diff options
143 files changed, 1375 insertions, 798 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index e36b4f484..28aa528a4 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -292,7 +292,7 @@ testing_task: # This task executes tests under unique environments/conditions -special_testing_task: +special_testing_rootless_task: depends_on: - "gating" @@ -303,9 +303,11 @@ special_testing_task: only_if: $CIRRUS_CHANGE_MESSAGE !=~ '.*\*\*\*\s*CIRRUS:\s*TEST\s*IMAGES\s*\*\*\*.*' env: + SPECIALMODE: 'rootless' # See docs + matrix: - SPECIALMODE: 'rootless' # See docs - SPECIALMODE: 'in_podman' # See docs + TEST_REMOTE_CLIENT: true + TEST_REMOTE_CLIENT: false timeout_in: 60m @@ -322,6 +324,33 @@ special_testing_task: failed_audit_log_script: 'cat /var/log/audit/audit.log || cat /var/log/kern.log || echo "Uh oh, cat audit.log failed"' failed_journalctl_b_script: 'journalctl -b || echo "Uh oh, journalctl -b failed"' +special_testing_in_podman_task: + + depends_on: + - "gating" + - "varlink_api" + - "vendor" + - "build_each_commit" + + only_if: $CIRRUS_CHANGE_MESSAGE !=~ '.*\*\*\*\s*CIRRUS:\s*TEST\s*IMAGES\s*\*\*\*.*' + + env: + SPECIALMODE: 'in_podman' # See docs + + timeout_in: 60m + + setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' + integration_test_script: '$SCRIPT_BASE/integration_test.sh |& ${TIMESTAMP}' + df_script: '${DFCMD}' + audit_log_script: 'cat /var/log/audit/audit.log || cat /var/log/kern.log' + journalctl_b_script: 'journalctl -b' + + on_failure: + failed_master_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_master_failure.sh' + # Job has already failed, don't fail again and miss collecting data + failed_df_script: '${DFCMD}' + failed_audit_log_script: 'cat /var/log/audit/audit.log || cat /var/log/kern.log || echo "Uh oh, cat audit.log failed"' + failed_journalctl_b_script: 'journalctl -b || echo "Uh oh, journalctl -b failed"' # Because system tests are stored within the repository, it is sometimes # necessary to execute them within a PR to validate changes. @@ -11,7 +11,7 @@ in the [API.md](https://github.com/containers/libpod/blob/master/API.md) file in [func BuildImageHierarchyMap(name: string) string](#BuildImageHierarchyMap) -[func Commit(name: string, image_name: string, changes: []string, author: string, message: string, pause: bool, manifestType: string) string](#Commit) +[func Commit(name: string, image_name: string, changes: []string, author: string, message: string, pause: bool, manifestType: string) MoreResponse](#Commit) [func ContainerArtifacts(name: string, artifactName: string) string](#ContainerArtifacts) @@ -308,14 +308,14 @@ BuildImageHierarchyMap is for the development of Podman and should not be used. ### <a name="Commit"></a>func Commit <div style="background-color: #E8E8E8; padding: 15px; margin: 10px; border-radius: 10px;"> -method Commit(name: [string](https://godoc.org/builtin#string), image_name: [string](https://godoc.org/builtin#string), changes: [[]string](#[]string), author: [string](https://godoc.org/builtin#string), message: [string](https://godoc.org/builtin#string), pause: [bool](https://godoc.org/builtin#bool), manifestType: [string](https://godoc.org/builtin#string)) [string](https://godoc.org/builtin#string)</div> +method Commit(name: [string](https://godoc.org/builtin#string), image_name: [string](https://godoc.org/builtin#string), changes: [[]string](#[]string), author: [string](https://godoc.org/builtin#string), message: [string](https://godoc.org/builtin#string), pause: [bool](https://godoc.org/builtin#bool), manifestType: [string](https://godoc.org/builtin#string)) [MoreResponse](#MoreResponse)</div> Commit, creates an image from an existing container. It requires the name or ID of the container as well as the resulting image name. Optionally, you can define an author and message to be added to the resulting image. You can also define changes to the resulting image for the following attributes: _CMD, ENTRYPOINT, ENV, EXPOSE, LABEL, ONBUILD, STOPSIGNAL, USER, VOLUME, and WORKDIR_. To pause the container while it is being committed, pass a _true_ bool for the pause argument. If the container cannot be found by the ID or name provided, a (ContainerNotFound)[#ContainerNotFound] error will be returned; otherwise, -the resulting image's ID will be returned as a string. +the resulting image's ID will be returned as a string inside a MoreResponse. ### <a name="ContainerArtifacts"></a>func ContainerArtifacts <div style="background-color: #E8E8E8; padding: 15px; margin: 10px; border-radius: 10px;"> @@ -18,6 +18,7 @@ At a high level, the scope of libpod and Podman is the following: * Full management of container lifecycle * Support for pods to manage groups of containers together * Resource isolation of containers and pods. +* Support for a Docker-compatible CLI interface through Podman. * Integration with CRI-O to share containers and backend code. This project tests all builds against each supported version of Fedora, the latest released version of Red Hat Enterprise Linux, and the latest Ubuntu Long Term Support release. The community has also reported success with other Linux flavors. diff --git a/cmd/podman/cliconfig/create.go b/cmd/podman/cliconfig/create.go index 49ab3d827..5fb2eed10 100644 --- a/cmd/podman/cliconfig/create.go +++ b/cmd/podman/cliconfig/create.go @@ -24,4 +24,5 @@ type BuildValues struct { type CpValues struct { PodmanCommand Extract bool + Pause bool } diff --git a/cmd/podman/commands.go b/cmd/podman/commands.go index 2ac465b9d..18b0b7857 100644 --- a/cmd/podman/commands.go +++ b/cmd/podman/commands.go @@ -11,7 +11,6 @@ const remoteclient = false // Commands that the local client implements func getMainCommands() []*cobra.Command { rootCommands := []*cobra.Command{ - _commitCommand, _execCommand, _playCommand, _loginCommand, @@ -41,7 +40,6 @@ func getContainerSubCommands() []*cobra.Command { return []*cobra.Command{ _cleanupCommand, - _commitCommand, _execCommand, _mountCommand, _refreshCommand, diff --git a/cmd/podman/commit.go b/cmd/podman/commit.go index 2b38bab35..01e2ec701 100644 --- a/cmd/podman/commit.go +++ b/cmd/podman/commit.go @@ -2,16 +2,11 @@ package main import ( "fmt" - "io" - "os" "strings" - "github.com/containers/buildah" - "github.com/containers/image/manifest" "github.com/containers/libpod/cmd/podman/cliconfig" - "github.com/containers/libpod/cmd/podman/libpodruntime" "github.com/containers/libpod/libpod" - "github.com/containers/libpod/libpod/image" + "github.com/containers/libpod/pkg/adapter" "github.com/containers/libpod/pkg/util" "github.com/pkg/errors" "github.com/spf13/cobra" @@ -52,32 +47,17 @@ func init() { } func commitCmd(c *cliconfig.CommitValues) error { - runtime, err := libpodruntime.GetRuntime(getContext(), &c.PodmanCommand) + runtime, err := adapter.GetRuntime(getContext(), &c.PodmanCommand) if err != nil { return errors.Wrapf(err, "could not get runtime") } defer runtime.Shutdown(false) - var ( - writer io.Writer - mimeType string - ) args := c.InputArgs if len(args) != 2 { return errors.Errorf("you must provide a container name or ID and a target image name") } - switch c.Format { - case "oci": - mimeType = buildah.OCIv1ImageManifest - if c.Flag("message").Changed { - return errors.Errorf("messages are only compatible with the docker image format (-f docker)") - } - case "docker": - mimeType = manifest.DockerV2Schema2MediaType - default: - return errors.Errorf("unrecognized image format %q", c.Format) - } container := args[0] reference := args[1] if c.Flag("change").Changed { @@ -92,38 +72,10 @@ func commitCmd(c *cliconfig.CommitValues) error { } } - if !c.Quiet { - writer = os.Stderr - } - ctr, err := runtime.LookupContainer(container) - if err != nil { - return errors.Wrapf(err, "error looking up container %q", container) - } - - rtc, err := runtime.GetConfig() - if err != nil { - return err - } - - sc := image.GetSystemContext(rtc.SignaturePolicyPath, "", false) - coptions := buildah.CommitOptions{ - SignaturePolicyPath: rtc.SignaturePolicyPath, - ReportWriter: writer, - SystemContext: sc, - PreferredManifestType: mimeType, - } - options := libpod.ContainerCommitOptions{ - CommitOptions: coptions, - Pause: c.Pause, - IncludeVolumes: c.IncludeVolumes, - Message: c.Message, - Changes: c.Change, - Author: c.Author, - } - newImage, err := ctr.Commit(getContext(), reference, options) + iid, err := runtime.Commit(getContext(), c, container, reference) if err != nil { return err } - fmt.Println(newImage.ID()) + fmt.Println(iid) return nil } diff --git a/cmd/podman/container.go b/cmd/podman/container.go index 530175a55..cb54317c0 100644 --- a/cmd/podman/container.go +++ b/cmd/podman/container.go @@ -52,8 +52,10 @@ var ( containerCommands = []*cobra.Command{ _attachCommand, _checkpointCommand, + _commitCommand, _containerExistsCommand, _contInspectSubCommand, + _cpCommand, _diffCommand, _exportCommand, _createCommand, diff --git a/cmd/podman/cp.go b/cmd/podman/cp.go index 8240cc193..2e2ca272a 100644 --- a/cmd/podman/cp.go +++ b/cmd/podman/cp.go @@ -13,10 +13,12 @@ import ( "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/cmd/podman/libpodruntime" "github.com/containers/libpod/libpod" + "github.com/containers/libpod/pkg/rootless" "github.com/containers/storage" "github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/chrootarchive" "github.com/containers/storage/pkg/idtools" + securejoin "github.com/cyphar/filepath-securejoin" digest "github.com/opencontainers/go-digest" specs "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" @@ -49,6 +51,7 @@ func init() { cpCommand.Command = _cpCommand flags := cpCommand.Flags() flags.BoolVar(&cpCommand.Extract, "extract", false, "Extract the tar file into the destination directory.") + flags.BoolVar(&cpCommand.Pause, "pause", true, "Pause the container while copying") cpCommand.SetHelpTemplate(HelpTemplate()) cpCommand.SetUsageTemplate(UsageTemplate()) rootCmd.AddCommand(cpCommand.Command) @@ -66,11 +69,10 @@ func cpCmd(c *cliconfig.CpValues) error { } defer runtime.Shutdown(false) - extract := c.Flag("extract").Changed - return copyBetweenHostAndContainer(runtime, args[0], args[1], extract) + return copyBetweenHostAndContainer(runtime, args[0], args[1], c.Extract, c.Pause) } -func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest string, extract bool) error { +func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest string, extract bool, pause bool) error { srcCtr, srcPath := parsePath(runtime, src) destCtr, destPath := parsePath(runtime, dest) @@ -93,6 +95,38 @@ func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest strin return err } defer ctr.Unmount(false) + + // We can't pause rootless containers. + if pause && rootless.IsRootless() { + state, err := ctr.State() + if err != nil { + return err + } + if state == libpod.ContainerStateRunning { + return errors.Errorf("cannot copy into running rootless container with pause set - pass --pause=false to force copying") + } + } + + if pause && !rootless.IsRootless() { + if err := ctr.Pause(); err != nil { + // An invalid state error is fine. + // The container isn't running or is already paused. + // TODO: We can potentially start the container while + // the copy is running, which still allows a race where + // malicious code could mess with the symlink. + if errors.Cause(err) != libpod.ErrCtrStateInvalid { + return err + } + } else if err == nil { + // Only add the defer if we actually paused + defer func() { + if err := ctr.Unpause(); err != nil { + logrus.Errorf("Error unpausing container after copying: %v", err) + } + }() + } + } + user, err := getUser(mountPoint, ctr.User()) if err != nil { return err @@ -112,19 +146,38 @@ func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest strin var glob []string if isFromHostToCtr { if filepath.IsAbs(destPath) { - destPath = filepath.Join(mountPoint, destPath) - + cleanedPath, err := securejoin.SecureJoin(mountPoint, destPath) + if err != nil { + return err + } + destPath = cleanedPath } else { - if err = idtools.MkdirAllAndChownNew(filepath.Join(mountPoint, ctr.WorkingDir()), 0755, hostOwner); err != nil { + ctrWorkDir, err := securejoin.SecureJoin(mountPoint, ctr.WorkingDir()) + if err != nil { + return err + } + if err = idtools.MkdirAllAndChownNew(ctrWorkDir, 0755, hostOwner); err != nil { return errors.Wrapf(err, "error creating directory %q", destPath) } - destPath = filepath.Join(mountPoint, ctr.WorkingDir(), destPath) + cleanedPath, err := securejoin.SecureJoin(mountPoint, filepath.Join(ctr.WorkingDir(), destPath)) + if err != nil { + return err + } + destPath = cleanedPath } } else { if filepath.IsAbs(srcPath) { - srcPath = filepath.Join(mountPoint, srcPath) + cleanedPath, err := securejoin.SecureJoin(mountPoint, srcPath) + if err != nil { + return err + } + srcPath = cleanedPath } else { - srcPath = filepath.Join(mountPoint, ctr.WorkingDir(), srcPath) + cleanedPath, err := securejoin.SecureJoin(mountPoint, filepath.Join(ctr.WorkingDir(), srcPath)) + if err != nil { + return err + } + srcPath = cleanedPath } } glob, err = filepath.Glob(srcPath) @@ -158,7 +211,7 @@ func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest strin } func getUser(mountPoint string, userspec string) (specs.User, error) { - uid, gid, err := chrootuser.GetUser(mountPoint, userspec) + uid, gid, _, err := chrootuser.GetUser(mountPoint, userspec) u := specs.User{ UID: uid, GID: gid, diff --git a/cmd/podman/main.go b/cmd/podman/main.go index 787dd55c0..a149a47f9 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -30,6 +30,7 @@ var ( var mainCommands = []*cobra.Command{ _attachCommand, _buildCommand, + _commitCommand, _diffCommand, _createCommand, _eventsCommand, diff --git a/cmd/podman/platform_linux.go b/cmd/podman/platform_linux.go index 2127923ae..eb11867cc 100644 --- a/cmd/podman/platform_linux.go +++ b/cmd/podman/platform_linux.go @@ -4,13 +4,25 @@ package main import ( "os" + "path/filepath" + "github.com/containers/libpod/pkg/rootless" "github.com/sirupsen/logrus" ) +// userRegistriesFile is the path to the per user registry configuration file. +var userRegistriesFile = filepath.Join(os.Getenv("HOME"), ".config/containers/registries.conf") + func CheckForRegistries() { if _, err := os.Stat("/etc/containers/registries.conf"); err != nil { if os.IsNotExist(err) { + // If it is running in rootless mode, also check the user configuration file + if rootless.IsRootless() { + if _, err := os.Stat(userRegistriesFile); err != nil { + logrus.Warnf("unable to find %s. some podman (image shortnames) commands may be limited", userRegistriesFile) + } + return + } logrus.Warn("unable to find /etc/containers/registries.conf. some podman (image shortnames) commands may be limited") } } diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink index ed7b49c68..5b3d5ae4c 100644 --- a/cmd/podman/varlink/io.podman.varlink +++ b/cmd/podman/varlink/io.podman.varlink @@ -802,8 +802,8 @@ method DeleteUnusedImages() -> (images: []string) # attributes: _CMD, ENTRYPOINT, ENV, EXPOSE, LABEL, ONBUILD, STOPSIGNAL, USER, VOLUME, and WORKDIR_. To pause the # container while it is being committed, pass a _true_ bool for the pause argument. If the container cannot # be found by the ID or name provided, a (ContainerNotFound)[#ContainerNotFound] error will be returned; otherwise, -# the resulting image's ID will be returned as a string. -method Commit(name: string, image_name: string, changes: []string, author: string, message: string, pause: bool, manifestType: string) -> (image: string) +# the resulting image's ID will be returned as a string inside a MoreResponse. +method Commit(name: string, image_name: string, changes: []string, author: string, message: string, pause: bool, manifestType: string) -> (reply: MoreResponse) # ImportImage imports an image from a source (like tarball) into local storage. The image can have additional # descriptions added to it using the message and changes options. See also [ExportImage](ExportImage). diff --git a/completions/bash/podman b/completions/bash/podman index 5b23e12dc..49c8c0e52 100644 --- a/completions/bash/podman +++ b/completions/bash/podman @@ -769,6 +769,10 @@ _podman_container_commit() { _podman_commit } +_podman_container_cp() { + _podman_cp +} + _podman_container_create() { _podman_create } @@ -966,6 +970,7 @@ _podman_container() { attach checkpoint commit + cp create diff exec @@ -2383,6 +2388,7 @@ _podman_cp() { --help -h --extract + --pause " _complete_ "$boolean_options" } diff --git a/contrib/cirrus/container_test.sh b/contrib/cirrus/container_test.sh index 1fd9551db..27baf0ad7 100644 --- a/contrib/cirrus/container_test.sh +++ b/contrib/cirrus/container_test.sh @@ -1,5 +1,5 @@ #!/bin/bash -set -xeuo pipefail +set -xeo pipefail export GOPATH=/var/tmp/go export PATH=$HOME/gopath/bin:$PATH:$GOPATH/bin @@ -32,10 +32,10 @@ integrationtest=0 unittest=0 validate=0 options=0 -noremote=0 +remote=0 install_tools_made=0 -while getopts "biptuv" opt; do +while getopts "bituv" opt; do case "$opt" in b) build=1 options=1 @@ -46,9 +46,6 @@ while getopts "biptuv" opt; do t) integrationtest=1 options=1 ;; - n) noremote=1 - options=1 - ;; u) unittest=1 options=1 ;; @@ -58,6 +55,12 @@ while getopts "biptuv" opt; do esac done +# The TEST_REMOTE_CLIENT environment variable decides whether +# to test varlinke +if [[ "$TEST_REMOTE_CLIENT" == "true" ]]; then + remote=1 +fi + # If no options are passed, do everything if [ $options -eq 0 ]; then build=1 @@ -130,8 +133,8 @@ fi if [ $integrationtest -eq 1 ]; then make TAGS="${TAGS}" test-binaries make varlink_generate - make ginkgo $INTEGRATION_TEST_ENVS - if [ $noremote -eq 0 ]; then - make ginkgo-remote $INTEGRATION_TEST_ENVS + make localintegration $INTEGRATION_TEST_ENVS + if [ $remote -eq 1 ]; then + make remoteintegration $INTEGRATION_TEST_ENVS fi fi diff --git a/contrib/cirrus/integration_test.sh b/contrib/cirrus/integration_test.sh index e7f582b42..f9ba010cd 100755 --- a/contrib/cirrus/integration_test.sh +++ b/contrib/cirrus/integration_test.sh @@ -5,6 +5,14 @@ source $(dirname $0)/lib.sh req_env_var GOSRC SCRIPT_BASE OS_RELEASE_ID OS_RELEASE_VER CONTAINER_RUNTIME +# Our name must be of the form xxxx_test or xxxx_test.sh, where xxxx is +# the test suite to run; currently (2019-05) the only option is 'integration' +# but pr2947 intends to add 'system'. +TESTSUITE=$(expr $(basename $0) : '\(.*\)_test') +if [[ -z $TESTSUITE ]]; then + die 1 "Script name is not of the form xxxx_test.sh" +fi + cd "$GOSRC" if [[ "$SPECIALMODE" == "in_podman" ]] @@ -19,7 +27,7 @@ then -e "CONMON_BINARY=/usr/libexec/podman/conmon" \ -e "DIST=$OS_RELEASE_ID" \ -e "CONTAINER_RUNTIME=$CONTAINER_RUNTIME" \ - ${OS_RELEASE_ID}podmanbuild bash $GOSRC/$SCRIPT_BASE/container_test.sh -b -i -t -n + $IN_PODMAN_IMAGE bash $GOSRC/$SCRIPT_BASE/container_test.sh -b -i -t exit $? elif [[ "$SPECIALMODE" == "rootless" ]] @@ -28,11 +36,11 @@ then if [[ "$USER" == "$ROOTLESS_USER" ]] then - $GOSRC/$SCRIPT_BASE/rootless_test.sh + $GOSRC/$SCRIPT_BASE/rootless_test.sh ${TESTSUITE} else ssh $ROOTLESS_USER@localhost \ -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no \ - $GOSRC/$SCRIPT_BASE/rootless_test.sh + $GOSRC/$SCRIPT_BASE/rootless_test.sh ${TESTSUITE} fi else make @@ -40,9 +48,9 @@ else make test-binaries if [[ "$TEST_REMOTE_CLIENT" == "true" ]] then - make remoteintegration + make remote${TESTSUITE} else - make localintegration + make local${TESTSUITE} fi exit $? fi diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index 334202aa9..462fa332a 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -66,7 +66,7 @@ PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-28-1-1-1544474897" BUILT_IMAGE_SUFFIX="${BUILT_IMAGE_SUFFIX:--$CIRRUS_REPO_NAME-${CIRRUS_BUILD_ID}}" # Safe env. vars. to transfer from root -> $ROOTLESS_USER (go env handled separetly) -ROOTLESS_ENV_RE='(CIRRUS_.+)|(ROOTLESS_.+)|(.+_IMAGE.*)|(.+_BASE)|(.*DIRPATH)|(.*FILEPATH)|(SOURCE.*)|(DEPEND.*)|(.+_DEPS_.+)|(OS_REL.*)|(.+_ENV_RE)|(TRAVIS)|(CI.+)' +ROOTLESS_ENV_RE='(CIRRUS_.+)|(ROOTLESS_.+)|(.+_IMAGE.*)|(.+_BASE)|(.*DIRPATH)|(.*FILEPATH)|(SOURCE.*)|(DEPEND.*)|(.+_DEPS_.+)|(OS_REL.*)|(.+_ENV_RE)|(TRAVIS)|(CI.+)|(TEST_REMOTE.*)' # Unsafe env. vars for display SECRET_ENV_RE='(IRCID)|(ACCOUNT)|(^GC[EP]..+)|(SSH)' @@ -74,6 +74,9 @@ SPECIALMODE="${SPECIALMODE:-none}" TEST_REMOTE_CLIENT="${TEST_REMOTE_CLIENT:-false}" export CONTAINER_RUNTIME=${CONTAINER_RUNTIME:-podman} +# IN_PODMAN container image +IN_PODMAN_IMAGE="quay.io/libpod/in_podman:latest" + # When running as root, this may be empty or not, as a user, it MUST be set. if [[ "$USER" == "root" ]] then diff --git a/contrib/cirrus/rootless_test.sh b/contrib/cirrus/rootless_test.sh index 3b668034b..b5744671b 100755 --- a/contrib/cirrus/rootless_test.sh +++ b/contrib/cirrus/rootless_test.sh @@ -2,6 +2,14 @@ set -e +remote=0 + +# The TEST_REMOTE_CLIENT environment variable decides whether +# to test varlinke +if [[ "$TEST_REMOTE_CLIENT" == "true" ]]; then + remote=1 +fi + source $(dirname $0)/lib.sh if [[ "$UID" == "0" ]] @@ -10,6 +18,12 @@ then exit 1 fi +# Which set of tests to run; possible alternative is "system" +TESTSUITE=integration +if [[ -n "$*" ]]; then + TESTSUITE="$1" +fi + # Ensure environment setup correctly req_env_var GOSRC ROOTLESS_USER @@ -25,5 +39,8 @@ cd "$GOSRC" make make varlink_generate make test-binaries -make ginkgo -make ginkgo-remote +if [ $remote -eq 0 ]; then + make local${TESTSUITE} +else + make remote${TESTSUITE} +fi diff --git a/contrib/cirrus/setup_container_environment.sh b/contrib/cirrus/setup_container_environment.sh index eda6f6167..c268c162e 100755 --- a/contrib/cirrus/setup_container_environment.sh +++ b/contrib/cirrus/setup_container_environment.sh @@ -5,9 +5,6 @@ source $(dirname $0)/lib.sh req_env_var GOSRC OS_RELEASE_ID CONTAINER_RUNTIME -DIST=$OS_RELEASE_ID -IMAGE=${DIST}podmanbuild - # Since CRIU 3.11 has been pushed to Fedora 28 the checkpoint/restore # test cases are actually run. As CRIU uses iptables to lock and unlock # the network during checkpoint and restore it needs the following two @@ -15,5 +12,5 @@ IMAGE=${DIST}podmanbuild modprobe ip6table_nat || : modprobe iptable_nat || : -# Build the test image -${CONTAINER_RUNTIME} build -t ${IMAGE} -f Dockerfile.${DIST} . +# Pull the test image +${CONTAINER_RUNTIME} pull ${IN_PODMAN_IMAGE} diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index f40405e8d..13bce506a 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -87,7 +87,7 @@ case "$SPECIALMODE" in fi ;; in_podman) # Assumed to be Fedora - dnf install -y podman buildah + dnf install -y podman $SCRIPT_BASE/setup_container_environment.sh ;; *) diff --git a/contrib/podmanimage/README.md b/contrib/podmanimage/README.md new file mode 100644 index 000000000..79484d4a3 --- /dev/null +++ b/contrib/podmanimage/README.md @@ -0,0 +1,44 @@ + + +# podmanimage + +## Overview + +This directory contains the Dockerfiles necessary to create the three podmanimage container +images that are housed on quay.io under the podman account. All three repositories where +the images live are public and can be pulled without credentials. These container images are secured and the +resulting containers can run safely with privileges within the container. The container images are built +using the latest Fedora and then Podman is installed into them: + + * quay.io/podman/stable - This image is built using the latest stable version of Podman in a Fedora based container. Built with podman/stable/Dockerfile. + * quay.io/podman/upstream - This image is built using the latest code found in this GitHub repository. When someone creates a commit and pushes it, the image is created. Due to that the image changes frequently and is not guaranteed to be stable. Built with podmanimage/upstream/Dockerfile. + * quay.io/podman/testing - This image is built using the latest version of Podman that is or was in updates testing for Fedora. At times this may be the same as the stable image. This container image will primarily be used by the development teams for verification testing when a new package is created. Built with podmanimage/testing/Dockerfile. + +## Sample Usage + + +``` +podman pull docker://quay.io/podman/stable:latest + +podman run --privileged stable podman version + +# Create a directory on the host to mount the container's +# /var/lib/container directory to so containers can be +# run within the container. +mkdir /var/lib/mycontainer + +# Run the image detached using the host's network in a container name +# podmanctr, turn off label and seccomp confinement in the container +# and then do a little shell hackery to keep the container up and running. +podman run --detach --name=podmanctr --net=host --security-opt label=disable --security-opt seccomp=unconfined --device /dev/fuse:rw -v /var/lib/mycontainer:/var/lib/containers:Z --privileged stable sh -c 'while true ;do wait; done' + +podman exec -it podmanctr /bin/sh + +# Now inside of the container + +podman pull alpine + +podman images + +exit +``` diff --git a/contrib/podmanimage/stable/Dockerfile b/contrib/podmanimage/stable/Dockerfile new file mode 100644 index 000000000..056f62624 --- /dev/null +++ b/contrib/podmanimage/stable/Dockerfile @@ -0,0 +1,26 @@ +# stable/Dockerfile +# +# Build a Podman container image from the latest +# stable version of Podman on the Fedoras Updates System. +# https://bodhi.fedoraproject.org/updates/?search=podman +# This image can be used to create a secured container +# that runs safely with privileges within the container. +# +FROM fedora:latest + +# Don't include container-selinux and remove +# directories used by dnf that are just taking +# up space. +RUN yum -y install podman fuse-overlayfs --exclude container-selinux; rm -rf /var/cache /var/log/dnf* /var/log/yum.