Merge pull request #49671 from robmry/unit_test_with_firewalld

Run systemd/rootless when systemd/rootless unit testing

.github/workflows/.test.yml

@@ -83,10 +83,20 @@ jobs:
         name: Prepare
         run: |
           CACHE_DEV_SCOPE=dev
+          if [[ "${{ matrix.mode }}" == *"rootless"* ]]; then
+            # In rootless mode, tests will run in the host's namspace not the rootlesskit
+            # namespace. So, probably no different to non-rootless unit tests and can be
+            # removed from the test matrix.
+            echo "DOCKER_ROOTLESS=1" >> $GITHUB_ENV
+          fi
           if [[ "${{ matrix.mode }}" == *"firewalld"* ]]; then
             echo "DOCKER_FIREWALLD=true" >> $GITHUB_ENV
             CACHE_DEV_SCOPE="${CACHE_DEV_SCOPE}firewalld"
           fi
+          if [[ "${{ matrix.mode }}" == *"systemd"* ]]; then
+            echo "SYSTEMD=true" >> $GITHUB_ENV
+            CACHE_DEV_SCOPE="${CACHE_DEV_SCOPE}systemd"
+          fi
           echo "CACHE_DEV_SCOPE=${CACHE_DEV_SCOPE}" >> $GITHUB_ENV
       -
         name: Set up Docker Buildx

hack/dind

@@ -52,6 +52,8 @@ if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security; then
 fi
 
 # Mount /tmp (conditionally)
+# /tmp must be 'exec,rw', and 'dev' to allow mknod to work for the
+# pkg/archive/archive_linux_test.go tests.
 if ! mountpoint -q /tmp; then
 	mount -t tmpfs none /tmp
 fi

hack/dind-systemd

@@ -19,6 +19,13 @@ if [ ! -t 0 ]; then
 	exit 1
 fi
 
+# Mount /tmp (conditionally)
+# /tmp must be 'exec,rw', and 'dev' (defaults) to allow mknod to work for the
+# pkg/archive/archive_linux_test.go tests.
+if ! mountpoint -q /tmp; then
+	mount -t tmpfs none /tmp
+fi
+
 # Change mount propagation to shared, which SystemD PID 1 would normally do
 # itself when started by the kernel. SystemD skips that when it detects it is
 # running in a container.