test: Wrap use of skopeo to avoid its unwanted side effects. (#570)

2 things are fixed here. 1. Running skopeo as root creates /run/containers with 700 permissions. That causes a problem when you run skopeo as root and then run stacker as non-root. The error would look like this: > error: initializing source ... getting username and password: 1 error occurred: > * reading JSON file "/run/containers/0/auth.json": > open /run/containers/0/auth.json: permission denied > couldn't import base layer base > stackerbuild.io/stacker/pkg/stacker.importContainersImage > /stacker-tree/pkg/stacker/base.go:141 > stackerbuild.io/stacker/pkg/stacker.GetBase > /stacker-tree/pkg/stacker/base.go:49 > stackerbuild.io/stacker/pkg/stacker.(*Builder).build > /stacker-tree/pkg/stacker/build.go:407 > stackerbuild.io/stacker/pkg/stacker.(*Builder).BuildMultiple > /stacker-tree/pkg/stacker/build.go:622 > main.doBuild 2. skopeo copy containers-registry populates ~/.local/share/containers/ This is an unwanted side effect of running the test. Further annoying is that it ends up getting directories with 555 perms on them. That means rm -Rf .local/share/containers/storage/vfs-layers will fail like: rm: cannot remove '.local/share/containers/storage/vfs/dir/HASH': Permission denied We don't want someone's HOME getting populated with artifacts from stacker test, and there are probably also race conditions here in that we run stacker tests in parallel. Signed-off-by: Scott Moser <[email protected]>
project-stacker · Dec 1, 2023 · 4145415 · 4145415
1 parent 123ba76
commit 4145415
Showing 1 changed file with 23 additions and 5 deletions.
diff --git a/test/helpers.bash b/test/helpers.bash
@@ -207,6 +207,24 @@ function zot_teardown {
   rm -f $TEST_TMPDIR/zot-config.json
 }
 
+function _skopeo() {
+    [ "$1" = "--version" ] && {
+        "$SKOPEO" "$@"
+        return
+    }
+    local uid=""
+    uid=$(id -u)
+    if [ ! -e /run/containers ]; then
+        if [ "$uid" = "0" ]; then
+            mkdir --mode=755 /run/containers || chmod /run/containers 755
+        fi
+    fi
+    [ -n "$TEST_TMPDIR" ]
+    local home="${TEST_TMPDIR}/home"
+    [ -d "$home" ] || mkdir -p "$home"
+    HOME="$home" "$SKOPEO" "$@"
+}
+
 function test_copy_buffer_size() {
    local buffer_size=$1
    local file_type=$2
@@ -244,13 +262,13 @@ EOF
   m1=$(cat oci/index.json | jq .manifests[0].digest | sed  's/sha256://' | tr -d \")
   cat oci/blobs/sha256/"$m1" | jq .
   l1=$(cat oci/blobs/sha256/"$m1" | jq .layers[0].digest | sed  's/sha256://' | tr -d \")
-  $SKOPEO --version
-  [[ "$($SKOPEO --version)" =~ "skopeo version ${SKOPEO_VERSION}" ]] || {
+  _skopeo --version
+  [[ "$(_skopeo --version)" =~ "skopeo version ${SKOPEO_VERSION}" ]] || {
     echo "$SKOPEO --version should be ${SKOPEO_VERSION}"
     exit 1
   }
-  $SKOPEO copy --format=oci oci:oci:tar containers-storage:test:tar
-  $SKOPEO copy --format=oci containers-storage:test:tar oci:oci:test
+  _skopeo copy --format=oci oci:oci:tar containers-storage:test:tar
+  _skopeo copy --format=oci containers-storage:test:tar oci:oci:test
   cat oci/index.json | jq .
   m2=$(cat oci/index.json | jq .manifests[1].digest | sed  's/sha256://' | tr -d \")
   cat oci/blobs/sha256/"$m2" | jq .
@@ -261,5 +279,5 @@ EOF
   stacker clean
   rm -rf folder1
   cd "$ROOT_DIR"
-  rm -rf "tmpdir"
+  rm -rf "$tmpdir"
 }