* + +# Adjust storage.conf to enable Fuse storage. +RUN sed -i -e 's|^#mount_program|mount_program|g' -e '/additionalimage.*/a "/var/lib/shared",' /etc/containers/storage.conf +RUN mkdir -p /var/lib/shared/overlay-images /var/lib/shared/overlay-layers; touch /var/lib/shared/overlay-images/images.lock; touch /var/lib/shared/overlay-layers/layers.lock + +# Adjust libpod.conf to write logging to a file +RUN sed -i 's/events_logger = "journald"/events_logger = "file"/g' /usr/share/containers/libpod.conf + +# Set up environment variables to note that this is +# not starting with usernamespace and default to +# isolate the filesystem with chroot. +ENV _BUILDAH_STARTED_IN_USERNS="" BUILDAH_ISOLATION=chroot diff --git a/contrib/podmanimage/testing/Dockerfile b/contrib/podmanimage/testing/Dockerfile new file mode 100644 index 000000000..50d8ed7f2 --- /dev/null +++ b/contrib/podmanimage/testing/Dockerfile @@ -0,0 +1,28 @@ +# testing/Dockerfile +# +# Build a Podman image using the latest +# version of Podman that is in updates-testing +# on the Fedoras Updates System. At times this +# may be the same the latest stable version. +# https://bodhi.fedoraproject.org/updates/?search=podman +# This image can be used to create a secured container +# that runs safely with privileges within the container. +# +FROM fedora:latest + +# Don't include container-selinux and remove +# directories used by dnf that are just taking +# up space. +RUN yum -y install podman fuse-overlayfs --exclude container-selinux --enablerepo updates-testing; rm -rf /var/cache /var/log/dnf* /var/log/yum.* + +# Adjust storage.conf to enable Fuse storage. +RUN sed -i -e 's|^#mount_program|mount_program|g' -e '/additionalimage.*/a "/var/lib/shared",' /etc/containers/storage.conf +RUN mkdir -p /var/lib/shared/overlay-images /var/lib/shared/overlay-layers; touch /var/lib/shared/overlay-images/images.lock; touch /var/lib/shared/overlay-layers/layers.lock + +# Adjust libpod.conf to write logging to a file +RUN sed -i 's/events_logger = "journald"/events_logger = "file"/g' /usr/share/containers/libpod.conf + +# Set up environment variables to note that this is +# not starting with usernamespace and default to +# isolate the filesystem with chroot. +ENV _BUILDAH_STARTED_IN_USERNS="" BUILDAH_ISOLATION=chroot diff --git a/contrib/podmanimage/upstream/Dockerfile b/contrib/podmanimage/upstream/Dockerfile new file mode 100644 index 000000000..6ab082efc --- /dev/null +++ b/contrib/podmanimage/upstream/Dockerfile @@ -0,0 +1,78 @@ +# git/Dockerfile +# +# Build a Podman container image from the latest +# upstream version of Podman on GitHub. +# https://github.com/containers/libpod +# This image can be used to create a secured container +# that runs safely with privileges within the container. +# The containers created by this image also come with a +# Podman development environment in /root/podman. +# +FROM fedora:latest +ENV GOPATH=/root/podman + +# Install the software required to build Podman. +# Then create a directory and clone from the Podman +# GitHub repository, make and install Podman +# to the container. +# Finally remove the podman directory and a few other packages +# that are needed for building but not running Podman +RUN dnf -y install --exclude container-selinux \ + --enablerepo=updates-testing \ + atomic-registries \ + btrfs-progs-devel \ + conmon \ + containernetworking-cni \ + device-mapper-devel \ + git \ + glib2-devel \ + glibc-devel \ + glibc-static \ + go \ + golang-github-cpuguy83-go-md2man \ + gpgme-devel \ + iptables \ + libassuan-devel \ + libgpg-error-devel \ + libseccomp-devel \ + libselinux-devel \ + make \ + ostree-devel \ + pkgconfig \ + runc \ + fuse-overlayfs \ + fuse3 \ + containers-common; \ + mkdir /root/podman; \ + git clone https://github.com/containers/libpod /root/podman/src/github.com/containers/libpod; \ + cd /root/podman/src/github.com/containers/libpod; \ + make BUILDTAGS="selinux seccomp"; \ + make install PREFIX=/usr; \ + cd /root/podman; \ + git clone https://github.com/containers/conmon; \ + cd conmon; \ + make; \ + install -D -m 755 bin/conmon /usr/libexec/podman/conmon; \ + git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins; \ + cd $GOPATH/src/github.com/containernetworking/plugins; \ + ./build_linux.sh; \ + mkdir -p /usr/libexec/cni; \ + cp bin/* /usr/libexec/cni; \ + mkdir -p /etc/cni/net.d; \ + curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf; \ + mkdir -p /usr/share/containers; \ + cp $GOPATH/podman/src/github.com/containers/libpod/libpod.conf /usr/share/containers; \ + # Adjust libpod.conf to write logging to a file + sed -i 's/events_logger = "journald"/events_logger = "file"/g' /usr/share/containers/libpod.conf; \ + rm -rf /root/podman/*; \ + dnf -y remove bats git golang go-md2man make; \ + dnf clean all; + +# Adjust storage.conf to enable Fuse storage. +RUN sed -i -e 's|^#mount_program|mount_program|g' -e '/additionalimage.*/a "/var/lib/shared",' /etc/containers/storage.conf +RUN mkdir -p /var/lib/shared/overlay-images /var/lib/shared/overlay-layers; touch /var/lib/shared/overlay-images/images.lock; touch /var/lib/shared/overlay-layers/layers.lock + +# Set up environment variables to note that this is +# not starting with usernamespace and default to +# isolate the filesystem with chroot. +ENV _BUILDAH_STARTED_IN_USERNS="" BUILDAH_ISOLATION=chroot diff --git a/docs/podman-build.1.md b/docs/podman-build.1.md index 4a26c0981..e2769c2a9 100644 --- a/docs/podman-build.1.md +++ b/docs/podman-build.1.md @@ -174,6 +174,18 @@ This is a Docker specific option to disable image verification to a Docker registry and is not supported by Podman. This flag is a NOOP and provided soley for scripting compatibility. +**--dns**=[] + +Set custom DNS servers + +**--dns-option**=[] + +Set custom DNS options + +**--dns-search**=[] + +Set custom DNS search domains + **--file, -f** *Dockerfile* Specifies a Dockerfile which contains instructions for building the image, diff --git a/docs/podman-container.1.md b/docs/podman-container.1.md index 564d791fa..eb53149bd 100644 --- a/docs/podman-container.1.md +++ b/docs/podman-container.1.md @@ -17,6 +17,7 @@ The container command allows you to manage containers | checkpoint | [podman-container-checkpoint(1)](podman-container-checkpoint.1.md) | Checkpoints one or more containers. | | cleanup | [podman-container-cleanup(1)](podman-container-cleanup.1.md) | Cleanup containers network and mountpoints. | | commit | [podman-commit(1)](podman-commit.1.md) | Create new image based on the changed container. | +| cp | [podman-cp(1)](podman-cp.1.md) | Copy files/folders between a container and the local filesystem. | | create | [podman-create(1)](podman-create.1.md) | Create a new container. | | diff | [podman-diff(1)](podman-diff.1.md) | Inspect changes on a container or image's filesystem. | | exec | [podman-exec(1)](podman-exec.1.md) | Execute a command in a running container. | diff --git a/docs/podman-cp.1.md b/docs/podman-cp.1.md index 406dd51df..76fe57a9e 100644 --- a/docs/podman-cp.1.md +++ b/docs/podman-cp.1.md @@ -61,6 +61,10 @@ If you use a : in a local machine path, you must be explicit with a relative or Extract the tar file into the destination directory. If the destination directory is not provided, extract the tar file into the root directory. +**--pause** + +Pause the container while copying into it to avoid potential security issues around symlinks. Defaults to *true*. + ## ALTERNATIVES Podman has much stronger capabilities than just `podman cp` to achieve copy files between host and container. diff --git a/docs/podman.1.md b/docs/podman.1.md index ff942a3c4..b51cdb854 100644 --- a/docs/podman.1.md +++ b/docs/podman.1.md @@ -177,8 +177,8 @@ the exit codes follow the `chroot` standard, see below: | [podman-umount(1)](podman-umount.1.md) | Unmount a working container's root filesystem. | | [podman-unpause(1)](podman-unpause.1.md) | Unpause one or more containers. | | [podman-unshare(1)](podman-unshare.1.md) | Run a command inside of a modified user namespace. | -| [podman-version(1)](podman-varlink.1.md) | Runs the varlink backend interface. | -| [podman-varlink(1)](podman-version.1.md) | Display the Podman version information. | +| [podman-varlink(1)](podman-varlink.1.md) | Runs the varlink backend interface. | +| [podman-version(1)](podman-version.1.md) | Display the Podman version information. | | [podman-volume(1)](podman-volume.1.md) | Manage Volumes. | | [podman-wait(1)](podman-wait.1.md) | Wait on one or more containers to stop and print their exit codes. | diff --git a/install.md b/install.md index 94de2ea74..4b2c5a119 100644 --- a/install.md +++ b/install.md @@ -273,7 +273,7 @@ First, ensure that the go version that is found first on the $PATH (in case you git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod cd $GOPATH/src/github.com/containers/libpod make BUILDTAGS="selinux seccomp" -sudo make install PREFIX= +sudo make install PREFIX=/usr ``` #### Build Tags diff --git a/pkg/adapter/containers.go b/pkg/adapter/containers.go index ff7b6377a..34ee70d3d 100644 --- a/pkg/adapter/containers.go +++ b/pkg/adapter/containers.go @@ -6,6 +6,7 @@ import ( "bufio" "context" "fmt" + "io" "io/ioutil" "os" "path/filepath" @@ -15,9 +16,12 @@ import ( "syscall" "time" + "github.com/containers/buildah" + "github.com/containers/image/manifest" "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/cmd/podman/shared" "github.com/containers/libpod/libpod" + "github.com/containers/libpod/libpod/image" "github.com/containers/libpod/pkg/adapter/shortcuts" "github.com/containers/libpod/pkg/systemdgen" "github.com/containers/psgo" @@ -1030,3 +1034,55 @@ func (r *LocalRuntime) GenerateSystemd(c *cliconfig.GenerateSystemdValues) (stri func (r *LocalRuntime) GetNamespaces(container shared.PsContainerOutput) *shared.Namespace { return shared.GetNamespaces(container.Pid) } + +// Commit creates a local image from a container +func (r *LocalRuntime) Commit(ctx context.Context, c *cliconfig.CommitValues, container, imageName string) (string, error) { + var ( + writer io.Writer + mimeType string + ) + switch c.Format { + case "oci": + mimeType = buildah.OCIv1ImageManifest + if c.Flag("message").Changed { + return "", errors.Errorf("messages are only compatible with the docker image format (-f docker)") + } + case "docker": + mimeType = manifest.DockerV2Schema2MediaType + default: + return "", errors.Errorf("unrecognized image format %q", c.Format) + } + if !c.Quiet { + writer = os.Stderr + } + ctr, err := r.Runtime.LookupContainer(container) + if err != nil { + return "", errors.Wrapf(err, "error looking up container %q", container) + } + + rtc, err := r.Runtime.GetConfig() + if err != nil { + return "", err + } + + sc := image.GetSystemContext(rtc.SignaturePolicyPath, "", false) + coptions := buildah.CommitOptions{ + SignaturePolicyPath: rtc.SignaturePolicyPath, + ReportWriter: writer, + SystemContext: sc, + PreferredManifestType: mimeType, + } + options := libpod.ContainerCommitOptions{ + CommitOptions: coptions, + Pause: c.Pause, + IncludeVolumes: c.IncludeVolumes, + Message: c.Message, + Changes: c.Change, + Author: c.Author, + } + newImage, err := ctr.Commit(ctx, imageName, options) + if err != nil { + return "", err + } + return newImage.ID(), nil +} diff --git a/pkg/adapter/containers_remote.go b/pkg/adapter/containers_remote.go index c34495b3d..bc6a9cfcd 100644 --- a/pkg/adapter/containers_remote.go +++ b/pkg/adapter/containers_remote.go @@ -583,7 +583,15 @@ func (r *LocalRuntime) attach(ctx context.Context, stdin, stdout *os.File, cid s } // TODO add detach keys support - _, err = iopodman.Attach().Send(r.Conn, varlink.Upgrade, cid, detachKeys, start) + reply, err := iopodman.Attach().Send(r.Conn, varlink.Upgrade, cid, detachKeys, start) + if err != nil { + restoreTerminal(oldTermState) + return nil, err + } + + // See if the server accepts the upgraded connection or returns an error + _, err = reply() + if err != nil { restoreTerminal(oldTermState) return nil, err @@ -986,3 +994,26 @@ func (r *LocalRuntime) GetNamespaces(container shared.PsContainerOutput) *shared } return &ns } + +// Commit creates a local image from a container +func (r *LocalRuntime) Commit(ctx context.Context, c *cliconfig.CommitValues, container, imageName string) (string, error) { + var iid string + reply, err := iopodman.Commit().Send(r.Conn, varlink.More, container, imageName, c.Change, c.Author, c.Message, c.Pause, c.Format) + if err != nil { + return "", err + } + for { + responses, flags, err := reply() + if err != nil { + return "", err + } + for _, line := range responses.Logs { + fmt.Fprintln(os.Stderr, line) + } + iid = responses.Id + if flags&varlink.Continues == 0 { + break + } + } + return iid, nil +} diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c index 2356882e7..eb62d55e9 100644 --- a/pkg/rootless/rootless_linux.c +++ b/pkg/rootless/rootless_linux.c @@ -34,6 +34,15 @@ int renameat2 (int olddirfd, const char *oldpath, int newdirfd, const char *newp } #endif +#ifndef TEMP_FAILURE_RETRY +#define TEMP_FAILURE_RETRY(expression) \ + (__extension__ \ + ({ long int __result; \ + do __result = (long int) (expression); \ + while (__result == -1L && errno == EINTR); \ + __result; })) +#endif + static const char *_max_user_namespaces = "/proc/sys/user/max_user_namespaces"; static const char *_unprivileged_user_namespaces = "/proc/sys/kernel/unprivileged_userns_clone"; @@ -113,9 +122,7 @@ get_cmd_line_args (pid_t pid) return NULL; for (;;) { - do - ret = read (fd, buffer + used, allocated - used); - while (ret < 0 && errno == EINTR); + ret = TEMP_FAILURE_RETRY (read (fd, buffer + used, allocated - used)); if (ret < 0) { free (buffer); @@ -180,7 +187,7 @@ can_use_shortcut () argv = get_cmd_line_args (0); if (argv == NULL) - return NULL; + return false; for (argc = 0; argv[argc]; argc++) { @@ -269,13 +276,15 @@ static void __attribute__((constructor)) init() return; } - r = read (fd, buf, sizeof (buf)); + r = TEMP_FAILURE_RETRY (read (fd, buf, sizeof (buf))); close (fd); if (r < 0) { free (cwd); return; } + buf[r] = '\0'; + pid = strtol (buf, NULL, 10); if (pid == LONG_MAX) { @@ -352,10 +361,7 @@ reexec_in_user_namespace_wait (int pid, int options) pid_t p; int status; - do - p = waitpid (pid, &status, 0); - while (p < 0 && errno == EINTR); - + p = TEMP_FAILURE_RETRY (waitpid (pid, &status, 0)); if (p < 0) return -1; @@ -384,12 +390,10 @@ create_pause_process (const char *pause_pid_file_path, char **argv) close (p[1]); /* Block until we write the pid file. */ - do - r = read (p[0], &b, 1); - while (r < 0 && errno == EINTR); + r = TEMP_FAILURE_RETRY (read (p[0], &b, 1)); close (p[0]); - reexec_in_user_namespace_wait(r, 0); + reexec_in_user_namespace_wait (r, 0); return r == 1 && b == '0' ? 0 : -1; } @@ -426,9 +430,7 @@ create_pause_process (const char *pause_pid_file_path, char **argv) _exit (EXIT_FAILURE); } - do - r = write (fd, pid_str, strlen (pid_str)); - while (r < 0 && errno == EINTR); + r = TEMP_FAILURE_RETRY (write (fd, pid_str, strlen (pid_str))); if (r < 0) { kill (pid, SIGKILL); @@ -445,9 +447,7 @@ create_pause_process (const char *pause_pid_file_path, char **argv) _exit (EXIT_FAILURE); } - do - r = write (p[1], "0", 1); - while (r < 0 && errno == EINTR); + r = TEMP_FAILURE_RETRY (write (p[1], "0", 1)); close (p[1]); _exit (EXIT_SUCCESS); @@ -489,6 +489,7 @@ reexec_userns_join (int userns, int mountns, char *pause_pid_file_path) char **argv; int pid; char *cwd = getcwd (NULL, 0); + sigset_t sigset, oldsigset; if (cwd == NULL) { @@ -522,6 +523,22 @@ reexec_userns_join (int userns, int mountns, char *pause_pid_file_path) return pid; } + if (sigfillset (&sigset) < 0) + { + fprintf (stderr, "cannot fill sigset: %s\n", strerror (errno)); + _exit (EXIT_FAILURE); + } + if (sigdelset (&sigset, SIGCHLD) < 0) + { + fprintf (stderr, "cannot sigdelset(SIGCHLD): %s\n", strerror (errno)); + _exit (EXIT_FAILURE); + } + if (sigprocmask (SIG_BLOCK, &sigset, &oldsigset) < 0) + { + fprintf (stderr, "cannot block signals: %s\n", strerror (errno)); + _exit (EXIT_FAILURE); + } + setenv ("_CONTAINERS_USERNS_CONFIGURED", "init", 1); setenv ("_CONTAINERS_ROOTLESS_UID", uid, 1); setenv ("_CONTAINERS_ROOTLESS_GID", gid, 1); @@ -570,6 +587,11 @@ reexec_userns_join (int userns, int mountns, char *pause_pid_file_path) /* We ignore errors here as we didn't create the namespace anyway. */ create_pause_process (pause_pid_file_path, argv); } + if (sigprocmask (SIG_SETMASK, &oldsigset, NULL) < 0) + { + fprintf (stderr, "cannot block signals: %s\n", strerror (errno)); + _exit (EXIT_FAILURE); + } execvp (argv[0], argv); @@ -609,9 +631,7 @@ copy_file_to_fd (const char *file_to_read, int outfd) { ssize_t r, w, t = 0; - do - r = read (fd, buf, sizeof buf); - while (r < 0 && errno == EINTR); + r = TEMP_FAILURE_RETRY (read (fd, buf, sizeof buf)); if (r < 0) { close (fd); @@ -623,9 +643,7 @@ copy_file_to_fd (const char *file_to_read, int outfd) while (t < r) { - do - w = write (outfd, &buf[t], r - t); - while (w < 0 && errno == EINTR); + w = TEMP_FAILURE_RETRY (write (outfd, &buf[t], r - t)); if (w < 0) { close (fd); @@ -734,9 +752,7 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re setenv ("_CONTAINERS_ROOTLESS_UID", uid, 1); setenv ("_CONTAINERS_ROOTLESS_GID", gid, 1); - do - ret = read (ready, &b, 1) < 0; - while (ret < 0 && errno == EINTR); + ret = TEMP_FAILURE_RETRY (read (ready, &b, 1)); if (ret < 0) { fprintf (stderr, "cannot read from sync pipe: %s\n", strerror (errno)); @@ -748,21 +764,21 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re if (syscall_setresgid (0, 0, 0) < 0) { fprintf (stderr, "cannot setresgid: %s\n", strerror (errno)); - write (ready, "1", 1); + TEMP_FAILURE_RETRY (write (ready, "1", 1)); _exit (EXIT_FAILURE); } if (syscall_setresuid (0, 0, 0) < 0) { fprintf (stderr, "cannot setresuid: %s\n", strerror (errno)); - write (ready, "1", 1); + TEMP_FAILURE_RETRY (write (ready, "1", 1)); _exit (EXIT_FAILURE); } if (chdir (cwd) < 0) { fprintf (stderr, "cannot chdir: %s\n", strerror (errno)); - write (ready, "1", 1); + TEMP_FAILURE_RETRY (write (ready, "1", 1)); _exit (EXIT_FAILURE); } free (cwd); @@ -771,14 +787,12 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re { if (create_pause_process (pause_pid_file_path, argv) < 0) { - write (ready, "2", 1); + TEMP_FAILURE_RETRY (write (ready, "2", 1)); _exit (EXIT_FAILURE); } } - do - ret = write (ready, "0", 1) < 0; - while (ret < 0 && errno == EINTR); + ret = TEMP_FAILURE_RETRY (write (ready, "0", 1)); close (ready); if (sigprocmask (SIG_SETMASK, &oldsigset, NULL) < 0) diff --git a/pkg/spec/storage.go b/pkg/spec/storage.go index dcc149b55..e221b5cb5 100644 --- a/pkg/spec/storage.go +++ b/pkg/spec/storage.go @@ -797,7 +797,7 @@ func initFSMounts(inputMounts []spec.Mount) []spec.Mount { if m.Type == TypeBind { m.Options = util.ProcessOptions(m.Options) } - if m.Type == TypeTmpfs { + if m.Type == TypeTmpfs && filepath.Clean(m.Destination) != "/dev" { m.Options = append(m.Options, "tmpcopyup") } mounts = append(mounts, m) diff --git a/pkg/varlinkapi/attach.go b/pkg/varlinkapi/attach.go index 2234899a5..8051f07be 100644 --- a/pkg/varlinkapi/attach.go +++ b/pkg/varlinkapi/attach.go @@ -60,7 +60,10 @@ func (i *LibpodAPI) Attach(call iopodman.VarlinkCall, name string, detachKeys st if !start && state != libpod.ContainerStateRunning { return call.ReplyErrorOccurred("container must be running to attach") } - call.Reply(nil) + + // ACK the client upgrade request + call.ReplyAttach() + reader, writer, _, pw, streams := setupStreams(call) go func() { diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go index fa1a0a109..1abc4f086 100644 --- a/pkg/varlinkapi/images.go +++ b/pkg/varlinkapi/images.go @@ -371,7 +371,6 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, compr done = true default: if !call.WantsMore() { - time.Sleep(1 * time.Second) break } br := iopodman.MoreResponse{ @@ -495,6 +494,9 @@ func (i *LibpodAPI) DeleteUnusedImages(call iopodman.VarlinkCall) error { // Commit ... func (i *LibpodAPI) Commit(call iopodman.VarlinkCall, name, imageName string, changes []string, author, message string, pause bool, manifestType string) error { + var newImage *image.Image + + output := bytes.NewBuffer([]byte{}) ctr, err := i.Runtime.LookupContainer(name) if err != nil { return call.ReplyContainerNotFound(name, err.Error()) @@ -515,7 +517,7 @@ func (i *LibpodAPI) Commit(call iopodman.VarlinkCall, name, imageName string, ch } coptions := buildah.CommitOptions{ SignaturePolicyPath: rtc.SignaturePolicyPath, - ReportWriter: nil, + ReportWriter: output, SystemContext: sc, PreferredManifestType: mimeType, } @@ -527,11 +529,61 @@ func (i *LibpodAPI) Commit(call iopodman.VarlinkCall, name, imageName string, ch Author: author, } - newImage, err := ctr.Commit(getContext(), imageName, options) - if err != nil { - return call.ReplyErrorOccurred(err.Error()) + if call.WantsMore() { + call.Continues = true } - return call.ReplyCommit(newImage.ID()) + + c := make(chan error) + + go func() { + newImage, err = ctr.Commit(getContext(), imageName, options) + if err != nil { + c <- err + } + c <- nil + close(c) + }() + + var log []string + done := false + for { + line, err := output.ReadString('\n') + if err == nil { + log = append(log, line) + continue + } else if err == io.EOF { + select { + case err := <-c: + if err != nil { + logrus.Errorf("reading of output during commit failed for %s", name) + return call.ReplyErrorOccurred(err.Error()) + } + done = true + default: + if !call.WantsMore() { + break + } + br := iopodman.MoreResponse{ + Logs: log, + } + call.ReplyCommit(br) + log = []string{} + } + } else { + return call.ReplyErrorOccurred(err.Error()) + } + if done { + break + } + } + call.Continues = false + + br := iopodman.MoreResponse{ + Logs: log, + Id: newImage.ID(), + } + + return call.ReplyCommit(br) } // ImportImage imports an image from a tarball to the image store @@ -633,7 +685,6 @@ func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string) error { done = true default: if !call.WantsMore() { - time.Sleep(1 * time.Second) break } br := iopodman.MoreResponse{ @@ -764,7 +815,6 @@ func (i *LibpodAPI) ImageSave(call iopodman.VarlinkCall, options iopodman.ImageS done = true default: if !call.WantsMore() { - time.Sleep(1 * time.Second) break } br := iopodman.MoreResponse{ @@ -844,7 +894,6 @@ func (i *LibpodAPI) LoadImage(call iopodman.VarlinkCall, name, inputFile string, done = true default: if !call.WantsMore() { - time.Sleep(1 * time.Second) break } br := iopodman.MoreResponse{ diff --git a/pkg/varlinkapi/transfers.go b/pkg/varlinkapi/transfers.go index 96f76bcdc..24a91a86f 100644 --- a/pkg/varlinkapi/transfers.go +++ b/pkg/varlinkapi/transfers.go @@ -29,6 +29,12 @@ func (i *LibpodAPI) SendFile(call iopodman.VarlinkCall, ftype string, length int return call.ReplyErrorOccurred(err.Error()) } + // FIXME return parameter + if err = call.ReplySendFile("FIXME_file_handle"); err != nil { + // If an error occurs while sending the reply, return the error + return err + } + writer := bufio.NewWriter(outputFile) defer writer.Flush() @@ -60,9 +66,10 @@ func (i *LibpodAPI) ReceiveFile(call iopodman.VarlinkCall, filepath string, dele } // Send the file length down to client - // Varlink connection upraded + // Varlink connection upgraded if err = call.ReplyReceiveFile(fileInfo.Size()); err != nil { - return call.ReplyErrorOccurred(err.Error()) + // If an error occurs while sending the reply, return the error + return err } reader := bufio.NewReader(fs) diff --git a/pkg/varlinkapi/virtwriter/virtwriter.go b/pkg/varlinkapi/virtwriter/virtwriter.go index 3adaf6e17..e747984c7 100644 --- a/pkg/varlinkapi/virtwriter/virtwriter.go +++ b/pkg/varlinkapi/virtwriter/virtwriter.go @@ -91,65 +91,65 @@ func (v VirtWriteCloser) Write(input []byte) (int, error) { // Reader decodes the content that comes over the wire and directs it to the proper destination. func Reader(r *bufio.Reader, output, errput *os.File, input *io.PipeWriter, resize chan remotecommand.TerminalSize) error { - var saveb []byte - var eom int + var messageSize int64 + headerBytes := make([]byte, 8) + for { - readb := make([]byte, 32*1024) - n, err := r.Read(readb) - // TODO, later may be worth checking in len of the read is 0 + n, err := io.ReadFull(r, headerBytes) if err != nil { return err } - b := append(saveb, readb[0:n]...) - // no sense in reading less than the header len - for len(b) > 7 { - eom = int(binary.BigEndian.Uint32(b[4:8])) + 8 - // The message and header are togther - if len(b) >= eom { - out := append([]byte{}, b[8:eom]...) - - switch IntToSocketDest(int(b[0])) { - case ToStdout: - n, err := output.Write(out) - if err != nil { - return err - } - if n < len(out) { - return errors.New("short write error occurred on stdout") - } - case ToStderr: - n, err := errput.Write(out) - if err != nil { - return err - } - if n < len(out) { - return errors.New("short write error occurred on stderr") - } - case ToStdin: - n, err := input.Write(out) - if err != nil { - return err - } - if n < len(out) { - return errors.New("short write error occurred on stdin") - } - case TerminalResize: - // Resize events come over in bytes, need to be reserialized - resizeEvent := remotecommand.TerminalSize{} - if err := json.Unmarshal(out, &resizeEvent); err != nil { - return err - } - resize <- resizeEvent - case Quit: - return nil + if n < 8 { + return errors.New("short read and no full header read") + } + + messageSize = int64(binary.BigEndian.Uint32(headerBytes[4:8])) + + switch IntToSocketDest(int(headerBytes[0])) { + case ToStdout: + _, err := io.CopyN(output, r, messageSize) + if err != nil { + return err + } + case ToStderr: + _, err := io.CopyN(errput, r, messageSize) + if err != nil { + return err + } + case ToStdin: + _, err := io.CopyN(input, r, messageSize) + if err != nil { + return err + } + case TerminalResize: + out := make([]byte, messageSize) + if messageSize > 0 { + _, err = io.ReadFull(r, out) + + if err != nil { + return err } - b = b[eom:] - } else { - // We do not have the header and full message, need to slurp again - saveb = b - break } + // Resize events come over in bytes, need to be reserialized + resizeEvent := remotecommand.TerminalSize{} + if err := json.Unmarshal(out, &resizeEvent); err != nil { + return err + } + resize <- resizeEvent + case Quit: + out := make([]byte, messageSize) + if messageSize > 0 { + _, err = io.ReadFull(r, out) + + if err != nil { + return err + } + } + return nil + + default: + // Something really went wrong + return errors.New("Unknown multiplex destination") } } - return nil } diff --git a/test/e2e/attach_test.go b/test/e2e/attach_test.go index a843fe7ff..7233d169c 100644 --- a/test/e2e/attach_test.go +++ b/test/e2e/attach_test.go @@ -26,7 +26,7 @@ var _ = Describe("Podman attach", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/checkpoint_test.go b/test/e2e/checkpoint_test.go index c2f5a592c..95ec21433 100644 --- a/test/e2e/checkpoint_test.go +++ b/test/e2e/checkpoint_test.go @@ -28,7 +28,7 @@ var _ = Describe("Podman checkpoint", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() // Check if the runtime implements checkpointing. Currently only // runc's checkpoint/restore implementation is supported. cmd := exec.Command(podmanTest.OCIRuntime, "checkpoint", "-h") @@ -221,7 +221,6 @@ var _ = Describe("Podman checkpoint", func() { }) It("podman checkpoint container with established tcp connections", func() { - podmanTest.RestoreArtifact(redis) session := podmanTest.Podman([]string{"run", "-it", "--security-opt", "seccomp=unconfined", "-d", redis}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) diff --git a/test/e2e/commit_test.go b/test/e2e/commit_test.go index bf20ac999..e9d274649 100644 --- a/test/e2e/commit_test.go +++ b/test/e2e/commit_test.go @@ -1,5 +1,3 @@ -// +build !remoteclient - package integration import ( @@ -24,7 +22,7 @@ var _ = Describe("Podman commit", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -174,6 +172,9 @@ var _ = Describe("Podman commit", func() { }) It("podman commit with volume mounts and --include-volumes", func() { + // We need to figure out how volumes are going to work correctly with the remote + // client. This does not currently work. + SkipIfRemote() s := podmanTest.Podman([]string{"run", "--name", "test1", "-v", "/tmp:/foo", "alpine", "date"}) s.WaitWithDefaultTimeout() Expect(s.ExitCode()).To(Equal(0)) diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go index 3c7675b35..0a388dc42 100644 --- a/test/e2e/common_test.go +++ b/test/e2e/common_test.go @@ -100,12 +100,23 @@ var _ = SynchronizedBeforeSuite(func() []byte { } } + // make cache dir + if err := os.MkdirAll(ImageCacheDir, 0777); err != nil { + fmt.Printf("%q\n", err) + os.Exit(1) + } + for _, image := range CACHE_IMAGES { if err := podman.CreateArtifact(image); err != nil { fmt.Printf("%q\n", err) os.Exit(1) } } + + // If running localized tests, the cache dir is created and populated. if the + // tests are remote, this is a no-op + populateCache(podman) + host := GetHostDistributionInfo() if host.Distribution == "rhel" && strings.HasPrefix(host.Version, "7") { f, err := os.OpenFile("/proc/sys/user/max_user_namespaces", os.O_WRONLY, 0644) @@ -136,53 +147,29 @@ func (p *PodmanTestIntegration) Setup() { p.ArtifactPath = ARTIFACT_DIR } -// var _ = BeforeSuite(func() { -// cwd, _ := os.Getwd() -// INTEGRATION_ROOT = filepath.Join(cwd, "../../") -// podman := PodmanTestCreate("/tmp") -// podman.ArtifactPath = ARTIFACT_DIR -// if _, err := os.Stat(ARTIFACT_DIR); os.IsNotExist(err) { -// if err = os.Mkdir(ARTIFACT_DIR, 0777); err != nil { -// fmt.Printf("%q\n", err) -// os.Exit(1) -// } -// } -// }) -// for _, image := range CACHE_IMAGES { -// if err := podman.CreateArtifact(image); err != nil { -// fmt.Printf("%q\n", err) -// os.Exit(1) -// } -// } -// host := GetHostDistributionInfo() -// if host.Distribution == "rhel" && strings.HasPrefix(host.Version, "7") { -// f, err := os.OpenFile("/proc/sys/user/max_user_namespaces", os.O_WRONLY, 0644) -// if err != nil { -// fmt.Println("Unable to enable userspace on RHEL 7") -// os.Exit(1) -// } -// _, err = f.WriteString("15000") -// if err != nil { -// fmt.Println("Unable to enable userspace on RHEL 7") -// os.Exit(1) -// } -// f.Close() -// } -// path, err := ioutil.TempDir("", "libpodlock") -// if err != nil { -// fmt.Println(err) -// os.Exit(1) -// } -// LockTmpDir = path -// }) - -var _ = AfterSuite(func() { - sort.Sort(testResultsSortedLength{testResults}) - fmt.Println("integration timing results") - for _, result := range testResults { - fmt.Printf("%s\t\t%f\n", result.name, result.length) - } -}) +var _ = SynchronizedAfterSuite(func() {}, + func() { + sort.Sort(testResultsSortedLength{testResults}) + fmt.Println("integration timing results") + for _, result := range testResults { + fmt.Printf("%s\t\t%f\n", result.name, result.length) + } + + // previous crio-run + tempdir, err := CreateTempDirInTempDir() + if err != nil { + os.Exit(1) + } + podmanTest := PodmanTestCreate(tempdir) + + if err := os.RemoveAll(podmanTest.CrioRoot); err != nil { + fmt.Printf("%q\n", err) + } + + // for localized tests, this removes the image cache dir and for remote tests + // this is a no-op + removeCache() + }) // PodmanTestCreate creates a PodmanTestIntegration instance for the tests func PodmanTestCreateUtil(tempDir string, remote bool) *PodmanTestIntegration { @@ -244,12 +231,18 @@ func PodmanTestCreateUtil(tempDir string, remote bool) *PodmanTestIntegration { os.Setenv("DISABLE_HC_SYSTEMD", "true") CNIConfigDir := "/etc/cni/net.d" + storageFs := STORAGE_FS + if rootless.IsRootless() { + storageFs = ROOTLESS_STORAGE_FS + } p := &PodmanTestIntegration{ PodmanTest: PodmanTest{ - PodmanBinary: podmanBinary, - ArtifactPath: ARTIFACT_DIR, - TempDir: tempDir, - RemoteTest: remote, + PodmanBinary: podmanBinary, + ArtifactPath: ARTIFACT_DIR, + TempDir: tempDir, + RemoteTest: remote, + ImageCacheFS: storageFs, + ImageCacheDir: ImageCacheDir, }, ConmonBinary: conmonBinary, CrioRoot: filepath.Join(tempDir, "crio"), @@ -304,10 +297,10 @@ func (p *PodmanTestIntegration) CreateArtifact(image string) error { dest := strings.Split(image, "/") destName := fmt.Sprintf("/tmp/%s.tar", strings.Replace(strings.Join(strings.Split(dest[len(dest)-1], "/"), ""), ":", "-", -1)) if _, err := os.Stat(destName); os.IsNotExist(err) { - pull := p.Podman([]string{"pull", image}) + pull := p.PodmanNoCache([]string{"pull", image}) pull.Wait(90) - save := p.Podman([]string{"save", "-o", destName, image}) + save := p.PodmanNoCache([]string{"save", "-o", destName, image}) save.Wait(90) fmt.Printf("\n") } else { @@ -390,7 +383,7 @@ func (p *PodmanTestIntegration) BuildImage(dockerfile, imageName string, layers dockerfilePath := filepath.Join(p.TempDir, "Dockerfile") err := ioutil.WriteFile(dockerfilePath, []byte(dockerfile), 0755) Expect(err).To(BeNil()) - session := p.Podman([]string{"build", "--layers=" + layers, "-t", imageName, "--file", dockerfilePath, p.TempDir}) + session := p.PodmanNoCache([]string{"build", "--layers=" + layers, "-t", imageName, "--file", dockerfilePath, p.TempDir}) session.Wait(120) Expect(session.ExitCode()).To(Equal(0)) } @@ -465,7 +458,7 @@ func (p *PodmanTestIntegration) PullImages(images []string) error { // PullImage pulls a single image // TODO should the timeout be configurable? func (p *PodmanTestIntegration) PullImage(image string) error { - session := p.Podman([]string{"pull", image}) + session := p.PodmanNoCache([]string{"pull", image}) session.Wait(60) Expect(session.ExitCode()).To(Equal(0)) return nil @@ -508,3 +501,9 @@ func (p *PodmanTestIntegration) RunTopContainerInPod(name, pod string) *PodmanSe podmanArgs = append(podmanArgs, "-d", ALPINE, "top") return p.Podman(podmanArgs) } + +func (p *PodmanTestIntegration) ImageExistsInMainStore(idOrName string) bool { + results := p.PodmanNoCache([]string{"image", "exists", idOrName}) + results.WaitWithDefaultTimeout() + return Expect(results.ExitCode()).To(Equal(0)) +} diff --git a/test/e2e/config.go b/test/e2e/config.go index 3fdb9e116..5e0000e09 100644 --- a/test/e2e/config.go +++ b/test/e2e/config.go @@ -7,4 +7,5 @@ var ( infra = "k8s.gcr.io/pause:3.1" BB = "docker.io/library/busybox:latest" healthcheck = "docker.io/libpod/alpine_healthcheck:latest" + ImageCacheDir = "/tmp/podman/imagecachedir" ) diff --git a/test/e2e/config_amd64.go b/test/e2e/config_amd64.go index d02de7a6e..01aa8445a 100644 --- a/test/e2e/config_amd64.go +++ b/test/e2e/config_amd64.go @@ -1,7 +1,9 @@ package integration var ( + STORAGE_FS = "vfs" STORAGE_OPTIONS = "--storage-driver vfs" + ROOTLESS_STORAGE_FS = "vfs" ROOTLESS_STORAGE_OPTIONS = "--storage-driver vfs" CACHE_IMAGES = []string{ALPINE, BB, fedoraMinimal, nginx, redis, registry, infra, labels, healthcheck} nginx = "quay.io/libpod/alpine_nginx:latest" diff --git a/test/e2e/config_ppc64le.go b/test/e2e/config_ppc64le.go index d1737fa6f..569a34efb 100644 --- a/test/e2e/config_ppc64le.go +++ b/test/e2e/config_ppc64le.go @@ -1,7 +1,9 @@ package integration var ( + STORAGE_FS = "overlay" STORAGE_OPTIONS = "--storage-driver overlay" + ROOTLESS_STORAGE_FS = "vfs" ROOTLESS_STORAGE_OPTIONS = "--storage-driver vfs" CACHE_IMAGES = []string{ALPINE, BB, fedoraMinimal, nginx, redis, infra, labels} nginx = "quay.io/libpod/alpine_nginx-ppc64le:latest" diff --git a/test/e2e/cp_test.go b/test/e2e/cp_test.go index f8df5d3d0..597d0aef7 100644 --- a/test/e2e/cp_test.go +++ b/test/e2e/cp_test.go @@ -28,7 +28,7 @@ var _ = Describe("Podman cp", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -42,14 +42,15 @@ var _ = Describe("Podman cp", func() { srcPath := filepath.Join(podmanTest.RunRoot, "cp_test.txt") dstPath := filepath.Join(podmanTest.RunRoot, "cp_from_container") fromHostToContainer := []byte("copy from host to container") - err := ioutil.WriteFile(srcPath, fromHostToContainer, 0644) - Expect(err).To(BeNil()) session := podmanTest.Podman([]string{"create", ALPINE, "cat", "foo"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) name := session.OutputToString() + err := ioutil.WriteFile(srcPath, fromHostToContainer, 0644) + Expect(err).To(BeNil()) + session = podmanTest.Podman([]string{"cp", srcPath, name + ":foo"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -63,16 +64,17 @@ var _ = Describe("Podman cp", func() { srcPath := filepath.Join(podmanTest.RunRoot, "cp_test.txt") dstDir := filepath.Join(podmanTest.RunRoot, "receive") fromHostToContainer := []byte("copy from host to container directory") - err := ioutil.WriteFile(srcPath, fromHostToContainer, 0644) - Expect(err).To(BeNil()) - err = os.Mkdir(dstDir, 0755) - Expect(err).To(BeNil()) session := podmanTest.Podman([]string{"create", ALPINE, "ls", "foodir/"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) name := session.OutputToString() + err := ioutil.WriteFile(srcPath, fromHostToContainer, 0644) + Expect(err).To(BeNil()) + err = os.Mkdir(dstDir, 0755) + Expect(err).To(BeNil()) + session = podmanTest.Podman([]string{"cp", srcPath, name + ":foodir/"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -87,14 +89,15 @@ var _ = Describe("Podman cp", func() { It("podman cp dir to dir", func() { testDirPath := filepath.Join(podmanTest.RunRoot, "TestDir") - err := os.Mkdir(testDirPath, 0755) - Expect(err).To(BeNil()) session := podmanTest.Podman([]string{"create", ALPINE, "ls", "/foodir"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) name := session.OutputToString() + err := os.Mkdir(testDirPath, 0755) + Expect(err).To(BeNil()) + session = podmanTest.Podman([]string{"cp", testDirPath, name + ":/foodir"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -105,6 +108,11 @@ var _ = Describe("Podman cp", func() { }) It("podman cp stdin/stdout", func() { + session := podmanTest.Podman([]string{"create", ALPINE, "ls", "foo"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + name := session.OutputToString() + testDirPath := filepath.Join(podmanTest.RunRoot, "TestDir") err := os.Mkdir(testDirPath, 0755) Expect(err).To(BeNil()) @@ -112,11 +120,6 @@ var _ = Describe("Podman cp", func() { _, err = cmd.Output() Expect(err).To(BeNil()) - session := podmanTest.Podman([]string{"create", ALPINE, "ls", "foo"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - name := session.OutputToString() - data, err := ioutil.ReadFile("foo.tar.gz") reader := strings.NewReader(string(data)) cmd.Stdin = reader @@ -133,6 +136,10 @@ var _ = Describe("Podman cp", func() { }) It("podman cp tar", func() { + session := podmanTest.Podman([]string{"create", "--name", "testctr", ALPINE, "ls", "-l", "foo"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + path, err := os.Getwd() Expect(err).To(BeNil()) testDirPath := filepath.Join(path, "TestDir") @@ -142,10 +149,6 @@ var _ = Describe("Podman cp", func() { _, err = cmd.Output() Expect(err).To(BeNil()) - session := podmanTest.Podman([]string{"create", "--name", "testctr", ALPINE, "ls", "-l", "foo"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"cp", "file.tar", "testctr:/foo/"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -158,4 +161,27 @@ var _ = Describe("Podman cp", func() { os.Remove("file.tar") os.RemoveAll(testDirPath) }) + + It("podman cp symlink", func() { + session := podmanTest.Podman([]string{"run", "-d", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + name := session.OutputToString() + + srcPath := filepath.Join(podmanTest.RunRoot, "cp_test.txt") + fromHostToContainer := []byte("copy from host to container") + err := ioutil.WriteFile(srcPath, fromHostToContainer, 0644) + Expect(err).To(BeNil()) + + session = podmanTest.Podman([]string{"exec", name, "ln", "-s", "/tmp", "/test"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"cp", "--pause=false", srcPath, name + ":/test"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + _, err = os.Stat("/tmp/cp_test.txt") + Expect(err).To(Not(BeNil())) + }) }) diff --git a/test/e2e/create_staticip_test.go b/test/e2e/create_staticip_test.go index 6c4ca1cb8..11301856b 100644 --- a/test/e2e/create_staticip_test.go +++ b/test/e2e/create_staticip_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman create with --ip flag", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() // Cleanup the CNI networks used by the tests os.RemoveAll("/var/lib/cni/networks/podman") }) diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index f3367337e..e2b4a7cf4 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman create", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/diff_test.go b/test/e2e/diff_test.go index 920b920c0..0f53d9bc8 100644 --- a/test/e2e/diff_test.go +++ b/test/e2e/diff_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman diff", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/events_test.go b/test/e2e/events_test.go index 5ac5c9860..c5eedda3c 100644 --- a/test/e2e/events_test.go +++ b/test/e2e/events_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman events", func() { os.Exit(1) } podmanTest = PodmanTestCreate(tempdir) - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/exec_test.go b/test/e2e/exec_test.go index 2a10e52b1..f42831ebb 100644 --- a/test/e2e/exec_test.go +++ b/test/e2e/exec_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman exec", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -123,7 +123,6 @@ var _ = Describe("Podman exec", func() { }) It("podman exec with user only in container", func() { - podmanTest.RestoreArtifact(fedoraMinimal) testUser := "test123" setup := podmanTest.Podman([]string{"run", "--name", "test1", "-d", fedoraMinimal, "sleep", "60"}) setup.WaitWithDefaultTimeout() diff --git a/test/e2e/exists_test.go b/test/e2e/exists_test.go index 71c6c1820..1486427c5 100644 --- a/test/e2e/exists_test.go +++ b/test/e2e/exists_test.go @@ -48,7 +48,6 @@ var _ = Describe("Podman image|container exists", func() { Expect(session.ExitCode()).To(Equal(1)) }) It("podman container exists in local storage by name", func() { - SkipIfRemote() setup := podmanTest.RunTopContainer("foobar") setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) @@ -58,7 +57,6 @@ var _ = Describe("Podman image|container exists", func() { Expect(session.ExitCode()).To(Equal(0)) }) It("podman container exists in local storage by container ID", func() { - SkipIfRemote() setup := podmanTest.RunTopContainer("") setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) @@ -69,7 +67,6 @@ var _ = Describe("Podman image|container exists", func() { Expect(session.ExitCode()).To(Equal(0)) }) It("podman container exists in local storage by short container ID", func() { - SkipIfRemote() setup := podmanTest.RunTopContainer("") setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) @@ -80,14 +77,12 @@ var _ = Describe("Podman image|container exists", func() { Expect(session.ExitCode()).To(Equal(0)) }) It("podman container does not exist in local storage", func() { - SkipIfRemote() session := podmanTest.Podman([]string{"container", "exists", "foobar"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(1)) }) It("podman pod exists in local storage by name", func() { - SkipIfRemote() setup, rc, _ := podmanTest.CreatePod("foobar") setup.WaitWithDefaultTimeout() Expect(rc).To(Equal(0)) @@ -97,7 +92,6 @@ var _ = Describe("Podman image|container exists", func() { Expect(session.ExitCode()).To(Equal(0)) }) It("podman pod exists in local storage by container ID", func() { - SkipIfRemote() setup, rc, podID := podmanTest.CreatePod("") setup.WaitWithDefaultTimeout() Expect(rc).To(Equal(0)) @@ -107,7 +101,6 @@ var _ = Describe("Podman image|container exists", func() { Expect(session.ExitCode()).To(Equal(0)) }) It("podman pod exists in local storage by short container ID", func() { - SkipIfRemote() setup, rc, podID := podmanTest.CreatePod("") setup.WaitWithDefaultTimeout() Expect(rc).To(Equal(0)) @@ -117,6 +110,7 @@ var _ = Describe("Podman image|container exists", func() { Expect(session.ExitCode()).To(Equal(0)) }) It("podman pod does not exist in local storage", func() { + // The exit code for non-existing pod is incorrect (125 vs 1) SkipIfRemote() session := podmanTest.Podman([]string{"pod", "exists", "foobar"}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/export_test.go b/test/e2e/export_test.go index 71ddb518a..8406b0e73 100644 --- a/test/e2e/export_test.go +++ b/test/e2e/export_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman export", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index 2f0af7e5f..95d46476d 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman generate kube", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go index 940e894bc..5bb040206 100644 --- a/test/e2e/generate_systemd_test.go +++ b/test/e2e/generate_systemd_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman generate systemd", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/healthcheck_run_test.go b/test/e2e/healthcheck_run_test.go index 60be86ebc..2af427d28 100644 --- a/test/e2e/healthcheck_run_test.go +++ b/test/e2e/healthcheck_run_test.go @@ -5,6 +5,7 @@ package integration import ( "fmt" "os" + "time" . "github.com/containers/libpod/test/utils" . "github.com/onsi/ginkgo" @@ -24,7 +25,8 @@ var _ = Describe("Podman healthcheck run", func() { os.Exit(1) } podmanTest = PodmanTestCreate(tempdir) - podmanTest.RestoreAllArtifacts() + podmanTest.Setup() + podmanTest.SeedImages() }) AfterEach(func() { @@ -42,14 +44,23 @@ var _ = Describe("Podman healthcheck run", func() { }) It("podman healthcheck on valid container", func() { - podmanTest.RestoreArtifact(healthcheck) session := podmanTest.Podman([]string{"run", "-dt", "--name", "hc", healthcheck}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - hc := podmanTest.Podman([]string{"healthcheck", "run", "hc"}) - hc.WaitWithDefaultTimeout() - Expect(hc.ExitCode()).To(Equal(0)) + exitCode := 999 + + // Buy a little time to get container running + for i := 0; i < 5; i++ { + hc := podmanTest.Podman([]string{"healthcheck", "run", "hc"}) + hc.WaitWithDefaultTimeout() + exitCode = hc.ExitCode() + if exitCode == 0 || i == 4 { + break + } + time.Sleep(1 * time.Second) + } + Expect(exitCode).To(Equal(0)) }) It("podman healthcheck that should fail", func() { @@ -63,7 +74,6 @@ var _ = Describe("Podman healthcheck run", func() { }) It("podman healthcheck on stopped