[Do not merge] Minor fix in CI example tests

The target triple wasn't being passed to the example-based tests. Also try to very slightly tighten the bindmounts in the network Isolate test
boustrophedon · Apr 12, 2024 · 8e61e25 · 8e61e25
1 parent dd29e1d
commit 8e61e25
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 7 deletions.
diff --git a/Makefile b/Makefile
@@ -8,10 +8,10 @@ test:
 
 # Run all tests with and without all features
 test-ci:
+	cargo run --target=$(TARGET_TRIPLE) --all-features --example isolate_test
 	cargo test --target=$(TARGET_TRIPLE) --tests --examples --all-features
 	cargo test --target=$(TARGET_TRIPLE) --tests --examples --no-default-features
-	cargo run --all-features --example isolate_test
-	cargo run --all-features --example ipc_server_with_database
+	cargo run --target=$(TARGET_TRIPLE) --all-features --example ipc_server_with_database
 
 # Run clippy
 lint:

diff --git a/examples/ipc_server_with_database.rs b/examples/ipc_server_with_database.rs
@@ -326,6 +326,11 @@ fn run_client_read() {
     });
 }
 
+#[cfg(target_env = "musl")]
+fn main() {
+    println!("without building sqlite from source we can't link to sqlite, but it would be annoying to build it in CI.");
+}
+#[cfg(not(target_env = "musl"))]
 fn main() {
     let args: Vec<String> = std::env::args().collect();
     println!("main args: {:?}", args);
@@ -357,10 +362,10 @@ fn main() {
 
     // -- Spawn database, spawn http server, waiting a bit for each to finish getting ready.
     let mut db_child = run_subprocess(&["db", path.to_str().unwrap()]);
-    std::thread::sleep(std::time::Duration::from_millis(100));
+    std::thread::sleep(std::time::Duration::from_millis(200));
 
     let mut webserver_child = run_subprocess(&["webserver", path.to_str().unwrap()]);
-    std::thread::sleep(std::time::Duration::from_millis(100));
+    std::thread::sleep(std::time::Duration::from_millis(200));
 
     // -- write "hello" to db
     let res1 = run_subprocess(&["write_client", "hello"]).wait();

diff --git a/examples/isolate_test.rs b/examples/isolate_test.rs
@@ -303,13 +303,18 @@ fn network_call() {
 
 fn isolate_with_network(name: &'static str) -> Isolate {
     Isolate::new(name, network_call)
-        // Just mount all of / because ssl and dns files are all over the place.
+        // ssl and dns files are all over the place.
         // If you wanted you could further restrict it via landlock or by mounting only specific
         // files and directories but it highly depends on your operating system and DNS setup. One
         // thing in particular to note is that if a file exists but it's a symlink to somewhere
         // outside the filesystem, something (e.g. openssl) might see that the file is there and
         // it can stat it, but then will try to read the file and crash.
-        .add_bind_mount("/", "/")
+        .add_bind_mount("/etc", "/etc")
+        .add_bind_mount("/usr", "/usr")
+        .add_bind_mount("/var", "/var")
+        .add_bind_mount("/run", "/run")
+        .add_bind_mount("/lib", "/lib")
+        .add_bind_mount("/lib64", "/lib64")
         .new_network(false)
 }
 
@@ -359,12 +364,13 @@ fn main() {
     if argv0.contains("isolate_test") {
         // These tests actually launch the isolates, which then hit the hooks above after
         // re-execing
+        test_with_network();
+        return;
         test_isolate_hello();
         test_isolate_uid();
         test_check_mountinfo();
         test_unix_socket();
         test_multiple_binds();
-        test_with_network();
         test_safetycontext();
 
         // TODO: for some reason these tests where the isolate panics make strace think there are