summaryrefslogtreecommitdiff
path: root/test/e2e
diff options
context:
space:
mode:
Diffstat (limited to 'test/e2e')
-rw-r--r--test/e2e/build_test.go70
-rw-r--r--test/e2e/commit_test.go47
-rw-r--r--test/e2e/common_test.go22
-rw-r--r--test/e2e/config.go4
-rw-r--r--test/e2e/config/containers-caps.conf17
-rw-r--r--test/e2e/config/containers-ns.conf24
-rw-r--r--test/e2e/config/containers.conf50
-rw-r--r--test/e2e/containers_conf_test.go214
-rw-r--r--test/e2e/create_staticip_test.go16
-rw-r--r--test/e2e/create_test.go38
-rw-r--r--test/e2e/exec_test.go24
-rw-r--r--test/e2e/generate_kube_test.go47
-rw-r--r--test/e2e/generate_systemd_test.go30
-rw-r--r--test/e2e/healthcheck_run_test.go20
-rw-r--r--test/e2e/images_test.go35
-rw-r--r--test/e2e/inspect_test.go13
-rw-r--r--test/e2e/libpod_suite_test.go2
-rw-r--r--test/e2e/load_test.go2
-rw-r--r--test/e2e/login_logout_test.go57
-rw-r--r--test/e2e/network_create_test.go2
-rw-r--r--test/e2e/network_test.go80
-rw-r--r--test/e2e/play_kube_test.go135
-rw-r--r--test/e2e/pod_create_test.go165
-rw-r--r--test/e2e/pod_ps_test.go23
-rw-r--r--test/e2e/prune_test.go28
-rw-r--r--test/e2e/ps_test.go32
-rw-r--r--test/e2e/run_memory_test.go6
-rw-r--r--test/e2e/run_networking_test.go11
-rw-r--r--test/e2e/run_security_labels.go152
-rw-r--r--test/e2e/run_staticip_test.go16
-rw-r--r--test/e2e/run_test.go28
-rw-r--r--test/e2e/run_volume_test.go44
-rw-r--r--test/e2e/search_test.go15
-rw-r--r--test/e2e/volume_prune_test.go2
34 files changed, 1423 insertions, 48 deletions
diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go
index 71f5d1b02..8b03e9386 100644
--- a/test/e2e/build_test.go
+++ b/test/e2e/build_test.go
@@ -3,7 +3,10 @@
package integration
import (
+ "io/ioutil"
"os"
+ "path/filepath"
+ "runtime"
"strings"
. "github.com/containers/libpod/test/utils"
@@ -41,6 +44,15 @@ var _ = Describe("Podman build", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
+ iid := session.OutputToStringArray()[len(session.OutputToStringArray())-1]
+
+ // Verify that OS and Arch are being set
+ inspect := podmanTest.PodmanNoCache([]string{"inspect", iid})
+ inspect.WaitWithDefaultTimeout()
+ data := inspect.InspectImageJSON()
+ Expect(data[0].Os).To(Equal(runtime.GOOS))
+ Expect(data[0].Architecture).To(Equal(runtime.GOARCH))
+
session = podmanTest.PodmanNoCache([]string{"rmi", "alpine"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
@@ -105,4 +117,62 @@ var _ = Describe("Podman build", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
})
+
+ It("podman build Containerfile locations", func() {
+ // Given
+ // Switch to temp dir and restore it afterwards
+ cwd, err := os.Getwd()
+ Expect(err).To(BeNil())
+ Expect(os.Chdir(os.TempDir())).To(BeNil())
+ defer Expect(os.Chdir(cwd)).To(BeNil())
+
+ // Write target and fake files
+ targetPath := filepath.Join(os.TempDir(), "dir")
+ Expect(os.MkdirAll(targetPath, 0755)).To(BeNil())
+
+ fakeFile := filepath.Join(os.TempDir(), "Containerfile")
+ Expect(ioutil.WriteFile(fakeFile, []byte("FROM alpine"), 0755)).To(BeNil())
+
+ targetFile := filepath.Join(targetPath, "Containerfile")
+ Expect(ioutil.WriteFile(targetFile, []byte("FROM scratch"), 0755)).To(BeNil())
+
+ defer func() {
+ Expect(os.RemoveAll(fakeFile)).To(BeNil())
+ Expect(os.RemoveAll(targetFile)).To(BeNil())
+ }()
+
+ // When
+ session := podmanTest.PodmanNoCache([]string{
+ "build", "-f", targetFile, "-t", "test-locations",
+ })
+ session.WaitWithDefaultTimeout()
+
+ // Then
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(strings.Fields(session.OutputToString())).