container", func() { - podmanTest.RestoreArtifact(healthcheck) session := podmanTest.Podman([]string{"run", "-dt", "--name", "hc", healthcheck, "ls"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) diff --git a/test/e2e/history_test.go b/test/e2e/history_test.go index 9e519dd9c..231e8b856 100644 --- a/test/e2e/history_test.go +++ b/test/e2e/history_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman history", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/images_test.go b/test/e2e/images_test.go index 23455163b..07d61e885 100644 --- a/test/e2e/images_test.go +++ b/test/e2e/images_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman images", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -44,14 +44,15 @@ var _ = Describe("Podman images", func() { }) It("podman images with no images prints header", func() { - rmi := podmanTest.Podman([]string{"rmi", "-a"}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", "-a"}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - session := podmanTest.Podman([]string{"images"}) + session := podmanTest.PodmanNoCache([]string{"images"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(1)) + Expect(session.LineInOutputContains("REPOSITORY")).To(BeTrue()) }) It("podman image List", func() { @@ -65,15 +66,16 @@ var _ = Describe("Podman images", func() { It("podman images with multiple tags", func() { // tag "docker.io/library/alpine:latest" to "foo:{a,b,c}" - session := podmanTest.Podman([]string{"tag", ALPINE, "foo:a", "foo:b", "foo:c"}) + podmanTest.RestoreAllArtifacts() + session := podmanTest.PodmanNoCache([]string{"tag", ALPINE, "foo:a", "foo:b", "foo:c"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) // tag "foo:c" to "bar:{a,b}" - session = podmanTest.Podman([]string{"tag", "foo:c", "bar:a", "bar:b"}) + session = podmanTest.PodmanNoCache([]string{"tag", "foo:c", "bar:a", "bar:b"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) // check all previous and the newly tagged images - session = podmanTest.Podman([]string{"images"}) + session = podmanTest.PodmanNoCache([]string{"images"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) session.LineInOutputContainsTag("docker.io/library/alpine", "latest") @@ -83,7 +85,7 @@ var _ = Describe("Podman images", func() { session.LineInOutputContainsTag("foo", "c") session.LineInOutputContainsTag("bar", "a") session.LineInOutputContainsTag("bar", "b") - session = podmanTest.Podman([]string{"images", "-qn"}) + session = podmanTest.PodmanNoCache([]string{"images", "-qn"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(BeNumerically("==", 2)) @@ -119,19 +121,20 @@ var _ = Describe("Podman images", func() { }) It("podman images filter by image name", func() { - session := podmanTest.Podman([]string{"images", "-q", ALPINE}) + podmanTest.RestoreAllArtifacts() + session := podmanTest.PodmanNoCache([]string{"images", "-q", ALPINE}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(1)) - session = podmanTest.Podman([]string{"tag", ALPINE, "foo:a"}) + session = podmanTest.PodmanNoCache([]string{"tag", ALPINE, "foo:a"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"tag", BB, "foo:b"}) + session = podmanTest.PodmanNoCache([]string{"tag", BB, "foo:b"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"images", "-q", "foo"}) + session = podmanTest.PodmanNoCache([]string{"images", "-q", "foo"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(2)) @@ -141,24 +144,25 @@ var _ = Describe("Podman images", func() { if podmanTest.RemoteTest { Skip("Does not work on remote client") } - result := podmanTest.Podman([]string{"images", "-q", "-f", "reference=docker.io*"}) + podmanTest.RestoreAllArtifacts() + result := podmanTest.PodmanNoCache([]string{"images", "-q", "-f", "reference=docker.io*"}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) Expect(len(result.OutputToStringArray())).To(Equal(2)) - retapline := podmanTest.Podman([]string{"images", "-f", "reference=a*pine"}) + retapline := podmanTest.PodmanNoCache([]string{"images", "-f", "reference=a*pine"}) retapline.WaitWithDefaultTimeout() Expect(retapline.ExitCode()).To(Equal(0)) Expect(len(retapline.OutputToStringArray())).To(Equal(2)) Expect(retapline.LineInOutputContains("alpine")) - retapline = podmanTest.Podman([]string{"images", "-f", "reference=alpine"}) + retapline = podmanTest.PodmanNoCache([]string{"images", "-f", "reference=alpine"}) retapline.WaitWithDefaultTimeout() Expect(retapline.ExitCode()).To(Equal(0)) Expect(len(retapline.OutputToStringArray())).To(Equal(2)) Expect(retapline.LineInOutputContains("alpine")) - retnone := podmanTest.Podman([]string{"images", "-q", "-f", "reference=bogus"}) + retnone := podmanTest.PodmanNoCache([]string{"images", "-q", "-f", "reference=bogus"}) retnone.WaitWithDefaultTimeout() Expect(retnone.ExitCode()).To(Equal(0)) Expect(len(retnone.OutputToStringArray())).To(Equal(0)) @@ -182,14 +186,15 @@ RUN apk update && apk add man if podmanTest.RemoteTest { Skip("Does not work on remote client") } - rmi := podmanTest.Podman([]string{"rmi", "busybox"}) + podmanTest.RestoreAllArtifacts() + rmi := podmanTest.PodmanNoCache([]string{"rmi", "busybox"}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) dockerfile := `FROM docker.io/library/alpine:latest ` podmanTest.BuildImage(dockerfile, "foobar.com/before:latest", "false") - result := podmanTest.Podman([]string{"images", "-q", "-f", "after=docker.io/library/alpine:latest"}) + result := podmanTest.PodmanNoCache([]string{"images", "-q", "-f", "after=docker.io/library/alpine:latest"}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) Expect(len(result.OutputToStringArray())).To(Equal(0)) @@ -199,14 +204,15 @@ RUN apk update && apk add man if podmanTest.RemoteTest { Skip("Does not work on remote client") } - rmi := podmanTest.Podman([]string{"image", "rm", "busybox"}) + podmanTest.RestoreAllArtifacts() + rmi := podmanTest.PodmanNoCache([]string{"image", "rm", "busybox"}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) dockerfile := `FROM docker.io/library/alpine:latest ` podmanTest.BuildImage(dockerfile, "foobar.com/before:latest", "false") - result := podmanTest.Podman([]string{"image", "list", "-q", "-f", "after=docker.io/library/alpine:latest"}) + result := podmanTest.PodmanNoCache([]string{"image", "list", "-q", "-f", "after=docker.io/library/alpine:latest"}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) Expect(len(result.OutputToStringArray())).To(Equal(0)) @@ -282,18 +288,19 @@ RUN apk update && apk add man if podmanTest.RemoteTest { Skip("Does not work on remote client") } + podmanTest.RestoreAllArtifacts() dockerfile := `FROM docker.io/library/alpine:latest RUN mkdir hello RUN touch test.txt ENV foo=bar ` podmanTest.BuildImage(dockerfile, "test", "true") - session := podmanTest.Podman([]string{"images"}) + session := podmanTest.PodmanNoCache([]string{"images"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(4)) - session2 := podmanTest.Podman([]string{"images", "--all"}) + session2 := podmanTest.PodmanNoCache([]string{"images", "--all"}) session2.WaitWithDefaultTimeout() Expect(session2.ExitCode()).To(Equal(0)) Expect(len(session2.OutputToStringArray())).To(Equal(6)) diff --git a/test/e2e/import_test.go b/test/e2e/import_test.go index e819d819c..84a91a783 100644 --- a/test/e2e/import_test.go +++ b/test/e2e/import_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman import", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -62,14 +62,11 @@ var _ = Describe("Podman import", func() { export.WaitWithDefaultTimeout() Expect(export.ExitCode()).To(Equal(0)) - importImage := podmanTest.Podman([]string{"import", outfile}) + importImage := podmanTest.PodmanNoCache([]string{"import", outfile}) importImage.WaitWithDefaultTimeout() Expect(importImage.ExitCode()).To(Equal(0)) - results := podmanTest.Podman([]string{"images", "-q"}) - results.WaitWithDefaultTimeout() - Expect(results.ExitCode()).To(Equal(0)) - Expect(len(results.OutputToStringArray())).To(Equal(3)) + Expect(podmanTest.ImageExistsInMainStore(importImage.OutputToString())).To(BeTrue()) }) It("podman import with message flag", func() { diff --git a/test/e2e/init_test.go b/test/e2e/init_test.go index 5865930a5..919fe4abf 100644 --- a/test/e2e/init_test.go +++ b/test/e2e/init_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman init", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index 34328828f..ccd8602c4 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman inspect", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/kill_test.go b/test/e2e/kill_test.go index 3286180a4..017fe4a3f 100644 --- a/test/e2e/kill_test.go +++ b/test/e2e/kill_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman kill", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/libpod_suite_remoteclient_test.go b/test/e2e/libpod_suite_remoteclient_test.go index b7fd8537d..c8210f7d1 100644 --- a/test/e2e/libpod_suite_remoteclient_test.go +++ b/test/e2e/libpod_suite_remoteclient_test.go @@ -30,7 +30,13 @@ func SkipIfRootless() { // Podman is the exec call to podman on the filesystem func (p *PodmanTestIntegration) Podman(args []string) *PodmanSessionIntegration { - podmanSession := p.PodmanBase(args) + podmanSession := p.PodmanBase(args, false) + return &PodmanSessionIntegration{podmanSession} +} + +// PodmanNoCache calls podman with out adding the imagecache +func (p *PodmanTestIntegration) PodmanNoCache(args []string) *PodmanSessionIntegration { + podmanSession := p.PodmanBase(args, true) return &PodmanSessionIntegration{podmanSession} } @@ -145,6 +151,21 @@ func getVarlinkOptions(p *PodmanTestIntegration, args []string) []string { return podmanOptions } +func (p *PodmanTestIntegration) RestoreArtifactToCache(image string) error { + fmt.Printf("Restoring %s...\n", image) + dest := strings.Split(image, "/") + destName := fmt.Sprintf("/tmp/%s.tar", strings.Replace(strings.Join(strings.Split(dest[len(dest)-1], "/"), ""), ":", "-", -1)) + p.CrioRoot = p.ImageCacheDir + restore := p.PodmanNoCache([]string{"load", "-q", "-i", destName}) + restore.WaitWithDefaultTimeout() + return nil +} + +// SeedImages restores all the artifacts into the main store for remote tests +func (p *PodmanTestIntegration) SeedImages() error { + return p.RestoreAllArtifacts() +} + // RestoreArtifact puts the cached image into our test store func (p *PodmanTestIntegration) RestoreArtifact(image string) error { fmt.Printf("Restoring %s...\n", image) @@ -169,3 +190,6 @@ func (p *PodmanTestIntegration) DelayForVarlink() { time.Sleep(1 * time.Second) } } + +func populateCache(podman *PodmanTestIntegration) {} +func removeCache() {} diff --git a/test/e2e/libpod_suite_test.go b/test/e2e/libpod_suite_test.go index 0a85c625d..8d993ee72 100644 --- a/test/e2e/libpod_suite_test.go +++ b/test/e2e/libpod_suite_test.go @@ -23,13 +23,19 @@ func SkipIfRootless() { // Podman is the exec call to podman on the filesystem func (p *PodmanTestIntegration) Podman(args []string) *PodmanSessionIntegration { - podmanSession := p.PodmanBase(args) + podmanSession := p.PodmanBase(args, false) + return &PodmanSessionIntegration{podmanSession} +} + +// PodmanNoCache calls the podman command with no configured imagecache +func (p *PodmanTestIntegration) PodmanNoCache(args []string) *PodmanSessionIntegration { + podmanSession := p.PodmanBase(args, true) return &PodmanSessionIntegration{podmanSession} } // PodmanAsUser is the exec call to podman on the filesystem with the specified uid/gid and environment func (p *PodmanTestIntegration) PodmanAsUser(args []string, uid, gid uint32, cwd string, env []string) *PodmanSessionIntegration { - podmanSession := p.PodmanAsUserBase(args, uid, gid, cwd, env) + podmanSession := p.PodmanAsUserBase(args, uid, gid, cwd, env, false) return &PodmanSessionIntegration{podmanSession} } @@ -75,9 +81,40 @@ func (p *PodmanTestIntegration) RestoreArtifact(image string) error { fmt.Printf("Restoring %s...\n", image) dest := strings.Split(image, "/") destName := fmt.Sprintf("/tmp/%s.tar", strings.Replace(strings.Join(strings.Split(dest[len(dest)-1], "/"), ""), ":", "-", -1)) - restore := p.Podman([]string{"load", "-q", "-i", destName}) + restore := p.PodmanNoCache([]string{"load", "-q", "-i", destName}) restore.Wait(90) return nil } + +// RestoreArtifactToCache populates the imagecache from tarballs that were cached earlier +func (p *PodmanTestIntegration) RestoreArtifactToCache(image string) error { + fmt.Printf("Restoring %s...\n", image) + dest := strings.Split(image, "/") + destName := fmt.Sprintf("/tmp/%s.tar", strings.Replace(strings.Join(strings.Split(dest[len(dest)-1], "/"), ""), ":", "-", -1)) + + p.CrioRoot = p.ImageCacheDir + restore := p.PodmanNoCache([]string{"load", "-q", "-i", destName}) + restore.WaitWithDefaultTimeout() + return nil +} + func (p *PodmanTestIntegration) StopVarlink() {} func (p *PodmanTestIntegration) DelayForVarlink() {} + +func populateCache(podman *PodmanTestIntegration) { + for _, image := range CACHE_IMAGES { + podman.RestoreArtifactToCache(image) + } +} + +func removeCache() { + // Remove cache dirs + if err := os.RemoveAll(ImageCacheDir); err != nil { + fmt.Printf("%q\n", err) + } +} + +// SeedImages is a no-op for localized testing +func (p *PodmanTestIntegration) SeedImages() error { + return nil +} diff --git a/test/e2e/load_test.go b/test/e2e/load_test.go index 0e193640e..9209e1770 100644 --- a/test/e2e/load_test.go +++ b/test/e2e/load_test.go @@ -3,6 +3,7 @@ package integration import ( + "fmt" "os" "path/filepath" @@ -38,7 +39,11 @@ var _ = Describe("Podman load", func() { It("podman load input flag", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, ALPINE}) + images := podmanTest.PodmanNoCache([]string{"images"}) + images.WaitWithDefaultTimeout() + fmt.Println(images.OutputToStringArray()) + + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) @@ -46,7 +51,7 @@ var _ = Describe("Podman load", func() { rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"load", "-i", outfile}) + result := podmanTest.PodmanNoCache([]string{"load", "-i", outfile}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) }) @@ -54,7 +59,7 @@ var _ = Describe("Podman load", func() { It("podman load compressed tar file", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) @@ -62,11 +67,11 @@ var _ = Describe("Podman load", func() { Expect(compress.ExitCode()).To(Equal(0)) outfile = outfile + ".gz" - rmi := podmanTest.Podman([]string{"rmi", ALPINE}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"load", "-i", outfile}) + result := podmanTest.PodmanNoCache([]string{"load", "-i", outfile}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) }) @@ -74,15 +79,15 @@ var _ = Describe("Podman load", func() { It("podman load oci-archive image", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, "--format", "oci-archive", ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, "--format", "oci-archive", ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) - rmi := podmanTest.Podman([]string{"rmi", ALPINE}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"load", "-i", outfile}) + result := podmanTest.PodmanNoCache([]string{"load", "-i", outfile}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) }) @@ -90,15 +95,15 @@ var _ = Describe("Podman load", func() { It("podman load oci-archive with signature", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, "--format", "oci-archive", ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, "--format", "oci-archive", ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) - rmi := podmanTest.Podman([]string{"rmi", ALPINE}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"load", "--signature-policy", "/etc/containers/policy.json", "-i", outfile}) + result := podmanTest.PodmanNoCache([]string{"load", "--signature-policy", "/etc/containers/policy.json", "-i", outfile}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) }) @@ -106,15 +111,15 @@ var _ = Describe("Podman load", func() { It("podman load with quiet flag", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) - rmi := podmanTest.Podman([]string{"rmi", ALPINE}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"load", "-q", "-i", outfile}) + result := podmanTest.PodmanNoCache([]string{"load", "-q", "-i", outfile}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) }) @@ -122,7 +127,7 @@ var _ = Describe("Podman load", func() { It("podman load directory", func() { outdir := filepath.Join(podmanTest.TempDir, "alpine") - save := podmanTest.Podman([]string{"save", "--format", "oci-dir", "-o", outdir, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "--format", "oci-dir", "-o", outdir, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) @@ -136,7 +141,7 @@ var _ = Describe("Podman load", func() { }) It("podman load bogus file", func() { - save := podmanTest.Podman([]string{"load", "-i", "foobar.tar"}) + save := podmanTest.PodmanNoCache([]string{"load", "-i", "foobar.tar"}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).ToNot(Equal(0)) }) @@ -148,75 +153,75 @@ var _ = Describe("Podman load", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") alpVersion := "docker.io/library/alpine:3.2" - pull := podmanTest.Podman([]string{"pull", alpVersion}) + pull := podmanTest.PodmanNoCache([]string{"pull", alpVersion}) pull.WaitWithDefaultTimeout() Expect(pull.ExitCode()).To(Equal(0)) - save := podmanTest.Podman([]string{"save", "-o", outfile, ALPINE, alpVersion}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, ALPINE, alpVersion}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) - rmi := podmanTest.Podman([]string{"rmi", ALPINE, alpVersion}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", ALPINE, alpVersion}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"load", "-i", outfile}) + result := podmanTest.PodmanNoCache([]string{"load", "-i", outfile}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) - inspect := podmanTest.Podman([]string{"inspect", ALPINE}) + inspect := podmanTest.PodmanNoCache([]string{"inspect", ALPINE}) inspect.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) - inspect = podmanTest.Podman([]string{"inspect", alpVersion}) + inspect = podmanTest.PodmanNoCache([]string{"inspect", alpVersion}) inspect.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) }) It("podman load localhost registry from scratch", func() { outfile := filepath.Join(podmanTest.TempDir, "load_test.tar.gz") - setup := podmanTest.Podman([]string{"tag", ALPINE, "hello:world"}) + setup := podmanTest.PodmanNoCache([]string{"tag", ALPINE, "hello:world"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - setup = podmanTest.Podman([]string{"save", "-o", outfile, "--format", "oci-archive", "hello:world"}) + setup = podmanTest.PodmanNoCache([]string{"save", "-o", outfile, "--format", "oci-archive", "hello:world"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - setup = podmanTest.Podman([]string{"rmi", "hello:world"}) + setup = podmanTest.PodmanNoCache([]string{"rmi", "hello:world"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - load := podmanTest.Podman([]string{"load", "-i", outfile}) + load := podmanTest.PodmanNoCache([]string{"load", "-i", outfile}) load.WaitWithDefaultTimeout() Expect(load.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"images", "hello:world"}) + result := podmanTest.PodmanNoCache([]string{"images", "hello:world"}) result.WaitWithDefaultTimeout() Expect(result.LineInOutputContains("docker")).To(Not(BeTrue())) Expect(result.LineInOutputContains("localhost")).To(BeTrue()) }) It("podman load localhost registry from scratch and :latest", func() { + podmanTest.RestoreArtifact(fedoraMinimal) outfile := filepath.Join(podmanTest.TempDir, "load_test.tar.gz") - podmanTest.RestoreArtifact("fedora-minimal:latest") - setup := podmanTest.Podman([]string{"tag", "fedora-minimal", "hello"}) + setup := podmanTest.PodmanNoCache([]string{"tag", "fedora-minimal", "hello"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - setup = podmanTest.Podman([]string{"save", "-o", outfile, "--format", "oci-archive", "hello"}) + setup = podmanTest.PodmanNoCache([]string{"save", "-o", outfile, "--format", "oci-archive", "hello"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - setup = podmanTest.Podman([]string{"rmi", "hello"}) + setup = podmanTest.PodmanNoCache([]string{"rmi", "hello"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - load := podmanTest.Podman([]string{"load", "-i", outfile}) + load := podmanTest.PodmanNoCache([]string{"load", "-i", outfile}) load.WaitWithDefaultTimeout() Expect(load.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"images", "hello:latest"}) + result := podmanTest.PodmanNoCache([]string{"images", "hello:latest"}) result.WaitWithDefaultTimeout() Expect(result.LineInOutputContains("docker")).To(Not(BeTrue())) Expect(result.LineInOutputContains("localhost")).To(BeTrue()) @@ -225,23 +230,23 @@ var _ = Describe("Podman load", func() { It("podman load localhost registry from dir", func() { outfile := filepath.Join(podmanTest.TempDir, "load") - setup := podmanTest.Podman([]string{"tag", BB, "hello:world"}) + setup := podmanTest.PodmanNoCache([]string{"tag", BB, "hello:world"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - setup = podmanTest.Podman([]string{"save", "-o", outfile, "--format", "oci-dir", "hello:world"}) + setup = podmanTest.PodmanNoCache([]string{"save", "-o", outfile, "--format", "oci-dir", "hello:world"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - setup = podmanTest.Podman([]string{"rmi", "hello:world"}) + setup = podmanTest.PodmanNoCache([]string{"rmi", "hello:world"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - load := podmanTest.Podman([]string{"load", "-i", outfile}) + load := podmanTest.PodmanNoCache([]string{"load", "-i", outfile}) load.WaitWithDefaultTimeout() Expect(load.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"images", "load:latest"}) + result := podmanTest.PodmanNoCache([]string{"images", "load:latest"}) result.WaitWithDefaultTimeout() Expect(result.LineInOutputContains("docker")).To(Not(BeTrue())) Expect(result.LineInOutputContains("localhost")).To(BeTrue()) @@ -250,17 +255,17 @@ var _ = Describe("Podman load", func() { It("podman load xz compressed image", func() { outfile := filepath.Join(podmanTest.TempDir, "bb.