diff options
30 files changed, 263 insertions, 169 deletions
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go index f945c9c54..6c91bedfe 100644 --- a/cmd/podman/common/create_opts.go +++ b/cmd/podman/common/create_opts.go @@ -3,6 +3,7 @@ package common import ( "fmt" "net" + "os" "path/filepath" "strconv" "strings" @@ -13,6 +14,7 @@ import ( "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/podman/v3/pkg/specgen" + "github.com/pkg/errors" ) type ContainerCLIOpts struct { @@ -395,8 +397,16 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, cgroup cliOpts.Ulimit = ulimits } } + if cc.HostConfig.Resources.NanoCPUs > 0 { + if cliOpts.CPUPeriod != 0 || cliOpts.CPUQuota != 0 { + return nil, nil, errors.Errorf("NanoCpus conflicts with CpuPeriod and CpuQuota") + } + cliOpts.CPUPeriod = 100000 + cliOpts.CPUQuota = cc.HostConfig.Resources.NanoCPUs / 10000 + } // volumes + volSources := make(map[string]bool) volDestinations := make(map[string]bool) for _, vol := range cc.HostConfig.Binds { cliOpts.Volume = append(cliOpts.Volume, vol) @@ -407,6 +417,7 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, cgroup case 1: volDestinations[vol] = true default: + volSources[splitVol[0]] = true volDestinations[splitVol[1]] = true } } @@ -421,6 +432,19 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, cgroup } cliOpts.Volume = append(cliOpts.Volume, vol) } + // Make mount points for compat volumes + for vol := range volSources { + // This might be a named volume. + // Assume it is if it's not an absolute path. + if !filepath.IsAbs(vol) { + continue + } + if err := os.MkdirAll(vol, 0755); err != nil { + if !os.IsExist(err) { + return nil, nil, errors.Wrapf(err, "error making volume mountpoint for volume %s", vol) + } + } + } if len(cc.HostConfig.BlkioWeightDevice) > 0 { devices := make([]string, 0, len(cc.HostConfig.BlkioWeightDevice)) for _, d := range cc.HostConfig.BlkioWeightDevice { diff --git a/docs/source/markdown/podman-system-service.1.md b/docs/source/markdown/podman-system-service.1.md index 70764823c..54ce3f040 100644 --- a/docs/source/markdown/podman-system-service.1.md +++ b/docs/source/markdown/podman-system-service.1.md @@ -34,7 +34,7 @@ Print usage statement. Run an API listening for 5 seconds using the default socket. ``` -podman system service --timeout 5000 +podman system service --time 5 ``` ## SEE ALSO diff --git a/libpod/define/version.go b/libpod/define/version.go index 67dc730ac..5249b5d84 100644 --- a/libpod/define/version.go +++ b/libpod/define/version.go @@ -5,7 +5,7 @@ import ( "strconv" "time" - podmanVersion "github.com/containers/podman/v3/version" + "github.com/containers/podman/v3/version" ) // Overwritten at build time @@ -42,8 +42,8 @@ func GetVersion() (Version, error) { } } return Version{ - APIVersion: podmanVersion.APIVersion.String(), - Version: podmanVersion.Version.String(), + APIVersion: version.APIVersion[version.Libpod][version.CurrentAPI].String(), + Version: version.Version.String(), GoVersion: runtime.Version(), GitCommit: gitCommit, BuiltTime: time.Unix(buildTime, 0).Format(time.ANSIC), diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 0526e646e..d6968a6b5 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -809,7 +809,7 @@ func (r *Runtime) teardownCNI(ctr *Container) error { requestedMAC = ctr.config.StaticMAC } - podNetwork := r.getPodNetwork(ctr.ID(), ctr.Name(), ctr.state.NetNS.Path(), networks, ctr.config.PortMappings, requestedIP, requestedMAC, ContainerNetworkDescriptions{}) + podNetwork := r.getPodNetwork(ctr.ID(), ctr.Name(), ctr.state.NetNS.Path(), networks, ctr.config.PortMappings, requestedIP, requestedMAC, ctr.state.NetInterfaceDescriptions) if err := r.netPlugin.TearDownPod(podNetwork); err != nil { return errors.Wrapf(err, "error tearing down CNI namespace configuration for container %s", ctr.ID()) diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 492bc807a..ef5f6fb0c 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -113,9 +113,11 @@ func newConmonOCIRuntime(name string, paths []string, conmonPath string, runtime // TODO: probe OCI runtime for feature and enable automatically if // available. - runtime.supportsJSON = supportsJSON[name] - runtime.supportsNoCgroups = supportsNoCgroups[name] - runtime.supportsKVM = supportsKVM[name] + + base := filepath.Base(name) + runtime.supportsJSON = supportsJSON[base] + runtime.supportsNoCgroups = supportsNoCgroups[base] + runtime.supportsKVM = supportsKVM[base] foundPath := false for _, path := range paths { diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go index 009fcf7e8..e06f93b89 100644 --- a/pkg/api/handlers/compat/images_build.go +++ b/pkg/api/handlers/compat/images_build.go @@ -222,9 +222,17 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { // convert label formats var labels = []string{} if _, found := r.URL.Query()["labels"]; found { - if err := json.Unmarshal([]byte(query.Labels), &labels); err != nil { - utils.BadRequest(w, "labels", query.Labels, err) - return + makeLabels := make(map[string]string) + err := json.Unmarshal([]byte(query.Labels), &makeLabels) + if err == nil { + for k, v := range makeLabels { + labels = append(labels, k+"="+v) + } + } else { + if err := json.Unmarshal([]byte(query.Labels), &labels); err != nil { + utils.BadRequest(w, "labels", query.Labels, err) + return + } } } jobs := 1 diff --git a/pkg/api/handlers/compat/version.go b/pkg/api/handlers/compat/version.go index d90a892c1..fae147440 100644 --- a/pkg/api/handlers/compat/version.go +++ b/pkg/api/handlers/compat/version.go @@ -10,6 +10,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/domain/entities" + "github.com/containers/podman/v3/version" docker "github.com/docker/docker/api/types" "github.com/pkg/errors" ) @@ -35,20 +36,20 @@ func VersionHandler(w http.ResponseWriter, r *http.Request) { Name: "Podman Engine", Version: versionInfo.Version, Details: map[string]string{ - "APIVersion": utils.APIVersion[utils.LibpodTree][utils.CurrentAPIVersion].String(), + "APIVersion": version.APIVersion[version.Libpod][version.CurrentAPI].String(), "Arch": goRuntime.GOARCH, "BuildTime": time.Unix(versionInfo.Built, 0).Format(time.RFC3339), "Experimental": "true", "GitCommit": versionInfo.GitCommit, "GoVersion": versionInfo.GoVersion, "KernelVersion": infoData.Host.Kernel, - "MinAPIVersion": utils.APIVersion[utils.LibpodTree][utils.MinimalAPIVersion].String(), + "MinAPIVersion": version.APIVersion[version.Libpod][version.MinimalAPI].String(), "Os": goRuntime.GOOS, }, }} - apiVersion := utils.APIVersion[utils.CompatTree][utils.CurrentAPIVersion] - minVersion := utils.APIVersion[utils.CompatTree][utils.MinimalAPIVersion] + apiVersion := version.APIVersion[version.Compat][version.CurrentAPI] + minVersion := version.APIVersion[version.Compat][version.MinimalAPI] utils.WriteResponse(w, http.StatusOK, entities.ComponentVersion{ Version: docker.Version{ diff --git a/pkg/api/handlers/utils/handler.go b/pkg/api/handlers/utils/handler.go index b3c674788..7625f9546 100644 --- a/pkg/api/handlers/utils/handler.go +++ b/pkg/api/handlers/utils/handler.go @@ -10,49 +10,14 @@ import ( "unsafe" "github.com/blang/semver" + "github.com/containers/podman/v3/version" "github.com/gorilla/mux" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) -type ( - // VersionTree determines which API endpoint tree for version - VersionTree int - // VersionLevel determines which API level, current or something from the past - VersionLevel int -) - -const ( - // LibpodTree supports Libpod endpoints - LibpodTree = VersionTree(iota) - // CompatTree supports Libpod endpoints - CompatTree - - // CurrentAPIVersion announces what is the current API level - CurrentAPIVersion = VersionLevel(iota) - // MinimalAPIVersion announces what is the oldest API level supported - MinimalAPIVersion -) - var ( - // See https://docs.docker.com/engine/api/v1.40/ - // libpod compat handlers are expected to honor docker API versions - - // APIVersion provides the current and minimal API versions for compat and libpod endpoint trees - // Note: GET|HEAD /_ping is never versioned and provides the API-Version and Libpod-API-Version headers to allow - // clients to shop for the Version they wish to support - APIVersion = map[VersionTree]map[VersionLevel]semver.Version{ - LibpodTree: { - CurrentAPIVersion: semver.MustParse("3.0.0"), - MinimalAPIVersion: semver.MustParse("3.0.0"), - }, - CompatTree: { - CurrentAPIVersion: semver.MustParse("1.40.0"), - MinimalAPIVersion: semver.MustParse("1.24.0"), - }, - } - // ErrVersionNotGiven returned when version not given by client ErrVersionNotGiven = errors.New("version not given in URL path") // ErrVersionNotSupported returned when given version is too old @@ -98,14 +63,14 @@ func SupportedVersion(r *http.Request, condition string) (semver.Version, error) // SupportedVersionWithDefaults validates that the version provided by client valid is supported by server // minimal API version <= client path version <= maximum API version focused on the endpoint tree from URL func SupportedVersionWithDefaults(r *http.Request) (semver.Version, error) { - tree := CompatTree + tree := version.Compat if IsLibpodRequest(r) { - tree = LibpodTree + tree = version.Libpod } return SupportedVersion(r, - fmt.Sprintf(">=%s <=%s", APIVersion[tree][MinimalAPIVersion].String(), - APIVersion[tree][CurrentAPIVersion].String())) + fmt.Sprintf(">=%s <=%s", version.APIVersion[tree][version.MinimalAPI].String(), + version.APIVersion[tree][version.CurrentAPI].String())) } // WriteResponse encodes the given value as JSON or string and renders it for http client diff --git a/pkg/api/handlers/utils/handler_test.go b/pkg/api/handlers/utils/handler_test.go index d9fd22b80..18a1d2678 100644 --- a/pkg/api/handlers/utils/handler_test.go +++ b/pkg/api/handlers/utils/handler_test.go @@ -7,17 +7,18 @@ import ( "net/http/httptest" "testing" + "github.com/containers/podman/v3/version" "github.com/gorilla/mux" ) func TestSupportedVersion(t *testing.T) { req, err := http.NewRequest("GET", - fmt.Sprintf("/v%s/libpod/testing/versions", APIVersion[LibpodTree][CurrentAPIVersion]), + fmt.Sprintf("/v%s/libpod/testing/versions", version.APIVersion[version.Libpod][version.CurrentAPI]), nil) if err != nil { t.Fatal(err) } - req = mux.SetURLVars(req, map[string]string{"version": APIVersion[LibpodTree][CurrentAPIVersion].String()}) + req = mux.SetURLVars(req, map[string]string{"version": version.APIVersion[version.Libpod][version.CurrentAPI].String()}) rr := httptest.NewRecorder() handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/api/server/handler_api.go b/pkg/api/server/handler_api.go index e7bf94fc6..28b8706a8 100644 --- a/pkg/api/server/handler_api.go +++ b/pkg/api/server/handler_api.go @@ -8,6 +8,7 @@ import ( "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/auth" + "github.com/containers/podman/v3/version" "github.com/google/uuid" "github.com/sirupsen/logrus" ) @@ -55,10 +56,10 @@ func (s *APIServer) APIHandler(h http.HandlerFunc) http.HandlerFunc { c = context.WithValue(c, "idletracker", s.idleTracker) // nolint r = r.WithContext(c) - cv := utils.APIVersion[utils.CompatTree][utils.CurrentAPIVersion] + cv := version.APIVersion[version.Compat][version.CurrentAPI] w.Header().Set("API-Version", fmt.Sprintf("%d.%d", cv.Major, cv.Minor)) - lv := utils.APIVersion[utils.LibpodTree][utils.CurrentAPIVersion].String() + lv := version.APIVersion[version.Libpod][version.CurrentAPI].String() w.Header().Set("Libpod-API-Version", lv) w.Header().Set("Server", "Libpod/"+lv+" ("+runtime.GOOS+")") @@ -72,5 +73,5 @@ func (s *APIServer) APIHandler(h http.HandlerFunc) http.HandlerFunc { // VersionedPath prepends the version parsing code // any handler may override this default when registering URL(s) func VersionedPath(p string) string { - return "/v{version:[0-9][0-9.]*}" + p + return "/v{version:[0-9][0-9A-Za-z.-]*}" + p } diff --git a/pkg/bindings/bindings.go b/pkg/bindings/bindings.go deleted file mode 100644 index 14f306910..000000000 --- a/pkg/bindings/bindings.go +++ /dev/null @@ -1,26 +0,0 @@ -// Package bindings provides golang-based access -// to the Podman REST API. Users can then interact with API endpoints -// to manage containers, images, pods, etc. -// -// This package exposes a series of methods that allow users to firstly -// create their connection with the API endpoints. Once the connection -// is established, users can then manage the Podman container runtime. -package bindings - -import ( - "github.com/blang/semver" -) - -var ( - // PTrue is a convenience variable that can be used in bindings where - // a pointer to a bool (optional parameter) is required. - pTrue = true - PTrue = &pTrue - // PFalse is a convenience variable that can be used in bindings where - // a pointer to a bool (optional parameter) is required. - pFalse = false - PFalse = &pFalse - - // APIVersion - podman will fail to run if this value is wrong - APIVersion = semver.MustParse("2.0.0") -) diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go index ad16498d5..21a8e7a8b 100644 --- a/pkg/bindings/connection.go +++ b/pkg/bindings/connection.go @@ -14,6 +14,7 @@ import ( "github.com/blang/semver" "github.com/containers/podman/v3/pkg/terminal" + "github.com/containers/podman/v3/version" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -25,7 +26,7 @@ var ( BasePath = &url.URL{ Scheme: "http", Host: "d", - Path: "/v" + APIVersion.String() + "/libpod", + Path: "/v" + version.APIVersion[version.Libpod][version.CurrentAPI].String() + "/libpod", } ) @@ -168,15 +169,16 @@ func pingNewConnection(ctx context.Context) error { return err } - switch APIVersion.Compare(versionSrv) { + switch version.APIVersion[version.Libpod][version.MinimalAPI].Compare(versionSrv) { case -1, 0: // Server's job when Client version is equal or older return nil case 1: - return errors.Errorf("server API version is too old. Client %q server %q", APIVersion.String(), versionSrv.String()) + return errors.Errorf("server API version is too old. Client %q server %q", + version.APIVersion[version.Libpod][version.MinimalAPI].String(), versionSrv.String()) } } - return errors.Errorf("ping response was %q", response.StatusCode) + return errors.Errorf("ping response was %d", response.StatusCode) } func sshClient(_url *url.URL, secure bool, passPhrase string, identity string) (Connection, error) { diff --git a/pkg/bindings/test/attach_test.go b/pkg/bindings/test/attach_test.go index 16090e104..fbdf18d44 100644 --- a/pkg/bindings/test/attach_test.go +++ b/pkg/bindings/test/attach_test.go @@ -35,7 +35,7 @@ var _ = Describe("Podman containers attach", func() { It("can run top in container", func() { name := "TopAttachTest" - id, err := bt.RunTopContainer(&name, nil, nil) + id, err := bt.RunTopContainer(&name, nil) Expect(err).ShouldNot(HaveOccurred()) tickTock := time.NewTimer(2 * time.Second) diff --git a/pkg/bindings/test/common_test.go b/pkg/bindings/test/common_test.go index 588f38930..9bac4b620 100644 --- a/pkg/bindings/test/common_test.go +++ b/pkg/bindings/test/common_test.go @@ -188,14 +188,14 @@ func (b *bindingTest) restoreImageFromCache(i testImage) { // Run a container within or without a pod // and add or append the alpine image to it -func (b *bindingTest) RunTopContainer(containerName *string, insidePod *bool, podName *string) (string, error) { +func (b *bindingTest) RunTopContainer(containerName *string, podName *string) (string, error) { s := specgen.NewSpecGenerator(alpine.name, false) s.Terminal = false s.Command = []string{"/usr/bin/top"} if containerName != nil { s.Name = *containerName } - if insidePod != nil && podName != nil { + if podName != nil { s.Pod = *podName } ctr, err := containers.CreateWithSpec(b.conn, s, nil) diff --git a/pkg/bindings/test/containers_test.go b/pkg/bindings/test/containers_test.go index f2ab197ce..b0ddc7862 100644 --- a/pkg/bindings/test/containers_test.go +++ b/pkg/bindings/test/containers_test.go @@ -55,7 +55,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a running container by name", func() { // Pausing by name should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -69,7 +69,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a running container by id", func() { // Pausing by id should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -83,7 +83,7 @@ var _ = Describe("Podman containers ", func() { It("podman unpause a running container by name", func() { // Unpausing by name should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -99,7 +99,7 @@ var _ = Describe("Podman containers ", func() { It("podman unpause a running container by ID", func() { // Unpausing by ID should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Pause by name err = containers.Pause(bt.conn, name, nil) @@ -118,7 +118,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a paused container by name", func() { // Pausing a paused container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -131,7 +131,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a paused container by id", func() { // Pausing a paused container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -144,7 +144,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a stopped container by name", func() { // Pausing a stopped container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -157,7 +157,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a stopped container by id", func() { // Pausing a stopped container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -170,7 +170,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove a paused container by id without force", func() { // Removing a paused container without force should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -183,7 +183,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove a paused container by id with force", func() { // Removing a paused container with force should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -194,7 +194,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a paused container by name", func() { // Stopping a paused container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -207,7 +207,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a paused container by id", func() { // Stopping a paused container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -220,7 +220,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a running container by name", func() { // Stopping a running container by name should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -234,7 +234,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a running container by ID", func() { // Stopping a running container by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -256,7 +256,7 @@ var _ = Describe("Podman containers ", func() { Expect(code).To(BeNumerically("==", http.StatusNotFound)) errChan := make(chan error) - _, err = bt.RunTopContainer(&name, nil, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) go func() { exitCode, err = containers.Wait(bt.conn, name, nil) @@ -278,7 +278,7 @@ var _ = Describe("Podman containers ", func() { running = define.ContainerStateRunning ) errChan := make(chan error) - _, err := bt.RunTopContainer(&name, nil, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) go func() { exitCode, err = containers.Wait(bt.conn, name, new(containers.WaitOptions).WithCondition([]define.ContainerStatus{pause})) @@ -317,7 +317,7 @@ var _ = Describe("Podman containers ", func() { // a