package config import ( "fmt" "io/ioutil" "os" "path/filepath" "testing" "github.com/stretchr/testify/assert" ) const configTemplate = `{"ociVersion":"1.0.1-dev","process":{"user":{"uid":0,"gid":0},"args":["/pause"],"env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin","ENCLAVE_TYPE=intelSgx"],"cwd":"/","capabilities":{"bounding":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FSETID","CAP_FOWNER","CAP_MKNOD","CAP_NET_RAW","CAP_SETGID","CAP_SETUID","CAP_SETFCAP","CAP_SETPCAP","CAP_NET_BIND_SERVICE","CAP_SYS_CHROOT","CAP_KILL","CAP_AUDIT_WRITE"],"effective":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FSETID","CAP_FOWNER","CAP_MKNOD","CAP_NET_RAW","CAP_SETGID","CAP_SETUID","CAP_SETFCAP","CAP_SETPCAP","CAP_NET_BIND_SERVICE","CAP_SYS_CHROOT","CAP_KILL","CAP_AUDIT_WRITE"],"inheritable":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FSETID","CAP_FOWNER","CAP_MKNOD","CAP_NET_RAW","CAP_SETGID","CAP_SETUID","CAP_SETFCAP","CAP_SETPCAP","CAP_NET_BIND_SERVICE","CAP_SYS_CHROOT","CAP_KILL","CAP_AUDIT_WRITE"],"permitted":["CAP_CHOWN","CAP_DAC_OVERRIDE","CAP_FSETID","CAP_FOWNER","CAP_MKNOD","CAP_NET_RAW","CAP_SETGID","CAP_SETUID","CAP_SETFCAP","CAP_SETPCAP","CAP_NET_BIND_SERVICE","CAP_SYS_CHROOT","CAP_KILL","CAP_AUDIT_WRITE"]},"noNewPrivileges":true,"oomScoreAdj":-998},"root":{"path":"rootfs","readonly":true},"mounts":[{"destination":"/proc","type":"proc","source":"proc","options":["nosuid","noexec","nodev"]},{"destination":"/dev","type":"tmpfs","source":"tmpfs","options":["nosuid","strictatime","mode=755","size=65536k"]},{"destination":"/dev/pts","type":"devpts","source":"devpts","options":["nosuid","noexec","newinstance","ptmxmode=0666","mode=0620","gid=5"]},{"destination":"/dev/shm","type":"tmpfs","source":"shm","options":["nosuid","noexec","nodev","mode=1777","size=65536k"]},{"destination":"/dev/mqueue","type":"mqueue","source":"mqueue","options":["nosuid","noexec","nodev"]},{"destination":"/sys","type":"sysfs","source":"sysfs","options":["nosuid","noexec","nodev","ro"]},{"destination":"/dev/shm","type":"bind","source":"/run/containerd/io.containerd.grpc.v1.cri/sandboxes/8e5f48047dfc52c9ee043129580d5df9b70f6c0828d96fbb396fb269e114fbfd/shm","options":["rbind","ro"]}],"annotations":{"io.kubernetes.cri.container-type":"sandbox","io.kubernetes.cri.sandbox-id":"8e5f48047dfc52c9ee043129580d5df9b70f6c0828d96fbb396fb269e114fbfd","io.kubernetes.cri.sandbox-log-directory":"/var/log/pods/default_curl-test_3feed600-56cb-4a73-857f-87b27bb65771"},"linux":{"resources":{"devices":[{"allow":false,"access":"rwm"}],"cpu":{"shares":2}},"cgroupsPath":"kubepods-besteffort-pod3feed600_56cb_4a73_857f_87b27bb65771.slice:cri-containerd:8e5f48047dfc52c9ee043129580d5df9b70f6c0828d96fbb396fb269e114fbfd","namespaces":[{"type":"pid"},{"type":"ipc"},{"type":"mount"}],"maskedPaths":["/proc/acpi","/proc/asound","/proc/kcore","/proc/keys","/proc/latency_stats","/proc/timer_list","/proc/timer_stats","/proc/sched_debug","/sys/firmware","/proc/scsi"],"readonlyPaths":["/proc/bus","/proc/fs","/proc/irq","/proc/sys","/proc/sysrq-trigger"]}}` func TestUpdateEnvs(t *testing.T) { path := filepath.Join("/tmp", "config.json") defer os.Remove(path) err := ioutil.WriteFile(path, []byte(configTemplate), 0644) assert.Nil(t, err) spec, err := LoadSpec(path) assert.Nil(t, err) m := map[string]string{"k1": "v1", "k2": "v2"} err = UpdateEnvs(spec, m, false) assert.Nil(t, err) v1, ok := GetEnv(spec, "k1") assert.Equal(t, true, ok) assert.Equal(t, "v1", v1) v2, ok := GetEnv(spec, "k2") assert.Equal(t, true, ok) assert.Equal(t, "v2", v2) v3, ok := GetEnv(spec, "ENCLAVE_TYPE") assert.Equal(t, true, ok) assert.Equal(t, "intelSgx", v3) err = SaveSpec(path, spec) assert.Nil(t, err) spec, err = LoadSpec(path) v1, ok = GetEnv(spec, "k1") assert.Equal(t, true, ok) assert.Equal(t, "v1", v1) v2, ok = GetEnv(spec, "k2") assert.Equal(t, true, ok) assert.Equal(t, "v2", v2) v3, ok = GetEnv(spec, "ENCLAVE_TYPE") assert.Equal(t, true, ok) assert.Equal(t, "intelSgx", v3) fmt.Printf("spec=%++v", spec.Process.Env) }