test-override: Skip tests that need bwrap if necessary

This requires some new mechanisms: now we're skipping individual tests, not just whole test scripts. There are two main reasons why autobuilder environments might not be able to run these tests successfully, both of which apply in Debian. Tests that rely on bwrap typically can't pass in builds that take place in a chroot, because bwrap's use of pivot_root() assumes that the root directory is a mount point, but a chroot will typically have an unpacked directory somewhere below the mount point as its root. Some autobuilder environments are also sufficiently restricted that they can't create new user namespaces at all, as a way to harden the autobuilder host. As a result, Debian autobuilders can't run the majority of the Flatpak tests. We would like to be able to continue to run the subset that don't need bwrap, to have the best test coverage we can. For the rest we have to rely on installed-tests (which I've wired up to Debian's autopkgtest) rather than using build-time tests. Signed-off-by: Simon McVittie <smcv@debian.org> Closes: #2339 Approved by: matthiasclasen
2026-05-24 16:57:42 -04:00 · 2018-11-19 13:43:42 +00:00
parent 0ffcd5e57f
commit 752eac6859
2 changed files with 55 additions and 25 deletions
--- a/tests/libtest.sh
+++ b/tests/libtest.sh
@@ -321,18 +321,38 @@ run_sh () {
    ${CMD_PREFIX} flatpak run --command=bash ${ARGS-} org.test.Hello -c "$*"
 }

+# true, false, or empty for indeterminate
+_flatpak_bwrap_works=
+
+if [ -z "${FLATPAK_BWRAP:-}" ]; then
+    # running installed-tests: assume we know what we're doing
+    _flatpak_bwrap_works=true
+elif ! "$FLATPAK_BWRAP" --unshare-ipc --unshare-net --unshare-pid \
+        --ro-bind / / /bin/true > bwrap-result 2>&1; then
+    _flatpak_bwrap_works=false
+else
+    _flatpak_bwrap_works=true
+fi
+
 skip_without_bwrap () {
-    if [ -z "${FLATPAK_BWRAP:-}" ]; then
-        # running installed-tests: assume we know what we're doing
-        :
-    elif ! "$FLATPAK_BWRAP" --unshare-ipc --unshare-net --unshare-pid \
-            --ro-bind / / /bin/true > bwrap-result 2>&1; then
+    if "${_flatpak_bwrap_works}"; then
+        return 0
+    else
        sed -e 's/^/# /' < bwrap-result
        echo "1..0 # SKIP Cannot run bwrap"
        exit 0
    fi
 }

+skip_one_without_bwrap () {
+    if "${_flatpak_bwrap_works}"; then
+        return 1
+    else
+        echo "ok $* # SKIP Cannot run bwrap"
+        return 0
+    fi
+}
+
 sed s#@testdir@#${test_builddir}# ${test_srcdir}/session.conf.in > session.conf
 dbus-daemon --fork --config-file=session.conf --print-address=3 --print-pid=4 \
    3> dbus-session-bus-address 4> dbus-session-bus-pid
--- a/tests/test-override.sh
+++ b/tests/test-override.sh
@@ -109,7 +109,9 @@ echo "ok override system bus names"

 reset_overrides

-if [ -S "${XDG_RUNTIME_DIR}/wayland-0" ]; then
+if skip_one_without_bwrap "sandbox wayland socket"; then
+  :
+elif [ -S "${XDG_RUNTIME_DIR}/wayland-0" ]; then
  ${FLATPAK} override --user --socket=wayland org.test.Hello
  ${FLATPAK} run --command=ls org.test.Hello -- /run/user/1000 > out
  assert_file_has_content out "wayland-0"
@@ -125,7 +127,9 @@ fi

 reset_overrides

-if [ -d "/dev/dri" ]; then
+if skip_one_without_bwrap "sandbox dri device"; then
+  :
+elif [ -d "/dev/dri" ]; then
  ${FLATPAK} override --user --device=dri org.test.Hello
  ${FLATPAK} run --command=ls org.test.Hello -- /dev > out
  assert_file_has_content out "dri"
@@ -141,35 +145,41 @@ fi

 reset_overrides

-${FLATPAK} override --user --env=FOO=BAR org.test.Hello
+if ! skip_one_without_bwrap "sandbox dri device"; then
+  ${FLATPAK} override --user --env=FOO=BAR org.test.Hello

-${FLATPAK} run --command=sh org.test.Hello -c 'echo $FOO' > out
-assert_file_has_content out "BAR"
-FOO=bar ${FLATPAK} run --command=sh org.test.Hello -c 'echo $FOO' > out
-assert_file_has_content out "BAR"
+  ${FLATPAK} run --command=sh org.test.Hello -c 'echo $FOO' > out
+  assert_file_has_content out "BAR"
+  FOO=bar ${FLATPAK} run --command=sh org.test.Hello -c 'echo $FOO' > out
+  assert_file_has_content out "BAR"

-echo "ok sandbox env"
+  echo "ok sandbox env"
+fi

 reset_overrides

-echo "hello" > $HOME/example
+if ! skip_one_without_bwrap "sandbox filesystem"; then
+  echo "hello" > $HOME/example

-${FLATPAK} override --user --filesystem=home:ro org.test.Hello
+  ${FLATPAK} override --user --filesystem=home:ro org.test.Hello

-${FLATPAK} run --command=ls org.test.Hello $HOME > out
-assert_file_has_content out example
+  ${FLATPAK} run --command=ls org.test.Hello $HOME > out
+  assert_file_has_content out example

-${FLATPAK} run --command=sh org.test.Hello -c "echo goodbye > $HOME/example" || true
-assert_file_has_content $HOME/example hello
+  ${FLATPAK} run --command=sh org.test.Hello -c "echo goodbye > $HOME/example" || true
+  assert_file_has_content $HOME/example hello

-rm $HOME/example
+  rm $HOME/example

-echo "ok sandbox filesystem"
+  echo "ok sandbox filesystem"
+fi

 reset_overrides

-${FLATPAK} override --user --persist=example org.test.Hello
-${FLATPAK} run --command=sh org.test.Hello -c "echo goodbye > $HOME/example/bye"
-assert_file_has_content $HOME/.var/app/org.test.Hello/example/bye goodbye
+if ! skip_one_without_bwrap "persist"; then
+  ${FLATPAK} override --user --persist=example org.test.Hello
+  ${FLATPAK} run --command=sh org.test.Hello -c "echo goodbye > $HOME/example/bye"
+  assert_file_has_content $HOME/.var/app/org.test.Hello/example/bye goodbye

-echo "ok persist"
+  echo "ok persist"
+fi