ @$(call submake,test TARGETS="//pkg/sentry/platform/kvm:kvm_test")
+ @$(call submake,install-test-runtime RUNTIME="kvm" ARGS="--platform=kvm")
+ @$(call submake,test-runtime RUNTIME="kvm" TARGETS="$(INTEGRATION_TARGETS)")
+.PHONY: kvm-tests
+
+iptables-tests: load-iptables
+ @$(call submake,test-runtime RUNTIME="runc" TARGETS="//test/iptables:iptables_test")
+ @$(call submake,install-test-runtime RUNTIME="iptables" ARGS="--net-raw")
+ @$(call submake,test-runtime RUNTIME="iptables" TARGETS="//test/iptables:iptables_test")
+.PHONY: iptables-tests
+
+packetdrill-tests: load-packetdrill
+ @$(call submake,install-test-runtime RUNTIME="packetdrill")
+ @$(call submake,test-runtime RUNTIME="packetdrill" TARGETS="$(shell $(MAKE) query TARGETS='attr(tags, packetdrill, tests(//...))')")
+.PHONY: packetdrill-tests
+
+packetimpact-tests: load-packetimpact
+ @$(call submake,install-test-runtime RUNTIME="packetimpact")
+ @$(call submake,test-runtime RUNTIME="packetimpact" TARGETS="$(shell $(MAKE) query TARGETS='attr(tags, packetimpact, tests(//...))')")
+.PHONY: packetimpact-tests
+
+root-tests: load-basic-images
+ @$(call submake,install-test-runtime)
+ @$(call submake,sudo TARGETS="//test/root:root_test" ARGS="-test.v")
+.PHONY: test-root
+
# Specific containerd version tests.
containerd-test-%: load-basic_alpine load-basic_python load-basic_busybox load-basic_resolv load-basic_httpd install-test-runtime
@CONTAINERD_VERSION=$* $(MAKE) sudo TARGETS="tools/installers:containerd"
@@ -154,7 +250,7 @@ WEBSITE_PROJECT := gvisordev
WEBSITE_REGION := us-central1
website-build: load-jekyll ## Build the site image locally.
- @$(MAKE) run TARGETS="//website:website"
+ @$(call submake,run TARGETS="//website:website")
.PHONY: website-build
website-server: website-build ## Run a local server for development.
@@ -205,8 +301,8 @@ $(RELEASE_KEY):
release: $(RELEASE_KEY) ## Builds a release.
@mkdir -p $(RELEASE_ROOT)
@T=$$(mktemp -d /tmp/release.XXXXXX); \
- $(MAKE) copy TARGETS="runsc" DESTINATION=$$T && \
- $(MAKE) copy TARGETS="runsc:runsc-debian" DESTINATION=$$T && \
+ $(call submake,copy TARGETS="runsc" DESTINATION=$$T) && \
+ $(call submake,copy TARGETS="runsc:runsc-debian" DESTINATION=$$T) && \
NIGHTLY=$(RELEASE_NIGHTLY) tools/make_release.sh $(RELEASE_KEY) $(RELEASE_ROOT) $$T/*; \
rc=$$?; rm -rf $$T; exit $$rc
.PHONY: release
@@ -229,43 +325,47 @@ tag: ## Creates and pushes a release tag.
##
ifeq (,$(BRANCH_NAME))
RUNTIME := runsc
-RUNTIME_DIR := $(shell dirname $(shell mktemp -u))/runsc
+RUNTIME_DIR := $(shell dirname $(shell mktemp -u))/$(RUNTIME)
else
RUNTIME := $(BRANCH_NAME)
-RUNTIME_DIR := $(shell dirname $(shell mktemp -u))/$(BRANCH_NAME)
+RUNTIME_DIR := $(shell dirname $(shell mktemp -u))/$(RUNTIME)
endif
RUNTIME_BIN := $(RUNTIME_DIR)/runsc
RUNTIME_LOG_DIR := $(RUNTIME_DIR)/logs
RUNTIME_LOGS := $(RUNTIME_LOG_DIR)/runsc.log.%TEST%.%TIMESTAMP%.%COMMAND%
dev: ## Installs a set of local runtimes. Requires sudo.
