From b186e4108035a4d5ac760596f52486f9043d21fd Mon Sep 17 00:00:00 2001
From: Yariv Rachmani <yrachman@redhat.com>
Date: Sun, 19 Nov 2023 10:33:04 +0200
Subject: [PATCH] Adding some debug option to trace mount points and its
 permissions

Adding unit attribute to support nestes podman exec inside qm

Signed-off-by: Yariv Rachmani <yrachman@redhat.com>
---
 plans/e2e/ffi.fmf           |  4 +---
 qm.container                |  4 ++++
 tests/e2e/set-ffi-env-e2e   | 14 +++++++++++++-
 tests/ffi/common/prepare.sh |  7 +++++--
 tests/ffi/disk/test.sh      | 11 ++++++-----
 5 files changed, 29 insertions(+), 11 deletions(-)

diff --git a/plans/e2e/ffi.fmf b/plans/e2e/ffi.fmf
index b0507f41..c38f0850 100644
--- a/plans/e2e/ffi.fmf
+++ b/plans/e2e/ffi.fmf
@@ -20,9 +20,7 @@ adjust:
         how: shell
         script: |
            cd tests/e2e
-           ./set-ffi-env-e2e --branch-qm=fix-qm-tmp-dir  --qm-setup-from-gh-url=https://raw.githubusercontent.com/Yarboa
-   when: scenario == ffi and distro == centos-stream-9, fedora
-
+           bash -v ./set-ffi-env-e2e --branch-qm=fix-qm-tmp-dir --qm-setup-from-gh-url=https://raw.githubusercontent.com/Yarboa --set-qm-disk-part=Y
 execute:
     how: tmt
 
diff --git a/qm.container b/qm.container
index 6db0b186..9738b991 100644
--- a/qm.container
+++ b/qm.container
@@ -31,6 +31,10 @@ Exec=/sbin/init
 Network=host
 PodmanArgs=--pids-limit=-1 --security-opt label=nested --security-opt unmask=all
 ReadOnly=true
+# FIXME: QM is failing to start podman command
+# Add back once this ReadOnlyTmpfs added to quadlet
+# Ref: https://github.com/containers/podman/issues/20439
+VolatileTmp=true
 Rootfs=${ROOTFS}
 
 # FIXME: QM is failing to start if SecurityLabelNested is enabled.
diff --git a/tests/e2e/set-ffi-env-e2e b/tests/e2e/set-ffi-env-e2e
index 6835636f..073ad22c 100755
--- a/tests/e2e/set-ffi-env-e2e
+++ b/tests/e2e/set-ffi-env-e2e
@@ -45,6 +45,7 @@ export ARCH=""
 export BUILD_BLUECHI_FROM_GH_URL=""
 export QM_GH_URL=""
 export BRANCH_QM=""
+export SET_QM_PART=""
 
 RED='\033[91m'
 GRN='\033[92m'
@@ -54,6 +55,7 @@ CLR='\033[0m'
 ARGUMENT_LIST=(
     "qm-setup-from-gh-url"
     "branch-qm"
+    "set-qm-disk-part"
 )
 
 usage() {
@@ -69,6 +71,8 @@ Usage: ./set-ffi-env-e2e [OPTIONS]
 --branch-qm
         Specify which branch the GitHub repo will be set. Requires --qm-setup-from-gh-url
 
+--set-qm-disk-part
+        Specify if disk partition neede for /var/qm needed
 
 Examples:
 
@@ -79,6 +83,7 @@ Examples:
                 ./set-ffi-env-e2e \\
                         --branch-qm=superfeature \\
                         --qm-setup-from-gh-url=https://raw.githubusercontent.com/MYUSER/ \\
+                        --set-qm-disk-part=Y \\
 
 EOF
     exit 0
@@ -109,6 +114,11 @@ while [ $# -gt 0 ]; do
             shift 2
             ;;
 
+        --set-qm-disk-part)
+            SET_QM_PART="${2}"
+            shift 2
+            ;;
+
         --help)
             usage
             ;;
@@ -202,7 +212,9 @@ info_message "Preparing QM environment"
 info_message "=============================="
 
 # Creates the QM env on VM
-create_qm_disks
+if [ -n "${SET_QM_PART}" ]; then
+    create_qm_disks
+fi
 install_qm_rpms
 setup_qm_services
 
diff --git a/tests/ffi/common/prepare.sh b/tests/ffi/common/prepare.sh
index 2e2d838e..68d4ecc7 100644
--- a/tests/ffi/common/prepare.sh
+++ b/tests/ffi/common/prepare.sh
@@ -9,8 +9,11 @@ prepare_test() {
    if_error_exit "cannot create temp dir under /tmp/"
    exec_cmd "cp ${qm_service_file} ${qm_service_backup}"
    # Remove 'DropCapability=sys_resource' enable nested container in QM
-   exec_cmd "sed -i 's/DropCapability=sys_resource/#DropCapability=sys_resource/' \
-       /etc/containers/systemd/qm.container"
+   exec_cmd "sed -i 's|DropCapability=sys_resource|#DropCapability=sys_resource|' \
+            ${qm_service_file}"
+   if ! grep "Volatile" "${qm_service_file}" ; then
+     exec_cmd "sed -i 's|ReadOnly=true|&\nVolatileTmp=true|' ${qm_service_file}"
+   fi
 }
 
 disk_cleanup() {
diff --git a/tests/ffi/disk/test.sh b/tests/ffi/disk/test.sh
index f1843f8d..7cdb3f32 100644
--- a/tests/ffi/disk/test.sh
+++ b/tests/ffi/disk/test.sh
@@ -8,12 +8,13 @@ disk_cleanup
 prepare_test
 reload_config
 
-podman exec -it qm /bin/bash -c \
-       "podman run -d  --replace --name ffi-qm  quay.io/centos-sig-automotive/ffi-tools:latest \
-       tail -f /dev/null"
+exec_cmd "podman exec -it qm /bin/bash -c \
+         'podman run -d  --replace --name ffi-qm \
+          quay.io/centos-sig-automotive/ffi-tools:latest \
+          tail -f /dev/null'"
 
-podman exec -it qm /bin/bash -c \
-       "podman exec -it ffi-qm ./QM/file-allocate > /dev/null"
+exec_cmd "podman exec -it qm /bin/bash -c \
+         'podman exec -it ffi-qm ./QM/file-allocate > /dev/null'"
 
 if ! eval "fallocate -l 2G /root/file.lock" ; then
    echo "No space left on device"