summaryrefslogtreecommitdiff
path: root/test/system
diff options
context:
space:
mode:
authorEd Santiago <santiago@redhat.com>2020-09-16 10:06:33 -0600
committerEd Santiago <santiago@redhat.com>2020-09-19 15:55:00 -0600
commitbd3c66fc8151350ad6562959054eddb5508cf028 (patch)
tree487c34a3af99796784538929d8cc61a536a07622 /test/system
parent852943516606f32ccc2406f41bcf3df42d7c622c (diff)
downloadpodman-bd3c66fc8151350ad6562959054eddb5508cf028.tar.gz
podman-bd3c66fc8151350ad6562959054eddb5508cf028.tar.bz2
podman-bd3c66fc8151350ad6562959054eddb5508cf028.zip
system tests: new tests
- podman network create: new test - podman pull by-sha + podman images -a (#7651) - podman image mount: new test - podman pod: --infra-image and --infra-command (#7167) For convenience and robustness, build a new testimage containing a custom file /home/podman/testimage-id with contents YYYYMMDD (same as image tag). The image-mount test checks that this file exists and has the desired content. New testimage also includes a dummy 'pause' executable, for testing pod infra. Updates from testimage:20200902 to :20200917 Signed-off-by: Ed Santiago <santiago@redhat.com>
Diffstat (limited to 'test/system')
-rw-r--r--test/system/010-images.bats47
-rw-r--r--test/system/060-mount.bats30
-rw-r--r--test/system/200-pod.bats31
-rw-r--r--test/system/500-networking.bats29
-rwxr-xr-xtest/system/build-testimage44
-rw-r--r--test/system/helpers.bash31
6 files changed, 202 insertions, 10 deletions
diff --git a/test/system/010-images.bats b/test/system/010-images.bats
index c0a8936e3..ac65e54d9 100644
--- a/test/system/010-images.bats
+++ b/test/system/010-images.bats
@@ -112,4 +112,51 @@ Labels.created_at | 20[0-9-]\\\+T[0-9:]\\\+Z
run_podman rm mytinycontainer
}
+# Regression test for https://github.com/containers/podman/issues/7651
+# in which "podman pull image-with-sha" causes "images -a" to crash
+@test "podman images -a, after pulling by sha " {
+ # Get a baseline for 'images -a'
+ run_podman images -a
+ local images_baseline="$output"
+
+ # Get the digest of our local test image. We need to do this in two steps
+ # because 'podman inspect' only works reliably on *IMAGE ID*, not name.
+ # See https://github.com/containers/podman/issues/3761
+ run_podman inspect --format '{{.Id}}' $IMAGE
+ local iid="$output"
+ run_podman inspect --format '{{.Digest}}' $iid
+ local sha="$output"
+
+ local imgbase="${PODMAN_TEST_IMAGE_REGISTRY}/${PODMAN_TEST_IMAGE_USER}/${PODMAN_TEST_IMAGE_NAME}"
+ local fqin="${imgbase}@$sha"
+
+ # This will always pull, because even though it's the same image we
+ # already have, podman doesn't actually know that.
+ run_podman pull $fqin
+ is "$output" "Trying to pull ${fqin}\.\.\..*" "output of podman pull"
+
+ # Prior to #7654, this would crash and burn. Now podman recognizes it
+ # as the same image and, even though it internally tags it with the
+ # sha, still only shows us one image (which should be our baseline)
+ #
+ # WARNING! If this test fails, we're going to see a lot of failures
+ # in subsequent tests due to 'podman ps' showing the '@sha' tag!
+ # I choose not to add a complicated teardown() (with 'rmi @sha')
+ # because the failure window here is small, and if it fails it
+ # needs attention anyway. So if you see lots of failures, but
+ # start here because this is the first one, fix this problem.
+ # You can (probably) ignore any subsequent failures showing '@sha'
+ # in the error output.
+ run_podman images -a
+ is "$output" "$images_baseline" "images -a, after pull: same as before"
+
+ # Clean up: this should simply untag, not remove
+ run_podman rmi $fqin
+ is "$output" "Untagged: $fqin" "podman rmi untags, does not remove"
+
+ # ...and now we should still have our same image.
+ run_podman images -a
+ is "$output" "$images_baseline" "after podman rmi @sha, still the same"
+}
+
# vim: filetype=sh
diff --git a/test/system/060-mount.bats b/test/system/060-mount.bats
index d98a3eeb1..75c88e4ad 100644
--- a/test/system/060-mount.bats
+++ b/test/system/060-mount.bats
@@ -35,4 +35,34 @@ load helpers
fi
}
+
+@test "podman image mount" {
+ skip_if_remote "mounting remote is meaningless"
+ skip_if_rootless "too hard to test rootless"
+
+ # Start with clean slate
+ run_podman image umount -a
+
+ run_podman image mount $IMAGE
+ mount_path="$output"
+
+ test -d $mount_path
+
+ # Image is custom-built and has a file containing the YMD tag. Check it.
