257 lines
8.5 KiB
Nim
257 lines
8.5 KiB
Nim
## Test suite for Nippels Namespace Subsystem Integration (Task 8.2)
|
||
##
|
||
## Tests the integration of Namespace Subsystem with NippelManager
|
||
|
||
import std/[unittest, os, times, options, strutils, posix]
|
||
import ../src/nimpak/nippels
|
||
import ../src/nimpak/namespace_subsystem
|
||
import ../src/nimpak/nippel_types
|
||
import ../src/nimpak/utils/resultutils
|
||
|
||
suite "Nippels Namespace Subsystem Integration (Task 8.2)":
|
||
var manager: NippelManager
|
||
let testRoot = getTempDir() / "nippels_namespace_test_" & $epochTime().int
|
||
let isRoot = (getuid() == 0)
|
||
|
||
setup:
|
||
# Create test directory
|
||
createDir(testRoot)
|
||
manager = newNippelManager(testRoot)
|
||
|
||
# Warn if not running as root
|
||
if not isRoot:
|
||
echo "⚠️ Warning: Not running as root - namespace tests will be limited"
|
||
|
||
teardown:
|
||
# Deactivate all active Nippels
|
||
for name in manager.getActiveNippels():
|
||
discard manager.deactivateNippel(name)
|
||
|
||
# Clean up test directory
|
||
if dirExists(testRoot):
|
||
removeDir(testRoot)
|
||
|
||
test "Create Nippel with None isolation (no namespaces)":
|
||
# Create with custom profile that has None isolation
|
||
let overrides = ProfileOverrides(
|
||
isolationLevel: some(None)
|
||
)
|
||
|
||
let result = manager.createNippel("test-none", Homestation, overrides)
|
||
if result.isErr:
|
||
echo "Error creating Nippel: ", result.error
|
||
check result.isOk
|
||
|
||
if result.isOk:
|
||
let nippel = result.value
|
||
check nippel.isolationLevel == None
|
||
check nippel.namespaceHandle.isNone
|
||
|
||
test "Create Nippel with Standard isolation (mount namespace)":
|
||
let result = manager.createNippel("test-standard", Homestation)
|
||
check result.isOk
|
||
|
||
if result.isOk:
|
||
let nippel = result.value
|
||
check nippel.isolationLevel == Standard
|
||
|
||
if isRoot:
|
||
# With root, we should have namespaces
|
||
check nippel.namespaceHandle.isSome
|
||
if nippel.namespaceHandle.isSome:
|
||
let nsHandle = nippel.namespaceHandle.get()
|
||
check nsHandle.mountNS == true
|
||
check nsHandle.pidNS == false
|
||
check nsHandle.networkNS == false
|
||
else:
|
||
# Without root, namespace creation falls back to empty handle
|
||
echo " ℹ️ Skipping namespace checks (not root)"
|
||
|
||
test "Create Nippel with Strict isolation (mount + PID + network + IPC)":
|
||
let result = manager.createNippel("test-strict", Server)
|
||
check result.isOk
|
||
|
||
if result.isOk:
|
||
let nippel = result.value
|
||
check nippel.isolationLevel == Strict
|
||
|
||
if isRoot:
|
||
check nippel.namespaceHandle.isSome
|
||
if nippel.namespaceHandle.isSome:
|
||
let nsHandle = nippel.namespaceHandle.get()
|
||
check nsHandle.mountNS == true
|
||
check nsHandle.pidNS == true
|
||
check nsHandle.networkNS == true
|
||
check nsHandle.ipcNS == true
|
||
check nsHandle.userNS == false
|
||
else:
|
||
echo " ℹ️ Skipping namespace checks (not root)"
|
||
|
||
test "Create Nippel with Quantum isolation (all namespaces)":
|
||
let overrides = ProfileOverrides(
|
||
isolationLevel: some(Quantum)
|
||
)
|
||
|
||
let result = manager.createNippel("test-quantum", Server, overrides)
|
||
check result.isOk
|
||
|
||
if result.isOk:
|
||
let nippel = result.value
|
||
check nippel.isolationLevel == Quantum
|
||
|
||
if isRoot:
|
||
check nippel.namespaceHandle.isSome
|
||
if nippel.namespaceHandle.isSome:
|
||
let nsHandle = nippel.namespaceHandle.get()
|
||
check nsHandle.mountNS == true
|
||
check nsHandle.pidNS == true
|
||
check nsHandle.networkNS == true
|
||
check nsHandle.ipcNS == true
|
||
check nsHandle.userNS == true
|
||
check nsHandle.utsNS == true
|
||
else:
|
||
echo " ℹ️ Skipping namespace checks (not root)"
|
||
|
||
test "Activate Nippel with Standard isolation":
|
||
# Create Nippel
|
||
let createResult = manager.createNippel("test-activate", Homestation)
|
||
check createResult.isOk
|
||
|
||
# Activate Nippel
|
||
let activateResult = manager.activateNippel("test-activate")
|
||
check activateResult.isOk
|
||
|
||
# Check if active
|
||
check manager.isNippelActive("test-activate")
|
||
check "test-activate" in manager.getActiveNippels()
|
||
|
||
test "Activate Nippel with Strict isolation":
|
||
# Create Nippel with Strict isolation
|
||
let createResult = manager.createNippel("test-activate-strict", Server)
|
||
check createResult.isOk
|
||
|
||
# Activate Nippel
|
||
