1*105f6285SAndroid Build Coastguard Worker# Copyright 2020 Google LLC 2*105f6285SAndroid Build Coastguard Worker# 3*105f6285SAndroid Build Coastguard Worker# Licensed under the Apache License, Version 2.0 (the "License"); 4*105f6285SAndroid Build Coastguard Worker# you may not use this file except in compliance with the License. 5*105f6285SAndroid Build Coastguard Worker# You may obtain a copy of the License at 6*105f6285SAndroid Build Coastguard Worker# 7*105f6285SAndroid Build Coastguard Worker# https://www.apache.org/licenses/LICENSE-2.0 8*105f6285SAndroid Build Coastguard Worker# 9*105f6285SAndroid Build Coastguard Worker# Unless required by applicable law or agreed to in writing, software 10*105f6285SAndroid Build Coastguard Worker# distributed under the License is distributed on an "AS IS" BASIS, 11*105f6285SAndroid Build Coastguard Worker# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*105f6285SAndroid Build Coastguard Worker# See the License for the specific language governing permissions and 13*105f6285SAndroid Build Coastguard Worker# limitations under the License. 14*105f6285SAndroid Build Coastguard Worker 15*105f6285SAndroid Build Coastguard Worker"""Test nsjail.""" 16*105f6285SAndroid Build Coastguard Worker 17*105f6285SAndroid Build Coastguard Workerimport os 18*105f6285SAndroid Build Coastguard Workerimport subprocess 19*105f6285SAndroid Build Coastguard Workerimport tempfile 20*105f6285SAndroid Build Coastguard Workerimport unittest 21*105f6285SAndroid Build Coastguard Workerfrom . import nsjail 22*105f6285SAndroid Build Coastguard Worker 23*105f6285SAndroid Build Coastguard Worker 24*105f6285SAndroid Build Coastguard Workerclass NsjailTest(unittest.TestCase): 25*105f6285SAndroid Build Coastguard Worker 26*105f6285SAndroid Build Coastguard Worker def setUp(self): 27*105f6285SAndroid Build Coastguard Worker nsjail.__file__ = '/' 28*105f6285SAndroid Build Coastguard Worker 29*105f6285SAndroid Build Coastguard Worker def testMinimalParameters(self): 30*105f6285SAndroid Build Coastguard Worker commands = nsjail.run( 31*105f6285SAndroid Build Coastguard Worker nsjail_bin='/bin/true', 32*105f6285SAndroid Build Coastguard Worker chroot='/chroot', 33*105f6285SAndroid Build Coastguard Worker source_dir='/source_dir', 34*105f6285SAndroid Build Coastguard Worker command=['/bin/bash'], 35*105f6285SAndroid Build Coastguard Worker build_target='target_name', 36*105f6285SAndroid Build Coastguard Worker dry_run=True) 37*105f6285SAndroid Build Coastguard Worker self.assertEqual( 38*105f6285SAndroid Build Coastguard Worker commands, 39*105f6285SAndroid Build Coastguard Worker [ 40*105f6285SAndroid Build Coastguard Worker '/bin/true', 41*105f6285SAndroid Build Coastguard Worker '--env', 'USER=nobody', 42*105f6285SAndroid Build Coastguard Worker '--config', '/nsjail.cfg', 43*105f6285SAndroid Build Coastguard Worker '--bindmount', '/source_dir:/src', 44*105f6285SAndroid Build Coastguard Worker '--', '/bin/bash' 45*105f6285SAndroid Build Coastguard Worker ] 46*105f6285SAndroid Build Coastguard Worker ) 47*105f6285SAndroid Build Coastguard Worker 48*105f6285SAndroid Build Coastguard Worker def testSetBadMetaAndroidDir(self): 49*105f6285SAndroid Build Coastguard Worker os.chdir('/') 50*105f6285SAndroid Build Coastguard Worker with self.assertRaises(ValueError): 51*105f6285SAndroid Build Coastguard Worker commands = nsjail.run( 52*105f6285SAndroid Build Coastguard Worker nsjail_bin='/bin/true', 53*105f6285SAndroid Build Coastguard Worker chroot='/chroot', 54*105f6285SAndroid Build Coastguard Worker source_dir='/source_dir', 55*105f6285SAndroid Build Coastguard Worker command=['/bin/bash'], 56*105f6285SAndroid Build Coastguard Worker build_target='target_name', 57*105f6285SAndroid Build Coastguard Worker dry_run=True, 