container that has no healthcheck should be a 409 var name = "top" - bt.RunTopContainer(&name, bindings.PFalse, nil) + bt.RunTopContainer(&name, nil) _, err = containers.RunHealthCheck(bt.conn, name, nil) Expect(err).ToNot(BeNil()) code, _ = bindings.CheckResponseCode(err) @@ -376,7 +376,7 @@ var _ = Describe("Podman containers ", func() { It("podman top", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // By name @@ -414,7 +414,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by name", func() { // Container existence check by name should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -424,7 +424,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by ID", func() { // Container existence check by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -434,7 +434,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by short ID", func() { // Container existence check by short ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, cid[0:12], nil) Expect(err).To(BeNil()) @@ -452,7 +452,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by name with SIGINT", func() { // Killing a running container should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, name, new(containers.KillOptions).WithSignal("SIGINT")) Expect(err).To(BeNil()) @@ -463,7 +463,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by ID with SIGTERM", func() { // Killing a running container by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("SIGTERM")) Expect(err).To(BeNil()) @@ -474,7 +474,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by ID with SIGKILL", func() { // Killing a running container by ID with TERM should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("SIGKILL")) Expect(err).To(BeNil()) @@ -483,7 +483,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by bogus signal", func() { //Killing a running container by bogus signal should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("foobar")) Expect(err).ToNot(BeNil()) @@ -495,9 +495,9 @@ var _ = Describe("Podman containers ", func() { // Killing latest container should work var name1 = "first" var name2 = "second" - _, err := bt.RunTopContainer(&name1, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name1, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) containerLatestList, err := containers.List(bt.conn, new(containers.ListOptions).WithLast(1)) Expect(err).To(BeNil()) @@ -526,7 +526,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune stopped containers", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -541,7 +541,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune stopped containers with filters", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -575,7 +575,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune running containers", func() { // Start the container. var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Check if the container is running. @@ -598,7 +598,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect running container", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Inspecting running container should succeed _, err = containers.Inspect(bt.conn, name, nil) @@ -607,7 +607,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect stopped container", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -618,7 +618,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect running container with size", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) _, err = containers.Inspect(bt.conn, name, new(containers.InspectOptions).WithSize(true)) Expect(err).To(BeNil()) @@ -626,7 +626,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect stopped container with size", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -643,7 +643,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, nil) @@ -654,7 +654,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, nil) @@ -665,7 +665,7 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, new(containers.RemoveOptions).WithForce(true)) @@ -676,7 +676,7 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, new(containers.RemoveOptions).WithForce(true)) @@ -687,7 +687,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container and volume by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, new(containers.RemoveOptions).WithVolumes(true)) @@ -698,7 +698,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container and volume by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, new(containers.RemoveOptions).WithVolumes(true)) @@ -709,7 +709,7 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container and volume by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, new(containers.RemoveOptions).WithVolumes(true).WithForce(true)) @@ -720,7 +720,7 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container and volume by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, new(containers.RemoveOptions).WithForce(true).WithVolumes(true)) @@ -732,9 +732,9 @@ var _ = Describe("Podman containers ", func() { It("List containers with filters", func() { var name = "top" var name2 = "top2" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) s := specgen.NewSpecGenerator(alpine.name, false) s.Terminal = true @@ -753,7 +753,7 @@ var _ = Describe("Podman containers ", func() { podName := "testpod" ctrName := "testctr" bt.Podcreate(&podName) - _, err := bt.RunTopContainer(&ctrName, bindings.PTrue, &podName) + _, err := bt.RunTopContainer(&ctrName, &podName) Expect(err).To(BeNil()) lastNum := 1 diff --git a/pkg/bindings/test/exec_test.go b/pkg/bindings/test/exec_test.go index 7a21be77f..c10452eaf 100644 --- a/pkg/bindings/test/exec_test.go +++ b/pkg/bindings/test/exec_test.go @@ -4,7 +4,6 @@ import ( "time" "github.com/containers/podman/v3/pkg/api/handlers" - "github.com/containers/podman/v3/pkg/bindings" "github.com/containers/podman/v3/pkg/bindings/containers" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -33,7 +32,7 @@ var _ = Describe("Podman containers exec", func() { It("Podman exec create makes an exec session", func() { name := "testCtr" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) execConfig := new(handlers.ExecCreateConfig) @@ -53,7 +52,7 @@ var _ = Describe("Podman containers exec", func() { It("Podman exec create with bad command fails", func() { name := "testCtr" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) execConfig := new(handlers.ExecCreateConfig) diff --git a/pkg/bindings/test/images_test.go b/pkg/bindings/test/images_test.go index db51d1e68..688bf049f 100644 --- a/pkg/bindings/test/images_test.go +++ b/pkg/bindings/test/images_test.go @@ -101,7 +101,7 @@ var _ = Describe("Podman images", func() { // Start a container with alpine image var top string = "top" - _, err = bt.RunTopContainer(&top, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&top, nil) Expect(err).To(BeNil()) // we should now have a container called "top" running containerResponse, err := containers.Inspect(bt.conn, "top", nil) diff --git a/pkg/bindings/test/info_test.go b/pkg/bindings/test/info_test.go index 3ca4b99b3..f61e8c370 100644 --- a/pkg/bindings/test/info_test.go +++ b/pkg/bindings/test/info_test.go @@ -49,17 +49,17 @@ var _ = Describe("Podman info", func() { _, err := containers.CreateWithSpec(bt.conn, s, nil) Expect(err).To(BeNil()) - idPause, err := bt.RunTopContainer(nil, nil, nil) + idPause, err := bt.RunTopContainer(nil, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, idPause, nil) Expect(err).To(BeNil()) - idStop, err := bt.RunTopContainer(nil, nil, nil) + idStop, err := bt.RunTopContainer(nil, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, idStop, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(nil, nil, nil) + _, err = bt.RunTopContainer(nil, nil) Expect(err).To(BeNil()) info, err := system.Info(bt.conn, nil) diff --git a/pkg/bindings/test/pods_test.go b/pkg/bindings/test/pods_test.go index 2b4eb05d3..b06ff31a2 100644 --- a/pkg/bindings/test/pods_test.go +++ b/pkg/bindings/test/pods_test.go @@ -63,7 +63,7 @@ var _ = Describe("Podman pods", func() { Expect(err).To(BeNil()) // Adding an alpine container to the existing pod - _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, &newpod) Expect(err).To(BeNil()) podSummary, err = pods.List(bt.conn, nil) // Verify no errors. @@ -93,7 +93,7 @@ var _ = Describe("Podman pods", func() { _, err = pods.Start(bt.conn, newpod, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, &newpod) Expect(err).To(BeNil()) // Expected err with invalid filter params @@ -179,7 +179,7 @@ var _ = Describe("Podman pods", func() { Expect(code).To(BeNumerically("==", http.StatusNotFound)) // Adding an alpine container to the existing pod - _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, &newpod) Expect(err).To(BeNil()) // Binding needs to be modified to inspect the pod state. diff --git a/pkg/bindings/test/system_test.go b/pkg/bindings/test/system_test.go index a68a8099c..68e9d9301 100644 --- a/pkg/bindings/test/system_test.go +++ b/pkg/bindings/test/system_test.go @@ -4,7 +4,6 @@ import ( "sync" "time" - "github.com/containers/podman/v3/pkg/bindings" "github.com/containers/podman/v3/pkg/bindings/containers" "github.com/containers/podman/v3/pkg/bindings/pods" "github.com/containers/podman/v3/pkg/bindings/system" @@ -41,7 +40,7 @@ var _ = Describe("Podman system", func() { It("podman events", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) filters := make(map[string][]string) @@ -72,7 +71,7 @@ var _ = Describe("Podman system", func() { Expect(err).To(BeNil()) // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -98,14 +97,14 @@ var _ = Describe("Podman system", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Start container and leave in running var name2 = "top2" - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) // Adding an unused volume @@ -132,14 +131,14 @@ var _ = Describe("Podman system", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Start second container and leave in running var name2 = "top2" - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) // Adding an unused volume should work @@ -167,14 +166,14 @@ var _ = Describe("Podman system", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Start second container and leave in running var name2 = "top2" - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) // Adding an unused volume should work diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index 562653403..ffd4856fe 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -583,8 +583,9 @@ func (ir *ImageEngine) Remove(ctx context.Context, images []string, opts entitie report.Deleted = append(report.Deleted, results.Deleted) report.Untagged = append(report.Untagged, results.Untagged...) return nil - case storage.ErrImageUnknown: - // The image must have been removed already (see #6510). + case storage.ErrImageUnknown, storage.ErrLayerUnknown: + // The image must have been removed already (see #6510) + // or the storage is corrupted (see #9617). report.Deleted = append(report.Deleted, img.ID()) report.Untagged = append(report.Untagged, img.ID()) return nil diff --git a/test/apiv2/01-basic.at b/test/apiv2/01-basic.at index 1ddf49c6f..1357e0ca6 100644 --- a/test/apiv2/01-basic.at +++ b/test/apiv2/01-basic.at @@ -18,7 +18,7 @@ t HEAD libpod/_ping 200 for i in /version version; do t GET $i 200 \ .Components[0].Name="Podman Engine" \ - .Components[0].Details.APIVersion=3.0.0 \ + .Components[0].Details.APIVersion=3.1.0-dev \ .Components[0].Details.MinAPIVersion=3.0.0 \ .Components[0].Details.Os=linux \ .ApiVersion=1.40 \ diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index 18364a47d..f73d03123 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -263,3 +263,12 @@ t GET containers/json 200 \ .[0].Ports[0].Type="tcp" podman stop bar + +# Test CPU limit (NanoCPUs) +t POST containers/create '"Image":"'$IMAGE'","HostConfig":{"NanoCpus":500000}' 201 \ + .Id~[0-9a-f]\\{64\\} +cid=$(jq -r '.Id' <<<"$output") +t GET containers/$cid/json 200 \ + .HostConfig.NanoCpus=500000 + +t DELETE containers/$cid?v=true 204 diff --git a/test/apiv2/44-mounts.at b/test/apiv2/44-mounts.at index fe202576d..5dc560852 100644 --- a/test/apiv2/44-mounts.at +++ b/test/apiv2/44-mounts.at @@ -4,7 +4,7 @@ podman pull $IMAGE &>/dev/null # Test various HostConfig options tmpfs_name="/mytmpfs" -t POST containers/create?name=hostconfig_test '"Image":"'$IMAGE'","Cmd":["df"],"HostConfig":{"TmpFs":{"'$tmpfs_name'":"rw"}}' 201 \ +t POST containers/create?name=hostconfig_test '"Image":"'$IMAGE'","Cmd":["df"],"HostConfig":{"Binds":["/tmp/doesnotexist:/test1"],"TmpFs":{"'$tmpfs_name'":"rw"}}' 201 \ .Id~[0-9a-f]\\{64\\} cid=$(jq -r '.Id' <<<"$output") diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go index eb8ad7181..e9a7b421f 100644 --- a/test/e2e/network_connect_disconnect_test.go +++ b/test/e2e/network_connect_disconnect_test.go @@ -193,6 +193,13 @@ var _ = Describe("Podman network connect and disconnect", func() { exec = podmanTest.Podman([]string{"exec", "-it", "test", "ip", "addr", "show", "eth1"}) exec.WaitWithDefaultTimeout() Expect(exec.ExitCode()).To(BeZero()) + + // make sure no logrus errors are shown https://github.com/containers/podman/issues/9602 + rm := podmanTest.Podman([]string{"rm", "-f", "test"}) + rm.WaitWithDefaultTimeout() + Expect(rm.ExitCode()).To(BeZero()) + Expect(rm.ErrorToString()).To(Equal("")) + }) It("podman network connect when not running", func() { diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go index 8c712b1be..6abe152a9 100644 --- a/test/e2e/run_selinux_test.go +++ b/test/e2e/run_selinux_test.go @@ -2,6 +2,7 @@ package integration import ( "os" + "path/filepath" . "github.com/containers/podman/v3/test/utils" . "github.com/onsi/ginkgo" @@ -294,4 +295,52 @@ var _ = Describe("Podman run", func() { Expect(session.ExitCode()).To(Equal(0)) Expect(session.OutputToString()).To(ContainSubstring("container_t")) }) + + It("podman test --ipc=net", func() { + session := podmanTest.Podman([]string{"run", "--net=host", ALPINE, "cat", "/proc/self/attr/current"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring("container_t")) + }) + + It("podman test --ipc=net", func() { + session := podmanTest.Podman([]string{"run", "--net=host", ALPINE, "cat", "/proc/self/attr/current"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring("container_t")) + }) + + It("podman test --runtime=/PATHTO/kata-runtime", func() { + runtime := podmanTest.OCIRuntime + podmanTest.OCIRuntime = filepath.Join(podmanTest.TempDir, "kata-runtime") + err := os.Symlink("/bin/true", podmanTest.OCIRuntime) + Expect(err).To(BeNil()) + if