+ testimage_file="/home/podman/testimage-id"
+ test -e "$mount_path$testimage_file"
+ is $(< "$mount_path$testimage_file") "$PODMAN_TEST_IMAGE_TAG" \
+ "Contents of $testimage_file in image"
+
+ # 'image mount', no args, tells us what's mounted
+ run_podman image mount
+ is "$output" "$IMAGE $mount_path" "podman image mount with no args"
+
+ # Clean up
+ run_podman image umount $IMAGE
+
+ run_podman image mount
+ is "$output" "" "podman image mount, no args, after umount"
+}
+
# vim: filetype=sh
diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats
index 7189d7e4b..2ae038dfe 100644
--- a/test/system/200-pod.bats
+++ b/test/system/200-pod.bats
@@ -173,6 +173,19 @@ function random_ip() {
# FIXME: --ip=$ip fails:
# Error adding network: failed to allocate all requested IPs
local mac_option="--mac-address=$mac"
+
+ # Create a custom image so we can test --infra-image and -command.
+ # It will have a randomly generated infra command, using the
+ # existing 'pause' script in our testimage. We assign a bogus
+ # entrypoint to confirm that --infra-command will override.
+ local infra_image="infra_$(random_string 10 | tr A-Z a-z)"
+ local infra_command="/pause_$(random_string 10)"
+ run_podman build -t $infra_image - << EOF
+FROM $IMAGE
+RUN ln /home/podman/pause $infra_command
+ENTRYPOINT ["/original-entrypoint-should-be-overridden"]
+EOF
+
if is_rootless; then
mac_option=
fi
@@ -185,12 +198,21 @@ function random_ip() {
--dns-search "$dns_search" \
--dns-opt "$dns_opt" \
--publish "$port_out:$port_in" \
- --label "${labelname}=${labelvalue}"
+ --label "${labelname}=${labelvalue}" \
+ --infra-image "$infra_image" \
+ --infra-command "$infra_command"
pod_id="$output"
# Check --pod-id-file
is "$(<$pod_id_file)" "$pod_id" "contents of pod-id-file"
+ # Get ID of infra container
+ run_podman pod inspect --format '{{(index .Containers 0).ID}}' mypod
+ local infra_cid="$output"
+ # confirm that entrypoint is what we set
+ run_podman container inspect --format '{{.Config.Entrypoint}}' $infra_cid
+ is "$output" "$infra_command" "infra-command took effect"
+
# Check each of the options
if [ -n "$mac_option" ]; then
run_podman run --rm --pod mypod $IMAGE ip link show
@@ -249,9 +271,16 @@ function random_ip() {
run_podman logs $cid
is "$output" "$teststring" "test string received on container"
+ # Finally, confirm the infra-container and -command. We run this late,
+ # not at pod creation, to give the infra container time to start & log.
+ run_podman logs $infra_cid
+ is "$output" "Confirmed: testimage pause invoked as $infra_command" \
+ "pod ran with our desired infra container + command"
+
# Clean up
run_podman rm $cid
run_podman pod rm -f mypod
+ run_podman rmi $infra_image
}
# vim: filetype=sh
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
index 39de8ad54..d2454fbf4 100644
--- a/test/system/500-networking.bats
+++ b/test/system/500-networking.bats
@@ -80,4 +80,33 @@ load helpers
run_podman rm $cid
}
+# "network create" now works rootless, with the help of a special container
+@test "podman network create" {
+ local mynetname=testnet-$(random_string 10)
+ local mysubnet=$(random_rfc1918_subnet)
+
+ run_podman network create --subnet "${mysubnet}.0/24" $mynetname
+ is "$output" ".*/cni/net.d/$mynetname.conflist" "output of 'network create'"
+
+ # WARNING: this pulls a ~100MB image from quay.io, hence is slow/flaky
+ run_podman run --rm --network $mynetname $IMAGE ip a
+ is "$output" ".* inet ${mysubnet}\.2/24 brd ${mysubnet}\.255 " \
+ "sdfsdf"
+
+ # Cannot create network with the same name
+ run_podman 125 network create $mynetname
+ is "$output" "Error: the network name $mynetname is already used" \
+ "Trying to create an already-existing network"
+
+ run_podman network rm $mynetname
+ run_podman 125 network rm $mynetname
+
+ # rootless CNI leaves behind an image pulled by SHA, hence with no tag.
+ # Remove it if present; we can only remove it by ID.