- @$(MAKE) refresh ARGS="--net-raw"
- @$(MAKE) configure RUNTIME="$(RUNTIME)" ARGS="--net-raw"
- @$(MAKE) configure RUNTIME="$(RUNTIME)-d" ARGS="--net-raw --debug --strace --log-packets"
- @$(MAKE) configure RUNTIME="$(RUNTIME)-p" ARGS="--net-raw --profile"
- @$(MAKE) configure RUNTIME="$(RUNTIME)-vfs2-d" ARGS="--net-raw --debug --strace --log-packets --vfs2"
+ @$(call submake,refresh ARGS="--net-raw")
+ @$(call submake,configure RUNTIME="$(RUNTIME)" ARGS="--net-raw")
+ @$(call submake,configure RUNTIME="$(RUNTIME)-d" ARGS="--net-raw --debug --strace --log-packets")
+ @$(call submake,configure RUNTIME="$(RUNTIME)-p" ARGS="--net-raw --profile")
+ @$(call submake,configure RUNTIME="$(RUNTIME)-vfs2-d" ARGS="--net-raw --debug --strace --log-packets --vfs2")
@sudo systemctl restart docker
.PHONY: dev
-refresh: ## Refreshes the runtime binary (for development only). Must have called 'dev' or 'test-install' first.
+refresh: ## Refreshes the runtime binary (for development only). Must have called 'dev' or 'install-test-runtime' first.
@mkdir -p "$(RUNTIME_DIR)"
- @$(MAKE) copy TARGETS=runsc DESTINATION="$(RUNTIME_BIN)"
+ @$(call submake,copy TARGETS=runsc DESTINATION="$(RUNTIME_BIN)")
.PHONY: install
install-test-runtime: ## Installs the runtime for testing. Requires sudo.
- @$(MAKE) refresh ARGS="--net-raw --TESTONLY-test-name-env=RUNSC_TEST_NAME --debug --strace --log-packets $(ARGS)"
- @$(MAKE) configure RUNTIME=runsc
- @$(MAKE) configure
+ @$(call submake,refresh ARGS="--net-raw --TESTONLY-test-name-env=RUNSC_TEST_NAME --debug --strace --log-packets $(ARGS)")
+ @$(call submake,configure RUNTIME=runsc)
+ @$(call submake,configure)
@sudo systemctl restart docker
+ @if [[ -f /etc/docker/daemon.json ]]; then \
+ sudo chmod 0755 /etc/docker && \
+ sudo chmod 0644 /etc/docker/daemon.json; \
+ fi
.PHONY: install-test-runtime
-configure: ## Configures a single runtime. Requires sudo. Typically called from dev or test-install.
+configure: ## Configures a single runtime. Requires sudo. Typically called from dev or install-test-runtime.
@sudo sudo "$(RUNTIME_BIN)" install --experimental=true --runtime="$(RUNTIME)" -- --debug-log "$(RUNTIME_LOGS)" $(ARGS)
- @echo "Installed runtime \"$(RUNTIME)\" @ $(RUNTIME_BIN)"
- @echo "Logs are in: $(RUNTIME_LOG_DIR)"
+ @echo -e "$(INFO) Installed runtime \"$(RUNTIME)\" @ $(RUNTIME_BIN)"
+ @echo -e "$(INFO) Logs are in: $(RUNTIME_LOG_DIR)"
@sudo rm -rf "$(RUNTIME_LOG_DIR)" && mkdir -p "$(RUNTIME_LOG_DIR)"
.PHONY: configure
test-runtime: ## A convenient wrapper around test that provides the runtime argument. Target must still be provided.
- @$(MAKE) test OPTIONS="$(OPTIONS) --test_arg=--runtime=$(RUNTIME)"
-.PHONY: runtime-test
+ @$(call submake,test OPTIONS="$(OPTIONS) --test_output=streamed --test_arg=--runtime=$(RUNTIME)")
+.PHONY: test-runtime
diff --git a/images/Makefile b/images/Makefile
index 1485607bd..9de359a28 100644
--- a/images/Makefile
+++ b/images/Makefile
@@ -34,8 +34,15 @@ list-all-images:
@for image in $(ALL_IMAGES); do echo $${image}; done
.PHONY: list-build-images
+# Handy wrapper to allow load-all-images, push-all-images, etc.
%-all-images:
@$(MAKE) $(patsubst %,$*-%,$(ALL_IMAGES))
+load-all-images:
+ @$(MAKE) $(patsubst %,load-%,$(ALL_IMAGES))
+
+# Handy wrapper to load specified "groups", e.g. load-basic-images, etc.
