kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-05 09:55:44 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
65c7f34f2d4c92ffbb51646aacc264f8db33cc06
nomad/client/allocrunner/taskrunner/getter/testing.go
Chris Roberts fd1e40537c [artifact] add artifact inspection after download (#26608) 
This adds artifact inspection after download to detect any issues
with the content fetched. Currently this means checking for any
symlinks within the artifact that resolve outside the task or
allocation directories. On platforms where lockdown is available
(some Linux) this inspection is not performed.

The inspection can be disabled with the DisableArtifactInspection
option. A dedicated option for disabling this behavior allows
the DisableFilesystemIsolation option to be enabled but still
have artifacts inspected after download.
2025-08-27 10:37:34 -07:00

50 lines
1.5 KiB
Go
Raw Blame History

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1
package getter
import (
"os"
"path/filepath"
"testing"
cconfig "github.com/hashicorp/nomad/client/config"
"github.com/hashicorp/nomad/helper/pointer"
"github.com/hashicorp/nomad/helper/testlog"
sconfig "github.com/hashicorp/nomad/nomad/structs/config"
"github.com/shoenig/test/must"
)
// TestSandbox creates a real artifact downloader configured via the default
// artifact config. It is good enough for tests so no mock implementation exists.
func TestSandbox(t *testing.T) *Sandbox {
defaultConfig := sconfig.DefaultArtifactConfig()
defaultConfig.DecompressionSizeLimit = pointer.Of("1MB")
defaultConfig.DecompressionFileCountLimit = pointer.Of(10)
ac, err := cconfig.ArtifactConfigFromAgent(defaultConfig)
must.NoError(t, err)
return New(ac, testlog.HCLogger(t))
}
// SetupDir creates a directory suitable for testing artifact - i.e. it is
// owned by the user under which nomad runs.
//
// returns alloc_dir, task_dir
func SetupDir(t *testing.T) (string, string) {
allocDir := t.TempDir()
taskDir := filepath.Join(allocDir, "local")
tmpDir := filepath.Join(taskDir, "tmp")
topDir := filepath.Dir(allocDir)
must.NoError(t, os.Chmod(topDir, 0o755))
must.NoError(t, os.Chmod(allocDir, 0o755))
must.NoError(t, os.Mkdir(taskDir, 0o755))
must.NoError(t, os.Chmod(taskDir, 0o755))
must.NoError(t, os.Mkdir(tmpDir, 0o755))
must.NoError(t, os.Chmod(tmpDir, 0o755))
return allocDir, taskDir
}
Reference in New Issue View Git Blame Copy Permalink