From aa0f015606111dbd28882371830db9d5cf162dbd Mon Sep 17 00:00:00 2001
From: Tim Hockin <thockin@google.com>
Date: Thu, 13 Jun 2024 11:49:27 -0700
Subject: [PATCH] Fix e2e, broken by a docker update I think

github actions fails with an error about "--ip can only be used on
user-defined subnets".  It looks like `--ip` never worked properly, but
wasn't a hard error before.

This is a simpler alternative to
11f475229692da93dff4d8a9337c5fc9cc48e51a (included below), which tried
using docker networks.  It seems to work but is complicated and can leak
resources.  Needs more work.

Instead, this commit just swaps out the `nc` response script
on the fly, rather than restarting `nc` and trying to get the same IP.

```diff
commit 11f475229692da93dff4d8a9337c5fc9cc48e51a
Good "git" signature for thockin@google.com with ED25519 key SHA256:PfQ0rwNUgsu5aRmerT0vkihWn/S3MXY3uoCPUiMdPrg
Author: Tim Hockin <thockin@google.com>
Date:   Wed Jun 12 20:12:54 2024 -0700

    debug test fail

    github actions fails with an error about "--ip can only be used on
    user-defined subnets"

diff --git a/test_e2e.sh b/test_e2e.sh
index d6ad730..b10e895 100755
--- a/test_e2e.sh
+++ b/test_e2e.sh
@@ -117,7 +117,7 @@ function assert_file_lines_ge() {

 function assert_metric_eq() {
     local val
-    val="$(curl --silent "http://localhost:$HTTP_PORT/metrics" \
+    val="$(curl --silent "http://$GITSYNC_IP:$HTTP_PORT/metrics" \
         | grep "^$1 " \
         | awk '{print $NF}')"
     if [[ "${val}" == "$2" ]]; then
@@ -138,6 +138,9 @@ function assert_fail() {
     )
 }

+DOCKER_SUBNET="192.168.0.0/24"
+GITSYNC_IP="192.168.0.254"
+
 # Helper: run a docker container.
 function docker_run() {
     RM="--rm"
@@ -148,6 +151,7 @@ function docker_run() {
         -d \
         ${RM} \
         --label git-sync-e2e="$RUNID" \
+        --network "e2e_$RUNID" \
         "$@"
     sleep 2 # wait for it to come up
 }
@@ -158,7 +162,8 @@ function docker_ip() {
         echo "usage: $0 <id>"
         return 1
     fi
-    docker inspect "$1" | jq -r .[0].NetworkSettings.IPAddress
+    docker inspect "$1" \
+        | jq -r ".[0].NetworkSettings.Networks.e2e_$RUNID.IPAddress"
 }

 function docker_kill() {
@@ -278,7 +283,8 @@ function GIT_SYNC() {
         -i \
         ${RM} \
         --label git-sync-e2e="$RUNID" \
-        --network="host" \
+        --network "e2e_$RUNID" \
+        --ip "$GITSYNC_IP" \
         -u git-sync:$(id -g) `# rely on GID, triggering "dubious ownership"` \
         -v "$ROOT":"$ROOT":rw \
         -v "$REPO":"$REPO":ro \
@@ -308,6 +314,9 @@ function remove_containers() {
         | while read CTR; do
             docker kill "$CTR" >/dev/null
         done
+    docker network prune -f \
+        --filter label=git-sync-e2e \
+        >/dev/null
 }

 #
@@ -2515,7 +2524,7 @@ function e2e::expose_http() {
     # do nothing, just wait for the HTTP to come up
     for i in $(seq 1 5); do
         sleep 1
-        if curl --silent --output /dev/null http://localhost:$HTTP_PORT; then
+        if curl --silent --output /dev/null "http://$GITSYNC_IP:$HTTP_PORT"; then
             break
         fi
         if [[ "$i" == 5 ]]; then
@@ -2524,23 +2533,23 @@ function e2e::expose_http() {
     done

     # check that health endpoint fails
-    if [[ $(curl --write-out %{http_code} --silent --output /dev/null http://localhost:$HTTP_PORT) -ne 503 ]] ; then
-        fail "health endpoint should have failed: $(curl --write-out %{http_code} --silent --output /dev/null http://localhost:$HTTP_PORT)"
+    if [[ $(curl --write-out %{http_code} --silent --output /dev/null "http://$GITSYNC_IP:$HTTP_PORT") -ne 503 ]] ; then
+        fail "health endpoint should have failed: $(curl --write-out %{http_code} --silent --output /dev/null http://$GITSYNC_IP:$HTTP_PORT)"
     fi
     wait_for_sync "${MAXWAIT}"

     # check that health endpoint is alive
-    if [[ $(curl --write-out %{http_code} --silent --output /dev/null http://localhost:$HTTP_PORT) -ne 200 ]] ; then
+    if [[ $(curl --write-out %{http_code} --silent --output /dev/null "http://$GITSYNC_IP:$HTTP_PORT") -ne 200 ]] ; then
         fail "health endpoint failed"
     fi

     # check that the metrics endpoint exists
-    if [[ $(curl --write-out %{http_code} --silent --output /dev/null http://localhost:$HTTP_PORT/metrics) -ne 200 ]] ; then
+    if [[ $(curl --write-out %{http_code} --silent --output /dev/null "http://$GITSYNC_IP:$HTTP_PORT/metrics") -ne 200 ]] ; then
         fail "metrics endpoint failed"
     fi

     # check that the pprof endpoint exists
-    if [[ $(curl --write-out %{http_code} --silent --output /dev/null http://localhost:$HTTP_PORT/debug/pprof/) -ne 200 ]] ; then
+    if [[ $(curl --write-out %{http_code} --silent --output /dev/null "http://$GITSYNC_IP:$HTTP_PORT/debug/pprof/") -ne 200 ]] ; then
         fail "pprof endpoint failed"
     fi
 }
@@ -2568,7 +2577,7 @@ function e2e::expose_http_after_restart() {
     # do nothing, just wait for the HTTP to come up
     for i in $(seq 1 5); do
         sleep 1
-        if curl --silent --output /dev/null http://localhost:$HTTP_PORT; then
+        if curl --silent --output /dev/null "http://$GITSYNC_IP:$HTTP_PORT"; then
             break
         fi
         if [[ "$i" == 5 ]]; then
@@ -2579,7 +2588,7 @@ function e2e::expose_http_after_restart() {
     sleep 2 # wait for first loop to confirm synced

     # check that health endpoint is alive
-    if [[ $(curl --write-out %{http_code} --silent --output /dev/null http://localhost:$HTTP_PORT) -ne 200 ]] ; then
+    if [[ $(curl --write-out %{http_code} --silent --output /dev/null "http://$GITSYNC_IP:$HTTP_PORT") -ne 200 ]] ; then
         fail "health endpoint failed"
     fi
     assert_link_exists "$ROOT/link"
@@ -3503,6 +3512,12 @@ function run_test() {
         set -o errexit
         set -o nounset
         set -o pipefail
+        docker network prune -f \
+            --filter label=git-sync-e2e \
+            >/dev/null
+        docker network create "e2e_$RUNID" \
+            --subnet "$DOCKER_SUBNET" \
+            --label git-sync-e2e="$RUNID"
         "$@"
     )
     eval "$retvar=$?"
```
---
 test_e2e.sh | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/test_e2e.sh b/test_e2e.sh
index d6ad730dd..6b294f5ff 100755
--- a/test_e2e.sh
+++ b/test_e2e.sh
@@ -2365,16 +2365,23 @@ function e2e::webhook_success() {
 ##############################################
 function e2e::webhook_fail_retry() {
     HITLOG="$WORK/hitlog"
+    SCRIPT="$WORK/http_resp.sh"
+    touch "$SCRIPT"
+    chmod 755 "$SCRIPT"
 
