Merge pull request #33518 from naveed-jamil-tenpearls/pkg/sysinfo

Increased Unit Test Coverage for PKG/SYSINFO

pkg/sysinfo/sysinfo_linux_test.go

@@ -5,20 +5,20 @@ import (
 	"os"
 	"path"
 	"path/filepath"
+	"syscall"
 	"testing"
+
+	"github.com/stretchr/testify/require"
 )
 
 func TestReadProcBool(t *testing.T) {
 	tmpDir, err := ioutil.TempDir("", "test-sysinfo-proc")
-	if err != nil {
-		t.Fatal(err)
-	}
+	require.NoError(t, err)
 	defer os.RemoveAll(tmpDir)
 
 	procFile := filepath.Join(tmpDir, "read-proc-bool")
-	if err := ioutil.WriteFile(procFile, []byte("1"), 0644); err != nil {
-		t.Fatal(err)
-	}
+	err = ioutil.WriteFile(procFile, []byte("1"), 0644)
+	require.NoError(t, err)
 
 	if !readProcBool(procFile) {
 		t.Fatal("expected proc bool to be true, got false")
@@ -39,20 +39,66 @@ func TestReadProcBool(t *testing.T) {
 
 func TestCgroupEnabled(t *testing.T) {
 	cgroupDir, err := ioutil.TempDir("", "cgroup-test")
-	if err != nil {
-		t.Fatal(err)
-	}
+	require.NoError(t, err)
 	defer os.RemoveAll(cgroupDir)
 
 	if cgroupEnabled(cgroupDir, "test") {
 		t.Fatal("cgroupEnabled should be false")
 	}
 
-	if err := ioutil.WriteFile(path.Join(cgroupDir, "test"), []byte{}, 0644); err != nil {
-		t.Fatal(err)
-	}
+	err = ioutil.WriteFile(path.Join(cgroupDir, "test"), []byte{}, 0644)
+	require.NoError(t, err)
 
 	if !cgroupEnabled(cgroupDir, "test") {
 		t.Fatal("cgroupEnabled should be true")
 	}
 }
+
+func TestNew(t *testing.T) {
+	sysInfo := New(false)
+	require.NotNil(t, sysInfo)
+	checkSysInfo(t, sysInfo)
+
+	sysInfo = New(true)
+	require.NotNil(t, sysInfo)
+	checkSysInfo(t, sysInfo)
+}
+
+func checkSysInfo(t *testing.T, sysInfo *SysInfo) {
+	// Check if Seccomp is supported, via CONFIG_SECCOMP.then sysInfo.Seccomp must be TRUE , else FALSE
+	if _, _, err := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_GET_SECCOMP, 0, 0); err != syscall.EINVAL {
+		// Make sure the kernel has CONFIG_SECCOMP_FILTER.
+		if _, _, err := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_SET_SECCOMP, SeccompModeFilter, 0); err != syscall.EINVAL {
+			require.True(t, sysInfo.Seccomp)
+		}
+	} else {
+		require.False(t, sysInfo.Seccomp)
+	}
+}
+
+func TestNewAppArmorEnabled(t *testing.T) {
+	// Check if AppArmor is supported. then it must be TRUE , else FALSE
+	if _, err := os.Stat("/sys/kernel/security/apparmor"); err != nil {
+		t.Skip("App Armor Must be Enabled")
+	}
+
+	sysInfo := New(true)
+	require.True(t, sysInfo.AppArmor)
+}
+
+func TestNewAppArmorDisabled(t *testing.T) {
+	// Check if AppArmor is supported. then it must be TRUE , else FALSE
+	if _, err := os.Stat("/sys/kernel/security/apparmor"); !os.IsNotExist(err) {
+		t.Skip("App Armor Must be Disabled")
+	}
+
+	sysInfo := New(true)
+	require.False(t, sysInfo.AppArmor)
+}
+
+func TestNumCPU(t *testing.T) {
+	cpuNumbers := NumCPU()
+	if cpuNumbers <= 0 {
+		t.Fatal("CPU returned must be greater than zero")
+	}
+}