fix bugs with jailer cleanup in tests

Previously, the /srv/jailer/firecracker folder was not being left empty at the end of a test run. I root-caused the issues and fixed them in this commit. Signed-off-by: alindima <alindima@amazon.com>
kumargu · Jul 12, 2021 · ca7fbed · ca7fbed
1 parent b281e3f
commit ca7fbed
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 3 deletions.
diff --git a/tests/framework/jailer.py b/tests/framework/jailer.py
@@ -243,10 +243,11 @@ def cleanup(self):
                 'umount {}'.format(self._ramfs_path), ignore_return_code=True
             )
 
-        if self.jailer_id:
+        if self.jailer_id is not None:
             shutil.rmtree(self.chroot_base_with_id(), ignore_errors=True)
 
-        if os.path.exists("/var/run/netns/{}".format(self.netns)):
+        if self.netns \
+                and os.path.exists("/var/run/netns/{}".format(self.netns)):
             utils.run_cmd('ip netns del {}'.format(self.netns))
 
         # Remove the cgroup folders associated with this microvm.

diff --git a/tests/integration_tests/security/test_jail.py b/tests/integration_tests/security/test_jail.py
@@ -6,6 +6,8 @@
 import subprocess
 
 from framework.defs import FC_BINARY_NAME
+from framework.jailer import JailerContext
+import host_tools.cargo_build as build_tools
 
 
 # These are the permissions that all files/dirs inside the jailer have.
@@ -45,9 +47,13 @@ def test_default_chroot(test_microvm_with_ssh):
 def test_empty_jailer_id(test_microvm_with_ssh):
     """Test that the jailer ID cannot be empty."""
     test_microvm = test_microvm_with_ssh
+    fc_binary, _ = build_tools.get_firecracker_binaries()
 
     # Set the jailer ID to None.
-    test_microvm.jailer.jailer_id = ""
+    test_microvm.jailer = JailerContext(
+        jailer_id="",
+        exec_file=fc_binary,
+    )
 
     # pylint: disable=W0703
     try: