Issue at line 345 of CBL-Mariner/toolkit/tools/internal/safechroot/safechroot.go

[WesleyMConner]

I am doing a little testing - albeit outside the tested "x86_64 based machine using Ubuntu 18.04." I've made progress, but hit an issue with one failing test while building the toolkit.

Environment

I am testing in a 20.04 Gitpod environment - mimicking the 18.04 pre-requisites.

FROM gitpod/workspace-full:latest
RUN sudo apt update && \
    sudo apt upgrade --assume-yes && \
    sudo apt install rpm --assume-yes && \
    sudo apt install qemu-utils --assume-yes && \
    sudo apt install genisoimage --assume-yes && \
    sudo apt install pigz --assume-yes && \
    sudo ln -vsf /home/gitpod/go/bin/go /usr/bin/go

The above gives me the following as a starting point.

GNU Make 4.2.1
tar (GNU tar) 1.30
GNU Wget 1.20.3 built on linux-gnu.
curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3
RPM version 4.14.2.1
bash: qemu-utils: command not found
go version go1.16.5 linux/amd64
genisoimage 1.1.11 (Linux)
Python 3.8.11
bison (GNU Bison) 3.5.1
GNU Awk 5.0.1, API: 2.0 (GNU MPFR 4.0.2, GNU MP 6.2.0)
pigz 2.4
Docker version 19.03.15, build 99e3ed8919

Build Context

I am building the toolkit, with:

git clone https://github.com/microsoft/CBL-Mariner.git
pushd CBL-Mariner/toolkit
git checkout 1.0-stable
sudo make package-toolkit REBUILD_TOOLS=y
popd

At line 345 of CBL-Mariner/toolkit/tools/internal/safechroot/safechroot.go

	343:	// Remove this chroot from the list of active ones since it has now been cleaned up.
	344:	// Create a new slice that is -1 capacity of the current activeChroots.
	345:	newActiveChroots := make([]*Chroot, emptyLen, len(activeChroots)-1)

there is an unexpected error:

ERRO[0000] Mount failed on (/workspace/yarely/CBL-Mariner/toolkit/tools/internal/safechroot/_tmp/TestInitializeShouldCreateRoot/dev). Error: operation not permitted 
WARN[0000] Error creating mountpoints for chroot        
--- FAIL: TestInitializeShouldCreateRoot (0.00s)
    safechroot_test.go:62: 
                Error Trace:    safechroot_test.go:62
                Error:          Received unexpected error:
                                operation not permitted
                Test:           TestInitializeShouldCreateRoot
    safechroot_test.go:71: 
                Error Trace:    safechroot_test.go:71
                Error:          Should be true
                Test:           TestInitializeShouldCreateRoot
panic: runtime error: makeslice: cap out of range [recovered]
        panic: runtime error: makeslice: cap out of range
goroutine 21 [running]:
testing.tRunner.func1.2(0x5ea340, 0x665190)
        /home/gitpod/go/src/testing/testing.go:1143 +0x332
testing.tRunner.func1(0xc00008b200)
        /home/gitpod/go/src/testing/testing.go:1146 +0x4b6
panic(0x5ea340, 0x665190)
        /home/gitpod/go/src/runtime/panic.go:965 +0x1b9
microsoft.com/pkggen/internal/safechroot.(*Chroot).Close(0xc0000a3410, 0xc00008b200, 0x0, 0x0)
        /workspace/yarely/CBL-Mariner/toolkit/tools/internal/safechroot/safechroot.go:345 +0x1c8
microsoft.com/pkggen/internal/safechroot.TestInitializeShouldCreateRoot(0xc00008b200)
        /workspace/yarely/CBL-Mariner/toolkit/tools/internal/safechroot/safechroot_test.go:75 +0x251
testing.tRunner(0xc00008b200, 0x6371f8)
        /home/gitpod/go/src/testing/testing.go:1193 +0xef
created by testing.(*T).Run
        /home/gitpod/go/src/testing/testing.go:1238 +0x2b3

If I am reading this correctly, the issue is with releasing the chrooted enviroment (vs creating it). I don't know if this is specific to my Gitpod container, 20.04 or other. Happy to test a further if you have pointers.