+load-%-images:
+ @$(MAKE) $(patsubst %,load-%,$(subst /,_,$(subst ./,,$(shell find ./$* -name Dockerfile -exec dirname {} \;))))
# tag is a function that returns the tag name, given an image.
#
diff --git a/images/hostoverlaytest/Dockerfile b/images/basic/hostoverlaytest/Dockerfile
index d83439e9c..d83439e9c 100644
--- a/images/hostoverlaytest/Dockerfile
+++ b/images/basic/hostoverlaytest/Dockerfile
diff --git a/images/hostoverlaytest/test.c b/images/basic/hostoverlaytest/test.c
index 088f90746..088f90746 100644
--- a/images/hostoverlaytest/test.c
+++ b/images/basic/hostoverlaytest/test.c
diff --git a/images/hostoverlaytest/testfile.txt b/images/basic/hostoverlaytest/testfile.txt
index e4188c841..e4188c841 100644
--- a/images/hostoverlaytest/testfile.txt
+++ b/images/basic/hostoverlaytest/testfile.txt
diff --git a/images/tmpfile/Dockerfile b/images/basic/tmpfile/Dockerfile
index e3816c8cb..e3816c8cb 100644
--- a/images/tmpfile/Dockerfile
+++ b/images/basic/tmpfile/Dockerfile
diff --git a/pkg/test/criutil/criutil.go b/pkg/test/criutil/criutil.go
index 66f10c016..70945f234 100644
--- a/pkg/test/criutil/criutil.go
+++ b/pkg/test/criutil/criutil.go
@@ -40,9 +40,9 @@ type Crictl struct {
cleanup []func()
}
-// resolvePath attempts to find binary paths. It may set the path to invalid,
+// ResolvePath attempts to find binary paths. It may set the path to invalid,
// which will cause the execution to fail with a sensible error.
-func resolvePath(executable string) string {
+func ResolvePath(executable string) string {
runtime, err := dockerutil.RuntimePath()
if err == nil {
// Check first the directory of the runtime itself.
@@ -230,7 +230,7 @@ func (cc *Crictl) Import(image string) error {
// be pushing a lot of bytes in order to import the image. The connect
// timeout stays the same and is inherited from the Crictl instance.
cmd := testutil.Command(cc.logger,
- resolvePath("ctr"),
+ ResolvePath("ctr"),
fmt.Sprintf("--connect-timeout=%s", 30*time.Second),
fmt.Sprintf("--address=%s", cc.endpoint),
"-n", "k8s.io", "images", "import", "-")
@@ -358,7 +358,7 @@ func (cc *Crictl) StopPodAndContainer(podID, contID string) error {
// run runs crictl with the given args.
func (cc *Crictl) run(args ...string) (string, error) {
defaultArgs := []string{
- resolvePath("crictl"),
+ ResolvePath("crictl"),
"--image-endpoint", fmt.Sprintf("unix://%s", cc.endpoint),
"--runtime-endpoint", fmt.Sprintf("unix://%s", cc.endpoint),
}
diff --git a/test/e2e/integration_test.go b/test/e2e/integration_test.go
index 5a9455b33..ef42b689a 100644
--- a/test/e2e/integration_test.go
+++ b/test/e2e/integration_test.go
@@ -40,6 +40,9 @@ import (
"gvisor.dev/gvisor/pkg/test/testutil"
)
+// defaultWait is the default wait time used for tests.
+const defaultWait = time.Minute
+
// httpRequestSucceeds sends a request to a given url and checks that the status is OK.
func httpRequestSucceeds(client http.Client, server string, port int) error {
url := fmt.Sprintf("http://%s:%d", server, port)
@@ -76,10 +79,10 @@ func TestLifeCycle(t *testing.T) {
if err != nil {
t.Fatalf("docker.FindPort(80) failed: %v", err)
}
- if err := testutil.WaitForHTTP(port, 30*time.Second); err != nil {
+ if err := testutil.WaitForHTTP(port, defaultWait); err != nil {
t.Fatalf("WaitForHTTP() timeout: %v", err)
}
- client := http.Client{Timeout: time.Duration(2 * time.Second)}
+ client := http.Client{Timeout: defaultWait}
if err := httpRequestSucceeds(client, "localhost", port); err != nil {
t.Errorf("http request failed: %v", err)
}
@@ -116,12 +119,12 @@ func TestPauseResume(t *testing.T) {
}
// Wait until it's up and running.