+ To(ContainElement("scratch"))
+ })
+
+ It("podman build basic alpine and print id to external file", func() {
+
+ // Switch to temp dir and restore it afterwards
+ cwd, err := os.Getwd()
+ Expect(err).To(BeNil())
+ Expect(os.Chdir(os.TempDir())).To(BeNil())
+ defer Expect(os.Chdir(cwd)).To(BeNil())
+
+ targetPath := filepath.Join(os.TempDir(), "dir")
+ targetFile := filepath.Join(targetPath, "idFile")
+
+ session := podmanTest.PodmanNoCache([]string{"build", "build/basicalpine", "--iidfile", targetFile})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ id, _ := ioutil.ReadFile(targetFile)
+
+ // Verify that id is correct
+ inspect := podmanTest.PodmanNoCache([]string{"inspect", string(id)})
+ inspect.WaitWithDefaultTimeout()
+ data := inspect.InspectImageJSON()
+ Expect(data[0].ID).To(Equal(string(id)))
+ })
})
diff --git a/test/e2e/commit_test.go b/test/e2e/commit_test.go
index e9d274649..72387ed8c 100644
--- a/test/e2e/commit_test.go
+++ b/test/e2e/commit_test.go
@@ -1,7 +1,9 @@
package integration
import (
+ "io/ioutil"
"os"
+ "path/filepath"
. "github.com/containers/libpod/test/utils"
. "github.com/onsi/ginkgo"
@@ -115,6 +117,25 @@ var _ = Describe("Podman commit", func() {
Expect(foundBlue).To(Equal(true))
})
+ It("podman commit container with change flag and JSON entrypoint with =", func() {
+ test := podmanTest.Podman([]string{"run", "--name", "test1", "-d", ALPINE, "ls"})
+ test.WaitWithDefaultTimeout()
+ Expect(test.ExitCode()).To(Equal(0))
+ Expect(podmanTest.NumberOfContainers()).To(Equal(1))
+
+ session := podmanTest.Podman([]string{"commit", "--change", `ENTRYPOINT ["foo", "bar=baz"]`, "test1", "foobar.com/test1-image:latest"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ check := podmanTest.Podman([]string{"inspect", "foobar.com/test1-image:latest"})
+ check.WaitWithDefaultTimeout()
+ data := check.InspectImageJSON()
+ Expect(len(data)).To(Equal(1))
+ Expect(len(data[0].Config.Entrypoint)).To(Equal(2))
+ Expect(data[0].Config.Entrypoint[0]).To(Equal("foo"))
+ Expect(data[0].Config.Entrypoint[1]).To(Equal("bar=baz"))
+ })
+
It("podman commit container with change CMD flag", func() {
test := podmanTest.Podman([]string{"run", "--name", "test1", "-d", ALPINE, "ls"})
test.WaitWithDefaultTimeout()
@@ -215,4 +236,30 @@ var _ = Describe("Podman commit", func() {
}
Expect(envMap["TEST=1=1-01=9.01"]).To(BeTrue())
})
+
+ It("podman commit container and print id to external file", func() {
+ // Switch to temp dir and restore it afterwards
+ cwd, err := os.Getwd()
+ Expect(err).To(BeNil())
+ Expect(os.Chdir(os.TempDir())).To(BeNil())
+ targetPath := filepath.Join(os.TempDir(), "dir")
+ Expect(os.MkdirAll(targetPath, 0755)).To(BeNil())
+ targetFile := filepath.Join(targetPath, "idFile")
+ defer Expect(os.RemoveAll(targetFile)).To(BeNil())
+ defer Expect(os.Chdir(cwd)).To(BeNil())
+
+ _, ec, _ := podmanTest.RunLsContainer("test1")
+ Expect(ec).To(Equal(0))
+ Expect(podmanTest.NumberOfContainers()).To(Equal(1))
+
+ session := podmanTest.Podman([]string{"commit", "test1", "foobar.com/test1-image:latest", "--iidfile", targetFile})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ id, _ := ioutil.ReadFile(targetFile)
+ check := podmanTest.Podman([]string{"inspect", "foobar.com/test1-image:latest"})
+ check.WaitWithDefaultTimeout()
+ data := check.InspectImageJSON()
+ Expect(data[0].ID).To(Equal(string(id)))
+ })
})
diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go
index 16b971e65..b10c3237d 100644
--- a/test/e2e/common_test.go
+++ b/test/e2e/common_test.go
@@ -15,6 +15,7 @@ import (
"time"
"github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/inspect"
"github.com/containers/libpod/pkg/rootless"
. "github.com/containers/libpod/test/utils"
@@ -320,7 +321,7 @@ func (s *PodmanSessionIntegration) InspectImageJSON() []inspect.ImageData {
}
// InspectContainer returns a container's inspect data in JSON format
-func (p *PodmanTestIntegration) InspectContainer(name string) []libpod.InspectContainerData {
+func (p *PodmanTestIntegration) InspectContainer(name string) []define.InspectContainerData {
cmd := []string{"inspect", name}
session := p.Podman(cmd)
session.WaitWithDefaultTimeout()
@@ -492,8 +493,8 @@ func (p *PodmanTestIntegration) PullImage(image string) error {
// InspectContainerToJSON takes the session output of an inspect
// container and returns json
-func (s *PodmanSessionIntegration) InspectContainerToJSON() []libpod.InspectContainerData {
- var i []libpod.InspectContainerData
+func (s *PodmanSessionIntegration) InspectContainerToJSON() []define.InspectContainerData {
+ var i []define.InspectContainerData
err := json.Unmarshal(s.Out.Contents(), &i)
Expect(err).To(BeNil())
return i
@@ -519,6 +520,21 @@ func (p *PodmanTestIntegration) CreatePod(name string) (*PodmanSessionIntegratio
return session, session.ExitCode(), session.OutputToString()
}
+// CreatePod creates a pod with no infra container and some labels.
+// it optionally takes a pod name
+func (p *PodmanTestIntegration) CreatePodWithLabels(name string, labels map[string]string) (*PodmanSessionIntegration, int, string) {
+ var podmanArgs = []string{"pod", "create", "--infra=false", "--share", ""}
+ if name != "" {
+ podmanArgs = append(podmanArgs, "--name", name)
+ }
+ for labelKey, labelValue := range labels {
+ podmanArgs = append(podmanArgs, "--label", fmt.Sprintf("%s=%s", labelKey, labelValue))
+ }
+ session := p.Podman(podmanArgs)
+ session.WaitWithDefaultTimeout()
+ return session, session.ExitCode(), session.OutputToString()
+}
+
func (p *PodmanTestIntegration) RunTopContainerInPod(name, pod string) *PodmanSessionIntegration {
var podmanArgs = []string{"run", "--pod", pod}
if name != "" {
diff --git a/test/e2e/config.go b/test/e2e/config.go
index 96cc157be..49a47c7da 100644
--- a/test/e2e/config.go
+++ b/test/e2e/config.go
@@ -2,7 +2,7 @@ package integration
var (
redis = "docker.io/library/redis:alpine"
- fedoraMinimal = "registry.fedoraproject.org/fedora-minimal:latest"
+ fedoraMinimal = "quay.io/libpod/fedora-minimal:latest"
ALPINE = "docker.io/library/alpine:latest"
ALPINELISTTAG = "docker.io/library/alpine:3.10.2"
ALPINELISTDIGEST = "docker.io/library/alpine@sha256:72c42ed48c3a2db31b7dafe17d275b634664a708d901ec9fd57b1529280f01fb"
@@ -10,7 +10,7 @@ var (
ALPINEAMD64ID = "961769676411f082461f9ef46626dd7a2d1e2b2a38e6a44364bcbecf51e66dd4"
ALPINEARM64DIGEST = "docker.io/library/alpine@sha256:db7f3dcef3d586f7dd123f107c93d7911515a5991c4b9e51fa2a43e46335a43e"
ALPINEARM64ID = "915beeae46751fc564998c79e73a1026542e945ca4f73dc841d09ccc6c2c0672"
- infra = "k8s.gcr.io/pause:3.1"
+ infra = "k8s.gcr.io/pause:3.2"
BB = "docker.io/library/busybox:latest"
healthcheck = "docker.io/libpod/alpine_healthcheck:latest"
ImageCacheDir = "/tmp/podman/imagecachedir"
diff --git a/test/e2e/config/containers-caps.conf b/test/e2e/config/containers-caps.conf
new file mode 100644
index 000000000..7b964e4a7
--- /dev/null
+++ b/test/e2e/config/containers-caps.conf
@@ -0,0 +1,17 @@
+[containers]
+
+# List of default capabilities for containers. If it is empty or commented out,
+# the default capabilities defined in the container engine will be added.
