tests: use custom cgroupfs mount point

Signed-off-by: black-desk <[email protected]>
black-desk · Oct 19, 2023 · b5d512c · b5d512c
1 parent 0c74e4f
commit b5d512c
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 27 deletions.
diff --git a/Makefile b/Makefile
@@ -26,13 +26,16 @@ UNSHARE ?= unshare -U -C -m -n --map-user=0 --
 
 SHELL ?= sh
 
+CGROUPFS ?= /tmp/io.github.black-desk.cgtproxy-test/cgroupfs
+
 test:
 	$(SYSTEMD_RUN) \
 	$(UNSHARE) \
 	$(SHELL) -c "\
+		mkdir -p $(CGROUPFS) && \
 		mount --make-rprivate / && \
-		mount -t cgroup2 none /sys/fs/cgroup && \
-		TEST_ALL=1 $(GO) test ./... --tags=$(GOTAGS) -v --ginkgo.vv \
+		mount -t cgroup2 none $(CGROUPFS) && \
+		CGTPROXY_TEST_CGROUP_ROOT=$(CGROUPFS) TEST_ALL=1 $(GO) test ./... --tags=$(GOTAGS) -v --ginkgo.vv \
 	"
 
 PREFIX ?= /usr/local

diff --git a/internal/nftman/table_test.go b/internal/nftman/table_test.go
@@ -36,13 +36,14 @@ var _ = Describe("Netfliter table", Ordered, func() {
 		var (
 			t *nftman.Table
 
-			result string
+			result     string
+			cgroupRoot = os.Getenv("CGTPROXY_TEST_CGROUP_ROOT")
 		)
 
 		BeforeEach(func() {
 			By("Create a Table object.", func() {
 				t, err = nftman.New(
-					nftman.WithCgroupRoot(config.CgroupRoot("/sys/fs/cgroup")),
+					nftman.WithCgroupRoot(config.CgroupRoot(cgroupRoot)),
 				)
 				Expect(err).To(Succeed())
 			})
@@ -101,47 +102,47 @@ var _ = Describe("Netfliter table", Ordered, func() {
 
 			Context("then add some cgroups", func() {
 				BeforeEach(func() {
-					err = os.MkdirAll("/sys/fs/cgroup/test/a", 0755)
+					err = os.MkdirAll(cgroupRoot+"/test/a", 0755)
 					Expect(err).To(Or(Succeed(), MatchError(os.ErrExist)))
-					err = t.AddCgroup("/sys/fs/cgroup/test/a",
+					err = t.AddCgroup(cgroupRoot+"/test/a",
 						&nftman.Target{Op: nftman.TargetTProxy, Chain: tps[rand.Intn(len(tps))].t.Name + "-MARK"},
 					)
 					Expect(err).To(Succeed(), "nft:\n%s", GetNFTableRules())
 
-					err = os.MkdirAll("/sys/fs/cgroup/test/b", 0755)
+					err = os.MkdirAll(cgroupRoot+"/test/b", 0755)
 					Expect(err).To(Or(Succeed(), MatchError(os.ErrExist)))
-					err = t.AddCgroup("/sys/fs/cgroup/test/b",
+					err = t.AddCgroup(cgroupRoot+"/test/b",
 						&nftman.Target{Op: nftman.TargetTProxy, Chain: tps[rand.Intn(len(tps))].t.Name + "-MARK"},
 					)
 					Expect(err).To(Succeed(), "nft:\n%s", GetNFTableRules())
 
-					err = os.MkdirAll("/sys/fs/cgroup/test/c", 0755)
+					err = os.MkdirAll(cgroupRoot+"/test/c", 0755)
 					Expect(err).To(Or(Succeed(), MatchError(os.ErrExist)))
-					err = t.AddCgroup("/sys/fs/cgroup/test/c",
+					err = t.AddCgroup(cgroupRoot+"/test/c",
 						&nftman.Target{Op: nftman.TargetDrop},
 					)
 					Expect(err).To(Succeed(), "nft:\n%s", GetNFTableRules())
 
