6 files changed, 136 insertions, 26 deletions

diff --git a/.cirrus.yml b/.cirrus.yml
index 968854771..9897a9f7f 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -637,6 +637,33 @@ rootless_system_test_task:
     main_script: *main
     always: *logs_artifacts
 
+rootless_gitlab_test_task:
+    name: *std_name_fmt
+    alias: rootless_gitlab_test
+    skip: *tags
+    only_if: *not_docs
+    # Community-maintained downstream test may fail unexpectedly.
+    # Ref. repository: https://gitlab.com/gitlab-org/gitlab-runner
+    # If necessary, uncomment the next line and file issue(s) with details.
+    # allow_failures: $CI == $CI
+    depends_on:
+      - rootless_integration_test
+    gce_instance: *standardvm
+    env:
+        <<: *ubuntu_envvars
+        TEST_FLAVOR: 'gitlab'
+        PRIV_NAME: rootless
+    clone_script: *noop  # Comes from cache
+    gopath_cache: *ro_gopath_cache
+    setup_script: *setup
+    main_script: *main
+    always:
+        <<: *logs_artifacts
+        junit_artifacts:
+            path: gitlab-runner-podman.xml
+            type: text/xml
+            format: junit
+
 upgrade_test_task:
     name: "Upgrade test: from $PODMAN_UPGRADE_FROM"
     alias: upgrade_test
@@ -720,6 +747,7 @@ success_task:
         - local_system_test
         - remote_system_test
         - rootless_system_test
+        - rootless_gitlab_test
         - upgrade_test
         - buildah_bud_test
         - meta
diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh
index 128398c38..22a66dd08 100755
--- a/contrib/cirrus/runner.sh
+++ b/contrib/cirrus/runner.sh
@@ -286,6 +286,23 @@ function _run_release() {
     msg "All OK"
 }
 
+
+function _run_gitlab() {
+    rootless_uid=$(id -u)
+    systemctl enable --now --user podman.socket
+    export DOCKER_HOST=unix:///run/user/${rootless_uid}/podman/podman.sock
+    export CONTAINER_HOST=$DOCKER_HOST
+    cd $GOPATH/src/gitlab.com/gitlab-org/gitlab-runner
+    set +e
+    go test -v ./executors/docker |& tee $GOSRC/gitlab-runner-podman.log
+    ret=$?
+    set -e
+    # This file is collected and parsed by Cirrus-CI so must be in $GOSRC
+    cat $GOSRC/gitlab-runner-podman.log | \
+        go-junit-report > $GOSRC/gitlab-runner-podman.xml
+    return $ret
+}
+
 logformatter() {
     if [[ "$CI" == "true" ]]; then
         # Use similar format as human-friendly task name from .cirrus.yml
diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh
index 41b155943..ef1f83024 100755
--- a/contrib/cirrus/setup_environment.sh
+++ b/contrib/cirrus/setup_environment.sh
@@ -243,6 +243,44 @@ case "$TEST_FLAVOR" in
 
         install_test_configs
         ;;
+    gitlab)
+        # This only runs on Ubuntu for now
+        if [[ "$OS_RELEASE_ID" != "ubuntu" ]]; then
+            die "This test only runs on Ubuntu due to sheer laziness"
+        fi
+
+        # Ref: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27270#note_499585550
+
+        remove_packaged_podman_files
+        make install PREFIX=/usr ETCDIR=/etc
+
+        # Need to re-build lists (removed during image production)
+        ooe.sh apt-get -qq -y update
+        msg "Installing previously downloaded/cached packages"
+        # N/B: Tests check/expect `docker info` output, and this `!= podman info`
+        ooe.sh apt-get install --yes --no-download --ignore-missing containerd.io docker-ce docker-ce-cli
+
+        msg "Disabling docker service and socket activation"
+        systemctl stop docker.service docker.socket
+        systemctl disable docker.service docker.socket
+        rm -rf /run/docker*
+        # Guarantee the docker daemon can't be started, even by accident
+        rm -vf $(type -P dockerd)
+
+        msg "Obtaining necessary gitlab-runner testing bits"
+        slug="gitlab.com/gitlab-org/gitlab-runner"
+        helper_fqin="registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-latest-pwsh"
+        ssh="ssh $ROOTLESS_USER@localhost -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no env GOPATH=$GOPATH"
+        showrun $ssh go get -u github.com/jstemmer/go-junit-report
+        showrun $ssh git clone https://$slug $GOPATH/src/$slug
+        showrun $ssh make -C $GOPATH/src/$slug development_setup
+        showrun $ssh bash -c "'cd $GOPATH/src/$slug && GOPATH=$GOPATH go get .'"
+
+        showrun $ssh podman pull $helper_fqin
+        # Tests expect image with this exact name
+        showrun $ssh podman tag $helper_fqin \
+            docker.io/gitlab/gitlab-runner-helper:x86_64-latest-pwsh
+        ;;
     swagger) ;&  # use next item
     consistency) make clean ;;
     release) ;;
diff --git a/libpod/network/cni/config.go b/libpod/network/cni/config.go
index 670ee0c65..3df155637 100644
--- a/libpod/network/cni/config.go
+++ b/libpod/network/cni/config.go
@@ -170,7 +170,11 @@ func (n *cniNetwork) NetworkRemove(nameOrID string) error {
 	file := network.filename
 	delete(n.networks, network.libpodNet.Name)
 
-	return os.Remove(file)
+	// make sure to not error for ErrNotExist
+	if err := os.Remove(file); err != nil && !errors.Is(err, os.ErrNotExist) {
+		return err
+	}
+	return nil
 }
 
 // NetworkList will return all known Networks. Optionally you can
diff --git a/libpod/network/cni/config_test.go b/libpod/network/cni/config_test.go
index a0a0ea1af..288cf4626 100644
--- a/libpod/network/cni/config_test.go
+++ b/libpod/network/cni/config_test.go
@@ -1021,6 +1021,27 @@ var _ = Describe("Config", func() {
 			Expect(err.Error()).To(ContainSubstring("subnet 10.10.0.0/24 is already used on the host or by another config"))
 		})
 
+		It("remove network should not error when config file does not exists on disk", func() {
+			name := "mynet"
+			network := types.Network{Name: name}
+			_, err := libpodNet.NetworkCreate(network)
+			Expect(err).To(BeNil())
+
+			path := filepath.Join(cniConfDir, name+".conflist")
+			Expect(path).To(BeARegularFile())
+
+			err = os.Remove(path)
+			Expect(err).To(BeNil())
+			Expect(path).ToNot(BeARegularFile())
+
+			err = libpodNet.NetworkRemove(name)
+			Expect(err).To(BeNil())
+
+			nets, err := libpodNet.NetworkList()
+			Expect(err).To(BeNil())
+			Expect(nets).To(HaveLen(1))
+			Expect(nets).ToNot(ContainElement(HaveNetworkName(name)))
+		})
 	})
 
 	Context("network load valid existing ones", func() {
diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go
index 7e56b8a25..8e47fac75 100644
--- a/test/e2e/network_test.go
+++ b/test/e2e/network_test.go
@@ -603,6 +603,11 @@ var _ = Describe("Podman network", func() {
 	})
 
 	It("podman network prune --filter", func() {
+		// set custom cni directory to prevent flakes
+		podmanTest.CNIConfigDir = tempdir
+		if IsRemote() {
+			podmanTest.RestartRemoteService()
+		}
 		net1 := "macvlan" + stringid.GenerateNonCryptoID() + "net1"
 
 		nc := podmanTest.Podman([]string{"network", "create", net1})
@@ -613,11 +618,10 @@ var _ = Describe("Podman network", func() {
 		list := podmanTest.Podman([]string{"network", "ls", "--format", "{{.Name}}"})
 		list.WaitWithDefaultTimeout()
 		Expect(list).Should(Exit(0))
+		Expect(list.OutputToStringArray()).Should(HaveLen(2))
 
-		Expect(StringInSlice(net1, list.OutputToStringArray())).To(BeTrue())
-		if !isRootless() {
-			Expect(StringInSlice("podman", list.OutputToStringArray())).To(BeTrue())
-		}
+		Expect(list.OutputToStringArray()).Should(ContainElement(net1))
+		Expect(list.OutputToStringArray()).Should(ContainElement("podman"))
 
