From f7065ab2076178985a3c0a86625470cbd4e4e7e3 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Fri, 4 Aug 2023 11:37:48 +0200 Subject: [PATCH] Add testutil.TempDir function This change adds a TempDir function that ensures the correct permissions for the fake-root user in rootless mode. Signed-off-by: Evan Lezar --- integration/container/run_linux_test.go | 12 +----------- testutil/temp_files.go | 26 +++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 11 deletions(-) create mode 100644 testutil/temp_files.go diff --git a/integration/container/run_linux_test.go b/integration/container/run_linux_test.go index 8217c270a3..2541c6fc74 100644 --- a/integration/container/run_linux_test.go +++ b/integration/container/run_linux_test.go @@ -209,18 +209,8 @@ func TestRunWithAlternativeContainerdShim(t *testing.T) { realShimPath, err = filepath.Abs(realShimPath) assert.Assert(t, err) - // t.TempDir() can't be used here as the temporary directory returned by - // that function cannot be accessed by the fake-root user for rootless - // Docker. It creates a nested hierarchy of directories where the - // outermost has permission 0700. - shimDir, err := os.MkdirTemp("", t.Name()) + shimDir := testutil.TempDir(t) assert.Assert(t, err) - t.Cleanup(func() { - if err := os.RemoveAll(shimDir); err != nil { - t.Errorf("shimDir RemoveAll cleanup: %v", err) - } - }) - assert.Assert(t, os.Chmod(shimDir, 0o777)) shimDir, err = filepath.Abs(shimDir) assert.Assert(t, err) assert.Assert(t, os.Symlink(realShimPath, filepath.Join(shimDir, "containerd-shim-realfake-v42"))) diff --git a/testutil/temp_files.go b/testutil/temp_files.go new file mode 100644 index 0000000000..96d1700b81 --- /dev/null +++ b/testutil/temp_files.go @@ -0,0 +1,26 @@ +package testutil // import "github.com/docker/docker/testutil" + +import ( + "os" + "path/filepath" + "testing" +) + +// TempDir returns a temporary directory for use in tests. +// t.TempDir() can't be used as the temporary directory returned by +// that function cannot be accessed by the fake-root user for rootless +// Docker. It creates a nested hierarchy of directories where the +// outermost has permission 0700. +func TempDir(t *testing.T) string { + t.Helper() + dir := t.TempDir() + + parent := filepath.Dir(dir) + if parent != "" { + if err := os.Chmod(parent, 0o777); err != nil { + t.Fatalf("Failed to chmod parent of temp directory %q: %v", parent, err) + } + } + + return dir +}