+#
+default_capabilities = [
+ "CHOWN",
+ "DAC_OVERRIDE",
+ "FOWNER",
+ "FSETID",
+ "KILL",
+ "MKNOD",
+ "NET_BIND_SERVICE",
+ "SETGID",
+ "SETPCAP",
+ "SETUID",
+]
diff --git a/test/e2e/config/containers-ns.conf b/test/e2e/config/containers-ns.conf
new file mode 100644
index 000000000..d2cf5b03f
--- /dev/null
+++ b/test/e2e/config/containers-ns.conf
@@ -0,0 +1,24 @@
+[containers]
+
+pidns = "host"
+netns = "host"
+ipcns = "host"
+utsns = "host"
+userns = "host"
+cgroupns = "host"
+
+# List of default capabilities for containers. If it is empty or commented out,
+# the default capabilities defined in the container engine will be added.
+#
+default_capabilities = [
+ "CHOWN",
+ "DAC_OVERRIDE",
+ "FOWNER",
+ "FSETID",
+ "KILL",
+ "MKNOD",
+ "NET_BIND_SERVICE",
+ "SETGID",
+ "SETPCAP",
+ "SETUID",
+]
diff --git a/test/e2e/config/containers.conf b/test/e2e/config/containers.conf
new file mode 100644
index 000000000..55d18f5e8
--- /dev/null
+++ b/test/e2e/config/containers.conf
@@ -0,0 +1,50 @@
+[containers]
+
+# A list of ulimits to be set in containers by default, specified as
+# "<ulimit name>=<soft limit>:<hard limit>", for example:
+# "nofile=1024:2048"
+# See setrlimit(2) for a list of resource names.
+# Any limit not specified here will be inherited from the process launching the
+# container engine.
+# Ulimits has limits for non privileged container engines.
+#
+default_ulimits = [
+ "nofile=500:500",
+]
+
+# Environment variable list for the conmon process; used for passing necessary
+# environment variables to conmon or the runtime.
+#
+env = [
+ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+ "foo=bar",
+]
+
+# container engines use container separation using MAC(SELinux) labeling.
+# Flag is ignored on label disabled systems.
+#
+label = true
+
+# Size of /dev/shm. Specified as <number><unit>.
+# Unit is optional, values:
+# b (bytes), k (kilobytes), m (megabytes), or g (gigabytes).
+# If the unit is omitted, the system uses bytes.
+#
+shm_size = "201k"
+
+# List of devices. Specified as
+# "<device-on-host>:<device-on-container>:<permissions>", for example:
+# "/dev/sdc:/dev/xvdc:rwm".
+# If it is empty or commented out, only the default devices will be used
+#
+devices = [
+ "/dev/zero:/dev/notone,rwm",
+]
+
+default_sysctls = [
+ "net.ipv4.ping_group_range=0 1000",
+]
+
+dns_searches=[ "foobar.com", ]
+dns_servers=[ "1.2.3.4", ]
+dns_options=[ "debug", ]
diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go
new file mode 100644
index 000000000..a2ef7eb4a
--- /dev/null
+++ b/test/e2e/containers_conf_test.go
@@ -0,0 +1,214 @@
+// +build !remoteclient
+
+package integration
+
+import (
+ "fmt"
+ "io/ioutil"
+ "os"
+ "os/exec"
+ "path/filepath"
+ "strings"
+
+ . "github.com/containers/libpod/test/utils"
+ . "github.com/onsi/ginkgo"
+ . "github.com/onsi/gomega"
+)
+
+var _ = Describe("Podman run", func() {
+ var (
+ tempdir string
+ err error
+ podmanTest *PodmanTestIntegration
+ )
+
+ BeforeEach(func() {
+ tempdir, err = CreateTempDirInTempDir()
+ if err != nil {
+ os.Exit(1)
+ }
+ podmanTest = PodmanTestCreate(tempdir)
+ podmanTest.Setup()
+ podmanTest.SeedImages()
+ os.Setenv("CONTAINERS_CONF", "config/containers.conf")
+ })
+
+ AfterEach(func() {
+ podmanTest.Cleanup()
+ f := CurrentGinkgoTestDescription()
+ processTestResult(f)
+ os.Unsetenv("CONTAINERS_CONF")
+ })
+
+ It("podman run limits test", func() {
+ SkipIfRootless()
+ //containers.conf is set to "nofile=500:500"
+ session := podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "ulimit", "-n"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("500"))
+
+ session = podmanTest.Podman([]string{"run", "--rm", "--ulimit", "nofile=2048:2048", fedoraMinimal, "ulimit", "-n"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("2048"))
+ })
+