IsRemote() { + podmanTest.StopRemoteService() + podmanTest.StartRemoteService() + } + session := podmanTest.Podman([]string{"create", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + cid := session.OutputToString() + session = podmanTest.Podman([]string{"inspect", "--format", "{{ .ProcessLabel }}", cid}) + session.WaitWithDefaultTimeout() + Expect(session.OutputToString()).To(ContainSubstring("container_kvm_t")) + + podmanTest.OCIRuntime = runtime + if IsRemote() { + podmanTest.StopRemoteService() + podmanTest.StartRemoteService() + } + }) + + It("podman test init labels", func() { + session := podmanTest.Podman([]string{"create", ubi_init, "/sbin/init"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + cid := session.OutputToString() + session = podmanTest.Podman([]string{"inspect", "--format", "{{ .ProcessLabel }}", cid}) + session.WaitWithDefaultTimeout() + Expect(session.OutputToString()).To(ContainSubstring("container_init_t")) + }) }) diff --git a/test/python/docker/build_labels/Dockerfile b/test/python/docker/build_labels/Dockerfile new file mode 100644 index 000000000..f6e07066c --- /dev/null +++ b/test/python/docker/build_labels/Dockerfile @@ -0,0 +1 @@ +FROM quay.io/libpod/alpine:latest diff --git a/test/python/docker/compat/test_images.py b/test/python/docker/compat/test_images.py index 842e38f31..4a90069a9 100644 --- a/test/python/docker/compat/test_images.py +++ b/test/python/docker/compat/test_images.py @@ -149,6 +149,14 @@ class TestImages(unittest.TestCase): self.assertEqual(len(self.client.images.list()), 2) + def test_build_image(self): + labels = {"apple": "red", "grape": "green"} + _ = self.client.images.build(path="test/python/docker/build_labels", labels=labels, tag="labels") + image = self.client.images.get("labels") + self.assertEqual(image.labels["apple"], labels["apple"]) + self.assertEqual(image.labels["grape"], labels["grape"]) + + if __name__ == "__main__": # Setup temporary space diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats index 7482d3e55..215b2832e 100644 --- a/test/system/410-selinux.bats +++ b/test/system/410-selinux.bats @@ -39,17 +39,17 @@ function check_label() { } @test "podman selinux: container with label=disable" { - skip_if_rootless - check_label "--security-opt label=disable" "spc_t" } @test "podman selinux: privileged container" { - skip_if_rootless - check_label "--privileged --userns=host" "spc_t" } +@test "podman selinux: init container" { + check_label "--systemd=always" "container_init_t" +} + @test "podman selinux: pid=host" { # FIXME FIXME FIXME: Remove these lines once all VMs have >= 2.146.0 # (this is ugly, but better than an unconditional skip) @@ -74,6 +74,18 @@ function check_label() { check_label "--security-opt label=level:s0:c1,c2" "container_t" "s0:c1,c2" } +@test "podman selinux: inspect kvm labels" { + skip_if_no_selinux + skip_if_remote "runtime flag is not passed over remote" + if [ ! -e /usr/bin/kata-runtime ]; then + skip "kata-runtime not available" + fi + + run_podman create --runtime=kata --name myc $IMAGE + run_podman inspect --format='{{ .ProcessLabel }}' myc + is "$output" ".*container_kvm_t.*" +} + # pr #6752 @test "podman selinux: inspect multiple labels" { skip_if_no_selinux diff --git a/version/version.go b/version/version.go index 520014bb7..6b93ed8ea 100644 --- a/version/version.go +++ b/version/version.go @@ -4,13 +4,44 @@ import ( "github.com/blang/semver" ) +type ( + // Tree determines which API endpoint tree for version + Tree int + // Level determines which API level, current or something from the past + Level int +) + +const ( + // Libpod supports Libpod endpoints + Libpod = Tree(iota) + // Compat supports Libpod endpoints + Compat + + // CurrentAPI announces what is the current API level + CurrentAPI = Level(iota) + // MinimalAPI announces what is the oldest API level supported + MinimalAPI +) + // Version is the version of the build. // NOTE: remember to bump the version at the top // of the top-level README.md file when this is // bumped. var Version = semver.MustParse("3.1.0-dev") -// APIVersion is the version for the remote -// client API. It is used to determine compatibility -// between a remote podman client and its backend -var APIVersion = semver.MustParse("3.0.0") +// See https://docs.docker.com/engine/api/v1.40/ +// libpod compat handlers are expected to honor docker API versions + +// APIVersion provides the current and minimal API versions for compat and libpod endpoint trees +// Note: GET|HEAD /_ping is never versioned and provides the API-Version and Libpod-API-Version headers to allow +// clients to shop for the Version they wish to support +var APIVersion = map[Tree]map[Level]semver.Version{ + Libpod: { + CurrentAPI: Version, + MinimalAPI: semver.MustParse("3.0.0"), + }, + Compat: { + CurrentAPI: semver.MustParse("1.40.0"), + MinimalAPI: semver.MustParse("1.24.0"), + }, +} |