aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.cirrus.yml68
-rw-r--r--cmd/podman/common/volumes.go16
-rw-r--r--contrib/cirrus/lib.sh17
-rwxr-xr-xcontrib/cirrus/runner.sh27
-rwxr-xr-xcontrib/cirrus/setup_environment.sh1
-rwxr-xr-xhack/get_ci_vm.sh11
-rw-r--r--libpod/container.go12
-rw-r--r--libpod/kube.go22
-rw-r--r--pkg/util/mountOpts.go4
-rw-r--r--test/e2e/generate_kube_test.go36
-rw-r--r--test/e2e/run_volume_test.go2
11 files changed, 137 insertions, 79 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index af6c64058..eda03bf23 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -46,7 +46,7 @@ env:
#### Control variables that determine what to run and how to run it.
#### N/B: Required ALL of these are set for every single task.
####
- TEST_FLAVOR: # int, sys, ext_svc, smoke, automation, etc.
+ TEST_FLAVOR: # int, sys, ext_svc, validate, automation, etc.
TEST_ENVIRON: host # 'host' or 'container'
PODBIN_NAME: podman # 'podman' or 'remote'
PRIV_NAME: root # 'root' or 'rootless'
@@ -78,6 +78,25 @@ ext_svc_check_task:
env:
TEST_FLAVOR: ext_svc
CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
+ # NOTE: The default way Cirrus-CI clones is *NOT* compatible with
+ # environment expectations in contrib/cirrus/lib.sh. Specifically
+ # the 'origin' remote must be defined, and all remote branches/tags
+ # must be available for reference from CI scripts.
+ clone_script: &full_clone |
+ cd /
+ rm -rf $CIRRUS_WORKING_DIR
+ mkdir -p $CIRRUS_WORKING_DIR
+ git clone --recursive --branch=$DEST_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR
+ cd $CIRRUS_WORKING_DIR
+ git remote update origin
+ if [[ -n "$CIRRUS_PR" ]]; then # running for a PR
+ git fetch origin pull/$CIRRUS_PR/head:pull/$CIRRUS_PR
+ git checkout pull/$CIRRUS_PR
+ else
+ git reset --hard $CIRRUS_CHANGE_IN_REPO
+ fi
+ make install.tools
+
setup_script: &setup '$GOSRC/$SCRIPT_BASE/setup_environment.sh'
main_script: &main '/usr/bin/time --verbose --output="$STATS_LOGFILE" $GOSRC/$SCRIPT_BASE/runner.sh'
always: &runner_stats
@@ -97,43 +116,7 @@ automation_task:
TEST_FLAVOR: automation
CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
TEST_ENVIRON: container
- setup_script: *setup
- main_script: *main
- always: *runner_stats
-
-
-# This task use to be called 'gating', however that name is being
-# used downstream for release testing. Renamed this to avoid confusion.
-# All it does is run basic golang formatting and commit validation checks.
-smoke_task:
- alias: 'smoke'
- name: "Smoke Test"
- skip: *branches_and_tags
- container: &bigcontainer
- image: ${CTR_FQIN}
- # Leave some resources for smallcontainer
- cpu: 6
- memory: 22
- env:
- TEST_FLAVOR: 'smoke'
- CTR_FQIN: "${FEDORA_CONTAINER_FQIN}"
- TEST_ENVIRON: container
- # This clone script is also used to initially populate gopath_cache (below)
- clone_script: &full_clone |
- cd /
- rm -rf $CIRRUS_WORKING_DIR
- mkdir -p $CIRRUS_WORKING_DIR
- git clone --recursive --branch=$DEST_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR
- cd $CIRRUS_WORKING_DIR
- git remote update origin
- if [[ -n "$CIRRUS_PR" ]]; then # running for a PR
- git fetch origin pull/$CIRRUS_PR/head:pull/$CIRRUS_PR
- git checkout pull/$CIRRUS_PR
- else
- git reset --hard $CIRRUS_CHANGE_IN_REPO
- fi
- cd $CIRRUS_WORKING_DIR
- make install.tools
+ clone_script: *full_clone
setup_script: *setup
main_script: *main
always: *runner_stats
@@ -211,11 +194,15 @@ build_task:
validate_task:
name: "Validate $DISTRO_NV Build"
alias: validate
- skip: *tags
+ # This task is primarily intended to catch human-errors early on, in a
+ # PR. Skip it for branch-push, branch-create, and tag-push to improve
+ # automation reliability/speed in those contexts. Any missed errors due
+ # to nonsequential PR merging practices, will be caught on a future PR,
+ # build or test task failures.