58*105f6285SAndroid Build Coastguard Worker meta_root_dir='/meta/dir', 59*105f6285SAndroid Build Coastguard Worker meta_android_dir='/android/dir') 60*105f6285SAndroid Build Coastguard Worker 61*105f6285SAndroid Build Coastguard Worker def testRedirectStdout(self): 62*105f6285SAndroid Build Coastguard Worker with tempfile.TemporaryFile('w+t') as out: 63*105f6285SAndroid Build Coastguard Worker nsjail.run( 64*105f6285SAndroid Build Coastguard Worker nsjail_bin='/bin/echo', 65*105f6285SAndroid Build Coastguard Worker chroot='/chroot', 66*105f6285SAndroid Build Coastguard Worker source_dir='/source_dir', 67*105f6285SAndroid Build Coastguard Worker command=['/bin/bash'], 68*105f6285SAndroid Build Coastguard Worker build_target='target_name', 69*105f6285SAndroid Build Coastguard Worker stdout=out) 70*105f6285SAndroid Build Coastguard Worker out.seek(0) 71*105f6285SAndroid Build Coastguard Worker stdout = out.read() 72*105f6285SAndroid Build Coastguard Worker args = ('--env USER=nobody --config /nsjail.cfg ' 73*105f6285SAndroid Build Coastguard Worker '--bindmount /source_dir:/src -- /bin/bash') 74*105f6285SAndroid Build Coastguard Worker expected = '\n'.join([args, 'NsJail command:', '/bin/echo '+args])+'\n' 75*105f6285SAndroid Build Coastguard Worker self.assertEqual(stdout, expected) 76*105f6285SAndroid Build Coastguard Worker 77*105f6285SAndroid Build Coastguard Worker def testFailingJailedCommand(self): 78*105f6285SAndroid Build Coastguard Worker with self.assertRaises(RuntimeError): 79*105f6285SAndroid Build Coastguard Worker nsjail.run( 80*105f6285SAndroid Build Coastguard Worker nsjail_bin='/bin/false', 81*105f6285SAndroid Build Coastguard Worker chroot='/chroot', 82*105f6285SAndroid Build Coastguard Worker source_dir='/source_dir', 83*105f6285SAndroid Build Coastguard Worker command=['/bin/bash'], 84*105f6285SAndroid Build Coastguard Worker build_target='target_name') 85*105f6285SAndroid Build Coastguard Worker 86*105f6285SAndroid Build Coastguard Worker def testDist(self): 87*105f6285SAndroid Build Coastguard Worker commands = nsjail.run( 88*105f6285SAndroid Build Coastguard Worker nsjail_bin='/bin/true', 89*105f6285SAndroid Build Coastguard Worker chroot='/chroot', 90*105f6285SAndroid Build Coastguard Worker source_dir='/source_dir', 91*105f6285SAndroid Build Coastguard Worker command=['/bin/bash'], 92*105f6285SAndroid Build Coastguard Worker build_target='target_name', 93*105f6285SAndroid Build Coastguard Worker dist_dir='/dist_dir', 94*105f6285SAndroid Build Coastguard Worker dry_run=True) 95*105f6285SAndroid Build Coastguard Worker self.assertEqual( 96*105f6285SAndroid Build Coastguard Worker commands, 97*105f6285SAndroid Build Coastguard Worker [ 98*105f6285SAndroid Build Coastguard Worker '/bin/true', 99*105f6285SAndroid Build Coastguard Worker '--env', 'USER=nobody', 100*105f6285SAndroid Build Coastguard Worker '--config', '/nsjail.cfg', 101*105f6285SAndroid Build Coastguard Worker '--env', 'DIST_DIR=/dist', 102*105f6285SAndroid Build Coastguard Worker '--bindmount', '/source_dir:/src', 103*105f6285SAndroid Build Coastguard Worker '--bindmount', '/dist_dir:/dist', 104*105f6285SAndroid Build Coastguard Worker '--', '/bin/bash' 105*105f6285SAndroid Build Coastguard Worker ] 106*105f6285SAndroid Build Coastguard Worker ) 107*105f6285SAndroid Build Coastguard Worker 108*105f6285SAndroid Build Coastguard Worker def testBuildID(self): 109*105f6285SAndroid Build Coastguard Worker commands = nsjail.run( 110*105f6285SAndroid Build Coastguard Worker nsjail_bin='/bin/true', 111*105f6285SAndroid Build Coastguard Worker chroot='/chroot', 112*105f6285SAndroid Build Coastguard Worker source_dir='/source_dir', 113*105f6285SAndroid Build Coastguard Worker command=['/bin/bash'], 114*105f6285SAndroid Build Coastguard Worker build_target='target_name', 