- if err := testutil.WaitForHTTP(port, 30*time.Second); err != nil {
+ if err := testutil.WaitForHTTP(port, defaultWait); err != nil {
t.Fatalf("WaitForHTTP() timeout: %v", err)
}
// Check that container is working.
- client := http.Client{Timeout: time.Duration(2 * time.Second)}
+ client := http.Client{Timeout: defaultWait}
if err := httpRequestSucceeds(client, "localhost", port); err != nil {
t.Error("http request failed:", err)
}
@@ -131,6 +134,7 @@ func TestPauseResume(t *testing.T) {
}
// Check if container is paused.
+ client = http.Client{Timeout: 10 * time.Millisecond} // Don't wait a minute.
switch _, err := client.Get(fmt.Sprintf("http://localhost:%d", port)); v := err.(type) {
case nil:
t.Errorf("http req expected to fail but it succeeded")
@@ -147,11 +151,12 @@ func TestPauseResume(t *testing.T) {
}
// Wait until it's up and running.
- if err := testutil.WaitForHTTP(port, 30*time.Second); err != nil {
+ if err := testutil.WaitForHTTP(port, defaultWait); err != nil {
t.Fatalf("WaitForHTTP() timeout: %v", err)
}
// Check if container is working again.
+ client = http.Client{Timeout: defaultWait}
if err := httpRequestSucceeds(client, "localhost", port); err != nil {
t.Error("http request failed:", err)
}
@@ -178,12 +183,12 @@ func TestCheckpointRestore(t *testing.T) {
if err := d.Checkpoint(ctx, "test"); err != nil {
t.Fatalf("docker checkpoint failed: %v", err)
}
- if err := d.WaitTimeout(ctx, 30*time.Second); err != nil {
+ if err := d.WaitTimeout(ctx, defaultWait); err != nil {
t.Fatalf("wait failed: %v", err)
}
// TODO(b/143498576): Remove Poll after github.com/moby/moby/issues/38963 is fixed.
- if err := testutil.Poll(func() error { return d.Restore(ctx, "test") }, 15*time.Second); err != nil {
+ if err := testutil.Poll(func() error { return d.Restore(ctx, "test") }, defaultWait); err != nil {
t.Fatalf("docker restore failed: %v", err)
}
@@ -194,12 +199,12 @@ func TestCheckpointRestore(t *testing.T) {
}
// Wait until it's up and running.
- if err := testutil.WaitForHTTP(port, 30*time.Second); err != nil {
+ if err := testutil.WaitForHTTP(port, defaultWait); err != nil {
t.Fatalf("WaitForHTTP() timeout: %v", err)
}
// Check if container is working again.
- client := http.Client{Timeout: time.Duration(2 * time.Second)}
+ client := http.Client{Timeout: defaultWait}
if err := httpRequestSucceeds(client, "localhost", port); err != nil {
t.Error("http request failed:", err)
}
@@ -236,7 +241,7 @@ func TestConnectToSelf(t *testing.T) {
if want := "server\n"; reply != want {
t.Errorf("Error on server, want: %q, got: %q", want, reply)
}
- if _, err := d.WaitForOutput(ctx, "^client\n$", 1*time.Second); err != nil {
+ if _, err := d.WaitForOutput(ctx, "^client\n$", defaultWait); err != nil {
t.Fatalf("docker.WaitForOutput(client) timeout: %v", err)
}
}
@@ -375,7 +380,7 @@ func TestTmpFile(t *testing.T) {
d := dockerutil.MakeContainer(ctx, t)
defer d.CleanUp(ctx)
- opts := dockerutil.RunOpts{Image: "tmpfile"}
+ opts := dockerutil.RunOpts{Image: "basic/tmpfile"}
got, err := d.Run(ctx, opts, "cat", "/tmp/foo/file.txt")
if err != nil {
t.Fatalf("docker run failed: %v", err)
@@ -427,7 +432,7 @@ func TestHostOverlayfsCopyUp(t *testing.T) {
defer d.CleanUp(ctx)
if _, err := d.Run(ctx, dockerutil.RunOpts{
- Image: "hostoverlaytest",
+ Image: "basic/hostoverlaytest",
WorkDir: "/root",
}, "./test"); err != nil {
t.Fatalf("docker run failed: %v", err)
diff --git a/test/image/image_test.go b/test/image/image_test.go
index 8aa78035f..ac6186688 100644
--- a/test/image/image_test.go
+++ b/test/image/image_test.go
@@ -37,6 +37,13 @@ import (
"gvisor.dev/gvisor/pkg/test/testutil"
)
+// defaultWait defines how long to wait for progress.