+ skip: *branches_and_tags
depends_on:
- ext_svc_check
- automation
- - smoke
- build
# golangci-lint is a very, very hungry beast.
gce_instance: &bigvm
@@ -645,7 +632,6 @@ success_task:
depends_on:
- ext_svc_check
- automation
- - smoke
- build
- validate
- bindings
diff --git a/cmd/podman/common/volumes.go b/cmd/podman/common/volumes.go
index a6e6faeca..2a598d7a5 100644
--- a/cmd/podman/common/volumes.go
+++ b/cmd/podman/common/volumes.go
@@ -353,6 +353,10 @@ func getBindMount(args []string) (spec.Mount, error) {
default:
return newMount, errors.Wrapf(util.ErrBadMntOption, "%s mount option must be 'private' or 'shared'", kv[0])
}
+ case "consistency":
+ // Often used on MACs and mistakenly on Linux platforms.
+ // Since Docker ignores this option so shall we.
+ continue
default:
return newMount, errors.Wrapf(util.ErrBadMntOption, kv[0])
}
@@ -437,6 +441,10 @@ func getTmpfsMount(args []string) (spec.Mount, error) {
}
newMount.Destination = filepath.Clean(kv[1])
setDest = true
+ case "consistency":
+ // Often used on MACs and mistakenly on Linux platforms.
+ // Since Docker ignores this option so shall we.
+ continue
default:
return newMount, errors.Wrapf(util.ErrBadMntOption, kv[0])
}
@@ -534,6 +542,10 @@ func getNamedVolume(args []string) (*specgen.NamedVolume, error) {
}
newVolume.Dest = filepath.Clean(kv[1])
setDest = true
+ case "consistency":
+ // Often used on MACs and mistakenly on Linux platforms.
+ // Since Docker ignores this option so shall we.
+ continue
default:
return nil, errors.Wrapf(util.ErrBadMntOption, kv[0])
}
@@ -581,6 +593,10 @@ func getImageVolume(args []string) (*specgen.ImageVolume, error) {
default:
return nil, errors.Wrapf(util.ErrBadMntOption, "invalid rw value %q", kv[1])
}
+ case "consistency":
+ // Often used on MACs and mistakenly on Linux platforms.
+ // Since Docker ignores this option so shall we.
+ continue
default:
return nil, errors.Wrapf(util.ErrBadMntOption, kv[0])
}
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index bc9a95310..451a267b3 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -80,10 +80,19 @@ CIRRUS_CI="${CIRRUS_CI:-false}"
DEST_BRANCH="${DEST_BRANCH:-master}"
CONTINUOUS_INTEGRATION="${CONTINUOUS_INTEGRATION:-false}"
CIRRUS_REPO_NAME=${CIRRUS_REPO_NAME:-podman}
-# N/B: CIRRUS_BASE_SHA is empty on branch and tag push.
-CIRRUS_BASE_SHA=${CIRRUS_BASE_SHA:-${CIRRUS_LAST_GREEN_CHANGE:-YOU_FOUND_A_BUG}}
-CIRRUS_BUILD_ID=${CIRRUS_BUILD_ID:-$RANDOM$(date +%s)} # must be short and unique
-
+# Cirrus only sets $CIRRUS_BASE_SHA properly for PRs, but $EPOCH_TEST_COMMIT
+# needs to be set from this value in order for `make validate` to run properly.
+# When running get_ci_vm.sh, most $CIRRUS_xyz variables are empty. Attempt
+# to accomidate both branch and get_ci_vm.sh testing by discovering the base
+# branch SHA value.
+# shellcheck disable=SC2154
+if [[ -z "$CIRRUS_BASE_SHA" ]] && [[ -z "$CIRRUS_TAG" ]]
+then # Operating on a branch, or under `get_ci_vm.sh`
+ CIRRUS_BASE_SHA=$(git rev-parse ${UPSTREAM_REMOTE:-origin}/$DEST_BRANCH)
+elif [[ -z "$CIRRUS_BASE_SHA" ]]
+then # Operating on a tag
+ CIRRUS_BASE_SHA=$(git rev-parse HEAD)
+fi
# The starting place for linting and code validation
EPOCH_TEST_COMMIT="$CIRRUS_BASE_SHA"
diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh
index 3292cea84..ccbdb63b6 100755
--- a/contrib/cirrus/runner.sh
+++ b/contrib/cirrus/runner.sh
@@ -23,22 +23,6 @@ function _run_ext_svc() {
$SCRIPT_BASE/ext_svc_check.sh
}
-function _run_smoke() {
- make gofmt
-
- # There is little value to validating commits after tag-push
- # and it's very difficult to automatically determine a starting commit.
- # $CIRRUS_TAG is only non-empty when executing due to a tag-push
- # shellcheck disable=SC2154
- if [[ -z "$CIRRUS_TAG" ]]; then
- # If PR consists of multiple commits, test that each compiles cleanly
- make .gitvalidation
-
- # PRs should include some way to test.
- $SCRIPT_BASE/pr-should-include-tests
- fi
-}
-
function _run_automation() {
$SCRIPT_BASE/cirrus_yaml_test.py
@@ -51,11 +35,14 @@ function _run_automation() {
}
function _run_validate() {
- # Confirm compile via prior task + cache
- bin/podman --version
- bin/podman-remote --version
+ # git-validation tool fails if $EPOCH_TEST_COMMIT is empty
+ # shellcheck disable=SC2154
+ if [[ -n "$EPOCH_TEST_COMMIT" ]]; then
+ make validate
+ else
+ warn "Skipping git-validation since \$EPOCH_TEST_COMMIT is empty"
+ fi
- make validate # Some items require a build
}
function _run_unit() {
diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh
index 9267b8a1c..4c95d0254 100755
--- a/contrib/cirrus/setup_environment.sh
+++ b/contrib/cirrus/setup_environment.sh
@@ -181,7 +181,6 @@ esac
# shellcheck disable=SC2154
case "$TEST_FLAVOR" in
ext_svc) ;;
- smoke) ;&
validate)
# For some reason, this is also needed for validation
make .install.pre-commit
diff --git a/hack/get_ci_vm.sh b/hack/get_ci_vm.sh
index d1e38eb35..4f6c42a06 100755
--- a/hack/get_ci_vm.sh
+++ b/hack/get_ci_vm.sh
@@ -157,11 +157,14 @@ parse_args(){
VM_IMAGE_NAME="$1"
- # Word-splitting is desirable in this case
- # shellcheck disable=SC2207
+ # Word-splitting is desirable in this case.
+ # Values are used literally (with '=') as args to future `env` command.
+ # get_env_vars() will take care of properly quoting it's output.
+ # shellcheck disable=SC2207,SC2191
ENVS=(
$(get_env_vars)
- "VM_IMAGE_NAME=$VM_IMAGE_NAME"
+ VM_IMAGE_NAME="$VM_IMAGE_NAME"
+ UPSTREAM_REMOTE="upstream"
)
VMNAME="${VMNAME:-${USER}-${VM_IMAGE_NAME}}"
@@ -263,7 +266,7 @@ echo -e "Note: Script can be re-used in another terminal if needed."