+ It("podman run with containers.conf having additional env", func() {
+ //containers.conf default env includes foo
+ session := podmanTest.Podman([]string{"run", ALPINE, "printenv"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("foo=bar"))
+ })
+
+ It("podman run with additional devices", func() {
+ //containers.conf devices includes notone
+ session := podmanTest.Podman([]string{"run", "--device", "/dev/null:/dev/bar", ALPINE, "ls", "/dev"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("bar"))
+ Expect(session.OutputToString()).To(ContainSubstring("notone"))
+ })
+
+ It("podman run shm-size", func() {
+ //containers.conf default sets shm-size=201k, which ends up as 200k
+ session := podmanTest.Podman([]string{"run", ALPINE, "grep", "shm", "/proc/self/mounts"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("size=200k"))
+ })
+
+ It("podman Capabilities in containers.conf", func() {
+ SkipIfRootless()
+ os.Setenv("CONTAINERS_CONF", "config/containers.conf")
+ cap := podmanTest.Podman([]string{"run", ALPINE, "grep", "CapEff", "/proc/self/status"})
+ cap.WaitWithDefaultTimeout()
+ Expect(cap.ExitCode()).To(Equal(0))
+
+ os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf")
+ session := podmanTest.Podman([]string{"run", "busybox", "grep", "CapEff", "/proc/self/status"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).ToNot(Equal(cap.OutputToString()))
+ })
+
+ It("podman Regular capabilties", func() {
+ SkipIfRootless()
+ os.Setenv("CONTAINERS_CONF", "config/containers.conf")
+ setup := podmanTest.RunTopContainer("test1")
+ setup.WaitWithDefaultTimeout()
+ result := podmanTest.Podman([]string{"top", "test1", "capeff"})
+ result.WaitWithDefaultTimeout()
+ Expect(result.ExitCode()).To(Equal(0))
+ Expect(result.OutputToString()).To(ContainSubstring("SYS_CHROOT"))
+ Expect(result.OutputToString()).To(ContainSubstring("NET_RAW"))
+ })
+
+ It("podman drop capabilties", func() {
+ os.Setenv("CONTAINERS_CONF", "config/containers-caps.conf")
+ setup := podmanTest.RunTopContainer("test1")
+ setup.WaitWithDefaultTimeout()
+ result := podmanTest.Podman([]string{"container", "top", "test1", "capeff"})
+ result.WaitWithDefaultTimeout()
+ Expect(result.ExitCode()).To(Equal(0))
+ Expect(result.OutputToString()).ToNot(ContainSubstring("SYS_CHROOT"))
+ Expect(result.OutputToString()).ToNot(ContainSubstring("NET_RAW"))
+ })
+
+ verifyNSHandling := func(nspath, option string) {
+ os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf")
+ //containers.conf default ipcns to default to host
+ session := podmanTest.Podman([]string{"run", ALPINE, "ls", "-l", nspath})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ fields := strings.Split(session.OutputToString(), " ")
+ ctrNS := strings.TrimSuffix(fields[len(fields)-1], "\n")
+
+ cmd := exec.Command("ls", "-l", nspath)
+ res, err := cmd.Output()
+ Expect(err).To(BeNil())
+ fields = strings.Split(string(res), " ")
+ hostNS := strings.TrimSuffix(fields[len(fields)-1], "\n")
+ Expect(hostNS).To(Equal(ctrNS))
+
+ session = podmanTest.Podman([]string{"run", option, "private", ALPINE, "ls", "-l", nspath})
+ fields = strings.Split(session.OutputToString(), " ")
+ ctrNS = fields[len(fields)-1]
+ Expect(hostNS).ToNot(Equal(ctrNS))
+ }
+
+ It("podman compare netns", func() {
+ verifyNSHandling("/proc/self/ns/net", "--network")
+ })
+
+ It("podman compare ipcns", func() {
+ verifyNSHandling("/proc/self/ns/ipc", "--ipc")
+ })
+
+ It("podman compare utsns", func() {
+ verifyNSHandling("/proc/self/ns/uts", "--uts")
+ })
+
+ It("podman compare pidns", func() {
+ verifyNSHandling("/proc/self/ns/pid", "--pid")
+ })
+
+ It("podman compare cgroupns", func() {
+ verifyNSHandling("/proc/self/ns/cgroup", "--cgroupns")
+ })
+
+ It("podman containers.conf additionalvolumes", func() {
+ conffile := filepath.Join(podmanTest.TempDir, "container.conf")