+//
+// See BUILD: This is at least a "large" test, so allow up to 1 minute for any
+// given "wait" step. Note that all tests are run in parallel, which may cause
+// individual slow-downs (but a huge speed-up in aggregate).
+const defaultWait = time.Minute
+
func TestHelloWorld(t *testing.T) {
ctx := context.Background()
d := dockerutil.MakeContainer(ctx, t)
@@ -130,7 +137,7 @@ func TestHttpd(t *testing.T) {
}
// Wait until it's up and running.
- if err := testutil.WaitForHTTP(port, 30*time.Second); err != nil {
+ if err := testutil.WaitForHTTP(port, defaultWait); err != nil {
t.Errorf("WaitForHTTP() timeout: %v", err)
}
@@ -159,7 +166,7 @@ func TestNginx(t *testing.T) {
}
// Wait until it's up and running.
- if err := testutil.WaitForHTTP(port, 30*time.Second); err != nil {
+ if err := testutil.WaitForHTTP(port, defaultWait); err != nil {
t.Errorf("WaitForHTTP() timeout: %v", err)
}
@@ -180,7 +187,7 @@ func TestMysql(t *testing.T) {
}
// Wait until it's up and running.
- if _, err := server.WaitForOutput(ctx, "port: 3306 MySQL Community Server", 3*time.Minute); err != nil {
+ if _, err := server.WaitForOutput(ctx, "port: 3306 MySQL Community Server", defaultWait); err != nil {
t.Fatalf("WaitForOutput() timeout: %v", err)
}
@@ -200,7 +207,7 @@ func TestMysql(t *testing.T) {
}
// Ensure file executed to the end and shutdown mysql.
- if _, err := server.WaitForOutput(ctx, "mysqld: Shutdown complete", 30*time.Second); err != nil {
+ if _, err := server.WaitForOutput(ctx, "mysqld: Shutdown complete", defaultWait); err != nil {
t.Fatalf("WaitForOutput() timeout: %v", err)
}
}
@@ -225,7 +232,7 @@ func TestTomcat(t *testing.T) {
}
// Wait until it's up and running.
- if err := testutil.WaitForHTTP(port, 30*time.Second); err != nil {
+ if err := testutil.WaitForHTTP(port, defaultWait); err != nil {
t.Fatalf("WaitForHTTP() timeout: %v", err)
}
@@ -262,7 +269,7 @@ func TestRuby(t *testing.T) {
}
// Wait until it's up and running, 'gem install' can take some time.
- if err := testutil.WaitForHTTP(port, 1*time.Minute); err != nil {
+ if err := testutil.WaitForHTTP(port, time.Minute); err != nil {
t.Fatalf("WaitForHTTP() timeout: %v", err)
}
@@ -299,7 +306,7 @@ func TestStdio(t *testing.T) {
}
for _, want := range []string{wantStdout, wantStderr} {
- if _, err := d.WaitForOutput(ctx, want, 5*time.Second); err != nil {
+ if _, err := d.WaitForOutput(ctx, want, defaultWait); err != nil {
t.Fatalf("docker didn't get output %q : %v", want, err)
}
}
diff --git a/test/packetdrill/defs.bzl b/test/packetdrill/defs.bzl
index f499c177b..fc28ce9ba 100644
--- a/test/packetdrill/defs.bzl
+++ b/test/packetdrill/defs.bzl
@@ -26,7 +26,7 @@ def _packetdrill_test_impl(ctx):
transitive_files = depset()
if hasattr(ctx.attr._test_runner, "data_runfiles"):
- transitive_files = depset(ctx.attr._test_runner.data_runfiles.files)
+ transitive_files = ctx.attr._test_runner.data_runfiles.files
runfiles = ctx.runfiles(
files = [test_runner] + ctx.files._init_script + ctx.files.scripts,
transitive_files = transitive_files,
@@ -60,11 +60,15 @@ _packetdrill_test = rule(
implementation = _packetdrill_test_impl,
)
-_PACKETDRILL_TAGS = ["local", "manual"]
+PACKETDRILL_TAGS = [
+ "local",
+ "manual",
+ "packetdrill",