echo -e "${RED}(option to delete VM presented upon exiting).${NOR}"
# TODO: This is fairly fragile, specifically the quoting for the remote command.
echo '#!/bin/bash' > $TMPDIR/ssh
-echo "$SSH_CMD -- -t 'cd $GOSRC && exec env \"${ENVS[*]}\" bash -il'" >> $TMPDIR/ssh
+echo "$SSH_CMD -- -t 'cd $GOSRC && exec env ${ENVS[*]} bash -il'" >> $TMPDIR/ssh
chmod +x $TMPDIR/ssh
showrun $TMPDIR/ssh
diff --git a/libpod/container.go b/libpod/container.go
index 58bf95470..ed7535bc8 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -1073,6 +1073,18 @@ func networkDisabled(c *Container) (bool, error) {
return false, nil
}
+func (c *Container) HostNetwork() bool {
+ if c.config.CreateNetNS || c.config.NetNsCtr != "" {
+ return false
+ }
+ for _, ns := range c.config.Spec.Linux.Namespaces {
+ if ns.Type == spec.NetworkNamespace {
+ return false
+ }
+ }
+ return true
+}
+
// ContainerState returns containerstate struct
func (c *Container) ContainerState() (*ContainerState, error) {
if !c.batched {
diff --git a/libpod/kube.go b/libpod/kube.go
index b5197293e..bf314b9a3 100644
--- a/libpod/kube.go
+++ b/libpod/kube.go
@@ -49,6 +49,7 @@ func (p *Pod) GenerateForKube() (*v1.Pod, []v1.ServicePort, error) {
}
extraHost := make([]v1.HostAlias, 0)
+ hostNetwork := false
if p.HasInfraContainer() {
infraContainer, err := p.getInfraContainer()
if err != nil {
@@ -69,9 +70,9 @@ func (p *Pod) GenerateForKube() (*v1.Pod, []v1.ServicePort, error) {
return nil, servicePorts, err
}
servicePorts = containerPortsToServicePorts(ports)
-
+ hostNetwork = p.config.InfraContainer.HostNetwork
}
- pod, err := p.podWithContainers(allContainers, ports)
+ pod, err := p.podWithContainers(allContainers, ports, hostNetwork)
if err != nil {
return nil, servicePorts, err
}
@@ -167,7 +168,7 @@ func containersToServicePorts(containers []v1.Container) []v1.ServicePort {
return sps
}
-func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPort) (*v1.Pod, error) {
+func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPort, hostNetwork bool) (*v1.Pod, error) {
deDupPodVolumes := make(map[string]*v1.Volume)
first := true
podContainers := make([]v1.Container, 0, len(containers))
@@ -220,10 +221,10 @@ func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPor
podVolumes = append(podVolumes, *vol)
}
- return addContainersAndVolumesToPodObject(podContainers, podVolumes, p.Name(), &dnsInfo), nil
+ return addContainersAndVolumesToPodObject(podContainers, podVolumes, p.Name(), &dnsInfo, hostNetwork), nil
}
-func addContainersAndVolumesToPodObject(containers []v1.Container, volumes []v1.Volume, podName string, dnsOptions *v1.PodDNSConfig) *v1.Pod {
+func addContainersAndVolumesToPodObject(containers []v1.Container, volumes []v1.Volume, podName string, dnsOptions *v1.PodDNSConfig, hostNetwork bool) *v1.Pod {
tm := v12.TypeMeta{
Kind: "Pod",
APIVersion: "v1",
@@ -242,8 +243,9 @@ func addContainersAndVolumesToPodObject(containers []v1.Container, volumes []v1.
CreationTimestamp: v12.Now(),
}
ps := v1.PodSpec{
- Containers: containers,
- Volumes: volumes,
+ Containers: containers,
+ Volumes: volumes,
+ HostNetwork: hostNetwork,
}
if dnsOptions != nil {
ps.DNSConfig = dnsOptions
@@ -261,8 +263,12 @@ func addContainersAndVolumesToPodObject(containers []v1.Container, volumes []v1.
