token2/snapd
0
0
Fork 0
mirror of https://github.com/token2/snapd.git synced 2026-03-13 11:15:47 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
snapd/tests/main/try/task.yaml
Zygmunt Krynicki 8a2d87d14d tests: document main/try 
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
2024-04-25 11:23:33 +02:00

88 lines
3.1 KiB
YAML
Raw Permalink Blame History

summary: Check that try command works
details: |
The snap try command can be used to install a snap without creating the
squashfs file, which for large snaps is very costly. The test shows that
snap try works for snaps using strict, devmode and classic confinement.
# s390x does not have /dev/kmsg
# ubuntu-14.04: systemd-run not supported
systems: [-ubuntu-core-*, -fedora-*, -opensuse-*, -arch-*, -ubuntu-*-s390x, -centos-*, -ubuntu-14.04*]
environment:
PORT: 8081
READABLE_FILE: "/var/snap/test-snapd-tools/x1/file.txt"
SERVICE_NAME: "test-service"
prepare: |
# shellcheck source=tests/lib/network.sh
. "$TESTSLIB"/network.sh
make_network_service "$SERVICE_NAME" "$PORT"
restore: |
systemctl stop "$SERVICE_NAME"
rm -f "$READABLE_FILE"
execute: |
echo "Given a buildable snap in a known directory"
echo "When try is executed on that directory"
snap try "$TESTSLIB"/snaps/test-snapd-tools
echo "Then the snap is listed as installed with try in the notes"
snap list | MATCH '^test-snapd-tools .* try'
echo "And commands from the snap-try binary can be run"
test-snapd-tools.success
echo "And commands from the snap-try binary can read in a readable dir"
echo -n "Hello World" > "$READABLE_FILE"
test-snapd-tools.cat "$READABLE_FILE" | MATCH "Hello World"
echo "Given a buildable snap which access confinement-protected resources in a known directory"
echo "When try is executed on that directory"
snap try "$TESTSLIB"/snaps/test-snapd-tools
if [ "$(snap debug confinement)" = strict ] ; then
echo "Then the snap command is not able to access the protected resource"
if test-snapd-tools.head -1 /dev/kmsg; then
echo "Expected confinement denial in try mode didn't work"
exit 1
fi
fi
echo "Given a buildable snap which access confinement-protected resources in a known directory"
echo "When try is executed on that directory with devmode enabled"
snap try "$TESTSLIB"/snaps/test-snapd-tools --devmode
echo "Then the snap command is able to access the protected resource"
test-snapd-tools.head -1 /dev/kmsg
echo "Given a buildable snap which access confinement-enabled network resources in a known directory"
echo "When try is executed on that directory"
snap try "$TESTSLIB"/snaps/network-consumer
echo "Then the snap is able to access the network resource"
network-consumer http://127.0.0.1:"$PORT" | MATCH "ok"
n=test-snapd-classic-confinement
s=$TESTSLIB/snaps/$n
echo "Given a buildable snap with classic confinement:"
echo " - you can't try it without --classic:"
not snap try "$s"
not snap try --jailmode "$s"
not snap try --devmode "$s"
touch /tmp/lala
echo " - you can try it with --classic:"
snap try --classic "$s"
snap list $n | MATCH $n.*classic
$n | MATCH lala
snap remove $n
# SOON:
# echo " - you can also try it with --classic --jailmode:"
# snap try --classic --devmode $s
# snap list $n | MATCH "$n.*(classic,jailmode|jailmode,classic)"
# $n | MATCH lala
Reference in New Issue View Git Blame Copy Permalink