+]
def packetdrill_linux_test(name, **kwargs):
if "tags" not in kwargs:
- kwargs["tags"] = _PACKETDRILL_TAGS
+ kwargs["tags"] = PACKETDRILL_TAGS
_packetdrill_test(
name = name,
flags = ["--dut_platform", "linux"],
@@ -73,7 +77,7 @@ def packetdrill_linux_test(name, **kwargs):
def packetdrill_netstack_test(name, **kwargs):
if "tags" not in kwargs:
- kwargs["tags"] = _PACKETDRILL_TAGS
+ kwargs["tags"] = PACKETDRILL_TAGS
_packetdrill_test(
name = name,
# This is the default runtime unless
diff --git a/test/packetimpact/runner/defs.bzl b/test/packetimpact/runner/defs.bzl
index 77cdfea12..79b3c9162 100644
--- a/test/packetimpact/runner/defs.bzl
+++ b/test/packetimpact/runner/defs.bzl
@@ -55,7 +55,11 @@ _packetimpact_test = rule(
implementation = _packetimpact_test_impl,
)
-PACKETIMPACT_TAGS = ["local", "manual"]
+PACKETIMPACT_TAGS = [
+ "local",
+ "manual",
+ "packetimpact",
+]
def packetimpact_linux_test(
name,
@@ -75,7 +79,7 @@ def packetimpact_linux_test(
name = name + "_linux_test",
testbench_binary = testbench_binary,
flags = ["--dut_platform", "linux"] + expect_failure_flag,
- tags = PACKETIMPACT_TAGS + ["packetimpact"],
+ tags = PACKETIMPACT_TAGS,
**kwargs
)
@@ -101,7 +105,7 @@ def packetimpact_netstack_test(
# This is the default runtime unless
# "--test_arg=--runtime=OTHER_RUNTIME" is used to override the value.
flags = ["--dut_platform", "netstack", "--runtime=runsc-d"] + expect_failure_flag,
- tags = PACKETIMPACT_TAGS + ["packetimpact"],
+ tags = PACKETIMPACT_TAGS,
**kwargs
)
@@ -121,7 +125,10 @@ def packetimpact_go_test(name, size = "small", pure = True, expect_linux_failure
name = testbench_binary,
size = size,
pure = pure,
- tags = PACKETIMPACT_TAGS,
+ tags = [
+ "local",
+ "manual",
+ ],
**kwargs
)
packetimpact_linux_test(
diff --git a/test/root/crictl_test.go b/test/root/crictl_test.go
index 193705ab8..df91fa0fe 100644
--- a/test/root/crictl_test.go
+++ b/test/root/crictl_test.go
@@ -405,11 +405,8 @@ func setup(t *testing.T, version string) (*criutil.Crictl, func(), error) {
}
// We provide the shim, followed by the runtime, and then a
- // temporary root directory. Note that we can safely assume
- // that the shim has been installed in the same directory as
- // the runtime (for test installs and for normal installs).
- // Since this is v1, the binary name will be fixed.
- config = fmt.Sprintf(v1Template, path.Join(runtimeDir, "gvisor-containerd-shim"), runtime, runtimeDir)
+ // temporary root directory.
+ config = fmt.Sprintf(v1Template, criutil.ResolvePath("gvisor-containerd-shim"), runtime, containerdRoot)
case v2:
// This is only supported past 1.2.
if major < 1 || (major == 1 && minor <= 1) {
diff --git a/tools/bazel.mk b/tools/bazel.mk
index 9e02af8dc..b6f23fe7e 100644
--- a/tools/bazel.mk
+++ b/tools/bazel.mk
@@ -23,11 +23,18 @@ BRANCH_NAME := $(shell (git branch --show-current 2>/dev/null || \
USER ?= gvisor
HASH ?= $(shell readlink -m $(CURDIR) | md5sum | cut -c1-8)
DOCKER_NAME ?= gvisor-bazel-$(HASH)
-DOCKER_PRIVILEGED ?= --privileged
+DOCKER_PRIVILEGED ?= --privileged --network host
BAZEL_CACHE := $(shell readlink -m ~/.cache/bazel/)
GCLOUD_CONFIG := $(shell readlink -m ~/.config/gcloud/)
DOCKER_SOCKET := /var/run/docker.sock
+# Bazel flags.