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, BB}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, BB}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) session := SystemExec("xz", []string{outfile}) Expect(session.ExitCode()).To(Equal(0)) - rmi := podmanTest.Podman([]string{"rmi", BB}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", BB}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"load", "-i", outfile + ".xz"}) + result := podmanTest.PodmanNoCache([]string{"load", "-i", outfile + ".xz"}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) }) diff --git a/test/e2e/logs_test.go b/test/e2e/logs_test.go index 20d02efcb..cc50c4d95 100644 --- a/test/e2e/logs_test.go +++ b/test/e2e/logs_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman logs", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/mount_test.go b/test/e2e/mount_test.go index b361e0057..61abdf6fc 100644 --- a/test/e2e/mount_test.go +++ b/test/e2e/mount_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman mount", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/namespace_test.go b/test/e2e/namespace_test.go index 28d050be3..88b48cb06 100644 --- a/test/e2e/namespace_test.go +++ b/test/e2e/namespace_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman namespaces", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pause_test.go b/test/e2e/pause_test.go index c47189a0e..01fb6d91b 100644 --- a/test/e2e/pause_test.go +++ b/test/e2e/pause_test.go @@ -27,7 +27,7 @@ var _ = Describe("Podman pause", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -249,7 +249,6 @@ var _ = Describe("Podman pause", func() { }) It("Pause a bunch of running containers", func() { - podmanTest.RestoreArtifact(nginx) for i := 0; i < 3; i++ { name := fmt.Sprintf("test%d", i) run := podmanTest.Podman([]string{"run", "-dt", "--name", name, nginx}) @@ -277,7 +276,6 @@ var _ = Describe("Podman pause", func() { }) It("Unpause a bunch of running containers", func() { - podmanTest.RestoreArtifact(nginx) for i := 0; i < 3; i++ { name := fmt.Sprintf("test%d", i) run := podmanTest.Podman([]string{"run", "-dt", "--name", name, nginx}) diff --git a/test/e2e/pod_create_test.go b/test/e2e/pod_create_test.go index 84966f77b..2efa36141 100644 --- a/test/e2e/pod_create_test.go +++ b/test/e2e/pod_create_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman pod create", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_infra_container_test.go b/test/e2e/pod_infra_container_test.go index 82f35999c..c8763de9f 100644 --- a/test/e2e/pod_infra_container_test.go +++ b/test/e2e/pod_infra_container_test.go @@ -25,8 +25,7 @@ var _ = Describe("Podman pod create", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() - podmanTest.RestoreArtifact(infra) + podmanTest.SeedImages() }) AfterEach(func() { @@ -113,12 +112,10 @@ var _ = Describe("Podman pod create", func() { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - podmanTest.RestoreArtifact(nginx) session = podmanTest.Podman([]string{"run", "-d", "--pod", podID, nginx}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - podmanTest.RestoreArtifact(fedoraMinimal) session = podmanTest.Podman([]string{"run", "--pod", podID, fedoraMinimal, "curl", "localhost:80"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -138,7 +135,6 @@ var _ = Describe("Podman pod create", func() { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - podmanTest.RestoreArtifact(fedoraMinimal) session = podmanTest.Podman([]string{"run", "--pod", podID, fedoraMinimal, "/bin/sh", "-c", "'touch /dev/shm/hi'"}) session.WaitWithDefaultTimeout() if session.ExitCode() != 0 { @@ -216,7 +212,6 @@ var _ = Describe("Podman pod create", func() { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - podmanTest.RestoreArtifact(nginx) session = podmanTest.Podman([]string{"run", "-d", "--pod", podID, nginx}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) diff --git a/test/e2e/pod_inspect_test.go b/test/e2e/pod_inspect_test.go index d1a023153..488dd1685 100644 --- a/test/e2e/pod_inspect_test.go +++ b/test/e2e/pod_inspect_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman pod inspect", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_kill_test.go b/test/e2e/pod_kill_test.go index 23a8ea97e..7cf67bbfc 100644 --- a/test/e2e/pod_kill_test.go +++ b/test/e2e/pod_kill_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman pod kill", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_pause_test.go b/test/e2e/pod_pause_test.go index ab828853b..619ee6f12 100644 --- a/test/e2e/pod_pause_test.go +++ b/test/e2e/pod_pause_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman pod pause", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_pod_namespaces.go b/test/e2e/pod_pod_namespaces.go index 9d6321c0e..83c877f5a 100644 --- a/test/e2e/pod_pod_namespaces.go +++ b/test/e2e/pod_pod_namespaces.go @@ -25,8 +25,7 @@ var _ = Describe("Podman pod create", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() - podmanTest.RestoreArtifact(infra) + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_prune_test.go b/test/e2e/pod_prune_test.go index 8a4ba2399..da0d425cb 100644 --- a/test/e2e/pod_prune_test.go +++ b/test/e2e/pod_prune_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman pod prune", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_ps_test.go b/test/e2e/pod_ps_test.go index 8513c6c2e..6d5873caa 100644 --- a/test/e2e/pod_ps_test.go +++ b/test/e2e/pod_ps_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman ps", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_restart_test.go b/test/e2e/pod_restart_test.go index 7b19ecc94..691fe5f0c 100644 --- a/test/e2e/pod_restart_test.go +++ b/test/e2e/pod_restart_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman pod restart", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_rm_test.go b/test/e2e/pod_rm_test.go index 7417a1298..0d3f47f30 100644 --- a/test/e2e/pod_rm_test.go +++ b/test/e2e/pod_rm_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman pod rm", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_start_test.go b/test/e2e/pod_start_test.go index 967fbc2da..2722cb5b3 100644 --- a/test/e2e/pod_start_test.go +++ b/test/e2e/pod_start_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman pod start", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_stats_test.go b/test/e2e/pod_stats_test.go index 6018b4494..01176f97c 100644 --- a/test/e2e/pod_stats_test.go +++ b/test/e2e/pod_stats_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman pod stats", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_stop_test.go b/test/e2e/pod_stop_test.go index 9fd9e3ef4..361a63a7f 100644 --- a/test/e2e/pod_stop_test.go +++ b/test/e2e/pod_stop_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman pod stop", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pod_top_test.go b/test/e2e/pod_top_test.go index 420e4aca9..c313b0675 100644 --- a/test/e2e/pod_top_test.go +++ b/test/e2e/pod_top_test.go @@ -26,7 +26,7 @@ var _ = Describe("Podman top", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/port_test.go b/test/e2e/port_test.go index 7cf3e16bf..e45118361 100644 --- a/test/e2e/port_test.go +++ b/test/e2e/port_test.go @@ -26,7 +26,7 @@ var _ = Describe("Podman port", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -49,7 +49,6 @@ var _ = Describe("Podman port", func() { }) It("podman port -l nginx", func() { - podmanTest.RestoreArtifact(nginx) session := podmanTest.Podman([]string{"run", "-dt", "-P", nginx}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -62,7 +61,6 @@ var _ = Describe("Podman port", func() { }) It("podman container port -l nginx", func() { - podmanTest.RestoreArtifact(nginx) session := podmanTest.Podman([]string{"container", "run", "-dt", "-P", nginx}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -75,7 +73,6 @@ var _ = Describe("Podman port", func() { }) It("podman port -l port nginx", func() { - podmanTest.RestoreArtifact(nginx) session := podmanTest.Podman([]string{"run", "-dt", "-P", nginx}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -88,7 +85,6 @@ var _ = Describe("Podman port", func() { }) It("podman port -a nginx", func() { - podmanTest.RestoreArtifact(nginx) session := podmanTest.Podman([]string{"run", "-dt", "-P", nginx}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) diff --git a/test/e2e/prune_test.go b/test/e2e/prune_test.go index 377c9f5e1..df0525a79 100644 --- a/test/e2e/prune_test.go +++ b/test/e2e/prune_test.go @@ -28,7 +28,7 @@ var _ = Describe("Podman prune", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -77,11 +77,12 @@ var _ = Describe("Podman prune", func() { }) It("podman image prune unused images", func() { - prune := podmanTest.Podman([]string{"image", "prune", "-a"}) + podmanTest.RestoreAllArtifacts() + prune := podmanTest.PodmanNoCache([]string{"image", "prune", "-a"}) prune.WaitWithDefaultTimeout() Expect(prune.ExitCode()).To(Equal(0)) - images := podmanTest.Podman([]string{"images", "-aq"}) + images := podmanTest.PodmanNoCache([]string{"images", "-aq"}) images.WaitWithDefaultTimeout() // all images are unused, so they all should be deleted! Expect(len(images.OutputToStringArray())).To(Equal(0)) @@ -89,12 +90,13 @@ var _ = Describe("Podman prune", func() { It("podman system image prune unused images", func() { SkipIfRemote() + podmanTest.RestoreAllArtifacts() podmanTest.BuildImage(pruneImage, "alpine_bash:latest", "true") - prune := podmanTest.Podman([]string{"system", "prune", "-a", "--force"}) + prune := podmanTest.PodmanNoCache([]string{"system", "prune", "-a", "--force"}) prune.WaitWithDefaultTimeout() Expect(prune.ExitCode()).To(Equal(0)) - images := podmanTest.Podman([]string{"images", "-aq"}) + images := podmanTest.PodmanNoCache([]string{"images", "-aq"}) images.WaitWithDefaultTimeout() // all images are unused, so they all should be deleted! Expect(len(images.OutputToStringArray())).To(Equal(0)) diff --git a/test/e2e/ps_test.go b/test/e2e/ps_test.go index 7edb350f3..b0a28501a 100644 --- a/test/e2e/ps_test.go +++ b/test/e2e/ps_test.go @@ -27,7 +27,7 @@ var _ = Describe("Podman ps", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/pull_test.go b/test/e2e/pull_test.go index 4e4e80d56..d6e7b44d1 100644 --- a/test/e2e/pull_test.go +++ b/test/e2e/pull_test.go @@ -28,7 +28,6 @@ var _ = Describe("Podman pull", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() }) AfterEach(func() { @@ -39,132 +38,135 @@ var _ = Describe("Podman pull", func() { }) It("podman pull from docker a not existing image", func() { - session := podmanTest.Podman([]string{"pull", "ibetthisdoesntexistthere:foo"}) + session := podmanTest.PodmanNoCache([]string{"pull", "ibetthisdoesntexistthere:foo"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Not(Equal(0))) }) It("podman pull from docker with tag", func() { - session := podmanTest.Podman([]string{"pull", "busybox:glibc"}) + session := podmanTest.PodmanNoCache([]string{"pull", "busybox:glibc"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "busybox:glibc"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "busybox:glibc"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman pull from docker without tag", func() { - session := podmanTest.Podman([]string{"pull", "busybox"}) + session := podmanTest.PodmanNoCache([]string{"pull", "busybox"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "busybox"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "busybox"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman pull from alternate registry with tag", func() { - session := podmanTest.Podman([]string{"pull", nginx}) + session := podmanTest.PodmanNoCache([]string{"pull", nginx}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", nginx}) + session = podmanTest.PodmanNoCache([]string{"rmi", nginx}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman pull from alternate registry without tag", func() { - session := podmanTest.Podman([]string{"pull", "quay.io/libpod/alpine_nginx"}) + session := podmanTest.PodmanNoCache([]string{"pull", "quay.io/libpod/alpine_nginx"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "quay.io/libpod/alpine_nginx"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "quay.io/libpod/alpine_nginx"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman pull by digest", func() { - session := podmanTest.Podman([]string{"pull", "alpine@sha256:1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe"}) + session := podmanTest.PodmanNoCache([]string{"pull", "alpine@sha256:1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "alpine:none"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "alpine:none"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman pull bogus image", func() { - session := podmanTest.Podman([]string{"pull", "umohnani/get-started"}) + session := podmanTest.PodmanNoCache([]string{"pull", "umohnani/get-started"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Not(Equal(0))) }) It("podman pull from docker-archive", func() { + podmanTest.RestoreArtifact(ALPINE) tarfn := filepath.Join(podmanTest.TempDir, "alp.tar") - session := podmanTest.Podman([]string{"save", "-o", tarfn, "alpine"}) + session := podmanTest.PodmanNoCache([]string{"save", "-o", tarfn, "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "alpine"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"pull", fmt.Sprintf("docker-archive:%s", tarfn)}) + session = podmanTest.PodmanNoCache([]string{"pull", fmt.Sprintf("docker-archive:%s", tarfn)}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "alpine"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman pull from oci-archive", func() { + podmanTest.RestoreArtifact(ALPINE) tarfn := filepath.Join(podmanTest.TempDir, "oci-alp.tar") - session := podmanTest.Podman([]string{"save", "--format", "oci-archive", "-o", tarfn, "alpine"}) + session := podmanTest.PodmanNoCache([]string{"save", "--format", "oci-archive", "-o", tarfn, "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "alpine"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"pull", fmt.Sprintf("oci-archive:%s", tarfn)}) + session = podmanTest.PodmanNoCache([]string{"pull", fmt.Sprintf("oci-archive:%s", tarfn)}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "alpine"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman pull from local directory", func() { + podmanTest.RestoreArtifact(ALPINE) dirpath := filepath.Join(podmanTest.TempDir, "alpine") os.MkdirAll(dirpath, os.ModePerm) imgPath := fmt.Sprintf("dir:%s", dirpath) - session := podmanTest.Podman([]string{"push", "alpine", imgPath}) + session := podmanTest.PodmanNoCache([]string{"push", "alpine", imgPath}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "alpine"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"pull", imgPath}) + session = podmanTest.PodmanNoCache([]string{"pull", imgPath}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "alpine"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman pull check quiet", func() { podmanTest.RestoreArtifact(ALPINE) - setup := podmanTest.Podman([]string{"images", ALPINE, "-q", "--no-trunc"}) + setup := podmanTest.PodmanNoCache([]string{"images", ALPINE, "-q", "--no-trunc"}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) shortImageId := strings.Split(setup.OutputToString(), ":")[1] - rmi := podmanTest.Podman([]string{"rmi", ALPINE}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) - pull := podmanTest.Podman([]string{"pull", "-q", ALPINE}) + pull := podmanTest.PodmanNoCache([]string{"pull", "-q", ALPINE}) pull.WaitWithDefaultTimeout() Expect(pull.ExitCode()).To(Equal(0)) @@ -172,17 +174,17 @@ var _ = Describe("Podman pull", func() { }) It("podman pull check all tags", func() { - session := podmanTest.Podman([]string{"pull", "--all-tags", "alpine"}) + session := podmanTest.PodmanNoCache([]string{"pull", "--all-tags", "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.LineInOuputStartsWith("Pulled Images:")).To(BeTrue()) - session = podmanTest.Podman([]string{"images"}) + session = podmanTest.PodmanNoCache([]string{"images"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(BeNumerically(">", 4)) - rmi := podmanTest.Podman([]string{"rmi", "-a", "-f"}) + rmi := podmanTest.PodmanNoCache([]string{"rmi", "-a", "-f"}) rmi.WaitWithDefaultTimeout() Expect(rmi.ExitCode()).To(Equal(0)) }) diff --git a/test/e2e/push_test.go b/test/e2e/push_test.go index 009067482..de2416868 100644 --- a/test/e2e/push_test.go +++ b/test/e2e/push_test.go @@ -38,22 +38,18 @@ var _ = Describe("Podman push", func() { }) It("podman push to containers/storage", func() { - session := podmanTest.Podman([]string{"push", ALPINE, "containers-storage:busybox:test"}) + session := podmanTest.PodmanNoCache([]string{"push", ALPINE, "containers-storage:busybox:test"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", ALPINE}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - - session = podmanTest.Podman([]string{"rmi", "busybox:test"}) + session = podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman push to dir", func() { bbdir := filepath.Join(podmanTest.TempDir, "busybox") - session := podmanTest.Podman([]string{"push", "--remove-signatures", ALPINE, + session := podmanTest.PodmanNoCache([]string{"push", "--remove-signatures", ALPINE, fmt.Sprintf("dir:%s", bbdir)}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -65,8 +61,7 @@ var _ = Describe("Podman push", func() { } lock := GetPortLock("5000") defer lock.Unlock() - podmanTest.RestoreArtifact(registry) - session := podmanTest.Podman([]string{"run", "-d", "--name", "registry", "-p", "5000:5000", registry, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) + session := podmanTest.PodmanNoCache([]string{"run", "-d", "--name", "registry", "-p", "5000:5000", registry, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -74,7 +69,7 @@ var _ = Describe("Podman push", func() { Skip("Can not start docker registry.") } - push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"}) + push := podmanTest.PodmanNoCache([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Equal(0)) }) @@ -106,8 +101,7 @@ var _ = Describe("Podman push", func() { } lock := GetPortLock("5000") defer lock.Unlock() - podmanTest.RestoreArtifact(registry) - session := podmanTest.Podman([]string{"run", "--entrypoint", "htpasswd", registry, "-Bbn", "podmantest", "test"}) + session := podmanTest.PodmanNoCache([]string{"run", "--entrypoint", "htpasswd", registry, "-Bbn", "podmantest", "test"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -117,7 +111,7 @@ var _ = Describe("Podman push", func() { f.WriteString(session.OutputToString()) f.Sync() - session = podmanTest.Podman([]string{"run", "-d", "-p", "5000:5000", "--name", "registry", "-v", + session = podmanTest.PodmanNoCache([]string{"run", "-d", "-p", "5000:5000", "--name", "registry", "-v", strings.Join([]string{authPath, "/auth"}, ":"), "-e", "REGISTRY_AUTH=htpasswd", "-e", "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm", "-e", "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd", "-v", strings.Join([]string{certPath, "/certs"}, ":"), "-e", "REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt", @@ -129,36 +123,36 @@ var _ = Describe("Podman push", func() { Skip("Can not start docker registry.") } - session = podmanTest.Podman([]string{"logs", "registry"}) + session = podmanTest.PodmanNoCache([]string{"logs", "registry"}) session.WaitWithDefaultTimeout() - push := podmanTest.Podman([]string{"push", "--creds=podmantest:test", ALPINE, "localhost:5000/tlstest"}) + push := podmanTest.PodmanNoCache([]string{"push", "--creds=podmantest:test", ALPINE, "localhost:5000/tlstest"}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Not(Equal(0))) - push = podmanTest.Podman([]string{"push", "--creds=podmantest:test", "--tls-verify=false", ALPINE, "localhost:5000/tlstest"}) + push = podmanTest.PodmanNoCache([]string{"push", "--creds=podmantest:test", "--tls-verify=false", ALPINE, "localhost:5000/tlstest"}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Equal(0)) setup := SystemExec("cp", []string{filepath.Join(certPath, "domain.crt"), "/etc/containers/certs.d/localhost:5000/ca.crt"}) Expect(setup.ExitCode()).To(Equal(0)) - push = podmanTest.Podman([]string{"push", "--creds=podmantest:wrongpasswd", ALPINE, "localhost:5000/credstest"}) + push = podmanTest.PodmanNoCache([]string{"push", "--creds=podmantest:wrongpasswd", ALPINE, "localhost:5000/credstest"}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Not(Equal(0))) - push = podmanTest.Podman([]string{"push", "--creds=podmantest:test", "--cert-dir=fakedir", ALPINE, "localhost:5000/certdirtest"}) + push = podmanTest.PodmanNoCache([]string{"push", "--creds=podmantest:test", "--cert-dir=fakedir", ALPINE, "localhost:5000/certdirtest"}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Not(Equal(0))) - push = podmanTest.Podman([]string{"push", "--creds=podmantest:test", ALPINE, "localhost:5000/defaultflags"}) + push = podmanTest.PodmanNoCache([]string{"push", "--creds=podmantest:test", ALPINE, "localhost:5000/defaultflags"}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Equal(0)) }) It("podman push to docker-archive", func() { tarfn := filepath.Join(podmanTest.TempDir, "alp.tar") - session := podmanTest.Podman([]string{"push", ALPINE, + session := podmanTest.PodmanNoCache([]string{"push", ALPINE, fmt.Sprintf("docker-archive:%s:latest", tarfn)}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -177,7 +171,7 @@ var _ = Describe("Podman push", func() { Skip("Docker is not available") } - session := podmanTest.Podman([]string{"push", ALPINE, "docker-daemon:alpine:podmantest"}) + session := podmanTest.PodmanNoCache([]string{"push", ALPINE, "docker-daemon:alpine:podmantest"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -191,7 +185,7 @@ var _ = Describe("Podman push", func() { It("podman push to oci-archive", func() { tarfn := filepath.Join(podmanTest.TempDir, "alp.tar") - session := podmanTest.Podman([]string{"push", ALPINE, + session := podmanTest.PodmanNoCache([]string{"push", ALPINE, fmt.Sprintf("oci-archive:%s:latest", tarfn)}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -208,7 +202,7 @@ var _ = Describe("Podman push", func() { setup := SystemExec("ostree", []string{strings.Join([]string{"--repo=", ostreePath}, ""), "init"}) Expect(setup.ExitCode()).To(Equal(0)) - session := podmanTest.Podman([]string{"push", ALPINE, strings.Join([]string{"ostree:alp@", ostreePath}, "")}) + session := podmanTest.PodmanNoCache([]string{"push", ALPINE, strings.Join([]string{"ostree:alp@", ostreePath}, "")}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -216,7 +210,7 @@ var _ = Describe("Podman push", func() { It("podman push to docker-archive no reference", func() { tarfn := filepath.Join(podmanTest.TempDir, "alp.tar") - session := podmanTest.Podman([]string{"push", ALPINE, + session := podmanTest.PodmanNoCache([]string{"push", ALPINE, fmt.Sprintf("docker-archive:%s", tarfn)}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -224,7 +218,7 @@ var _ = Describe("Podman push", func() { It("podman push to oci-archive no reference", func() { ociarc := filepath.Join(podmanTest.TempDir, "alp-oci") - session := podmanTest.Podman([]string{"push", ALPINE, + session := podmanTest.PodmanNoCache([]string{"push", ALPINE, fmt.Sprintf("oci-archive:%s", ociarc)}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/restart_test.go b/test/e2e/restart_test.go index 7a9a466d8..2b515f53b 100644 --- a/test/e2e/restart_test.go +++ b/test/e2e/restart_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman restart", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/rm_test.go b/test/e2e/rm_test.go index 29150d67c..2dbabbf6a 100644 --- a/test/e2e/rm_test.go +++ b/test/e2e/rm_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman rm", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/rmi_test.go b/test/e2e/rmi_test.go index e034f24cf..1687bf764 100644 --- a/test/e2e/rmi_test.go +++ b/test/e2e/rmi_test.go @@ -41,14 +41,14 @@ var _ = Describe("Podman rmi", func() { }) It("podman rmi with fq name", func() { - session := podmanTest.Podman([]string{"rmi", ALPINE}) + session := podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman rmi with short name", func() { - session := podmanTest.Podman([]string{"rmi", "alpine"}) + session := podmanTest.PodmanNoCache([]string{"rmi", "alpine"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -56,9 +56,9 @@ var _ = Describe("Podman rmi", func() { It("podman rmi all images", func() { podmanTest.PullImages([]string{nginx}) - session := podmanTest.Podman([]string{"rmi", "-a"}) + session := podmanTest.PodmanNoCache([]string{"rmi", "-a"}) session.WaitWithDefaultTimeout() - images := podmanTest.Podman([]string{"images"}) + images := podmanTest.PodmanNoCache([]string{"images"}) images.WaitWithDefaultTimeout() fmt.Println(images.OutputToStringArray()) Expect(session.ExitCode()).To(Equal(0)) @@ -67,22 +67,22 @@ var _ = Describe("Podman rmi", func() { It("podman rmi all images forcibly with short options", func() { podmanTest.PullImages([]string{nginx}) - session := podmanTest.Podman([]string{"rmi", "-fa"}) + session := podmanTest.PodmanNoCache([]string{"rmi", "-fa"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) It("podman rmi tagged image", func() { - setup := podmanTest.Podman([]string{"images", "-q", ALPINE}) + setup := podmanTest.PodmanNoCache([]string{"images", "-q", ALPINE}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) - session := podmanTest.Podman([]string{"tag", "alpine", "foo:bar", "foo"}) + session := podmanTest.PodmanNoCache([]string{"tag", "alpine", "foo:bar", "foo"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - result := podmanTest.Podman([]string{"images", "-q", "foo"}) + result := podmanTest.PodmanNoCache([]string{"images", "-q", "foo"}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) @@ -90,95 +90,95 @@ var _ = Describe("Podman rmi", func() { }) It("podman rmi image with tags by ID cannot be done without force", func() { - setup := podmanTest.Podman([]string{"images", "-q", ALPINE}) + setup := podmanTest.PodmanNoCache([]string{"images", "-q", ALPINE}) setup.WaitWithDefaultTimeout() Expect(setup.ExitCode()).To(Equal(0)) alpineId := setup.OutputToString() - session := podmanTest.Podman([]string{"tag", "alpine", "foo:bar", "foo"}) + session := podmanTest.PodmanNoCache([]string{"tag", "alpine", "foo:bar", "foo"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) // Trying without --force should fail - result := podmanTest.Podman([]string{"rmi", alpineId}) + result := podmanTest.PodmanNoCache([]string{"rmi", alpineId}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).ToNot(Equal(0)) // With --force it should work - resultForce := podmanTest.Podman([]string{"rmi", "-f", alpineId}) + resultForce := podmanTest.PodmanNoCache([]string{"rmi", "-f", alpineId}) resultForce.WaitWithDefaultTimeout() Expect(resultForce.ExitCode()).To(Equal(0)) }) It("podman rmi image that is a parent of another image", func() { SkipIfRemote() - session := podmanTest.Podman([]string{"rmi", "-fa"}) + session := podmanTest.PodmanNoCache([]string{"rmi", "-fa"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"run", "--name", "c_test", ALPINE, "true"}) + session = podmanTest.PodmanNoCache([]string{"run", "--name", "c_test", ALPINE, "true"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"commit", "-q", "c_test", "test"}) + session = podmanTest.PodmanNoCache([]string{"commit", "-q", "c_test", "test"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rm", "c_test"}) + session = podmanTest.PodmanNoCache([]string{"rm", "c_test"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", ALPINE}) + session = podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"images", "-q"}) + session = podmanTest.PodmanNoCache([]string{"images", "-q"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(1)) - session = podmanTest.Podman([]string{"images", "-q", "-a"}) + session = podmanTest.PodmanNoCache([]string{"images", "-q", "-a"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(2)) untaggedImg := session.OutputToStringArray()[1] - session = podmanTest.Podman([]string{"rmi", "-f", untaggedImg}) + session = podmanTest.PodmanNoCache([]string{"rmi", "-f", untaggedImg}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Not(Equal(0))) }) It("podman rmi image that is created from another named imaged", func() { SkipIfRemote() - session := podmanTest.Podman([]string{"rmi", "-fa"}) + session := podmanTest.PodmanNoCache([]string{"rmi", "-fa"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"create", "--name", "c_test1", ALPINE, "true"}) + session = podmanTest.PodmanNoCache([]string{"create", "--name", "c_test1", ALPINE, "true"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"commit", "-q", "c_test1", "test1"}) + session = podmanTest.PodmanNoCache([]string{"commit", "-q", "c_test1", "test1"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"create", "--name", "c_test2", "test1", "true"}) + session = podmanTest.PodmanNoCache([]string{"create", "--name", "c_test2", "test1", "true"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"commit", "-q", "c_test2", "test2"}) + session = podmanTest.PodmanNoCache([]string{"commit", "-q", "c_test2", "test2"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rm", "-a"}) + session = podmanTest.PodmanNoCache([]string{"rm", "-a"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "test2"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "test2"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"images", "-q"}) + session = podmanTest.PodmanNoCache([]string{"images", "-q"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(2)) @@ -186,7 +186,7 @@ var _ = Describe("Podman rmi", func() { It("podman rmi with cached images", func() { SkipIfRemote() - session := podmanTest.Podman([]string{"rmi", "-fa"}) + session := podmanTest.PodmanNoCache([]string{"rmi", "-fa"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -205,51 +205,51 @@ var _ = Describe("Podman rmi", func() { ` podmanTest.BuildImage(dockerfile, "test2", "true") - session = podmanTest.Podman([]string{"images", "-q", "-a"}) + session = podmanTest.PodmanNoCache([]string{"images", "-q", "-a"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) numOfImages := len(session.OutputToStringArray()) - session = podmanTest.Podman([]string{"rmi", "test2"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "test2"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"images", "-q", "-a"}) + session = podmanTest.PodmanNoCache([]string{"images", "-q", "-a"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(numOfImages - len(session.OutputToStringArray())).To(Equal(2)) - session = podmanTest.Podman([]string{"rmi", "test"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "test"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"images", "-q", "-a"}) + session = podmanTest.PodmanNoCache([]string{"images", "-q", "-a"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(Equal(1)) podmanTest.BuildImage(dockerfile, "test3", "true") - session = podmanTest.Podman([]string{"rmi", ALPINE}) + session = podmanTest.PodmanNoCache([]string{"rmi", ALPINE}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "test3"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "test3"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"images", "-q", "-a"}) + session = podmanTest.PodmanNoCache([]string{"images", "-q", "-a"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToString())).To(Equal(0)) }) It("podman rmi -a with no images should be exit 0", func() { - session := podmanTest.Podman([]string{"rmi", "-fa"}) + session := podmanTest.PodmanNoCache([]string{"rmi", "-fa"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session2 := podmanTest.Podman([]string{"rmi", "-fa"}) + session2 := podmanTest.PodmanNoCache([]string{"rmi", "-fa"}) session2.WaitWithDefaultTimeout() Expect(session2.ExitCode()).To(Equal(0)) }) @@ -265,12 +265,12 @@ RUN find $LOCAL ` podmanTest.BuildImage(dockerfile, "test", "true") - session := podmanTest.Podman([]string{"rmi", "-a"}) + session := podmanTest.PodmanNoCache([]string{"rmi", "-a"}) session.WaitWithDefaultTimeout() fmt.Println(session.OutputToString()) Expect(session.ExitCode()).To(Equal(0)) - images := podmanTest.Podman([]string{"images", "-aq"}) + images := podmanTest.PodmanNoCache([]string{"images", "-aq"}) images.WaitWithDefaultTimeout() Expect(images.ExitCode()).To(Equal(0)) Expect(len(images.OutputToStringArray())).To(Equal(0)) @@ -279,7 +279,7 @@ RUN find $LOCAL // Don't rerun all tests; just assume that if we get that diagnostic, // we're getting rmi It("podman image rm is the same as rmi", func() { - session := podmanTest.Podman([]string{"image", "rm"}) + session := podmanTest.PodmanNoCache([]string{"image", "rm"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(125)) Expect(session.LineInOutputContains("image name or ID must be specified")) diff --git a/test/e2e/run_cgroup_parent_test.go b/test/e2e/run_cgroup_parent_test.go index 0d04c5f03..1fb9f6871 100644 --- a/test/e2e/run_cgroup_parent_test.go +++ b/test/e2e/run_cgroup_parent_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman run with --cgroup-parent", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreArtifact(fedoraMinimal) + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_cleanup_test.go b/test/e2e/run_cleanup_test.go index b20e37794..73647b6bb 100644 --- a/test/e2e/run_cleanup_test.go +++ b/test/e2e/run_cleanup_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman run exit", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.RestoreArtifact(ALPINE) }) AfterEach(func() { diff --git a/test/e2e/run_cpu_test.go b/test/e2e/run_cpu_test.go index 42a66865c..87f89b1dd 100644 --- a/test/e2e/run_cpu_test.go +++ b/test/e2e/run_cpu_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman run cpu", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_device_test.go b/test/e2e/run_device_test.go index fac09b78d..2e537a9f9 100644 --- a/test/e2e/run_device_test.go +++ b/test/e2e/run_device_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman run device", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_dns_test.go b/test/e2e/run_dns_test.go index 0f4dd6742..f1196ff38 100644 --- a/test/e2e/run_dns_test.go +++ b/test/e2e/run_dns_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman run dns", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_entrypoint_test.go b/test/e2e/run_entrypoint_test.go index ee9fd1263..b1344a371 100644 --- a/test/e2e/run_entrypoint_test.go +++ b/test/e2e/run_entrypoint_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman run entrypoint", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreArtifact(ALPINE) + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_exit_test.go b/test/e2e/run_exit_test.go index da4cf7ee7..861d6b3b7 100644 --- a/test/e2e/run_exit_test.go +++ b/test/e2e/run_exit_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman run exit", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_memory_test.go b/test/e2e/run_memory_test.go index 05d0b7a18..8fe90c8d8 100644 --- a/test/e2e/run_memory_test.go +++ b/test/e2e/run_memory_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman run memory", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 93919925c..1497a651b 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman run networking", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -78,7 +78,6 @@ var _ = Describe("Podman run networking", func() { }) It("podman run network expose ports in image metadata", func() { - podmanTest.RestoreArtifact(nginx) session := podmanTest.Podman([]string{"create", "-dt", "-P", nginx}) session.Wait(90) Expect(session.ExitCode()).To(Equal(0)) diff --git a/test/e2e/run_ns_test.go b/test/e2e/run_ns_test.go index 51f921bce..6ba0d1aba 100644 --- a/test/e2e/run_ns_test.go +++ b/test/e2e/run_ns_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman run ns", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreArtifact(fedoraMinimal) + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_passwd_test.go b/test/e2e/run_passwd_test.go index becbc5bfa..bd6a0e036 100644 --- a/test/e2e/run_passwd_test.go +++ b/test/e2e/run_passwd_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman run passwd", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_privileged_test.go b/test/e2e/run_privileged_test.go index 16011b2fd..f2c424483 100644 --- a/test/e2e/run_privileged_test.go +++ b/test/e2e/run_privileged_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman privileged container tests", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_restart_test.go b/test/e2e/run_restart_test.go index 9976b45e8..8bbdf2056 100644 --- a/test/e2e/run_restart_test.go +++ b/test/e2e/run_restart_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman run restart containers", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go index 4d2bad49c..a2228411e 100644 --- a/test/e2e/run_selinux_test.go +++ b/test/e2e/run_selinux_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman run", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() if !selinux.GetEnabled() { Skip("SELinux not enabled") } diff --git a/test/e2e/run_signal_test.go b/test/e2e/run_signal_test.go index e482adb84..3a5ed483c 100644 --- a/test/e2e/run_signal_test.go +++ b/test/e2e/run_signal_test.go @@ -33,7 +33,7 @@ var _ = Describe("Podman run with --sig-proxy", func() { } podmanTest = PodmanTestCreate(tmpdir) podmanTest.Setup() - podmanTest.RestoreArtifact(fedoraMinimal) + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_staticip_test.go b/test/e2e/run_staticip_test.go index 318a7a62d..9753cfc9c 100644 --- a/test/e2e/run_staticip_test.go +++ b/test/e2e/run_staticip_test.go @@ -25,7 +25,7 @@ var _ = Describe("Podman run with --ip flag", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() // Cleanup the CNI networks used by the tests os.RemoveAll("/var/lib/cni/networks/podman") }) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index f908fe154..31720ea04 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -32,7 +32,7 @@ var _ = Describe("Podman run", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { @@ -51,7 +51,6 @@ var _ = Describe("Podman run", func() { It("podman run a container based on a complex local image name", func() { SkipIfRootless() imageName := strings.TrimPrefix(nginx, "quay.io/") - podmanTest.RestoreArtifact(nginx) session := podmanTest.Podman([]string{"run", imageName, "ls"}) session.WaitWithDefaultTimeout() Expect(session.ErrorToString()).ToNot(ContainSubstring("Trying to pull")) @@ -59,7 +58,6 @@ var _ = Describe("Podman run", func() { }) It("podman run a container based on on a short name with localhost", func() { - podmanTest.RestoreArtifact(nginx) tag := podmanTest.Podman([]string{"tag", nginx, "localhost/libpod/alpine_nginx:latest"}) tag.WaitWithDefaultTimeout() @@ -73,7 +71,6 @@ var _ = Describe("Podman run", func() { }) It("podman container run a container based on on a short name with localhost", func() { - podmanTest.RestoreArtifact(nginx) tag := podmanTest.Podman([]string{"image", "tag", nginx, "localhost/libpod/alpine_nginx:latest"}) tag.WaitWithDefaultTimeout() @@ -229,7 +226,6 @@ var _ = Describe("Podman run", func() { It("podman run limits test", func() { SkipIfRootless() - podmanTest.RestoreArtifact(fedoraMinimal) session := podmanTest.Podman([]string{"run", "--rm", "--ulimit", "rtprio=99", "--cap-add=sys_nice", fedoraMinimal, "cat", "/proc/self/sched"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -349,11 +345,12 @@ var _ = Describe("Podman run", func() { }) It("podman run tagged image", func() { - tag := podmanTest.Podman([]string{"tag", "busybox", "bb"}) + podmanTest.RestoreArtifact(BB) + tag := podmanTest.PodmanNoCache([]string{"tag", "busybox", "bb"}) tag.WaitWithDefaultTimeout() Expect(tag.ExitCode()).To(Equal(0)) - session := podmanTest.Podman([]string{"run", "--rm", "bb", "ls"}) + session := podmanTest.PodmanNoCache([]string{"run", "--rm", "bb", "ls"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) @@ -536,15 +533,10 @@ var _ = Describe("Podman run", func() { }) It("podman run with built-in volume image", func() { - podmanTest.RestoreArtifact(redis) session := podmanTest.Podman([]string{"run", "--rm", redis, "ls"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", redis}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) - dockerfile := `FROM busybox RUN mkdir -p /myvol/data && chown -R mail.0 /myvol VOLUME ["/myvol/data"] @@ -555,10 +547,6 @@ USER mail` session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(session.OutputToString()).To(ContainSubstring("mail root")) - - session = podmanTest.Podman([]string{"rmi", "test"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) }) It("podman run --volumes-from flag", func() { @@ -571,7 +559,6 @@ USER mail` err = ioutil.WriteFile(volFile, []byte(data), 0755) Expect(err).To(BeNil()) - podmanTest.RestoreArtifact(redis) session := podmanTest.Podman([]string{"create", "--volume", vol + ":/myvol", redis, "sh"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -587,7 +574,6 @@ USER mail` }) It("podman run --volumes-from flag with built-in volumes", func() { - podmanTest.RestoreArtifact(redis) session := podmanTest.Podman([]string{"create", redis, "sh"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -641,7 +627,6 @@ USER mail` }) It("podman run findmnt nothing shared", func() { - podmanTest.RestoreArtifact(fedoraMinimal) vol1 := filepath.Join(podmanTest.TempDir, "vol-test1") err := os.MkdirAll(vol1, 0755) Expect(err).To(BeNil()) @@ -657,7 +642,6 @@ USER mail` }) It("podman run findmnt shared", func() { - podmanTest.RestoreArtifact(fedoraMinimal) vol1 := filepath.Join(podmanTest.TempDir, "vol-test1") err := os.MkdirAll(vol1, 0755) Expect(err).To(BeNil()) @@ -765,10 +749,9 @@ USER mail` }) It("podman run with restart-policy always restarts containers", func() { - podmanTest.RestoreArtifact(fedoraMinimal) testDir := filepath.Join(podmanTest.RunRoot, "restart-test") - err := os.Mkdir(testDir, 0755) + err := os.MkdirAll(testDir, 0755) Expect(err).To(BeNil()) aliveFile := filepath.Join(testDir, "running") diff --git a/test/e2e/run_userns_test.go b/test/e2e/run_userns_test.go index ce6971cd1..be3f7df49 100644 --- a/test/e2e/run_userns_test.go +++ b/test/e2e/run_userns_test.go @@ -31,7 +31,7 @@ var _ = Describe("Podman UserNS support", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go index d031ca143..d89c80909 100644 --- a/test/e2e/run_volume_test.go +++ b/test/e2e/run_volume_test.go @@ -26,7 +26,7 @@ var _ = Describe("Podman run with volumes", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/runlabel_test.go b/test/e2e/runlabel_test.go index f52a2b8fc..5ef68603e 100644 --- a/test/e2e/runlabel_test.go +++ b/test/e2e/runlabel_test.go @@ -37,7 +37,7 @@ var _ = Describe("podman container runlabel", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/save_test.go b/test/e2e/save_test.go index ffb5182d6..be1ede962 100644 --- a/test/e2e/save_test.go +++ b/test/e2e/save_test.go @@ -37,7 +37,7 @@ var _ = Describe("Podman save", func() { It("podman save output flag", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) }) @@ -45,7 +45,7 @@ var _ = Describe("Podman save", func() { It("podman save oci flag", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, "--format", "oci-archive", ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, "--format", "oci-archive", ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) }) @@ -54,7 +54,7 @@ var _ = Describe("Podman save", func() { Skip("Pipe redirection in ginkgo probably wont work") outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", ALPINE, ">", outfile}) + save := podmanTest.PodmanNoCache([]string{"save", ALPINE, ">", outfile}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) }) @@ -62,7 +62,7 @@ var _ = Describe("Podman save", func() { It("podman save quiet flag", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-q", "-o", outfile, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "-q", "-o", outfile, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) }) @@ -70,7 +70,7 @@ var _ = Describe("Podman save", func() { It("podman save bogus image", func() { outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") - save := podmanTest.Podman([]string{"save", "-o", outfile, "FOOBAR"}) + save := podmanTest.PodmanNoCache([]string{"save", "-o", outfile, "FOOBAR"}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Not(Equal(0))) }) @@ -81,7 +81,7 @@ var _ = Describe("Podman save", func() { } outdir := filepath.Join(podmanTest.TempDir, "save") - save := podmanTest.Podman([]string{"save", "--format", "oci-dir", "-o", outdir, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "--format", "oci-dir", "-o", outdir, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) }) @@ -92,7 +92,7 @@ var _ = Describe("Podman save", func() { } outdir := filepath.Join(podmanTest.TempDir, "save") - save := podmanTest.Podman([]string{"save", "--format", "docker-dir", "-o", outdir, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "--format", "docker-dir", "-o", outdir, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) }) @@ -103,7 +103,7 @@ var _ = Describe("Podman save", func() { } outdir := filepath.Join(podmanTest.TempDir, "save") - save := podmanTest.Podman([]string{"save", "--compress", "--format", "docker-dir", "-o", outdir, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "--compress", "--format", "docker-dir", "-o", outdir, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Equal(0)) }) @@ -111,7 +111,7 @@ var _ = Describe("Podman save", func() { It("podman save bad filename", func() { outdir := filepath.Join(podmanTest.TempDir, "save:colon") - save := podmanTest.Podman([]string{"save", "--compress", "--format", "docker-dir", "-o", outdir, ALPINE}) + save := podmanTest.PodmanNoCache([]string{"save", "--compress", "--format", "docker-dir", "-o", outdir, ALPINE}) save.WaitWithDefaultTimeout() Expect(save.ExitCode()).To(Not(Equal(0))) }) diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index 72b083de8..3b1da859c 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -75,8 +75,8 @@ registries = ['{{.Host}}:{{.Port}}']` podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() + podmanTest.SeedImages() - podmanTest.RestoreAllArtifacts() }) AfterEach(func() { @@ -168,7 +168,6 @@ registries = ['{{.Host}}:{{.Port}}']` lock := GetPortLock(registryEndpoints[0].Port) defer lock.Unlock() - podmanTest.RestoreArtifact(registry) fakereg := podmanTest.Podman([]string{"run", "-d", "--name", "registry", "-p", fmt.Sprintf("%s:5000", registryEndpoints[0].Port), registry, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) @@ -196,7 +195,6 @@ registries = ['{{.Host}}:{{.Port}}']` } lock := GetPortLock(registryEndpoints[3].Port) defer lock.Unlock() - podmanTest.RestoreArtifact(registry) registry := podmanTest.Podman([]string{"run", "-d", "--name", "registry3", "-p", fmt.Sprintf("%s:5000", registryEndpoints[3].Port), registry, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) @@ -207,11 +205,12 @@ registries = ['{{.Host}}:{{.Port}}']` Skip("Can not start docker registry.") } + podmanTest.RestoreArtifact(ALPINE) image := fmt.Sprintf("%s/my-alpine", registryEndpoints[3].Address()) - push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) + push := podmanTest.PodmanNoCache([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Equal(0)) - search := podmanTest.Podman([]string{"search", image, "--tls-verify=false"}) + search := podmanTest.PodmanNoCache([]string{"search", image, "--tls-verify=false"}) search.WaitWithDefaultTimeout() Expect(search.ExitCode()).To(Equal(0)) @@ -225,7 +224,6 @@ registries = ['{{.Host}}:{{.Port}}']` lock := GetPortLock(registryEndpoints[4].Port) defer lock.Unlock() - podmanTest.RestoreArtifact(registry) registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%s:5000", registryEndpoints[4].Port), "--name", "registry4", registry, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) registry.WaitWithDefaultTimeout() @@ -235,8 +233,9 @@ registries = ['{{.Host}}:{{.Port}}']` Skip("Can not start docker registry.") } + podmanTest.RestoreArtifact(ALPINE) image := fmt.Sprintf("%s/my-alpine", registryEndpoints[4].Address()) - push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) + push := podmanTest.PodmanNoCache([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Equal(0)) @@ -246,7 +245,7 @@ registries = ['{{.Host}}:{{.Port}}']` podmanTest.setRegistriesConfigEnv(buffer.Bytes()) ioutil.WriteFile(fmt.Sprintf("%s/registry4.conf", tempdir), buffer.Bytes(), 0644) - search := podmanTest.Podman([]string{"search", image}) + search := podmanTest.PodmanNoCache([]string{"search", image}) search.WaitWithDefaultTimeout() Expect(search.ExitCode()).To(Equal(0)) @@ -264,7 +263,6 @@ registries = ['{{.Host}}:{{.Port}}']` } lock := GetPortLock(registryEndpoints[5].Port) defer lock.Unlock() - podmanTest.RestoreArtifact(registry) registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%s:5000", registryEndpoints[5].Port), "--name", "registry5", registry}) registry.WaitWithDefaultTimeout() @@ -274,8 +272,9 @@ registries = ['{{.Host}}:{{.Port}}']` Skip("Can not start docker registry.") } + podmanTest.RestoreArtifact(ALPINE) image := fmt.Sprintf("%s/my-alpine", registryEndpoints[5].Address()) - push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) + push := podmanTest.PodmanNoCache([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Equal(0)) @@ -284,7 +283,7 @@ registries = ['{{.Host}}:{{.Port}}']` podmanTest.setRegistriesConfigEnv(buffer.Bytes()) ioutil.WriteFile(fmt.Sprintf("%s/registry5.conf", tempdir), buffer.Bytes(), 0644) - search := podmanTest.Podman([]string{"search", image, "--tls-verify=true"}) + search := podmanTest.PodmanNoCache([]string{"search", image, "--tls-verify=true"}) search.WaitWithDefaultTimeout() Expect(search.ExitCode()).To(Equal(0)) @@ -302,7 +301,6 @@ registries = ['{{.Host}}:{{.Port}}']` } lock := GetPortLock(registryEndpoints[6].Port) defer lock.Unlock() - podmanTest.RestoreArtifact(registry) registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%s:5000", registryEndpoints[6].Port), "--name", "registry6", registry}) registry.WaitWithDefaultTimeout() @@ -312,8 +310,9 @@ registries = ['{{.Host}}:{{.Port}}']` Skip("Can not start docker registry.") } + podmanTest.RestoreArtifact(ALPINE) image := fmt.Sprintf("%s/my-alpine", registryEndpoints[6].Address()) - push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) + push := podmanTest.PodmanNoCache([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Equal(0)) @@ -322,7 +321,7 @@ registries = ['{{.Host}}:{{.Port}}']` podmanTest.setRegistriesConfigEnv(buffer.Bytes()) ioutil.WriteFile(fmt.Sprintf("%s/registry6.conf", tempdir), buffer.Bytes(), 0644) - search := podmanTest.Podman([]string{"search", image}) + search := podmanTest.PodmanNoCache([]string{"search", image}) search.WaitWithDefaultTimeout() Expect(search.ExitCode()).To(Equal(0)) @@ -343,7 +342,6 @@ registries = ['{{.Host}}:{{.Port}}']` lock8 := GetPortLock("6000") defer lock8.Unlock() - podmanTest.RestoreArtifact(registry) registryLocal := podmanTest.Podman([]string{"run", "-d", "--net=host", "-p", fmt.Sprintf("%s:5000", registryEndpoints[7].Port), "--name", "registry7", registry}) registryLocal.WaitWithDefaultTimeout() @@ -361,7 +359,8 @@ registries = ['{{.Host}}:{{.Port}}']` Skip("Can not start docker registry.") } - push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:6000/my-alpine"}) + podmanTest.RestoreArtifact(ALPINE) + push := podmanTest.PodmanNoCache([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:6000/my-alpine"}) push.WaitWithDefaultTimeout() Expect(push.ExitCode()).To(Equal(0)) @@ -371,7 +370,7 @@ registries = ['{{.Host}}:{{.Port}}']` podmanTest.setRegistriesConfigEnv(buffer.Bytes()) ioutil.WriteFile(fmt.Sprintf("%s/registry8.conf", tempdir), buffer.Bytes(), 0644) - search := podmanTest.Podman([]string{"search", "my-alpine"}) + search := podmanTest.PodmanNoCache([]string{"search", "my-alpine"}) search.WaitWithDefaultTimeout() Expect(search.ExitCode()).To(Equal(0)) diff --git a/test/e2e/start_test.go b/test/e2e/start_test.go index c92da9777..fc1203ed1 100644 --- a/test/e2e/start_test.go +++ b/test/e2e/start_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman start", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/stats_test.go b/test/e2e/stats_test.go index 05f24539f..45511edb8 100644 --- a/test/e2e/stats_test.go +++ b/test/e2e/stats_test.go @@ -26,7 +26,7 @@ var _ = Describe("Podman stats", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/stop_test.go b/test/e2e/stop_test.go index e201204df..77ab6dbb0 100644 --- a/test/e2e/stop_test.go +++ b/test/e2e/stop_test.go @@ -23,7 +23,7 @@ var _ = Describe("Podman stop", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/system_df_test.go b/test/e2e/system_df_test.go index 92787f17c..bbbdf30b0 100644 --- a/test/e2e/system_df_test.go +++ b/test/e2e/system_df_test.go @@ -25,7 +25,8 @@ var _ = Describe("podman system df", func() { os.Exit(1) } podmanTest = PodmanTestCreate(tempdir) - podmanTest.RestoreAllArtifacts() + podmanTest.Setup() + podmanTest.SeedImages() }) AfterEach(func() { @@ -55,7 +56,7 @@ var _ = Describe("podman system df", func() { images := strings.Fields(session.OutputToStringArray()[1]) containers := strings.Fields(session.OutputToStringArray()[2]) volumes := strings.Fields(session.OutputToStringArray()[3]) - Expect(images[1]).To(Equal("2")) + Expect(images[1]).To(Equal("9")) Expect(containers[1]).To(Equal("2")) Expect(volumes[2]).To(Equal("1")) }) diff --git a/test/e2e/systemd_test.go b/test/e2e/systemd_test.go index 52efc9fca..91604867d 100644 --- a/test/e2e/systemd_test.go +++ b/test/e2e/systemd_test.go @@ -27,7 +27,7 @@ var _ = Describe("Podman systemd", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() systemd_unit_file = `[Unit] Description=redis container [Service] diff --git a/test/e2e/tag_test.go b/test/e2e/tag_test.go index 26d6dfa75..2b513015b 100644 --- a/test/e2e/tag_test.go +++ b/test/e2e/tag_test.go @@ -33,11 +33,11 @@ var _ = Describe("Podman tag", func() { }) It("podman tag shortname:latest", func() { - session := podmanTest.Podman([]string{"tag", ALPINE, "foobar:latest"}) + session := podmanTest.PodmanNoCache([]string{"tag", ALPINE, "foobar:latest"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - results := podmanTest.Podman([]string{"inspect", "foobar:latest"}) + results := podmanTest.PodmanNoCache([]string{"inspect", "foobar:latest"}) results.WaitWithDefaultTimeout() Expect(results.ExitCode()).To(Equal(0)) inspectData := results.InspectImageJSON() @@ -46,11 +46,11 @@ var _ = Describe("Podman tag", func() { }) It("podman tag shortname", func() { - session := podmanTest.Podman([]string{"tag", ALPINE, "foobar"}) + session := podmanTest.PodmanNoCache([]string{"tag", ALPINE, "foobar"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - results := podmanTest.Podman([]string{"inspect", "foobar:latest"}) + results := podmanTest.PodmanNoCache([]string{"inspect", "foobar:latest"}) results.WaitWithDefaultTimeout() Expect(results.ExitCode()).To(Equal(0)) inspectData := results.InspectImageJSON() @@ -59,11 +59,11 @@ var _ = Describe("Podman tag", func() { }) It("podman tag shortname:tag", func() { - session := podmanTest.Podman([]string{"tag", ALPINE, "foobar:new"}) + session := podmanTest.PodmanNoCache([]string{"tag", ALPINE, "foobar:new"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - results := podmanTest.Podman([]string{"inspect", "foobar:new"}) + results := podmanTest.PodmanNoCache([]string{"inspect", "foobar:new"}) results.WaitWithDefaultTimeout() Expect(results.ExitCode()).To(Equal(0)) inspectData := results.InspectImageJSON() @@ -72,15 +72,15 @@ var _ = Describe("Podman tag", func() { }) It("podman tag shortname image no tag", func() { - session := podmanTest.Podman([]string{"tag", ALPINE, "foobar"}) + session := podmanTest.PodmanNoCache([]string{"tag", ALPINE, "foobar"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - results := podmanTest.Podman([]string{"tag", "foobar", "barfoo"}) + results := podmanTest.PodmanNoCache([]string{"tag", "foobar", "barfoo"}) results.WaitWithDefaultTimeout() Expect(results.ExitCode()).To(Equal(0)) - verify := podmanTest.Podman([]string{"inspect", "barfoo"}) + verify := podmanTest.PodmanNoCache([]string{"inspect", "barfoo"}) verify.WaitWithDefaultTimeout() Expect(verify.ExitCode()).To(Equal(0)) }) diff --git a/test/e2e/top_test.go b/test/e2e/top_test.go index 4c2cdb7b5..b62d242f1 100644 --- a/test/e2e/top_test.go +++ b/test/e2e/top_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman top", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/tree_test.go b/test/e2e/tree_test.go index 9740adada..2db7aeb5e 100644 --- a/test/e2e/tree_test.go +++ b/test/e2e/tree_test.go @@ -22,7 +22,8 @@ var _ = Describe("Podman image tree", func() { os.Exit(1) } podmanTest = PodmanTestCreate(tempdir) - podmanTest.RestoreAllArtifacts() + podmanTest.Setup() + podmanTest.RestoreArtifact(BB) }) AfterEach(func() { @@ -36,7 +37,7 @@ var _ = Describe("Podman image tree", func() { if podmanTest.RemoteTest { Skip("Does not work on remote client") } - session := podmanTest.Podman([]string{"pull", "docker.io/library/busybox:latest"}) + session := podmanTest.PodmanNoCache([]string{"pull", "docker.io/library/busybox:latest"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -47,17 +48,17 @@ ENV foo=bar ` podmanTest.BuildImage(dockerfile, "test:latest", "true") - session = podmanTest.Podman([]string{"image", "tree", "test:latest"}) + session = podmanTest.PodmanNoCache([]string{"image", "tree", "test:latest"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"image", "tree", "--whatrequires", "docker.io/library/busybox:latest"}) + session = podmanTest.PodmanNoCache([]string{"image", "tree", "--whatrequires", "docker.io/library/busybox:latest"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "test:latest"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "test:latest"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - session = podmanTest.Podman([]string{"rmi", "docker.io/library/busybox:latest"}) + session = podmanTest.PodmanNoCache([]string{"rmi", "docker.io/library/busybox:latest"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) diff --git a/test/e2e/trust_test.go b/test/e2e/trust_test.go index 493c4a7d5..8c97e6b28 100644 --- a/test/e2e/trust_test.go +++ b/test/e2e/trust_test.go @@ -27,7 +27,7 @@ var _ = Describe("Podman trust", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/unshare_test.go b/test/e2e/unshare_test.go index 1e3f06a62..5f342ffc3 100644 --- a/test/e2e/unshare_test.go +++ b/test/e2e/unshare_test.go @@ -32,7 +32,7 @@ var _ = Describe("Podman unshare", func() { podmanTest.CgroupManager = "cgroupfs" podmanTest.StorageOptions = ROOTLESS_STORAGE_OPTIONS podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/version_test.go b/test/e2e/version_test.go index 35ee21e49..2c8b3068c 100644 --- a/test/e2e/version_test.go +++ b/test/e2e/version_test.go @@ -27,6 +27,7 @@ var _ = Describe("Podman version", func() { podmanTest.Cleanup() f := CurrentGinkgoTestDescription() processTestResult(f) + podmanTest.SeedImages() }) diff --git a/test/e2e/volume_create_test.go b/test/e2e/volume_create_test.go index dccecd457..041a9e6f0 100644 --- a/test/e2e/volume_create_test.go +++ b/test/e2e/volume_create_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman volume create", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/volume_inspect_test.go b/test/e2e/volume_inspect_test.go index e7f20ce7b..0683c6bbf 100644 --- a/test/e2e/volume_inspect_test.go +++ b/test/e2e/volume_inspect_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman volume inspect", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/volume_ls_test.go b/test/e2e/volume_ls_test.go index 1f0177def..da2d7ae77 100644 --- a/test/e2e/volume_ls_test.go +++ b/test/e2e/volume_ls_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman volume ls", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/volume_prune_test.go b/test/e2e/volume_prune_test.go index 55a95c8c9..ba249278b 100644 --- a/test/e2e/volume_prune_test.go +++ b/test/e2e/volume_prune_test.go @@ -24,7 +24,7 @@ var _ = Describe("Podman volume prune", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/volume_rm_test.go b/test/e2e/volume_rm_test.go index 39628d56f..5dcf51ccd 100644 --- a/test/e2e/volume_rm_test.go +++ b/test/e2e/volume_rm_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman volume rm", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/e2e/wait_test.go b/test/e2e/wait_test.go index 28a4c1e40..c03116b01 100644 --- a/test/e2e/wait_test.go +++ b/test/e2e/wait_test.go @@ -22,7 +22,7 @@ var _ = Describe("Podman wait", func() { } podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() - podmanTest.RestoreAllArtifacts() + podmanTest.SeedImages() }) AfterEach(func() { diff --git a/test/utils/podmantest_test.go b/test/utils/podmantest_test.go index 28f294a94..cb31d5548 100644 --- a/test/utils/podmantest_test.go +++ b/test/utils/podmantest_test.go @@ -23,7 +23,7 @@ var _ = Describe("PodmanTest test", func() { FakeOutputs["check"] = []string{"check"} os.Setenv("HOOK_OPTION", "hook_option") env := os.Environ() - session := podmanTest.PodmanAsUserBase([]string{"check"}, 1000, 1000, "", env) + session := podmanTest.PodmanAsUserBase([]string{"check"}, 1000, 1000, "", env, true) os.Unsetenv("HOOK_OPTION") session.WaitWithDefaultTimeout() Expect(session.Command.Process).ShouldNot(BeNil()) diff --git a/test/utils/utils.go b/test/utils/utils.go index beadab549..98031385d 100644 --- a/test/utils/utils.go +++ b/test/utils/utils.go @@ -42,6 +42,8 @@ type PodmanTest struct { VarlinkSession *os.Process VarlinkEndpoint string VarlinkCommand *exec.Cmd + ImageCacheDir string + ImageCacheFS string } // PodmanSession wraps the gexec.session so we can extend it @@ -63,7 +65,7 @@ func (p *PodmanTest) MakeOptions(args []string) []string { // PodmanAsUserBase exec podman as user. uid and gid is set for credentials useage. env is used // to record the env for debugging -func (p *PodmanTest) PodmanAsUserBase(args []string, uid, gid uint32, cwd string, env []string) *PodmanSession { +func (p *PodmanTest) PodmanAsUserBase(args []string, uid, gid uint32, cwd string, env []string, nocache bool) *PodmanSession { var command *exec.Cmd podmanOptions := p.MakeOptions(args) podmanBinary := p.PodmanBinary @@ -71,6 +73,10 @@ func (p *PodmanTest) PodmanAsUserBase(args []string, uid, gid uint32, cwd string podmanBinary = p.RemotePodmanBinary env = append(env, fmt.Sprintf("PODMAN_VARLINK_ADDRESS=%s", p.VarlinkEndpoint)) } + if !nocache && !p.RemoteTest { + cacheOptions := []string{"--storage-opt", fmt.Sprintf("%s.imagestore=%s", p.ImageCacheFS, p.ImageCacheDir)} + podmanOptions = append(cacheOptions, podmanOptions...) + } if env == nil { fmt.Printf("Running: %s %s\n", podmanBinary, strings.Join(podmanOptions, " ")) @@ -99,8 +105,8 @@ func (p *PodmanTest) PodmanAsUserBase(args []string, uid, gid uint32, cwd string } // PodmanBase exec podman with default env. -func (p *PodmanTest) PodmanBase(args []string) *PodmanSession { - return p.PodmanAsUserBase(args, 0, 0, "", nil) +func (p *PodmanTest) PodmanBase(args []string, nocache bool) *PodmanSession { + return p.PodmanAsUserBase(args, 0, 0, "", nil, nocache) } // WaitForContainer waits on a started container @@ -118,7 +124,7 @@ func (p *PodmanTest) WaitForContainer() bool { // containers are currently running. func (p *PodmanTest) NumberOfContainersRunning() int { var containers []string - ps := p.PodmanBase([]string{"ps", "-q"}) + ps := p.PodmanBase([]string{"ps", "-q"}, true) ps.WaitWithDefaultTimeout() Expect(ps.ExitCode()).To(Equal(0)) for _, i := range ps.OutputToStringArray() { @@ -133,7 +139,7 @@ func (p *PodmanTest) NumberOfContainersRunning() int { // containers are currently defined. func (p *PodmanTest) NumberOfContainers() int { var containers []string - ps := p.PodmanBase([]string{"ps", "-aq"}) + ps := p.PodmanBase([]string{"ps", "-aq"}, true) ps.WaitWithDefaultTimeout() Expect(ps.ExitCode()).To(Equal(0)) for _, i := range ps.OutputToStringArray() { @@ -148,7 +154,7 @@ func (p *PodmanTest) NumberOfContainers() int { // pods are currently defined. func (p *PodmanTest) NumberOfPods() int { var pods []string - ps := p.PodmanBase([]string{"pod", "ps", "-q"}) + ps := p.PodmanBase([]string{"pod", "ps", "-q"}, true) ps.WaitWithDefaultTimeout() Expect(ps.ExitCode()).To(Equal(0)) for _, i := range ps.OutputToStringArray() { @@ -164,7 +170,7 @@ func (p *PodmanTest) NumberOfPods() int { func (p *PodmanTest) GetContainerStatus() string { var podmanArgs = []string{"ps"} podmanArgs = append(podmanArgs, "--all", "--format={{.Status}}") - session := p.PodmanBase(podmanArgs) + session := p.PodmanBase(podmanArgs, true) session.WaitWithDefaultTimeout() return session.OutputToString() } @@ -172,7 +178,7 @@ func (p *PodmanTest) GetContainerStatus() string { // WaitContainerReady waits process or service inside container start, and ready to be used. func (p *PodmanTest) WaitContainerReady(id string, expStr string, timeout int, step int) bool { startTime := time.Now() - s := p.PodmanBase([]string{"logs", id}) + s := p.PodmanBase([]string{"logs", id}, true) s.WaitWithDefaultTimeout() for { @@ -185,7 +191,7 @@ func (p *PodmanTest) WaitContainerReady(id string, expStr string, timeout int, s return true } time.Sleep(time.Duration(step) * time.Second) - s = p.PodmanBase([]string{"logs", id}) + s = p.PodmanBase([]string{"logs", id}, true) s.WaitWithDefaultTimeout() } } diff --git a/transfer.md b/transfer.md index 79b6d3461..7cfd5a85d 100644 --- a/transfer.md +++ b/transfer.md @@ -91,10 +91,11 @@ Those Docker commands currently do not have equivalents in `podman`: | Missing command | Description| | :--- | :--- | +| `docker container update` | podman does not support altering running containers. We recommend recreating containers with the correct arguments.| +| `docker container rename` | podman does not support `container rename` - or the `rename` shorthand. We recommend using `podman rm` and `podman create` to create a container with a specific name.| | `docker network` || | `docker node` || | `docker plugin` | podman does not support plugins. We recommend you use alternative OCI Runtimes or OCI Runtime Hooks to alter behavior of podman.| -| `docker rename` | podman does not support rename, you need to use `podman rm` and `podman create` to rename a container.| | `docker secret` || | `docker service` || | `docker stack` || diff --git a/vendor.conf b/vendor.conf index f480a73c7..cfd410889 100644 --- a/vendor.conf +++ b/vendor.conf @@ -93,7 +93,7 @@ k8s.io/api kubernetes-1.10.13-beta.0 https://github.com/kubernetes/api k8s.io/apimachinery kubernetes-1.10.13-beta.0 https://github.com/kubernetes/apimachinery k8s.io/client-go kubernetes-1.10.13-beta.0 https://github.com/kubernetes/client-go github.com/mrunalp/fileutils 7d4729fb36185a7c1719923406c9d40e54fb93c7 -github.com/containers/buildah bcc5e51a948c1847fab1c932f1a343696a96cafd +github.com/containers/buildah v1.8.3 github.com/varlink/go 0f1d566d194b9d6d48e0d47c5e4d822628919066 # TODO: Gotty has not been updated since 2012. Can we find replacement? github.com/Nvveen/Gotty cd527374f1e5bff4938207604a14f2e38a9cf512 diff --git a/vendor/github.com/containers/buildah/add.go b/vendor/github.com/containers/buildah/add.go index 589e090a8..11bfb6a12 100644 --- a/vendor/github.com/containers/buildah/add.go +++ b/vendor/github.com/containers/buildah/add.go @@ -14,6 +14,7 @@ import ( "github.com/containers/buildah/pkg/chrootuser" "github.com/containers/buildah/util" "github.com/containers/storage/pkg/archive" + "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/idtools" "github.com/containers/storage/pkg/system" "github.com/opencontainers/runtime-spec/specs-go" @@ -89,7 +90,10 @@ func addURL(destination, srcurl string, owner idtools.IDPair, hasher io.Writer) // filesystem, optionally extracting contents of local files that look like // non-empty archives. func (b *Builder) Add(destination string, extract bool, options AddAndCopyOptions, source ...string) error { - excludes := dockerIgnoreHelper(options.Excludes, options.ContextDir) + excludes, err := dockerIgnoreMatcher(options.Excludes, options.ContextDir) + if err != nil { + return err + } mountPoint, err := b.Mount(b.MountLabel) if err != nil { return err @@ -100,7 +104,7 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption } }() // Find out which user (and group) the destination should belong to. - user, err := b.user(mountPoint, options.Chown) + user, _, err := b.user(mountPoint, options.Chown) if err != nil { return err } @@ -153,12 +157,12 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption } // user returns the user (and group) information which the destination should belong to. -func (b *Builder) user(mountPoint string, userspec string) (specs.User, error) { +func (b *Builder) user(mountPoint string, userspec string) (specs.User, string, error) { if userspec == "" { userspec = b.User() } - uid, gid, err := chrootuser.GetUser(mountPoint, userspec) + uid, gid, homeDir, err := chrootuser.GetUser(mountPoint, userspec) u := specs.User{ UID: uid, GID: gid, @@ -175,45 +179,48 @@ func (b *Builder) user(mountPoint string, userspec string) (specs.User, error) { } } - return u, err + return u, homeDir, err } -// dockerIgnore struct keep info from .dockerignore -type dockerIgnore struct { - ExcludePath string - IsExcluded bool -} - -// dockerIgnoreHelper returns the lines from .dockerignore file without the comments -// and reverses the order -func dockerIgnoreHelper(lines []string, contextDir string) []dockerIgnore { - var excludes []dockerIgnore - // the last match of a file in the .dockerignmatches determines whether it is included or excluded - // reverse the order - for i := len(lines) - 1; i >= 0; i-- { - exclude := lines[i] - // ignore the comment in .dockerignore - if strings.HasPrefix(exclude, "#") || len(exclude) == 0 { +// dockerIgnoreMatcher returns a matcher based on the contents of the .dockerignore file under contextDir +func dockerIgnoreMatcher(lines []string, contextDir string) (*fileutils.PatternMatcher, error) { + // if there's no context dir, there's no .dockerignore file to consult + if contextDir == "" { + return nil, nil + } + patterns := []string{".dockerignore"} + for _, ignoreSpec := range lines { + ignoreSpec = strings.TrimSpace(ignoreSpec) + // ignore comments passed back from .dockerignore + if ignoreSpec == "" || ignoreSpec[0] == '#' { continue } - excludeFlag := true - if strings.HasPrefix(exclude, "!") { - exclude = strings.TrimPrefix(exclude, "!") - excludeFlag = false + // if the spec starts with '!' it means the pattern + // should be included. make a note so that we can move + // it to the front of the updated pattern + includeFlag := "" + if strings.HasPrefix(ignoreSpec, "!") { + includeFlag = "!" + ignoreSpec = ignoreSpec[1:] } - excludes = append(excludes, dockerIgnore{ExcludePath: filepath.Join(contextDir, exclude), IsExcluded: excludeFlag}) + if ignoreSpec == "" { + continue + } + patterns = append(patterns, includeFlag+filepath.Join(contextDir, ignoreSpec)) } - if len(excludes) != 0 { - excludes = append(excludes, dockerIgnore{ExcludePath: filepath.Join(contextDir, ".dockerignore"), IsExcluded: true}) + // if there are no patterns, save time by not constructing the object + if len(patterns) == 0 { + return nil, nil } - return excludes -} - -func addHelper(excludes []dockerIgnore, extract bool, dest string, destfi os.FileInfo, hostOwner idtools.IDPair, options AddAndCopyOptions, copyFileWithTar, copyWithTar, untarPath func(src, dest string) error, source ...string) error { - dirsInDockerignore, err := getDirsInDockerignore(options.ContextDir, excludes) + // return a matcher object + matcher, err := fileutils.NewPatternMatcher(patterns) if err != nil { - return errors.Wrapf(err, "error checking directories in .dockerignore") + return nil, errors.Wrapf(err, "error creating file matcher using patterns %v", patterns) } + return matcher, nil +} + +func addHelper(excludes *fileutils.PatternMatcher, extract bool, dest string, destfi os.FileInfo, hostOwner idtools.IDPair, options AddAndCopyOptions, copyFileWithTar, copyWithTar, untarPath func(src, dest string) error, source ...string) error { for _, src := range source { if strings.HasPrefix(src, "http://") || strings.HasPrefix(src, "https://") { // We assume that source is a file, and we're copying @@ -242,7 +249,7 @@ func addHelper(excludes []dockerIgnore, extract bool, dest string, destfi os.Fil if len(glob) == 0 { return errors.Wrapf(syscall.ENOENT, "no files found matching %q", src) } - outer: + for _, gsrc := range glob { esrc, err := filepath.EvalSymlinks(gsrc) if err != nil { @@ -261,7 +268,7 @@ func addHelper(excludes []dockerIgnore, extract bool, dest string, destfi os.Fil return errors.Wrapf(err, "error creating directory %q", dest) } logrus.Debugf("copying %q to %q", esrc+string(os.PathSeparator)+"*", dest+string(os.PathSeparator)+"*") - if len(excludes) == 0 { + if excludes == nil { if err = copyWithTar(esrc, dest); err != nil { return errors.Wrapf(err, "error copying %q to %q", esrc, dest) } @@ -271,23 +278,12 @@ func addHelper(excludes []dockerIgnore, extract bool, dest string, destfi os.Fil if err != nil { return err } - for _, exclude := range excludes { - match, err := filepath.Match(filepath.Clean(exclude.ExcludePath), filepath.Clean(path)) - if err != nil { - return err - } - prefix, exist := dirsInDockerignore[exclude.ExcludePath] - hasPrefix := false - if exist { - hasPrefix = filepath.HasPrefix(path, prefix) - } - if !