-					err = os.MkdirAll("/sys/fs/cgroup/test/d/d", 0755)
+					err = os.MkdirAll(cgroupRoot+"/test/d/d", 0755)
 					Expect(err).To(Or(Succeed(), MatchError(os.ErrExist)))
-					err = t.AddCgroup("/sys/fs/cgroup/test/d/d",
+					err = t.AddCgroup(cgroupRoot+"/test/d/d",
 						&nftman.Target{Op: nftman.TargetDirect},
 					)
 					Expect(err).To(Succeed(), "nft:\n%s", GetNFTableRules())
 				})
 
 				AfterEach(func() {
-					err = syscall.Rmdir("/sys/fs/cgroup/test/d/d")
+					err = syscall.Rmdir(cgroupRoot + "/test/d/d")
 					Expect(err).To(Succeed())
-					err = syscall.Rmdir("/sys/fs/cgroup/test/d")
+					err = syscall.Rmdir(cgroupRoot + "/test/d")
 					Expect(err).To(Succeed())
-					err = syscall.Rmdir("/sys/fs/cgroup/test/c")
+					err = syscall.Rmdir(cgroupRoot + "/test/c")
 					Expect(err).To(Succeed())
-					err = syscall.Rmdir("/sys/fs/cgroup/test/b")
+					err = syscall.Rmdir(cgroupRoot + "/test/b")
 					Expect(err).To(Succeed())
-					err = syscall.Rmdir("/sys/fs/cgroup/test/a")
+					err = syscall.Rmdir(cgroupRoot + "/test/a")
 					Expect(err).To(Succeed())
-					err = syscall.Rmdir("/sys/fs/cgroup/test")
+					err = syscall.Rmdir(cgroupRoot + "/test")
 					Expect(err).To(Succeed())
 				})
 
@@ -164,29 +165,29 @@ var _ = Describe("Netfliter table", Ordered, func() {
 						)
 
 						Expect(result).To(
-							ContainSubstring(`"test/a" : goto tproxy`),
+							ContainSubstring(`test/a" : goto tproxy`),
 						)
 
 						Expect(result).To(
-							ContainSubstring(`"test/b" : goto tproxy`),
+							ContainSubstring(`test/b" : goto tproxy`),
 						)
 
 						Expect(result).To(
-							ContainSubstring(`"test/c" : drop`),
+							ContainSubstring(`test/c" : drop`),
 						)
 
 						Expect(result).To(
-							ContainSubstring(`"test/d/d"`),
+							ContainSubstring(`test/d/d"`),
 						)
 					}
 				})
 
 				Context("and remove them later", func() {
 					BeforeEach(func() {
-						t.RemoveCgroup("/sys/fs/cgroup/test/a")
-						t.RemoveCgroup("/sys/fs/cgroup/test/b")
-						t.RemoveCgroup("/sys/fs/cgroup/test/c")
-						t.RemoveCgroup("/sys/fs/cgroup/test/d/d")
+						t.RemoveCgroup(cgroupRoot + "/test/a")
+						t.RemoveCgroup(cgroupRoot + "/test/b")
+						t.RemoveCgroup(cgroupRoot + "/test/c")
+						t.RemoveCgroup(cgroupRoot + "/test/d/d")
 					})
 
 					It("should produce expected nftable rules", func() {
@@ -196,7 +197,7 @@ var _ = Describe("Netfliter table", Ordered, func() {
 
 					Context("then add some of them back", func() {
 						BeforeEach(func() {
-							err = t.AddCgroup("/sys/fs/cgroup/test/a",
+							err = t.AddCgroup(cgroupRoot+"/test/a",
 								&nftman.Target{Op: nftman.TargetTProxy, Chain: tps[rand.Intn(len(tps))].t.Name + "-MARK"},
 							)
 							Expect(err).To(Succeed(), "nft:\n%s", GetNFTableRules())