summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2020-08-04 16:24:34 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2020-08-04 20:26:34 -0400
commita0fb08100391f27c283e0bf62e5663222066b6bf (patch)
tree5328e9af0b2ea16e7b3529d37597a88352729958
parent807efd669802f00a90339bfa43a508505bec4858 (diff)
downloadpodman-a0fb08100391f27c283e0bf62e5663222066b6bf.tar.gz
podman-a0fb08100391f27c283e0bf62e5663222066b6bf.tar.bz2
podman-a0fb08100391f27c283e0bf62e5663222066b6bf.zip
Handle podman-remote run --rm
We need to remove the container after it has exited for podman-remote run --rm commands. If we don't remove this container at this step, we open ourselves up to race conditions. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
-rw-r--r--pkg/domain/infra/tunnel/containers.go14
-rw-r--r--test/system/030-run.bats6
-rw-r--r--test/system/070-build.bats1
-rw-r--r--test/system/160-volumes.bats4
-rw-r--r--test/system/200-pod.bats3
-rw-r--r--test/system/300-cli-parsing.bats2
-rw-r--r--test/system/400-unprivileged-access.bats2
-rw-r--r--test/system/410-selinux.bats1
8 files changed, 11 insertions, 22 deletions
diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go
index 1fad67b86..d2221ab7b 100644
--- a/pkg/domain/infra/tunnel/containers.go
+++ b/pkg/domain/infra/tunnel/containers.go
@@ -500,9 +500,6 @@ func (ic *ContainerEngine) ContainerList(ctx context.Context, options entities.C
}
func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.ContainerRunOptions) (*entities.ContainerRunReport, error) {
- if opts.Rm {
- logrus.Info("the remote client does not support --rm yet")
- }
con, err := containers.CreateWithSpec(ic.ClientCxt, opts.Spec)
if err != nil {
return nil, err
@@ -526,6 +523,17 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
if err != nil {
report.ExitCode = define.ExitCode(err)
}
+ if opts.Rm {
+ if err := containers.Remove(ic.ClientCxt, con.ID, bindings.PFalse, bindings.PTrue); err != nil {
+ if errors.Cause(err) == define.ErrNoSuchCtr ||
+ errors.Cause(err) == define.ErrCtrRemoved {
+ logrus.Warnf("Container %s does not exist: %v", con.ID, err)
+ } else {
+ logrus.Errorf("Error removing container %s: %v", con.ID, err)
+ }
+ }
+ }
+
return &report, err
}
diff --git a/test/system/030-run.bats b/test/system/030-run.bats
index e93a2efe2..43b41a0bd 100644
--- a/test/system/030-run.bats
+++ b/test/system/030-run.bats
@@ -96,8 +96,6 @@ echo $rand | 0 | $rand
# Believe it or not, 'sh -c' resulted in different behavior
run_podman 0 run --rm $IMAGE sh -c /bin/true
run_podman 1 run --rm $IMAGE sh -c /bin/false
-
- if is_remote; then sleep 2;fi # FIXME: pending #7119
}
@test "podman run --name" {
@@ -266,8 +264,6 @@ echo $rand | 0 | $rand
done
done
done
-
- if is_remote; then sleep 2;fi # FIXME: pending #7119
}
# #6829 : add username to /etc/passwd inside container if --userns=keep-id
@@ -292,8 +288,6 @@ echo $rand | 0 | $rand
run_podman run --rm --privileged --userns=keep-id --user=0 $IMAGE id -un
remove_same_dev_warning # grumble
is "$output" "root" "--user=0 overrides keep-id"
-
- if is_remote; then sleep 2;fi # FIXME: pending #7119
}
# #6991 : /etc/passwd is modifiable
diff --git a/test/system/070-build.bats b/test/system/070-build.bats
index 481e1759b..d2ef9f0f9 100644
--- a/test/system/070-build.bats
+++ b/test/system/070-build.bats
@@ -91,7 +91,6 @@ ADD https://github.com/containers/podman/blob/master/README.md /tmp/
