[#176] replicate isolators to test aci

blablacar · Jul 27, 2016 · fd6e255 · fd6e255
1 parent 074d573
commit fd6e255
Show file tree

Hide file tree

Showing 5 changed files with 78 additions and 10 deletions.
diff --git a/bin-dgr/aci-build.go b/bin-dgr/aci-build.go
@@ -186,8 +186,7 @@ func (aci *Aci) prepareBuildAci() (string, error) {
 	if err := ioutil.WriteFile(aci.target+pathBuilder+common.PathRootfs+"/.keep", []byte(""), 0644); err != nil {
 		return "", errs.WithEF(err, aci.fields.WithField("file", aci.target+pathBuilder+common.PathRootfs+"/.keep"), "Failed to write keep file")
 	}
-	all := json.RawMessage(`{"set":["all"]}`)
-	aci.manifest.Aci.App.Isolators = []types.Isolator{{Name: "os/linux/capabilities-retain-set", ValueRaw: &all}}
+	aci.manifest.Aci.App.Isolators = []common.Isolator{{Name: "os/linux/capabilities-retain-set", Value: common.LinuxCapabilitiesSetValue{Set: []types.LinuxCapability{"all"}}}}
 
 	if err := common.WriteAciManifest(aci.manifest, aci.target+pathBuilder+common.PathManifest, common.PrefixBuilder+aci.manifest.NameAndVersion.Name(), dgrVersion); err != nil {
 		return "", err

diff --git a/bin-dgr/aci-test.go b/bin-dgr/aci-test.go
@@ -138,11 +138,19 @@ func (aci *Aci) buildTestAci() (string, error) {
 		Builder: aci.manifest.Tester.Builder,
 		Aci: common.AciDefinition{
 			App: common.DgrApp{
-				Exec:             aci.manifest.Aci.App.Exec,
-				MountPoints:      []types.MountPoint{{Path: pathTestsResult, Name: *resultMountName}},
-				WorkingDirectory: aci.manifest.Aci.App.WorkingDirectory,
+				Exec:              aci.manifest.Aci.App.Exec,
+				MountPoints:       []types.MountPoint{{Path: pathTestsResult, Name: *resultMountName}},
+				WorkingDirectory:  aci.manifest.Aci.App.WorkingDirectory,
+				User:              aci.manifest.Aci.App.User,
+				Group:             aci.manifest.Aci.App.Group,
+				SupplementaryGIDs: aci.manifest.Aci.App.SupplementaryGIDs,
+				Environment:       aci.manifest.Aci.App.Environment,
+				Ports:             aci.manifest.Aci.App.Ports,
+				Isolators:         aci.manifest.Aci.App.Isolators,
 			},
-			Dependencies: append(aci.manifest.Tester.Aci.Dependencies, *common.NewACFullName(name[len(prefixTest):])),
+			Dependencies:  append(aci.manifest.Tester.Aci.Dependencies, *common.NewACFullName(name[len(prefixTest):])),
+			Annotations:   aci.manifest.Aci.Annotations,
+			PathWhitelist: aci.manifest.Aci.PathWhitelist,
 		},
 		NameAndVersion: *fullname,
 	}

diff --git a/bin-dgr/common/aci-manifest.go b/bin-dgr/common/aci-manifest.go
@@ -104,6 +104,11 @@ func WriteAciManifest(m *AciManifest, targetFile string, projectName string, dgr
 		m.Aci.App.Exec = []string{"/dgr/bin/busybox", "sh"}
 	}
 
+	isolators, err := ToAppcIsolators(m.Aci.App.Isolators)
+	if err != nil {
+		return errs.WithEF(err, fields, "Failed to prepare isolators")
+	}
+
 	im.App = &types.App{
 		Exec:              m.Aci.App.Exec,
 		EventHandlers:     []types.EventHandler{{Name: "pre-start", Exec: []string{"/dgr/bin/prestart"}}},
@@ -114,7 +119,7 @@ func WriteAciManifest(m *AciManifest, targetFile string, projectName string, dgr
 		Environment:       m.Aci.App.Environment,
 		MountPoints:       m.Aci.App.MountPoints,
 		Ports:             m.Aci.App.Ports,
-		Isolators:         m.Aci.App.Isolators,
+		Isolators:         isolators,
 	}
 	buff, err := json.MarshalIndent(im, "", "  ")
 	if err != nil {
@@ -127,6 +132,25 @@ func WriteAciManifest(m *AciManifest, targetFile string, projectName string, dgr
 	return nil
 }
 