+ tempdir, err = CreateTempDirInTempDir()
+ if err != nil {
+ os.Exit(1)
+ }
+ err := ioutil.WriteFile(conffile, []byte(fmt.Sprintf("[containers]\nvolumes=[\"%s:%s:Z\",]\n", tempdir, tempdir)), 0755)
+ if err != nil {
+ os.Exit(1)
+ }
+
+ os.Setenv("CONTAINERS_CONF", conffile)
+ result := podmanTest.Podman([]string{"run", ALPINE, "ls", tempdir})
+ result.WaitWithDefaultTimeout()
+ Expect(result.ExitCode()).To(Equal(0))
+ })
+
+ It("podman run containers.conf sysctl test", func() {
+ SkipIfRootless()
+ //containers.conf is set to "net.ipv4.ping_group_range=0 1000"
+ session := podmanTest.Podman([]string{"run", "--rm", fedoraMinimal, "cat", "/proc/sys/net/ipv4/ping_group_range"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("1000"))
+ })
+
+ It("podman run containers.conf search domain", func() {
+ session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ session.LineInOuputStartsWith("search foobar.com")
+ })
+
+ It("podman run add dns server", func() {
+ session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ session.LineInOuputStartsWith("server 1.2.3.4")
+ })
+
+ It("podman run add dns option", func() {
+ session := podmanTest.Podman([]string{"run", ALPINE, "cat", "/etc/resolv.conf"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ session.LineInOuputStartsWith("options debug")
+ })
+
+ It("podman run containers.conf remove all search domain", func() {
+ session := podmanTest.Podman([]string{"run", "--dns-search=.", ALPINE, "cat", "/etc/resolv.conf"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.LineInOuputStartsWith("search")).To(BeFalse())
+ })
+})
diff --git a/test/e2e/create_staticip_test.go b/test/e2e/create_staticip_test.go
index 72a0638f9..693795637 100644
--- a/test/e2e/create_staticip_test.go
+++ b/test/e2e/create_staticip_test.go
@@ -4,6 +4,7 @@ package integration
import (
"os"
+ "time"
. "github.com/containers/libpod/test/utils"
. "github.com/onsi/ginkgo"
@@ -86,8 +87,23 @@ var _ = Describe("Podman create with --ip flag", func() {
result = podmanTest.Podman([]string{"start", "test1"})
result.WaitWithDefaultTimeout()
Expect(result.ExitCode()).To(Equal(0))
+
+ // race prevention: wait until IP address is assigned
+ for i := 0; i < 5; i++ {
+ result = podmanTest.Podman([]string{"inspect", "--format", "{{.NetworkSettings.IPAddress}}", "test1"})
+ result.WaitWithDefaultTimeout()
+ Expect(result.ExitCode()).To(Equal(0))
+ if result.OutputToString() != "" {
+ break
+ }
+ time.Sleep(1 * time.Second)
+ }
+ Expect(result.OutputToString()).To(Equal(ip))
+
+ // test1 container is running with the given IP.
result = podmanTest.Podman([]string{"start", "test2"})
result.WaitWithDefaultTimeout()
Expect(result).To(ExitWithError())
+ Expect(result.ErrorToString()).To(ContainSubstring("requested IP address " + ip + " is not available"))
})
})
diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go
index 134b7b162..10742a0e8 100644
--- a/test/e2e/create_test.go
+++ b/test/e2e/create_test.go
@@ -304,4 +304,42 @@ var _ = Describe("Podman create", func() {
session.WaitWithDefaultTimeout()
Expect(session).To(Not(Equal(0)))
})
+
+ It("podman create with unset label", func() {
+ // Alpine is assumed to have no labels here, which seems safe
+ ctrName := "testctr"
+ session := podmanTest.Podman([]string{"create", "--label", "TESTKEY1=", "--label", "TESTKEY2", "--name", ctrName, ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ inspect := podmanTest.Podman([]string{"inspect", ctrName})
+ inspect.WaitWithDefaultTimeout()
+ data := inspect.InspectContainerToJSON()
+ Expect(len(data)).To(Equal(1))
+ Expect(len(data[0].Config.Labels)).To(Equal(2))
+ _, ok1 := data[0].Config.Labels["TESTKEY1"]
+ Expect(ok1).To(BeTrue())
+ _, ok2 := data[0].Config.Labels["TESTKEY2"]
+ Expect(ok2).To(BeTrue())
+ })
+
+ It("podman create with set label", func() {
