From e4c6a178848145c8dba68ed054cbb48dcecccf65 Mon Sep 17 00:00:00 2001 From: Simon Ruderich Date: Wed, 28 Apr 2021 12:26:18 +0200 Subject: [PATCH] sync: run most tests which modify the host only in CI This is especially important in case the user executes the tests as root (no recommended but not prevented either). Permissions on paths like / or /tmp which differ from those expected by the test could otherwise be modified by the tests. However, the end-to-end SSH tests which write /tmp/safcm-remote-$uid (but no other paths) are still run so we get proper coverage of basic features. --- ci/run | 4 ++++ cmd/safcm-remote/sync/files_test.go | 29 +++++++++++++++++++---------- 2 files changed, 23 insertions(+), 10 deletions(-) diff --git a/ci/run b/ci/run index 472502c..45db771 100755 --- a/ci/run +++ b/ci/run @@ -12,6 +12,10 @@ if test $# -ne 0; then flags="$*" fi +# Run additional tests in CI +SAFCM_CI_RUN=1 +export SAFCM_CI_RUN + make $flags make test $flags diff --git a/cmd/safcm-remote/sync/files_test.go b/cmd/safcm-remote/sync/files_test.go index 879fefd..bd5eac9 100644 --- a/cmd/safcm-remote/sync/files_test.go +++ b/cmd/safcm-remote/sync/files_test.go @@ -53,10 +53,13 @@ func TestSyncFiles(t *testing.T) { } user, uid, group, gid := ft.CurrentUserAndGroup() + skipUnlessCiRun := len(os.Getenv("SAFCM_CI_RUN")) == 0 + tmpTestFilePath := "/tmp/safcm-sync-files-test-file" tests := []struct { name string + skip bool req safcm.MsgSyncReq prepare func() triggers []string @@ -74,6 +77,7 @@ func TestSyncFiles(t *testing.T) { { "basic: create", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -157,6 +161,7 @@ func TestSyncFiles(t *testing.T) { { "basic: no change", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -211,6 +216,7 @@ func TestSyncFiles(t *testing.T) { { "invalid File: user", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -234,6 +240,7 @@ func TestSyncFiles(t *testing.T) { }, { "invalid File: group", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -265,6 +272,7 @@ func TestSyncFiles(t *testing.T) { // Use numeric IDs as not all systems use root/root; // for example BSDs use root/wheel. "absolute paths: no change", + skipUnlessCiRun, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ "/": { @@ -306,6 +314,7 @@ func TestSyncFiles(t *testing.T) { { "triggers: no change", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -369,6 +378,7 @@ func TestSyncFiles(t *testing.T) { { "triggers: change root", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -461,6 +471,7 @@ func TestSyncFiles(t *testing.T) { { "triggers: change middle", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -551,6 +562,7 @@ func TestSyncFiles(t *testing.T) { { "triggers: change leaf", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -637,6 +649,7 @@ func TestSyncFiles(t *testing.T) { { "triggers: multiple changes", + false, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ ".": { @@ -738,6 +751,7 @@ func TestSyncFiles(t *testing.T) { { "triggers: absolute paths", + skipUnlessCiRun, safcm.MsgSyncReq{ Files: map[string]*safcm.File{ "/": { @@ -772,16 +786,7 @@ func TestSyncFiles(t *testing.T) { }, }, }, - func() { - // This is slightly racy but the file name - // should be rare enough that this isn't an - // issue - _, err := os.Stat(tmpTestFilePath) - if err == nil { - t.Fatalf("%q exists, aborting", - tmpTestFilePath) - } - }, + nil, []string{ "/", "/tmp", @@ -823,6 +828,10 @@ func TestSyncFiles(t *testing.T) { for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { + if tc.skip { + t.SkipNow() + } + // Create separate test directory for each test case path := filepath.Join(cwd, "testdata", "files-"+tc.name) err = os.Mkdir(path, 0700) -- 2.45.2