     # First sync - return a failure to ensure that we try again
     cat /dev/null > "$HITLOG"
+    cat > "$SCRIPT" << __EOF__
+#!/bin/sh
+read X
+echo "HTTP/1.1 500 Internal Server Error"
+echo
+__EOF__
     CTR=$(docker_run \
         -v "$HITLOG":/var/log/hits \
+        -v "$SCRIPT":/http_resp.sh \
         e2e/test/ncsvr \
-        80 'read X
-            echo "HTTP/1.1 500 Internal Server Error"
-            echo
-           ')
+        80 '/http_resp.sh')
     IP=$(docker_ip "$CTR")
 
     GIT_SYNC \
@@ -2392,16 +2399,13 @@ function e2e::webhook_fail_retry() {
     assert_file_lines_ge "$HITLOG" 1
 
     # Now return 200, ensure that it gets called
-    docker_kill "$CTR"
     cat /dev/null > "$HITLOG"
-    CTR=$(docker_run \
-        --ip="$IP" \
-        -v "$HITLOG":/var/log/hits \
-        e2e/test/ncsvr \
-        80 'read X
-            echo "HTTP/1.1 200 OK"
-            echo
-           ')
+    cat > "$SCRIPT" << __EOF__
+#!/bin/sh
+read X
+echo "HTTP/1.1 200 OK"
+echo
+__EOF__
     sleep 2 # webhooks are async
     assert_file_lines_eq "$HITLOG" 1
 }