+ // Alpine is assumed to have no labels here, which seems safe
+ ctrName := "testctr"
+ session := podmanTest.Podman([]string{"create", "--label", "TESTKEY1=value1", "--label", "TESTKEY2=bar", "--name", ctrName, ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ inspect := podmanTest.Podman([]string{"inspect", ctrName})
+ inspect.WaitWithDefaultTimeout()
+ data := inspect.InspectContainerToJSON()
+ Expect(len(data)).To(Equal(1))
+ Expect(len(data[0].Config.Labels)).To(Equal(2))
+ val1, ok1 := data[0].Config.Labels["TESTKEY1"]
+ Expect(ok1).To(BeTrue())
+ Expect(val1).To(Equal("value1"))
+ val2, ok2 := data[0].Config.Labels["TESTKEY2"]
+ Expect(ok2).To(BeTrue())
+ Expect(val2).To(Equal("bar"))
+ })
})
diff --git a/test/e2e/exec_test.go b/test/e2e/exec_test.go
index ed4eb3335..ab806f683 100644
--- a/test/e2e/exec_test.go
+++ b/test/e2e/exec_test.go
@@ -1,6 +1,7 @@
package integration
import (
+ "fmt"
"os"
"strings"
@@ -244,4 +245,27 @@ var _ = Describe("Podman exec", func() {
Expect(session.ExitCode()).To(Equal(0))
})
+ It("podman exec preserves --group-add groups", func() {
+ groupName := "group1"
+ gid := "4444"
+ ctrName1 := "ctr1"
+ ctr1 := podmanTest.Podman([]string{"run", "-ti", "--name", ctrName1, fedoraMinimal, "groupadd", "-g", gid, groupName})
+ ctr1.WaitWithDefaultTimeout()
+ Expect(ctr1.ExitCode()).To(Equal(0))
+
+ imgName := "img1"
+ commit := podmanTest.Podman([]string{"commit", ctrName1, imgName})
+ commit.WaitWithDefaultTimeout()
+ Expect(commit.ExitCode()).To(Equal(0))
+
+ ctrName2 := "ctr2"
+ ctr2 := podmanTest.Podman([]string{"run", "-d", "--name", ctrName2, "--group-add", groupName, imgName, "sleep", "300"})
+ ctr2.WaitWithDefaultTimeout()
+ Expect(ctr2.ExitCode()).To(Equal(0))
+
+ exec := podmanTest.Podman([]string{"exec", "-ti", ctrName2, "id"})
+ exec.WaitWithDefaultTimeout()
+ Expect(exec.ExitCode()).To(Equal(0))
+ Expect(strings.Contains(exec.OutputToString(), fmt.Sprintf("%s(%s)", gid, groupName))).To(BeTrue())
+ })
})
diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go
index 603edbe6b..389f2c822 100644
--- a/test/e2e/generate_kube_test.go
+++ b/test/e2e/generate_kube_test.go
@@ -10,7 +10,7 @@ import (
"github.com/ghodss/yaml"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
- "k8s.io/api/core/v1"
+ v1 "k8s.io/api/core/v1"
)
var _ = Describe("Podman generate kube", func() {
@@ -69,6 +69,51 @@ var _ = Describe("Podman generate kube", func() {
Expect(numContainers).To(Equal(1))
})
+ It("podman generate service kube on container with --security-opt level", func() {
+ session := podmanTest.Podman([]string{"create", "--name", "test", "--security-opt", "label=level:s0:c100,c200", "alpine"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ kube := podmanTest.Podman([]string{"generate", "kube", "test"})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ pod := new(v1.Pod)
+ err := yaml.Unmarshal(kube.Out.Contents(), pod)
+ Expect(err).To(BeNil())
+ Expect(kube.OutputToString()).To(ContainSubstring("level: s0:c100,c200"))
+ })
+
+ It("podman generate service kube on container with --security-opt disable", func() {
+ session := podmanTest.Podman([]string{"create", "--name", "test-disable", "--security-opt", "label=disable", "alpine"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ kube := podmanTest.Podman([]string{"generate", "kube", "test-disable"})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ pod := new(v1.Pod)
+ err = yaml.Unmarshal(kube.Out.Contents(), pod)
+ Expect(err).To(BeNil())
+ Expect(kube.OutputToString()).To(ContainSubstring("type: spc_t"))
+ })
+
+ It("podman generate service kube on container with --security-opt type", func() {