(match || hasPrefix) { - continue - } - if (hasPrefix && exclude.IsExcluded) || (match && exclude.IsExcluded) { - return nil - } - break + skip, err := excludes.Matches(path) + if err != nil { + return errors.Wrapf(err, "error checking if %s is an excluded path", path) + } + if skip { + return nil } // combine the filename with the dest directory fpath, err := filepath.Rel(esrc, path) @@ -297,8 +293,8 @@ func addHelper(excludes []dockerIgnore, extract bool, dest string, destfi os.Fil mtime := info.ModTime() atime := mtime times := []syscall.Timespec{ - {Sec: atime.Unix(), Nsec: atime.UnixNano() % 1000000000}, - {Sec: mtime.Unix(), Nsec: mtime.UnixNano() % 1000000000}, + syscall.NsecToTimespec(atime.Unix()), + syscall.NsecToTimespec(mtime.Unix()), } if info.IsDir() { return addHelperDirectory(esrc, path, filepath.Join(dest, fpath), info, hostOwner, times) @@ -320,20 +316,6 @@ func addHelper(excludes []dockerIgnore, extract bool, dest string, destfi os.Fil continue } - for _, exclude := range excludes { - match, err := filepath.Match(filepath.Clean(exclude.ExcludePath), esrc) - if err != nil { - return err - } - if !match { - continue - } - if exclude.IsExcluded { - continue outer - } - break - } - if !extract || !archive.IsArchivePath(esrc) { // This source is a file, and either it's not an // archive, or we don't care whether or not it's an @@ -349,6 +331,7 @@ func addHelper(excludes []dockerIgnore, extract bool, dest string, destfi os.Fil } continue } + // We're extracting an archive into the destination directory. logrus.Debugf("extracting contents of %q into %q", esrc, dest) if err = untarPath(esrc, dest); err != nil { @@ -381,7 +364,15 @@ func addHelperSymlink(src, dest string, info os.FileInfo, hostOwner idtools.IDPa return errors.Wrapf(err, "error reading contents of symbolic link at %q", src) } if err = os.Symlink(linkContents, dest); err != nil { - return errors.Wrapf(err, "error creating symbolic link to %q at %q", linkContents, dest) + if !os.IsExist(err) { + return errors.Wrapf(err, "error creating symbolic link to %q at %q", linkContents, dest) + } + if err = os.RemoveAll(dest); err != nil { + return errors.Wrapf(err, "error clearing symbolic link target %q", dest) + } + if err = os.Symlink(linkContents, dest); err != nil { + return errors.Wrapf(err, "error creating symbolic link to %q at %q (second try)", linkContents, dest) + } } if err = idtools.SafeLchown(dest, hostOwner.UID, hostOwner.GID); err != nil { return errors.Wrapf(err, "error setting owner of symbolic link %q to %d:%d", dest, hostOwner.UID, hostOwner.GID) @@ -392,35 +383,3 @@ func addHelperSymlink(src, dest string, info os.FileInfo, hostOwner idtools.IDPa logrus.Debugf("Symlink(%s, %s)", linkContents, dest) return nil } - -func getDirsInDockerignore(srcAbsPath string, excludes []dockerIgnore) (map[string]string, error) { - visitedDir := make(map[string]string) - if len(excludes) == 0 { - return visitedDir, nil - } - err := filepath.Walk(srcAbsPath, func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if info.IsDir() { - for _, exclude := range excludes { - match, err := filepath.Match(filepath.Clean(exclude.ExcludePath), filepath.Clean(path)) - if err != nil { - return err - } - if !match { - continue - } - if _, exist := visitedDir[exclude.ExcludePath]; exist { - continue - } - visitedDir[exclude.ExcludePath] = path - } - } - return nil - }) - if err != nil { - return visitedDir, err - } - return visitedDir, nil -} diff --git a/vendor/github.com/containers/buildah/buildah.go b/vendor/github.com/containers/buildah/buildah.go index 33b7afccd..56c8f088f 100644 --- a/vendor/github.com/containers/buildah/buildah.go +++ b/vendor/github.com/containers/buildah/buildah.go @@ -26,7 +26,7 @@ const ( Package = "buildah" // Version for the Package. Bump version in contrib/rpm/buildah.spec // too. - Version = "1.9.0-dev" + Version = "1.8.3" // The value we use to identify what type of information, currently a // serialized Builder structure, we are using as per-container state. // This should only be changed when we make incompatible changes to diff --git a/vendor/github.com/containers/buildah/chroot/run.go b/vendor/github.com/containers/buildah/chroot/run.go index c65926c8e..d6e5a61ea 100644 --- a/vendor/github.com/containers/buildah/chroot/run.go +++ b/vendor/github.com/containers/buildah/chroot/run.go @@ -84,9 +84,18 @@ type runUsingChrootExecSubprocOptions struct { // RunUsingChroot runs a chrooted process, using some of the settings from the // passed-in spec, and using the specified bundlePath to hold temporary files, // directories, and mountpoints. -func RunUsingChroot(spec *specs.Spec, bundlePath string, stdin io.Reader, stdout, stderr io.Writer) (err error) { +func RunUsingChroot(spec *specs.Spec, bundlePath, homeDir string, stdin io.Reader, stdout, stderr io.Writer) (err error) { var confwg sync.WaitGroup - + var homeFound bool + for _, env := range spec.Process.Env { + if strings.HasPrefix(env, "HOME=") { + homeFound = true + break + } + } + if !homeFound { + spec.Process.Env = append(spec.Process.Env, fmt.Sprintf("HOME=%s", homeDir)) + } runtime.LockOSThread() defer runtime.UnlockOSThread() diff --git a/vendor/github.com/containers/buildah/config.go b/vendor/github.com/containers/buildah/config.go index 05b0abb23..234f93259 100644 --- a/vendor/github.com/containers/buildah/config.go +++ b/vendor/github.com/containers/buildah/config.go @@ -3,7 +3,6 @@ package buildah import ( "context" "encoding/json" - "os" "runtime" "strings" "time" @@ -269,21 +268,11 @@ func (b *Builder) Env() []string { // built using an image built from this container. func (b *Builder) SetEnv(k string, v string) { reset := func(s *[]string) { - getenv := func(name string) string { - for i := range *s { - val := strings.SplitN((*s)[i], "=", 2) - if len(val) == 2 && val[0] == name { - return val[1] - } - } - return name - } n := []string{} for i := range *s { if !strings.HasPrefix((*s)[i], k+"=") { n = append(n, (*s)[i]) } - v = os.Expand(v, getenv) } n = append(n, k+"="+v) *s = n diff --git a/vendor/github.com/containers/buildah/imagebuildah/build.go b/vendor/github.com/containers/buildah/imagebuildah/build.go index b8b9db0f3..3665251cd 100644 --- a/vendor/github.com/containers/buildah/imagebuildah/build.go +++ b/vendor/github.com/containers/buildah/imagebuildah/build.go @@ -487,6 +487,7 @@ func (s *StageExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) err // Check the file and see if part of it is a symlink. // Convert it to the target if so. To be ultrasafe // do the same for the mountpoint. + hadFinalPathSeparator := len(copy.Dest) > 0 && copy.Dest[len(copy.Dest)-1] == os.PathSeparator secureMountPoint, err := securejoin.SecureJoin("", s.mountPoint) finalPath, err := securejoin.SecureJoin(secureMountPoint, copy.Dest) if err != nil { @@ -496,6 +497,11 @@ func (s *StageExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) err return errors.Wrapf(err, "error resolving copy destination %s", copy.Dest) } copy.Dest = strings.TrimPrefix(finalPath, secureMountPoint) + if len(copy.Dest) == 0 || copy.Dest[len(copy.Dest)-1] != os.PathSeparator { + if hadFinalPathSeparator { + copy.Dest += string(os.PathSeparator) + } + } if copy.Download { logrus.Debugf("ADD %#v, %#v", excludes, copy) @@ -507,29 +513,32 @@ func (s *StageExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) err } sources := []string{} for _, src := range copy.Src { + contextDir := s.executor.contextDir + copyExcludes := excludes if strings.HasPrefix(src, "http://") || strings.HasPrefix(src, "https://") { sources = append(sources, src) } else if len(copy.From) > 0 { if other, ok := s.executor.stages[copy.From]; ok && other.index < s.index { sources = append(sources, filepath.Join(other.mountPoint, src)) + contextDir = other.mountPoint } else if builder, ok := s.executor.containerMap[copy.From]; ok { sources = append(sources, filepath.Join(builder.MountPoint, src)) + contextDir = builder.MountPoint } else { return errors.Errorf("the stage %q has not been built", copy.From) } } else { sources = append(sources, filepath.Join(s.executor.contextDir, src)) + copyExcludes = append(s.executor.excludes, excludes...) + } + options := buildah.AddAndCopyOptions{ + Chown: copy.Chown, + ContextDir: contextDir, + Excludes: copyExcludes, + } + if err := s.builder.Add(copy.Dest, copy.Download, options, sources...); err != nil { + return err } - } - - options := buildah.AddAndCopyOptions{ - Chown: copy.Chown, - ContextDir: s.executor.contextDir, - Excludes: s.executor.excludes, - } - - if err := s.builder.Add(copy.Dest, copy.Download, options, sources...); err != nil { - return err } } return nil @@ -590,7 +599,11 @@ func (s *StageExecutor) Run(run imagebuilder.Run, config docker.Config) error { args := run.Args if run.Shell { - args = append([]string{"/bin/sh", "-c"}, args...) + if len(config.Shell) > 0 && s.builder.Format == buildah.Dockerv2ImageManifest { + args = append(config.Shell, args...) + } else { + args = append([]string{"/bin/sh", "-c"}, args...) + } } if err := s.volumeCacheSave(); err != nil { return err diff --git a/vendor/github.com/containers/buildah/imagebuildah/util.go b/vendor/github.com/containers/buildah/imagebuildah/util.go index f982fcebf..3962d1a9d 100644 --- a/vendor/github.com/containers/buildah/imagebuildah/util.go +++ b/vendor/github.com/containers/buildah/imagebuildah/util.go @@ -17,7 +17,7 @@ import ( ) func cloneToDirectory(url, dir string) error { - if !strings.HasPrefix(url, "git://") { + if !strings.HasPrefix(url, "git://") && !strings.HasSuffix(url, ".git") { url = "git://" + url } logrus.Debugf("cloning %q to %q", url, dir) @@ -72,7 +72,7 @@ func TempDirForURL(dir, prefix, url string) (name string, subdir string, err err if err != nil { return "", "", errors.Wrapf(err, "error creating temporary directory for %q", url) } - if strings.HasPrefix(url, "git://") { + if strings.HasPrefix(url, "git://") || strings.HasSuffix(url, ".git") { err = cloneToDirectory(url, name) if err != nil { if err2 := os.Remove(name); err2 != nil { diff --git a/vendor/github.com/containers/buildah/pkg/chrootuser/user.go b/vendor/github.com/containers/buildah/pkg/chrootuser/user.go index c83dcc230..26a67c35a 100644 --- a/vendor/github.com/containers/buildah/pkg/chrootuser/user.go +++ b/vendor/github.com/containers/buildah/pkg/chrootuser/user.go @@ -18,7 +18,7 @@ var ( // it will use the /etc/passwd and /etc/group files inside of the rootdir // to return this information. // userspec format [user | user:group | uid | uid:gid | user:gid | uid:group ] -func GetUser(rootdir, userspec string) (uint32, uint32, error) { +func GetUser(rootdir, userspec string) (uint32, uint32, string, error) { var gid64 uint64 var gerr error = user.UnknownGroupError("error looking up group") @@ -26,7 +26,7 @@ func GetUser(rootdir, userspec string) (uint32, uint32, error) { userspec = spec[0] groupspec := "" if userspec == "" { - return 0, 0, nil + return 0, 0, "/", nil } if len(spec) > 1 { groupspec = spec[1] @@ -65,15 +65,21 @@ func GetUser(rootdir, userspec string) (uint32, uint32, error) { } } + homedir, err := lookupHomedirInContainer(rootdir, uid64) + if err != nil { + homedir = "/" + } + if uerr == nil && gerr == nil { - return uint32(uid64), uint32(gid64), nil + return uint32(uid64), uint32(gid64), homedir, nil } - err := errors.Wrapf(uerr, "error determining run uid") + err = errors.Wrapf(uerr, "error determining run uid") if uerr == nil { err = errors.Wrapf(gerr, "error determining run gid") } - return 0, 0, err + + return 0, 0, homedir, err } // GetGroup returns the gid by looking it up in the /etc/group file diff --git a/vendor/github.com/containers/buildah/pkg/chrootuser/user_basic.go b/vendor/github.com/containers/buildah/pkg/chrootuser/user_basic.go index 79b0b24b5..6c997c4c9 100644 --- a/vendor/github.com/containers/buildah/pkg/chrootuser/user_basic.go +++ b/vendor/github.com/containers/buildah/pkg/chrootuser/user_basic.go @@ -25,3 +25,7 @@ func lookupAdditionalGroupsForUIDInContainer(rootdir string, userid uint64) (gid func lookupUIDInContainer(rootdir string, uid uint64) (string, uint64, error) { return "", 0, errors.New("UID lookup not supported") } + +func lookupHomedirInContainer(rootdir string, uid uint64) (string, error) { + return "", errors.New("Home directory lookup not supported") +} diff --git a/vendor/github.com/containers/buildah/pkg/chrootuser/user_linux.go b/vendor/github.com/containers/buildah/pkg/chrootuser/user_linux.go index 583eca569..ea20fca80 100644 --- a/vendor/github.com/containers/buildah/pkg/chrootuser/user_linux.go +++ b/vendor/github.com/containers/buildah/pkg/chrootuser/user_linux.go @@ -84,6 +84,7 @@ type lookupPasswdEntry struct { name string uid uint64 gid uint64 + home string } type lookupGroupEntry struct { name string @@ -135,6 +136,7 @@ func parseNextPasswd(rc *bufio.Reader) *lookupPasswdEntry { name: fields[0], uid: uid, gid: gid, + home: fields[5], } } @@ -291,3 +293,29 @@ func lookupUIDInContainer(rootdir string, uid uint64) (string, uint64, error) { return "", 0, user.UnknownUserError(fmt.Sprintf("error looking up uid %q", uid)) } + +func lookupHomedirInContainer(rootdir string, uid uint64) (string, error) { + cmd, f, err := openChrootedFile(rootdir, "/etc/passwd") + if err != nil { + return "", err + } + defer func() { + _ = cmd.Wait() + }() + rc := bufio.NewReader(f) + defer f.Close() + + lookupUser.Lock() + defer lookupUser.Unlock() + + pwd := parseNextPasswd(rc) + for pwd != nil { + if pwd.uid != uid { + pwd = parseNextPasswd(rc) + continue + } + return pwd.home, nil + } + + return "", user.UnknownUserError(fmt.Sprintf("error looking up uid %q for homedir", uid)) +} diff --git a/vendor/github.com/containers/buildah/pkg/secrets/secrets.go b/vendor/github.com/containers/buildah/pkg/secrets/secrets.go index 97b681125..70bd6a4b7 100644 --- a/vendor/github.com/containers/buildah/pkg/secrets/secrets.go +++ b/vendor/github.com/containers/buildah/pkg/secrets/secrets.go @@ -117,7 +117,12 @@ func getMounts(filePath string) []string { } var mounts []string for scanner.Scan() { - mounts = append(mounts, scanner.Text()) + if strings.HasPrefix(strings.TrimSpace(scanner.Text()), "/") { + mounts = append(mounts, scanner.Text()) + } else { + logrus.Debugf("skipping unrecognized mount in %v: %q", + filePath, scanner.Text()) + } } return mounts } @@ -190,58 +195,79 @@ func addSecretsFromMountsFile(filePath, mountLabel, containerWorkingDir, mountPr var mounts []rspec.Mount defaultMountsPaths := getMounts(filePath) for _, path := range defaultMountsPaths { - hostDir, ctrDir, err := getMountsMap(path) + hostDirOrFile, ctrDirOrFile, err := getMountsMap(path) if err != nil { return nil, err } - // skip if the hostDir path doesn't exist - if _, err = os.Stat(hostDir); err != nil { + // skip if the hostDirOrFile path doesn't exist + fileInfo, err := os.Stat(hostDirOrFile) + if err != nil { if os.IsNotExist(err) { - logrus.Warnf("Path %q from %q doesn't exist, skipping", hostDir, filePath) + logrus.Warnf("Path %q from %q doesn't exist, skipping", hostDirOrFile, filePath) continue } - return nil, errors.Wrapf(err, "failed to stat %q", hostDir) + return nil, errors.Wrapf(err, "failed to stat %q", hostDirOrFile) } - ctrDirOnHost := filepath.Join(containerWorkingDir, ctrDir) + ctrDirOrFileOnHost := filepath.Join(containerWorkingDir, ctrDirOrFile) - // In the event of a restart, don't want to copy secrets over again as they already would exist in ctrDirOnHost - _, err = os.Stat(ctrDirOnHost) + // In the event of a restart, don't want to copy secrets over again as they already would exist in ctrDirOrFileOnHost + _, err = os.Stat(ctrDirOrFileOnHost) if os.IsNotExist(err) { - if err = os.MkdirAll(ctrDirOnHost, 0755); err != nil { - return nil, errors.Wrapf(err, "making container directory %q failed", ctrDirOnHost) - } - hostDir, err = resolveSymbolicLink(hostDir) + + hostDirOrFile, err = resolveSymbolicLink(hostDirOrFile) if err != nil { return nil, err } - data, err := getHostSecretData(hostDir) - if err != nil { - return nil, errors.Wrapf(err, "getting host secret data failed") - } - for _, s := range data { - if err := s.saveTo(ctrDirOnHost); err != nil { - return nil, errors.Wrapf(err, "error saving data to container filesystem on host %q", ctrDirOnHost) + switch mode := fileInfo.Mode(); { + case mode.IsDir(): + if err = os.MkdirAll(ctrDirOrFileOnHost, 0755); err != nil { + return nil, errors.Wrapf(err, "making container directory %q failed", ctrDirOrFileOnHost) + } + data, err := getHostSecretData(hostDirOrFile) + if err != nil { + return nil, errors.Wrapf(err, "getting host secret data failed") + } + for _, s := range data { + if err := s.saveTo(ctrDirOrFileOnHost); err != nil { + return nil, errors.Wrapf(err, "error saving data to container filesystem on host %q", ctrDirOrFileOnHost) + } + } + case mode.IsRegular(): + data, err := readFile("", hostDirOrFile) + if err != nil { + return nil, errors.Wrapf(err, "error reading file %q", hostDirOrFile) + + } + for _, s := range data { + if err := os.MkdirAll(filepath.Dir(ctrDirOrFileOnHost), 0700); err != nil { + return nil, err + } + if err := ioutil.WriteFile(ctrDirOrFileOnHost, s.data, 0700); err != nil { + return nil, errors.Wrapf(err, "error saving data to container filesystem on host %q", ctrDirOrFileOnHost) + } } + default: + return nil, errors.Errorf("unsupported file type for: %q", hostDirOrFile) } - err = label.Relabel(ctrDirOnHost, mountLabel, false) + err = label.Relabel(ctrDirOrFileOnHost, mountLabel, false) if err != nil { return nil, errors.Wrap(err, "error applying correct labels") } if uid != 0 || gid != 0 { - if err := rchown(ctrDirOnHost, uid, gid); err != nil { + if err := rchown(ctrDirOrFileOnHost, uid, gid); err != nil { return nil, err } } } else if err != nil { - return nil, errors.Wrapf(err, "error getting status of %q", ctrDirOnHost) + return nil, errors.Wrapf(err, "error getting status of %q", ctrDirOrFileOnHost) } m := rspec.Mount{ - Source: filepath.Join(mountPrefix, ctrDir), - Destination: ctrDir, + Source: filepath.Join(mountPrefix, ctrDirOrFile), + Destination: ctrDirOrFile, Type: "bind", Options: []string{"bind", "rprivate"}, } diff --git a/vendor/github.com/containers/buildah/pkg/unshare/unshare.go b/vendor/github.com/containers/buildah/pkg/unshare/unshare.go index 33232740e..5a68d6b8d 100644 --- a/vendor/github.com/containers/buildah/pkg/unshare/unshare.go +++ b/vendor/github.com/containers/buildah/pkg/unshare/unshare.go @@ -64,6 +64,7 @@ func (c *Cmd) Start() error { if os.Geteuid() != 0 { c.Env = append(c.Env, "_CONTAINERS_USERNS_CONFIGURED=done") c.Env = append(c.Env, fmt.Sprintf("_CONTAINERS_ROOTLESS_UID=%d", os.Geteuid())) + c.Env = append(c.Env, fmt.Sprintf("_CONTAINERS_ROOTLESS_GID=%d", os.Getegid())) } // Create the pipe for reading the child's PID. @@ -183,6 +184,7 @@ func (c *Cmd) Start() error { for _, m := range c.GidMappings { fmt.Fprintf(g, "%d %d %d\n", m.ContainerID, m.HostID, m.Size) } + gidmapSet := false // Set the GID map. if c.UseNewgidmap { cmd := exec.Command("newgidmap", append([]string{pidString}, strings.Fields(strings.Replace(g.String(), "\n", " ", -1))...)...) @@ -190,11 +192,16 @@ func (c *Cmd) Start() error { cmd.Stdout = g cmd.Stderr = g err := cmd.Run() - if err != nil { + if err == nil { + gidmapSet = true + } else { fmt.Fprintf(continueWrite, "error running newgidmap: %v: %s", err, g.String()) - return errors.Wrapf(err, "error running newgidmap: %s", g.String()) + fmt.Fprintf(continueWrite, "falling back to single mapping\n") + g.Reset() + g.Write([]byte(fmt.Sprintf("0 %d 1\n", os.Getegid()))) } - } else { + } + if !gidmapSet { gidmap, err := os.OpenFile(fmt.Sprintf("/proc/%s/gid_map", pidString), os.O_TRUNC|os.O_WRONLY, 0) if err != nil { fmt.Fprintf(continueWrite, "error opening /proc/%s/gid_map: %v", pidString, err) @@ -214,6 +221,7 @@ func (c *Cmd) Start() error { for _, m := range c.UidMappings { fmt.Fprintf(u, "%d %d %d\n", m.ContainerID, m.HostID, m.Size) } + uidmapSet := false // Set the GID map. if c.UseNewuidmap { cmd := exec.Command("newuidmap", append([]string{pidString}, strings.Fields(strings.Replace(u.String(), "\n", " ", -1))...)...) @@ -221,11 +229,16 @@ func (c *Cmd) Start() error { cmd.Stdout = u cmd.Stderr = u err := cmd.Run() - if err != nil { + if err == nil { + uidmapSet = true + } else { fmt.Fprintf(continueWrite, "error running newuidmap: %v: %s", err, u.String()) - return errors.Wrapf(err, "error running newuidmap: %s", u.String()) + fmt.Fprintf(continueWrite, "falling back to single mapping\n") + u.Reset() + u.Write([]byte(fmt.Sprintf("0 %d 1\n", os.Geteuid()))) } - } else { + } + if !uidmapSet { uidmap, err := os.OpenFile(fmt.Sprintf("/proc/%s/uid_map", pidString), os.O_TRUNC|os.O_WRONLY, 0) if err != nil { fmt.Fprintf(continueWrite, "error opening /proc/%s/uid_map: %v", pidString, err) @@ -354,7 +367,9 @@ func MaybeReexecUsingUserNamespace(evenForRoot bool) { // range in /etc/subuid and /etc/subgid file is a starting host // ID and a range size. uidmap, gidmap, err = GetSubIDMappings(me.Username, me.Username) - bailOnError(err, "error reading allowed ID mappings") + if err != nil { + logrus.Warnf("error reading allowed ID mappings: %v", err) + } if len(uidmap) == 0 { logrus.Warnf("Found no UID ranges set aside for user %q in /etc/subuid.", me.Username) } diff --git a/vendor/github.com/containers/buildah/run_linux.go b/vendor/github.com/containers/buildah/run_linux.go index 81ce2b944..16c0550aa 100644 --- a/vendor/github.com/containers/buildah/run_linux.go +++ b/vendor/github.com/containers/buildah/run_linux.go @@ -131,7 +131,8 @@ func (b *Builder) Run(command []string, options RunOptions) error { return err } - if err := b.configureUIDGID(g, mountPoint, options); err != nil { + homeDir, err := b.configureUIDGID(g, mountPoint, options) + if err != nil { return err } @@ -210,7 +211,7 @@ func (b *Builder) Run(command []string, options RunOptions) error { } err = b.runUsingRuntimeSubproc(isolation, options, configureNetwork, configureNetworks, moreCreateArgs, spec, mountPoint, path, Package+"-"+filepath.Base(path)) case IsolationChroot: - err = chroot.RunUsingChroot(spec, path, options.Stdin, options.Stdout, options.Stderr) + err = chroot.RunUsingChroot(spec, path, homeDir, options.Stdin, options.Stdout, options.Stderr) case IsolationOCIRootless: moreCreateArgs := []string{"--no-new-keyring"} if options.NoPivot { @@ -1454,7 +1455,18 @@ func setupNamespaces(g *generate.Generator, namespaceOptions NamespaceOptions, i } if configureNetwork { for name, val := range util.DefaultNetworkSysctl { - g.AddLinuxSysctl(name, val) + // Check that the sysctl we are adding is actually supported + // by the kernel + p := filepath.Join("/proc/sys", strings.Replace(name, ".", "/", -1)) + _, err := os.Stat(p) + if err != nil && !os.IsNotExist(err) { + return false, nil, false, errors.Wrapf(err, "cannot stat %s", p) + } + if err == nil { + g.AddLinuxSysctl(name, val) + } else { + logrus.Warnf("ignoring sysctl %s since %s doesn't exist", name, p) + } } } return configureNetwork, configureNetworks, configureUTS, nil @@ -1775,14 +1787,14 @@ func getDNSIP(dnsServers []string) (dns []net.IP, err error) { return dns, nil } -func (b *Builder) configureUIDGID(g *generate.Generator, mountPoint string, options RunOptions) error { +func (b *Builder) configureUIDGID(g *generate.Generator, mountPoint string, options RunOptions) (string, error) { // Set the user UID/GID/supplemental group list/capabilities lists. - user, err := b.user(mountPoint, options.User) + user, homeDir, err := b.user(mountPoint, options.User) if err != nil { - return err + return "", err } if err := setupCapabilities(g, b.AddCapabilities, b.DropCapabilities, options.AddCapabilities, options.DropCapabilities); err != nil { - return err + return "", err } g.SetProcessUID(user.UID) g.SetProcessGID(user.GID) @@ -1797,7 +1809,7 @@ func (b *Builder) configureUIDGID(g *generate.Generator, mountPoint string, opti g.Config.Process.Capabilities.Bounding = bounding } - return nil + return homeDir, nil } func (b *Builder) configureEnvironment(g *generate.Generator, options RunOptions) { |