diff options
| -rw-r--r-- | .cirrus.yml | 6 | ||||
| -rwxr-xr-x | hack/get_ci_vm.sh | 22 | ||||
| -rw-r--r-- | pkg/k8s.io/api/core/v1/types.go | 3 | ||||
| -rw-r--r-- | test/e2e/generate_kube_test.go | 23 |
4 files changed, 47 insertions, 7 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index 9daf33ba2..223fc5b53 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -204,10 +204,11 @@ build_aarch64_task: only_if: "$CIRRUS_CRON != 'multiarch'" ec2_instance: &standard_build_ec2_aarch64 image: ${VM_IMAGE_NAME} - type: t4g.xlarge + type: ${EC2_INST_TYPE} region: us-east-1 architecture: arm64 # CAUTION: This has to be "arm64", not "aarch64". env: &stdenvars_aarch64 + EC2_INST_TYPE: "t4g.xlarge" DISTRO_NV: ${FEDORA_AARCH64_NAME} VM_IMAGE_NAME: ${FEDORA_AARCH64_AMI_ID} CTR_FQIN: ${FEDORA_CONTAINER_FQIN} @@ -695,9 +696,10 @@ podman_machine_task: - rootless_integration_test ec2_instance: image: "${VM_IMAGE_NAME}" - type: m5zn.metal # Bare-metal instance is required + type: "${EC2_INST_TYPE}" region: us-east-1 env: + EC2_INST_TYPE: "m5zn.metal" # Bare-metal instance is required TEST_FLAVOR: "machine" PRIV_NAME: "rootless" # intended use-case DISTRO_NV: "${FEDORA_NAME}" diff --git a/hack/get_ci_vm.sh b/hack/get_ci_vm.sh index 6632a0178..bdd947bba 100755 --- a/hack/get_ci_vm.sh +++ b/hack/get_ci_vm.sh @@ -15,7 +15,7 @@ SCRIPT_FILEPATH=$(realpath "${BASH_SOURCE[0]}") SCRIPT_DIRPATH=$(dirname "$SCRIPT_FILEPATH") REPO_DIRPATH=$(realpath "$SCRIPT_DIRPATH/../") -# Help detect if we were called by get_ci_vm container +# Help detect what get_ci_vm container called this script GET_CI_VM="${GET_CI_VM:-0}" in_get_ci_vm() { if ((GET_CI_VM==0)); then @@ -27,8 +27,10 @@ in_get_ci_vm() { # get_ci_vm APIv1 container entrypoint calls into this script # to obtain required repo. specific configuration options. if [[ "$1" == "--config" ]]; then - in_get_ci_vm "$1" - cat <<EOF + in_get_ci_vm "$1" # handles GET_CI_VM==0 case + case "$GET_CI_VM" in + 1) + cat <<EOF DESTDIR="/var/tmp/go/src/github.com/containers/podman" UPSTREAM_REPO="https://github.com/containers/podman.git" CI_ENVFILE="/etc/ci_environment" @@ -40,8 +42,18 @@ GCLOUD_CPUS="2" GCLOUD_MEMORY="4Gb" GCLOUD_DISK="200" EOF + ;; + 2) + # get_ci_vm APIv2 configuration details + echo "AWS_PROFILE=containers" + ;; + *) + echo "Error: Your get_ci_vm container image is too old." + ;; + esac elif [[ "$1" == "--setup" ]]; then in_get_ci_vm "$1" + unset GET_CI_VM # get_ci_vm container entrypoint calls us with this option on the # Cirrus-CI environment instance, to perform repo.-specific setup. cd $REPO_DIRPATH @@ -54,8 +66,9 @@ elif [[ "$1" == "--setup" ]]; then echo "+ Running environment setup" > /dev/stderr ./contrib/cirrus/setup_environment.sh else - # Create and access VM for specified Cirrus-CI task + # Pass this repo and CLI args into container for VM creation/management mkdir -p $HOME/.config/gcloud/ssh + mkdir -p $HOME/.aws podman run -it --rm \ --tz=local \ -e NAME="$USER" \ @@ -65,5 +78,6 @@ else -v $REPO_DIRPATH:/src:O \ -v $HOME/.config/gcloud:/root/.config/gcloud:z \ -v $HOME/.config/gcloud/ssh:/root/.ssh:z \ + -v $HOME/.aws:/root/.aws:z \ quay.io/libpod/get_ci_vm:latest "$@" fi diff --git a/pkg/k8s.io/api/core/v1/types.go b/pkg/k8s.io/api/core/v1/types.go index 39a675dae..384965769 100644 --- a/pkg/k8s.io/api/core/v1/types.go +++ b/pkg/k8s.io/api/core/v1/types.go @@ -56,7 +56,8 @@ type VolumeSource struct { // ConfigMap represents a configMap that should populate this volume // +optional ConfigMap *ConfigMapVolumeSource `json:"configMap,omitempty"` - Secret *SecretVolumeSource + // Secret represents a secret that should be mounted as a volume + Secret *SecretVolumeSource `json:"secret,omitempty"` } // PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index 845aa60ce..5e9881c4f 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -1228,4 +1228,27 @@ USER test1` Expect(pod.Spec.Containers[0].Env).To(HaveLen(2)) }) + + It("podman generate kube omit secret if empty", func() { + dir, err := os.MkdirTemp(tempdir, "podman") + Expect(err).Should(BeNil()) + + defer os.RemoveAll(dir) + + podCreate := podmanTest.Podman([]string{"run", "-d", "--pod", "new:" + "noSecretsPod", "--name", "noSecretsCtr", "--volume", dir + ":/foobar", ALPINE}) + podCreate.WaitWithDefaultTimeout() + Expect(podCreate).Should(Exit(0)) + + kube := podmanTest.Podman([]string{"generate", "kube", "noSecretsPod"}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + Expect(kube.OutputToString()).ShouldNot(ContainSubstring("secret")) + + pod := new(v1.Pod) + err = yaml.Unmarshal(kube.Out.Contents(), pod) + Expect(err).To(BeNil()) + + Expect(pod.Spec.Volumes[0].Secret).To(BeNil()) + }) }) |