+func ToAppcIsolators(isos []Isolator) (types.Isolators, error) {
+	isolators := types.Isolators{}
+	for _, i := range isos {
+
+		content, err := json.Marshal(i)
+		if err != nil {
+			return nil, errs.WithEF(err, data.WithField("isolator", i.Name), "Failed to marshall isolator")
+		}
+
+		isolator := types.Isolator{}
+		if err := isolator.UnmarshalJSON(content); err != nil {
+			return nil, errs.WithEF(err, data.WithField("isolator", i.Name), "Failed to unmarshall isolator")
+		}
+
+		isolators = append(isolators, isolator)
+	}
+	return isolators, nil
+}
+
 func ToAppcDependencies(dependencies []ACFullname) (types.Dependencies, error) {
 	appcDependencies := types.Dependencies{}
 	for _, dep := range dependencies {
@@ -144,3 +168,22 @@ func ToAppcDependencies(dependencies []ACFullname) (types.Dependencies, error) {
 	}
 	return appcDependencies, nil
 }
+
+func FromAppcIsolators(isolators types.Isolators) ([]Isolator, error) {
+	isos := []Isolator{}
+	for _, i := range isolators {
+		var res LinuxCapabilitiesSetValue
+
+		if err := json.Unmarshal([]byte(*i.ValueRaw), &res); err != nil {
+			return isos, errs.WithEF(err, data.WithField("content", string(*i.ValueRaw)), "Failed to prepare isolators")
+		}
+
+		iso := Isolator{
+			Name:  i.Name.String(),
+			Value: res,
+		}
+		i.Value()
+		isos = append(isos, iso)
+	}
+	return isos, nil
+}
diff --git a/bin-dgr/common/dgr-manifest.go b/bin-dgr/common/dgr-manifest.go
@@ -77,7 +77,16 @@ type DgrApp struct {
 	Environment       types.Environment  `json:"environment,omitempty" yaml:"environment,omitempty"`
 	MountPoints       []types.MountPoint `json:"mountPoints,omitempty" yaml:"mountPoints,omitempty"`
 	Ports             []types.Port       `json:"ports,omitempty" yaml:"ports,omitempty"`
-	Isolators         types.Isolators    `json:"isolators,omitempty" yaml:"isolators,omitempty"`
+	Isolators         []Isolator         `json:"isolators,omitempty" yaml:"isolators,omitempty"`
+}
+
+type LinuxCapabilitiesSetValue struct {
+	Set []types.LinuxCapability `json:"set"`
+}
+
+type Isolator struct {
+	Name  string
+	Value LinuxCapabilitiesSetValue
 }
 
 func ProcessManifestTemplate(manifestContent string, data2 interface{}, checkNoValue bool) (*AciManifest, error) {

diff --git a/bin-dgr/pod-build.go b/bin-dgr/pod-build.go
@@ -111,6 +111,11 @@ func (p *Pod) processAci(e common.RuntimeApp) (*schema.RuntimeApp, error) {
 		e.App.Group = "0"
 	}
 
+	isolators, err := common.ToAppcIsolators(e.App.Isolators)
+	if err != nil {
+		return nil, errs.WithEF(err, p.fields, "Failed to prepare isolators")
+	}
+
 	return &schema.RuntimeApp{
 		Name:  *name,
 		Image: ttmp,
@@ -123,7 +128,7 @@ func (p *Pod) processAci(e common.RuntimeApp) (*schema.RuntimeApp, error) {
 			Environment:       e.App.Environment,
 			MountPoints:       e.App.MountPoints,
 			Ports:             e.App.Ports,
-			Isolators:         e.App.Isolators,
+			Isolators:         isolators,
 		},
 		Mounts:      e.Mounts,
 		Annotations: e.Annotations}, nil
@@ -162,7 +167,11 @@ func (p *Pod) fillRuntimeAppFromDependencies(e *common.RuntimeApp) error {
 			e.App.SupplementaryGIDs = manifest.App.SupplementaryGIDs
 		}
 		if len(e.App.Isolators) == 0 {
-			e.App.Isolators = manifest.App.Isolators
+			res, err := common.FromAppcIsolators(manifest.App.Isolators)
+			if err != nil {
+				return errs.WithEF(err, fields, "Failed to replicate isolators from aci to pod")
+			}
+			e.App.Isolators = res
 		}
 		if len(e.App.Ports) == 0 {
 			e.App.Ports = manifest.App.Ports