func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) {
kubeCtrs := make([]v1.Container, 0, len(ctrs))
kubeVolumes := make([]v1.Volume, 0)
+ hostNetwork := true
podDNS := v1.PodDNSConfig{}
for _, ctr := range ctrs {
+ if !ctr.HostNetwork() {
+ hostNetwork = false
+ }
kubeCtr, kubeVols, ctrDNS, err := containerToV1Container(ctr)
if err != nil {
return nil, err
@@ -303,7 +309,7 @@ func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) {
}
} // end if ctrDNS
}
- return addContainersAndVolumesToPodObject(kubeCtrs, kubeVolumes, strings.ReplaceAll(ctrs[0].Name(), "_", ""), &podDNS), nil
+ return addContainersAndVolumesToPodObject(kubeCtrs, kubeVolumes, strings.ReplaceAll(ctrs[0].Name(), "_", ""), &podDNS, hostNetwork), nil
}
// containerToV1Container converts information we know about a libpod container
diff --git a/pkg/util/mountOpts.go b/pkg/util/mountOpts.go
index 580aaf4f2..b3a38f286 100644
--- a/pkg/util/mountOpts.go
+++ b/pkg/util/mountOpts.go
@@ -86,6 +86,10 @@ func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string
return nil, errors.Wrapf(ErrDupeMntOption, "the 'tmpcopyup' or 'notmpcopyup' option can only be set once")
}
foundCopyUp = true
+ case "consistency":
+ // Often used on MACs and mistakenly on Linux platforms.
+ // Since Docker ignores this option so shall we.
+ continue
case "notmpcopyup":
if !isTmpfs {
return nil, errors.Wrapf(ErrBadMntOption, "the 'notmpcopyup' option is only allowed with tmpfs mounts")
diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go
index 8800f9057..83b9cfb14 100644
--- a/test/e2e/generate_kube_test.go
+++ b/test/e2e/generate_kube_test.go
@@ -60,6 +60,7 @@ var _ = Describe("Podman generate kube", func() {
pod := new(v1.Pod)
err := yaml.Unmarshal(kube.Out.Contents(), pod)
Expect(err).To(BeNil())
+ Expect(pod.Spec.HostNetwork).To(Equal(false))
numContainers := 0
for range pod.Spec.Containers {
@@ -144,6 +145,7 @@ var _ = Describe("Podman generate kube", func() {
pod := new(v1.Pod)
err := yaml.Unmarshal(kube.Out.Contents(), pod)
Expect(err).To(BeNil())
+ Expect(pod.Spec.HostNetwork).To(Equal(false))
numContainers := 0
for range pod.Spec.Containers {
@@ -152,6 +154,40 @@ var _ = Describe("Podman generate kube", func() {
Expect(numContainers).To(Equal(1))
})
+ It("podman generate kube on pod with host network", func() {
+ podSession := podmanTest.Podman([]string{"pod", "create", "--name", "testHostNetwork", "--network", "host"})
+ podSession.WaitWithDefaultTimeout()
+ Expect(podSession.ExitCode()).To(Equal(0))
+
+ session := podmanTest.Podman([]string{"create", "--name", "topcontainer", "--pod", "testHostNetwork", "--network", "host", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ kube := podmanTest.Podman([]string{"generate", "kube", "testHostNetwork"})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ pod := new(v1.Pod)
+ err := yaml.Unmarshal(kube.Out.Contents(), pod)
+ Expect(err).To(BeNil())
+ Expect(pod.Spec.HostNetwork).To(Equal(true))
+ })
+
+ It("podman generate kube on container with host network", func() {
+ session := podmanTest.RunTopContainerWithArgs("topcontainer", []string{"--network", "host"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ kube := podmanTest.Podman([]string{"generate", "kube", "topcontainer"})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ pod := new(v1.Pod)
+ err := yaml.Unmarshal(kube.Out.Contents(), pod)
+ Expect(err).To(BeNil())
+ Expect(pod.Spec.HostNetwork).To(Equal(true))
+ })
+
It("podman generate kube on pod with hostAliases", func() {
podName := "testHost"
testIP := "127.0.0.1"
diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go
index 7c74cea78..bc89b59de 100644
--- a/test/e2e/run_volume_test.go
+++ b/test/e2e/run_volume_test.go
@@ -110,7 +110,7 @@ var _ = Describe("Podman run with volumes", func() {
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(ContainSubstring(dest + " ro"))
- session = podmanTest.Podman([]string{"run", "--rm", "--mount", mount + ",shared", ALPINE, "grep", dest, "/proc/self/mountinfo"})
+ session = podmanTest.Podman([]string{"run", "--rm", "--mount", mount + ",consistency=delegated,shared", ALPINE, "grep", dest, "/proc/self/mountinfo"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
found, matches := session.GrepString(dest)