in dev-tools/systemtests/container.go [98:139]
func (tr *DockerTestRunner) CreateAndRunPermissionMatrix(ctx context.Context,
cgroupNSValues []container.CgroupnsMode, privilegedValues []bool, runAsUserValues []string) {
cases := []testCase{}
if len(cgroupNSValues) == 0 {
cgroupNSValues = []container.CgroupnsMode{tr.CgroupNSMode}
}
if len(privilegedValues) == 0 {
privilegedValues = []bool{tr.Privileged}
}
if len(runAsUserValues) == 0 {
runAsUserValues = []string{tr.RunAsUser}
}
// Create a test matrix of every possible case.
// This might seem like overkill, but cgroup settings and docker permissions values produce some exciting edge cases. Just run all of them.
for _, ns := range cgroupNSValues {
for _, user := range runAsUserValues {
for _, privSetting := range privilegedValues {
cases = append(cases, testCase{nsmode: ns, priv: privSetting, user: user})
}
}
}
tr.Runner.Logf("Running %d tests", len(cases))
baseRunner := tr.Runner // some odd recursion happens here if we just refer to tr.Runner
for _, tc := range cases {
baseRunner.Run(tc.String(), func(t *testing.T) {
runner := tr
runner.Runner = t
runner.CgroupNSMode = tc.nsmode
runner.Privileged = tc.priv
runner.RunAsUser = tc.user
runner.RunTestsOnDocker(ctx)
})
}
}