+ run_podman images --format '{{.Id}}' rootless-cni-infra
+ if [ -n "$output" ]; then
+ run_podman rmi $output
+ fi
+}
+
# vim: filetype=sh
diff --git a/test/system/build-testimage b/test/system/build-testimage
index 64aa46337..ef14d3afd 100755
--- a/test/system/build-testimage
+++ b/test/system/build-testimage
@@ -26,23 +26,51 @@ create_time_z=$(env TZ=UTC date +'%Y-%m-%dT%H:%M:%SZ')
set -ex
+# We'll need to create a Containerfile plus various other files to add in
+#
# Please document the reason for all flags, apk's, and anything non-obvious
+tmpdir=$(mktemp -t -d $(basename $0).tmp.XXXXXXX)
+cd $tmpdir
+
+# 'image mount' test will confirm that this file exists and has our YMD tag
+echo $YMD >testimage-id
+
+# 'pod' test will use this for --infra-command
+cat >pause <<EOF
+#!/bin/sh
#
-# --squash-all : needed by 'tree' test in 070-build.bats
-# busybox-extras : provides httpd needed in 500-networking.bats
+# Trivial little pause script, used in one of the pod tests
#
-podman rmi -f testimage &> /dev/null || true
-podman build --squash-all -t testimage - <<EOF
+echo Confirmed: testimage pause invoked as \$0
+while :; do
+ sleep 0.1
+done
+EOF
+chmod 755 pause
+
+# alpine because it's small and light and reliable
+# busybox-extras provides httpd needed in 500-networking.bats
+cat >Containerfile <<EOF
FROM docker.io/library/alpine:3.12.0
RUN apk add busybox-extras
+ADD testimage-id pause /home/podman/
LABEL created_by=$create_script
LABEL created_at=$create_time_z
+WORKDIR /home/podman
CMD ["/bin/echo", "This container is intended for podman CI testing"]
EOF
+# --squash-all : needed by 'tree' test in 070-build.bats
+podman rmi -f testimage &> /dev/null || true
+podman build --squash-all -t testimage .
+
+# Clean up
+cd /tmp
+rm -rf $tmpdir
+
# Tag and push to quay.
-podman tag testimage quay.io/edsantiago/testimage:$YMD
-podman push quay.io/edsantiago/testimage:$YMD
+podman tag testimage quay.io/libpod/testimage:$YMD
+podman push quay.io/libpod/testimage:$YMD
# Side note: there should always be a testimage tagged ':00000000'
# (eight zeroes) in the same location; this is used by tests which
@@ -54,6 +82,6 @@ podman push quay.io/edsantiago/testimage:$YMD
#
# podman pull docker.io/library/busybox:1.32.0
# podman tag docker.io/library/busybox:1.32.0 \
-# quay.io/edsantiago/testimage:00000000
-# podman push quay.io/edsantiago/testimage:00000000
+# quay.io/libpod/testimage:00000000
+# podman push quay.io/libpod/testimage:00000000
#
diff --git a/test/system/helpers.bash b/test/system/helpers.bash
index 514ba249e..c361e23ff 100644
--- a/test/system/helpers.bash
+++ b/test/system/helpers.bash
@@ -7,7 +7,7 @@ PODMAN=${PODMAN:-podman}
PODMAN_TEST_IMAGE_REGISTRY=${PODMAN_TEST_IMAGE_REGISTRY:-"quay.io"}
PODMAN_TEST_IMAGE_USER=${PODMAN_TEST_IMAGE_USER:-"libpod"}
PODMAN_TEST_IMAGE_NAME=${PODMAN_TEST_IMAGE_NAME:-"testimage"}
-PODMAN_TEST_IMAGE_TAG=${PODMAN_TEST_IMAGE_TAG:-"20200902"}
+PODMAN_TEST_IMAGE_TAG=${PODMAN_TEST_IMAGE_TAG:-"20200917"}
PODMAN_TEST_IMAGE_FQN="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$PODMAN_TEST_IMAGE_NAME:$PODMAN_TEST_IMAGE_TAG"
# Because who wants to spell that out each time?
@@ -397,6 +397,35 @@ function random_string() {
}
+###########################
+# random_rfc1918_subnet #
+###########################
+#
+# Use the class B set, because much of our CI environment (Google, RH)
+# already uses up much of the class A, and it's really hard to test
+# if a block is in use.
+#
+# This returns THREE OCTETS! It is up to our caller to append .0/24, .255, &c.
+#
+function random_rfc1918_subnet() {
+ local retries=1024
+
+ while [ "$retries" -gt 0 ];do
+ local cidr=172.$(( 16 + $RANDOM % 16 )).$(( $RANDOM & 255 ))
+
+ in_use=$(ip route list | fgrep $cidr)
+ if [ -z "$in_use" ]; then
+ echo "$cidr"
+ return
+ fi
+
+ retries=$(( retries - 1 ))
+ done
+
+ die "Could not find a random not-in-use rfc1918 subnet"
+}
+
+
#########################
# find_exec_pid_files # Returns nothing or exec_pid hash files
#########################