let activateResult = manager.activateNippel("test-activate-strict")
|
||
check activateResult.isOk
|
||
|
||
# Check if active
|
||
check manager.isNippelActive("test-activate-strict")
|
||
|
||
test "Deactivate Nippel":
|
||
# Create and activate Nippel
|
||
let createResult = manager.createNippel("test-deactivate", Homestation)
|
||
check createResult.isOk
|
||
|
||
let activateResult = manager.activateNippel("test-deactivate")
|
||
check activateResult.isOk
|
||
check manager.isNippelActive("test-deactivate")
|
||
|
||
# Deactivate Nippel
|
||
let deactivateResult = manager.deactivateNippel("test-deactivate")
|
||
check deactivateResult.isOk
|
||
|
||
# Check if deactivated
|
||
check not manager.isNippelActive("test-deactivate")
|
||
check "test-deactivate" notin manager.getActiveNippels()
|
||
|
||
test "Activate multiple Nippels":
|
||
# Create multiple Nippels
|
||
let result1 = manager.createNippel("test-multi-1", Homestation)
|
||
let result2 = manager.createNippel("test-multi-2", Workstation)
|
||
let result3 = manager.createNippel("test-multi-3", Server)
|
||
|
||
check result1.isOk
|
||
check result2.isOk
|
||
check result3.isOk
|
||
|
||
# Activate all
|
||
check manager.activateNippel("test-multi-1").isOk
|
||
check manager.activateNippel("test-multi-2").isOk
|
||
check manager.activateNippel("test-multi-3").isOk
|
||
|
||
# Check all active
|
||
let activeNippels = manager.getActiveNippels()
|
||
check activeNippels.len == 3
|
||
check "test-multi-1" in activeNippels
|
||
check "test-multi-2" in activeNippels
|
||
check "test-multi-3" in activeNippels
|
||
|
||
# Deactivate all
|
||
check manager.deactivateNippel("test-multi-1").isOk
|
||
check manager.deactivateNippel("test-multi-2").isOk
|
||
check manager.deactivateNippel("test-multi-3").isOk
|
||
|
||
# Check all deactivated
|
||
check manager.getActiveNippels().len == 0
|
||
|
||
test "Error handling: Activate non-existent Nippel":
|
||
let result = manager.activateNippel("non-existent")
|
||
check result.isErr
|
||
check "not found" in result.error.toLowerAscii()
|
||
|
||
test "Error handling: Activate already active Nippel":
|
||
# Create and activate
|
||
let createResult = manager.createNippel("test-double-activate", Homestation)
|
||
check createResult.isOk
|
||
|
||
let activateResult1 = manager.activateNippel("test-double-activate")
|
||
check activateResult1.isOk
|
||
|
||
# Try to activate again
|
||
let activateResult2 = manager.activateNippel("test-double-activate")
|
||
check activateResult2.isErr
|
||
check "already active" in activateResult2.error.toLowerAscii()
|
||
|
||
test "Error handling: Deactivate non-active Nippel":
|
||
# Create but don't activate
|
||
let createResult = manager.createNippel("test-not-active", Homestation)
|
||
check createResult.isOk
|
||
|
||
# Try to deactivate
|
||
let deactivateResult = manager.deactivateNippel("test-not-active")
|
||
check deactivateResult.isErr
|
||
check "not active" in deactivateResult.error.toLowerAscii()
|
||
|
||
test "Namespace configuration matches isolation level":
|
||
# Test Standard isolation
|
||
let nsConfigStandard = getNamespaceHandle(Standard)
|
||
check nsConfigStandard.mountNS == true
|
||
check nsConfigStandard.pidNS == false
|
||
check nsConfigStandard.networkNS == false
|
||
|
||
# Test Strict isolation
|
||
let nsConfigStrict = getNamespaceHandle(Strict)
|
||
check nsConfigStrict.mountNS == true
|
||
check nsConfigStrict.pidNS == true
|
||
check nsConfigStrict.networkNS == true
|
||
check nsConfigStrict.ipcNS == true
|
||
|
||
# Test Quantum isolation
|
||
let nsConfigQuantum = getNamespaceHandle(Quantum)
|
||
check nsConfigQuantum.mountNS == true
|
||
check nsConfigQuantum.pidNS == true
|
||
check nsConfigQuantum.networkNS == true
|
||
check nsConfigQuantum.ipcNS == true
|
||
check nsConfigQuantum.userNS == true
|
||
check nsConfigQuantum.utsNS == true
|
||
|
||
test "Namespace handle is stored in Nippel":
|
||
let result = manager.createNippel("test-ns-handle", Server)
|
||
if result.isErr:
|
||
echo "Error: ", result.error
|
||
check result.isOk
|
||
|
||
if result.isOk:
|
||
let nippel = result.value
|
||
|
||
if isRoot:
|
||
check nippel.namespaceHandle.isSome
|
||
if nippel.namespaceHandle.isSome:
|
||
let nsHandle = nippel.namespaceHandle.get()
|
||
check nsHandle.nsPath.len > 0
|
||
echo " Namespace path: ", nsHandle.nsPath
|
||
else:
|
||
echo " ℹ️ Skipping namespace checks (not root)"
|
||
|
||
echo "✅ All Task 8.2 tests completed"
|