diff options
| -rw-r--r-- | libpod/container_internal.go | 5 | ||||
| -rw-r--r-- | libpod/container_internal_linux.go | 5 | ||||
| -rw-r--r-- | pkg/autoupdate/autoupdate.go | 6 | ||||
| -rw-r--r-- | test/e2e/run_volume_test.go | 20 | ||||
| -rw-r--r-- | test/system/255-auto-update.bats | 3 |
5 files changed, 31 insertions, 8 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 6717ada59..9082b136a 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -1072,6 +1072,11 @@ func (c *Container) init(ctx context.Context, retainRetries bool) error { return err } + // Make sure the workdir exists while initializing container + if err := c.resolveWorkDir(); err != nil { + return err + } + // Save the OCI newSpec to disk if err := c.saveSpec(newSpec); err != nil { return err diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 8b73c82de..b624f44ac 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -176,11 +176,6 @@ func (c *Container) prepare() error { return err } - // Make sure the workdir exists - if err := c.resolveWorkDir(); err != nil { - return err - } - return nil } diff --git a/pkg/autoupdate/autoupdate.go b/pkg/autoupdate/autoupdate.go index b1ebbfa8e..894178bb9 100644 --- a/pkg/autoupdate/autoupdate.go +++ b/pkg/autoupdate/autoupdate.go @@ -224,7 +224,7 @@ func autoUpdateRegistry(ctx context.Context, image *libimage.Image, ctr *libpod. return report, nil } - if _, err := updateImage(ctx, runtime, rawImageName, options); err != nil { + if _, err := updateImage(ctx, runtime, rawImageName, authfile); err != nil { return report, errors.Wrapf(err, "registry auto-updating container %q: image update for %q failed", cid, rawImageName) } updatedRawImages[rawImageName] = true @@ -417,9 +417,9 @@ func newerLocalImageAvailable(runtime *libpod.Runtime, img *libimage.Image, rawI } // updateImage pulls the specified image. -func updateImage(ctx context.Context, runtime *libpod.Runtime, name string, options *entities.AutoUpdateOptions) (*libimage.Image, error) { +func updateImage(ctx context.Context, runtime *libpod.Runtime, name, authfile string) (*libimage.Image, error) { pullOptions := &libimage.PullOptions{} - pullOptions.AuthFilePath = options.Authfile + pullOptions.AuthFilePath = authfile pullOptions.Writer = os.Stderr pulledImages, err := runtime.LibimageRuntime().Pull(ctx, name, config.PullPolicyAlways, pullOptions) diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go index d1f6ea80e..59937b6c0 100644 --- a/test/e2e/run_volume_test.go +++ b/test/e2e/run_volume_test.go @@ -222,6 +222,26 @@ var _ = Describe("Podman run with volumes", func() { Expect(matches[0]).To(Not(ContainSubstring("nosuid"))) }) + // Container should start when workdir is overlayed volume + It("podman run with volume mounted as overlay and used as workdir", func() { + SkipIfRemote("Overlay volumes only work locally") + if os.Getenv("container") != "" { + Skip("Overlay mounts not supported when running in a container") + } + if rootless.IsRootless() { + if _, err := exec.LookPath("fuse-overlayfs"); err != nil { + Skip("Fuse-Overlayfs required for rootless overlay mount test") + } + } + mountPath := filepath.Join(podmanTest.TempDir, "secrets") + os.Mkdir(mountPath, 0755) + + //Container should be able to start with custom overlayed volume + session := podmanTest.Podman([]string{"run", "--rm", "-v", mountPath + ":/data:O", "--workdir=/data", ALPINE, "echo", "hello"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + }) + It("podman run with noexec can't exec", func() { session := podmanTest.Podman([]string{"run", "--rm", "-v", "/bin:/hostbin:noexec", ALPINE, "/hostbin/ls", "/"}) session.WaitWithDefaultTimeout() diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index 7766ca3f9..b172bb917 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -149,6 +149,9 @@ function _confirm_update() { } @test "podman auto-update - label io.containers.autoupdate=image with rollback" { + # FIXME: this test should exercise the authfile label to have a regression + # test for #11171. + # Note: the autoupdatebroken image is empty on purpose so it cannot be # executed and force a rollback. The rollback test for the local policy # is exercising the case where the container doesn't send a ready message. |