115*105f6285SAndroid Build Coastguard Worker build_id='0', 116*105f6285SAndroid Build Coastguard Worker dry_run=True) 117*105f6285SAndroid Build Coastguard Worker self.assertEqual( 118*105f6285SAndroid Build Coastguard Worker commands, 119*105f6285SAndroid Build Coastguard Worker [ 120*105f6285SAndroid Build Coastguard Worker '/bin/true', 121*105f6285SAndroid Build Coastguard Worker '--env', 'USER=nobody', 122*105f6285SAndroid Build Coastguard Worker '--config', '/nsjail.cfg', 123*105f6285SAndroid Build Coastguard Worker '--env', 'BUILD_NUMBER=0', 124*105f6285SAndroid Build Coastguard Worker '--bindmount', '/source_dir:/src', 125*105f6285SAndroid Build Coastguard Worker '--', '/bin/bash' 126*105f6285SAndroid Build Coastguard Worker ] 127*105f6285SAndroid Build Coastguard Worker ) 128*105f6285SAndroid Build Coastguard Worker 129*105f6285SAndroid Build Coastguard Worker def testMaxCPU(self): 130*105f6285SAndroid Build Coastguard Worker commands = nsjail.run( 131*105f6285SAndroid Build Coastguard Worker nsjail_bin='/bin/true', 132*105f6285SAndroid Build Coastguard Worker chroot='/chroot', 133*105f6285SAndroid Build Coastguard Worker source_dir='/source_dir', 134*105f6285SAndroid Build Coastguard Worker command=['/bin/bash'], 135*105f6285SAndroid Build Coastguard Worker build_target='target_name', 136*105f6285SAndroid Build Coastguard Worker max_cpus=1, 137*105f6285SAndroid Build Coastguard Worker dry_run=True) 138*105f6285SAndroid Build Coastguard Worker self.assertEqual( 139*105f6285SAndroid Build Coastguard Worker commands, 140*105f6285SAndroid Build Coastguard Worker [ 141*105f6285SAndroid Build Coastguard Worker '/bin/true', 142*105f6285SAndroid Build Coastguard Worker '--env', 'USER=nobody', 143*105f6285SAndroid Build Coastguard Worker '--config', '/nsjail.cfg', 144*105f6285SAndroid Build Coastguard Worker '--max_cpus=1', 145*105f6285SAndroid Build Coastguard Worker '--bindmount', '/source_dir:/src', 146*105f6285SAndroid Build Coastguard Worker '--', '/bin/bash' 147*105f6285SAndroid Build Coastguard Worker ] 148*105f6285SAndroid Build Coastguard Worker ) 149*105f6285SAndroid Build Coastguard Worker 150*105f6285SAndroid Build Coastguard Worker def testEnv(self): 151*105f6285SAndroid Build Coastguard Worker commands = nsjail.run( 152*105f6285SAndroid Build Coastguard Worker nsjail_bin='/bin/true', 153*105f6285SAndroid Build Coastguard Worker chroot='/chroot', 154*105f6285SAndroid Build Coastguard Worker source_dir='/source_dir', 155*105f6285SAndroid Build Coastguard Worker command=['/bin/bash'], 156*105f6285SAndroid Build Coastguard Worker build_target='target_name', 157*105f6285SAndroid Build Coastguard Worker max_cpus=1, 158*105f6285SAndroid Build Coastguard Worker dry_run=True, 159*105f6285SAndroid Build Coastguard Worker env=['foo=bar', 'spam=eggs']) 160*105f6285SAndroid Build Coastguard Worker self.assertEqual( 161*105f6285SAndroid Build Coastguard Worker commands, 162*105f6285SAndroid Build Coastguard Worker [ 163*105f6285SAndroid Build Coastguard Worker '/bin/true', 164*105f6285SAndroid Build Coastguard Worker '--env', 'USER=nobody', 165*105f6285SAndroid Build Coastguard Worker '--config', '/nsjail.cfg', 166*105f6285SAndroid Build Coastguard Worker '--max_cpus=1', 167*105f6285SAndroid Build Coastguard Worker '--bindmount', '/source_dir:/src', 168*105f6285SAndroid Build Coastguard Worker '--env', 'foo=bar', '--env', 'spam=eggs', 169*105f6285SAndroid Build Coastguard Worker '--', '/bin/bash' 170*105f6285SAndroid Build Coastguard Worker ] 171*105f6285SAndroid Build Coastguard Worker ) 172*105f6285SAndroid Build Coastguard Worker 173*105f6285SAndroid Build Coastguard Worker 174*105f6285SAndroid Build Coastguard Workerif __name__ == '__main__': 175*105f6285SAndroid Build Coastguard Worker unittest.main() 176