annotations: Add missing asset annotations

Fix `createAssets()` by adding in the missing annotations for: - firmware: - `io.katacontainers.config.hypervisor.firmware` - `io.katacontainers.config.hypervisor.firmware_hash` - hypervisor: - `io.katacontainers.config.hypervisor.path` - `io.katacontainers.config.hypervisor.hypervisor_hash` - hypervisor control binary: - `io.katacontainers.config.hypervisor.ctlpath` - `io.katacontainers.config.hypervisor.hypervisorctl_hash` - jailer: - `io.katacontainers.config.hypervisor.jailer_path` - `io.katacontainers.config.hypervisor.jailer_hash` This fixes the issue where a custom hypervisor binary annotation was being ignored. Fixes: #3030. Signed-off-by: James O. D. Hunt <[email protected]>
kata-containers · Oct 28, 2020 · a8df626 · a8df626
1 parent de5f9df
commit a8df626
Show file tree

Hide file tree

Showing 3 changed files with 132 additions and 24 deletions.
diff --git a/virtcontainers/sandbox.go b/virtcontainers/sandbox.go
@@ -424,11 +424,31 @@ func createAssets(ctx context.Context, sandboxConfig *SandboxConfig) error {
 		return err
 	}
 
+	hypervisor, err := types.NewAsset(sandboxConfig.Annotations, types.HypervisorAsset)
+	if err != nil {
+		return err
+	}
+
+	hypervisorCtl, err := types.NewAsset(sandboxConfig.Annotations, types.HypervisorCtlAsset)
+	if err != nil {
+		return err
+	}
+
 	image, err := types.NewAsset(sandboxConfig.Annotations, types.ImageAsset)
 	if err != nil {
 		return err
 	}
 
+	firmware, err := types.NewAsset(sandboxConfig.Annotations, types.FirmwareAsset)
+	if err != nil {
+		return err
+	}
+
+	jailer, err := types.NewAsset(sandboxConfig.Annotations, types.JailerAsset)
+	if err != nil {
+		return err
+	}
+
 	initrd, err := types.NewAsset(sandboxConfig.Annotations, types.InitrdAsset)
 	if err != nil {
 		return err
@@ -438,7 +458,17 @@ func createAssets(ctx context.Context, sandboxConfig *SandboxConfig) error {
 		return fmt.Errorf("%s and %s cannot be both set", types.ImageAsset, types.InitrdAsset)
 	}
 
-	for _, a := range []*types.Asset{kernel, image, initrd} {
+	assetTypes := []*types.Asset{
+		firmware,
+		hypervisor,
+		hypervisorCtl,
+		image,
+		initrd,
+		jailer,
+		kernel,
+	}
+
+	for _, a := range assetTypes {
 		if err := sandboxConfig.HypervisorConfig.addCustomAsset(a); err != nil {
 			return err
 		}

diff --git a/virtcontainers/sandbox_test.go b/virtcontainers/sandbox_test.go
@@ -643,51 +643,127 @@ var assetContentWrongHash = "92549f8d2018a95a294d28a65e795ed7d1a9d150009a28cea10
 func TestSandboxCreateAssets(t *testing.T) {
 	assert := assert.New(t)
 
+	type testData struct {
+		assetType   types.AssetType
+		annotations map[string]string
+	}
+
 	tmpfile, err := ioutil.TempFile("", "virtcontainers-test-")
 	assert.Nil(err)
 
+	filename := tmpfile.Name()
+
 	defer func() {
 		tmpfile.Close()
-		os.Remove(tmpfile.Name()) // clean up
+		os.Remove(filename) // clean up
 	}()
 
 	_, err = tmpfile.Write(assetContent)
 	assert.Nil(err)
 
 	originalKernelPath := filepath.Join(testDir, testKernel)
+	originalImagePath := filepath.Join(testDir, testImage)
+	originalInitrdPath := filepath.Join(testDir, testInitrd)
+	originalFirmwarePath := filepath.Join(testDir, testFirmware)
+	originalHypervisorPath := filepath.Join(testDir, testHypervisor)
+	originalHypervisorCtlPath := filepath.Join(testDir, testHypervisorCtl)
+	originalJailerPath := filepath.Join(testDir, testJailer)
 
 	hc := HypervisorConfig{
-		KernelPath: originalKernelPath,
-		ImagePath:  filepath.Join(testDir, testImage),
+		KernelPath:        originalKernelPath,
+		ImagePath:         originalImagePath,
+		InitrdPath:        originalInitrdPath,
+		FirmwarePath:      originalFirmwarePath,
+		HypervisorPath:    originalHypervisorPath,
+		HypervisorCtlPath: originalHypervisorCtlPath,
+		JailerPath:        originalJailerPath,
 	}
 