+OPTIONS += --test_output=errors --keep_going --verbose_failures=true
+ifneq ($(AUTH_CREDENTIALS),)
+OPTIONS += --auth_credentials=${AUTH_CREDENTIALS} --config=remote
+endif
+BAZEL := bazel $(STARTUP_OPTIONS)
+
# Non-configurable.
UID := $(shell id -u ${USER})
GID := $(shell id -g ${USER})
@@ -38,6 +45,7 @@ FULL_DOCKER_RUN_OPTIONS += -v "$(GCLOUD_CONFIG):$(GCLOUD_CONFIG)"
FULL_DOCKER_RUN_OPTIONS += -v "/tmp:/tmp"
ifneq ($(DOCKER_PRIVILEGED),)
FULL_DOCKER_RUN_OPTIONS += -v "$(DOCKER_SOCKET):$(DOCKER_SOCKET)"
+FULL_DOCKER_RUN_OPTIONS += $(DOCKER_PRIVILEGED)
DOCKER_GROUP := $(shell stat -c '%g' $(DOCKER_SOCKET))
ifneq ($(GID),$(DOCKER_GROUP))
USERADD_OPTIONS += --groups $(DOCKER_GROUP)
@@ -63,6 +71,7 @@ SHELL=/bin/bash -o pipefail
bazel-server-start: load-default ## Starts the bazel server.
@mkdir -p $(BAZEL_CACHE)
@mkdir -p $(GCLOUD_CONFIG)
+ @if docker ps --all | grep $(DOCKER_NAME); then docker rm $(DOCKER_NAME); fi
docker run -d --rm \
--init \
--name $(DOCKER_NAME) \
@@ -75,14 +84,14 @@ bazel-server-start: load-default ## Starts the bazel server.
sh -c "groupadd --gid $(GID) --non-unique $(USER) && \
$(GROUPADD_DOCKER) \
useradd --uid $(UID) --non-unique --no-create-home --gid $(GID) $(USERADD_OPTIONS) -d $(HOME) $(USER) && \
- bazel version && \
- exec tail --pid=\$$(bazel info server_pid) -f /dev/null"
+ $(BAZEL) version && \
+ exec tail --pid=\$$($(BAZEL) info server_pid) -f /dev/null"
@while :; do if docker logs $(DOCKER_NAME) 2>/dev/null | grep "Build label:" >/dev/null; then break; fi; \
- if ! docker ps | grep $(DOCKER_NAME); then exit 1; else sleep 1; fi; done
+ if ! docker ps | grep $(DOCKER_NAME); then docker logs $(DOCKER_NAME); exit 1; else sleep 1; fi; done
.PHONY: bazel-server-start
bazel-shutdown: ## Shuts down a running bazel server.
- @docker exec --user $(UID):$(GID) $(DOCKER_NAME) bazel shutdown; rc=$$?; docker kill $(DOCKER_NAME) || [[ $$rc -ne 0 ]]
+ @docker exec --user $(UID):$(GID) $(DOCKER_NAME) $(BAZEL) shutdown; rc=$$?; docker kill $(DOCKER_NAME) || [[ $$rc -ne 0 ]]
.PHONY: bazel-shutdown
bazel-alias: ## Emits an alias that can be used within the shell.
@@ -93,7 +102,7 @@ bazel-server: ## Ensures that the server exists. Used as an internal target.
@docker exec $(DOCKER_NAME) true || $(MAKE) bazel-server-start
.PHONY: bazel-server
-build_cmd = docker exec --user $(UID):$(GID) -i $(DOCKER_NAME) sh -o pipefail -c 'bazel $(STARTUP_OPTIONS) build $(OPTIONS) $(TARGETS)'
+build_cmd = docker exec --user $(UID):$(GID) -i $(DOCKER_NAME) sh -o pipefail -c '$(BAZEL) $(STARTUP_OPTIONS) build $(OPTIONS) $(TARGETS)'
build_paths = $(build_cmd) 2>&1 \
| tee /proc/self/fd/2 \
@@ -120,5 +129,9 @@ sudo: bazel-server
.PHONY: sudo
test: bazel-server
- @docker exec --user $(UID):$(GID) -i $(DOCKER_NAME) bazel $(STARTUP_OPTIONS) test $(OPTIONS) $(TARGETS)
+ @docker exec --user $(UID):$(GID) -i $(DOCKER_NAME) $(BAZEL) test $(OPTIONS) $(TARGETS)
.PHONY: test
+
+query: bazel-server
+ @docker exec --user $(UID):$(GID) -i $(DOCKER_NAME) $(BAZEL) query $(OPTIONS) '$(TARGETS)'
+.PHONY: query