EOF
run_podman build -t add_url $tmpdir
run_podman run --rm add_url stat /tmp/README.md
- if is_remote; then sleep 2;fi # FIXME: pending #7119
run_podman rmi -f add_url
# Now test COPY. That should fail.
diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats
index e2aefed43..3f50bd3c4 100644
--- a/test/system/160-volumes.bats
+++ b/test/system/160-volumes.bats
@@ -93,7 +93,6 @@ Labels.l | $mylabel
is "$(<$mountpoint/myfile)" "$rand" "we see content created in container"
# Clean up
- if is_remote; then sleep 2;fi # FIXME: pending #7119
run_podman volume rm $myvolume
}
@@ -135,7 +134,6 @@ EOF
is "$output" "got here -$rand-" "script in volume is runnable with default (exec)"
# Clean up
- if is_remote; then sleep 2;fi # FIXME: pending #7119
run_podman volume rm $myvolume
}
@@ -173,7 +171,6 @@ EOF
run_podman run --rm -v $myvol:/myvol:z $IMAGE \
sh -c "cp /myvol/myfile /myvol/myfile2"
- if is_remote; then sleep 2;fi # FIXME: pending #7119
run_podman volume rm $myvol
# Autocreated volumes should also work with keep-id
@@ -182,7 +179,6 @@ EOF
run_podman run --rm -v $myvol:/myvol:z --userns=keep-id $IMAGE \
touch /myvol/myfile
- if is_remote; then sleep 2;fi # FIXME: pending #7119
run_podman volume rm $myvol
}
diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats
index cbfd7fe03..f3ec8a67c 100644
--- a/test/system/200-pod.bats
+++ b/test/system/200-pod.bats
@@ -93,7 +93,6 @@ function teardown() {
is "$output" "$message" "message sent from one container to another"
# Clean up. First the nc -l container...
- if is_remote; then sleep 2;fi # FIXME: pending #7119
run_podman rm $cid1
# ...then, from pause container, find the image ID of the pause image...
@@ -104,7 +103,6 @@ function teardown() {
pause_iid="$output"
# ...then rm the pod, then rmi the pause image so we don't leave strays.
- if is_remote; then sleep 2;fi # FIXME: pending #7119
run_podman pod rm $podname
run_podman rmi $pause_iid
@@ -215,7 +213,6 @@ function random_ip() {
is "$output" ".*options $dns_opt" "--dns-opt was added"
# pod inspect
- if is_remote; then sleep 2;fi # FIXME: pending #7119
run_podman pod inspect --format '{{.Name}}: {{.ID}} : {{.NumContainers}} : {{.Labels}}' mypod
is "$output" "mypod: $pod_id : 1 : map\[${labelname}:${labelvalue}]" \
"pod inspect --format ..."
diff --git a/test/system/300-cli-parsing.bats b/test/system/300-cli-parsing.bats
index 2abc01bb7..92c073102 100644
--- a/test/system/300-cli-parsing.bats
+++ b/test/system/300-cli-parsing.bats
@@ -10,8 +10,6 @@ load helpers
# Error: invalid argument "true=\"false\"" for "-l, --label" \
# flag: parse error on line 1, column 5: bare " in non-quoted-field
run_podman run --rm --label 'true="false"' $IMAGE true
-
- if is_remote; then sleep 2;fi # FIXME: pending #7119
}
# vim: filetype=sh
diff --git a/test/system/400-unprivileged-access.bats b/test/system/400-unprivileged-access.bats
index ebca75f13..1b2d14554 100644
--- a/test/system/400-unprivileged-access.bats
+++ b/test/system/400-unprivileged-access.bats
@@ -165,8 +165,6 @@ EOF
die "$path: Unknown file type '$type'"
fi
done
-
- if is_remote; then sleep 2;fi # FIXME: pending #7119
}
# vim: filetype=sh
diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats
index c85fb2563..497e29b3e 100644
--- a/test/system/410-selinux.bats
+++ b/test/system/410-selinux.bats
@@ -16,7 +16,6 @@ function check_label() {
# FIXME: it'd be nice to specify the command to run, e.g. 'ls -dZ /',
# but alpine ls (from busybox) doesn't support -Z
run_podman run --rm $args $IMAGE cat -v /proc/self/attr/current
- if is_remote; then sleep 2;fi # FIXME: pending #7119
# FIXME: on some CI systems, 'run --privileged' emits a spurious
# warning line about dup devices. Ignore it.