-	p := &SandboxConfig{
-		Annotations: map[string]string{
-			annotations.KernelPath: tmpfile.Name(),
-			annotations.KernelHash: assetContentHash,
+	data := []testData{
+		{
+			types.FirmwareAsset,
+			map[string]string{
+				annotations.FirmwarePath: filename,
+				annotations.FirmwareHash: assetContentHash,
+			},
+		},
+		{
+			types.HypervisorAsset,
+			map[string]string{
+				annotations.HypervisorPath: filename,
+				annotations.HypervisorHash: assetContentHash,
+			},
+		},
+		{
+			types.HypervisorCtlAsset,
+			map[string]string{
+				annotations.HypervisorCtlPath: filename,
+				annotations.HypervisorCtlHash: assetContentHash,
+			},
+		},
+		{
+			types.ImageAsset,
+			map[string]string{
+				annotations.ImagePath: filename,
+				annotations.ImageHash: assetContentHash,
+			},
+		},
+		{
+			types.InitrdAsset,
+			map[string]string{
+				annotations.InitrdPath: filename,
+				annotations.InitrdHash: assetContentHash,
+			},
+		},
+		{
+			types.JailerAsset,
+			map[string]string{
+				annotations.JailerPath: filename,
+				annotations.JailerHash: assetContentHash,
+			},
+		},
+		{
+			types.KernelAsset,
+			map[string]string{
+				annotations.KernelPath: filename,
+				annotations.KernelHash: assetContentHash,
+			},
 		},
-
-		HypervisorConfig: hc,
 	}
 
-	err = createAssets(context.Background(), p)
-	assert.Nil(err)
+	for i, d := range data {
+		msg := fmt.Sprintf("test[%d]: %+v", i, d)
 
-	a, ok := p.HypervisorConfig.customAssets[types.KernelAsset]
-	assert.True(ok)
-	assert.Equal(a.Path(), tmpfile.Name())
+		config := &SandboxConfig{
+			Annotations:      d.annotations,
+			HypervisorConfig: hc,
+		}
 
-	p = &SandboxConfig{
-		Annotations: map[string]string{
-			annotations.KernelPath: tmpfile.Name(),
-			annotations.KernelHash: assetContentWrongHash,
-		},
+		err = createAssets(context.Background(), config)
+		assert.NoError(err, msg)
 
-		HypervisorConfig: hc,
-	}
+		a, ok := config.HypervisorConfig.customAssets[d.assetType]
+		assert.True(ok, msg)
+		assert.Equal(a.Path(), filename, msg)
+
+		// Now test with invalid hashes
+		badHashAnnotations := make(map[string]string)
+		for k, v := range d.annotations {
+			if strings.HasSuffix(k, "_hash") {
+				badHashAnnotations[k] = assetContentWrongHash
+			} else {
+				badHashAnnotations[k] = v
+			}
+		}
+
+		config = &SandboxConfig{
+			Annotations:      badHashAnnotations,
+			HypervisorConfig: hc,
+		}
 
-	err = createAssets(context.Background(), p)
-	assert.NotNil(err)
+		err = createAssets(context.Background(), config)
+		assert.Error(err, msg)
+	}
 }
 
 func testFindContainerFailure(t *testing.T, sandbox *Sandbox, cid string) {

diff --git a/virtcontainers/virtcontainers_test.go b/virtcontainers/virtcontainers_test.go
@@ -29,6 +29,8 @@ const testKernel = "kernel"
 const testInitrd = "initrd"
 const testImage = "image"
 const testHypervisor = "hypervisor"
+const testJailer = "jailer"
+const testFirmware = "firmware"
 const testVirtiofsd = "virtiofsd"
 const testHypervisorCtl = "hypervisorctl"
 const testBundle = "bundle"