 		// -f needed only to skip y/n question
 		prune := podmanTest.Podman([]string{"network", "prune", "-f", "--filter", "until=50"})
@@ -627,11 +631,10 @@ var _ = Describe("Podman network", func() {
 		listAgain := podmanTest.Podman([]string{"network", "ls", "--format", "{{.Name}}"})
 		listAgain.WaitWithDefaultTimeout()
 		Expect(listAgain).Should(Exit(0))
+		Expect(listAgain.OutputToStringArray()).Should(HaveLen(2))
 
-		Expect(StringInSlice(net1, listAgain.OutputToStringArray())).To(BeTrue())
-		if !isRootless() {
-			Expect(StringInSlice("podman", list.OutputToStringArray())).To(BeTrue())
-		}
+		Expect(listAgain.OutputToStringArray()).Should(ContainElement(net1))
+		Expect(listAgain.OutputToStringArray()).Should(ContainElement("podman"))
 
 		// -f needed only to skip y/n question
 		prune = podmanTest.Podman([]string{"network", "prune", "-f", "--filter", "until=5000000000000"})
@@ -641,14 +644,18 @@ var _ = Describe("Podman network", func() {
 		listAgain = podmanTest.Podman([]string{"network", "ls", "--format", "{{.Name}}"})
 		listAgain.WaitWithDefaultTimeout()
 		Expect(listAgain).Should(Exit(0))
+		Expect(listAgain.OutputToStringArray()).Should(HaveLen(1))
 
-		Expect(StringInSlice(net1, listAgain.OutputToStringArray())).To(BeFalse())
-		if !isRootless() {
-			Expect(StringInSlice("podman", list.OutputToStringArray())).To(BeTrue())
-		}
+		Expect(listAgain.OutputToStringArray()).ShouldNot(ContainElement(net1))
+		Expect(listAgain.OutputToStringArray()).Should(ContainElement("podman"))
 	})
 
 	It("podman network prune", func() {
+		// set custom cni directory to prevent flakes
+		podmanTest.CNIConfigDir = tempdir
+		if IsRemote() {
+			podmanTest.RestartRemoteService()
+		}
 		// Create two networks
 		// Check they are there
 		// Run a container on one of them
@@ -669,13 +676,11 @@ var _ = Describe("Podman network", func() {
 
 		list := podmanTest.Podman([]string{"network", "ls", "--format", "{{.Name}}"})
 		list.WaitWithDefaultTimeout()
-		Expect(list).Should(Exit(0))
+		Expect(list.OutputToStringArray()).Should(HaveLen(3))
 
-		Expect(StringInSlice(net1, list.OutputToStringArray())).To(BeTrue())
-		Expect(StringInSlice(net2, list.OutputToStringArray())).To(BeTrue())
-		if !isRootless() {
-			Expect(StringInSlice("podman", list.OutputToStringArray())).To(BeTrue())
-		}
+		Expect(list.OutputToStringArray()).Should(ContainElement(net1))
+		Expect(list.OutputToStringArray()).Should(ContainElement(net2))
+		Expect(list.OutputToStringArray()).Should(ContainElement("podman"))
 
 		session := podmanTest.Podman([]string{"run", "-dt", "--net", net2, ALPINE, "top"})
 		session.WaitWithDefaultTimeout()
@@ -688,13 +693,10 @@ var _ = Describe("Podman network", func() {
 		listAgain := podmanTest.Podman([]string{"network", "ls", "--format", "{{.Name}}"})
 		listAgain.WaitWithDefaultTimeout()
 		Expect(listAgain).Should(Exit(0))
+		Expect(listAgain.OutputToStringArray()).Should(HaveLen(2))
 
-		Expect(StringInSlice(net1, listAgain.OutputToStringArray())).To(BeFalse())
-		Expect(StringInSlice(net2, listAgain.OutputToStringArray())).To(BeTrue())
-		// Make sure default network 'podman' still exists
-		if !isRootless() {
-			Expect(StringInSlice("podman", list.OutputToStringArray())).To(BeTrue())
-		}
-
+		Expect(listAgain.OutputToStringArray()).ShouldNot(ContainElement(net1))
+		Expect(listAgain.OutputToStringArray()).Should(ContainElement(net2))
+		Expect(listAgain.OutputToStringArray()).Should(ContainElement("podman"))
 	})
 })