+ session := podmanTest.Podman([]string{"create", "--name", "test", "--security-opt", "label=type:foo_bar_t", "alpine"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ kube := podmanTest.Podman([]string{"generate", "kube", "test"})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ pod := new(v1.Pod)
+ err = yaml.Unmarshal(kube.Out.Contents(), pod)
+ Expect(err).To(BeNil())
+ Expect(kube.OutputToString()).To(ContainSubstring("type: foo_bar_t"))
+ })
+
It("podman generate service kube on container", func() {
session := podmanTest.RunTopContainer("top")
session.WaitWithDefaultTimeout()
diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go
index d0dadd09d..e5ab0b854 100644
--- a/test/e2e/generate_systemd_test.go
+++ b/test/e2e/generate_systemd_test.go
@@ -191,7 +191,35 @@ var _ = Describe("Podman generate systemd", func() {
found, _ := session.GrepString("# container-foo.service")
Expect(found).To(BeTrue())
- found, _ = session.GrepString("stop --ignore --cidfile /%t/%n-cid -t 42")
+ found, _ = session.GrepString("stop --ignore --cidfile %t/%n-cid -t 42")
+ Expect(found).To(BeTrue())
+ })
+
+ It("podman generate systemd --new without explicit detaching param", func() {
+ n := podmanTest.Podman([]string{"create", "--name", "foo", "alpine", "top"})
+ n.WaitWithDefaultTimeout()
+ Expect(n.ExitCode()).To(Equal(0))
+
+ session := podmanTest.Podman([]string{"generate", "systemd", "--timeout", "42", "--name", "--new", "foo"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ // Grepping the output (in addition to unit tests)
+ found, _ := session.GrepString("--cgroups=no-conmon -d")
+ Expect(found).To(BeTrue())
+ })
+
+ It("podman generate systemd --new with explicit detaching param in middle", func() {
+ n := podmanTest.Podman([]string{"create", "--name", "foo", "-d", "alpine", "top"})
+ n.WaitWithDefaultTimeout()
+ Expect(n.ExitCode()).To(Equal(0))
+
+ session := podmanTest.Podman([]string{"generate", "systemd", "--timeout", "42", "--name", "--new", "foo"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ // Grepping the output (in addition to unit tests)
+ found, _ := session.GrepString("--name foo -d alpine top")
Expect(found).To(BeTrue())
})
diff --git a/test/e2e/healthcheck_run_test.go b/test/e2e/healthcheck_run_test.go
index 7633261e3..19a8658ac 100644
--- a/test/e2e/healthcheck_run_test.go
+++ b/test/e2e/healthcheck_run_test.go
@@ -41,6 +41,26 @@ var _ = Describe("Podman healthcheck run", func() {
Expect(session).To(ExitWithError())
})
+ It("podman disable healthcheck with --no-healthcheck on valid container", func() {
+ SkipIfRemote()
+ session := podmanTest.Podman([]string{"run", "-dt", "--no-healthcheck", "--name", "hc", healthcheck})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ hc := podmanTest.Podman([]string{"healthcheck", "run", "hc"})
+ hc.WaitWithDefaultTimeout()
+ Expect(hc.ExitCode()).To(Equal(125))
+ })
+
+ It("podman disable healthcheck with --health-cmd=none on valid container", func() {
+ SkipIfRemote()
+ session := podmanTest.Podman([]string{"run", "-dt", "--health-cmd", "none", "--name", "hc", healthcheck})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ hc := podmanTest.Podman([]string{"healthcheck", "run", "hc"})
+ hc.WaitWithDefaultTimeout()
+ Expect(hc.ExitCode()).To(Equal(125))
+ })
+
It("podman healthcheck on valid container", func() {
Skip("Extremely consistent flake - re-enable on debugging")
session := podmanTest.Podman([]string{"run", "-dt", "--name", "hc", healthcheck})
diff --git a/test/e2e/images_test.go b/test/e2e/images_test.go
index 80e6d4444..8b6b679a5 100644
--- a/test/e2e/images_test.go
+++ b/test/e2e/images_test.go
@@ -116,7 +116,8 @@ var _ = Describe("Podman images", func() {
})
It("podman images in GO template format", func() {
- session := podmanTest.Podman([]string{"images", "--format={{.ID}}"})
+ formatStr := "{{.ID}}\t{{.Created}}\t{{.CreatedAt}}\t{{.CreatedSince}}\t{{.CreatedTime}}"
+ session := podmanTest.Podman([]string{"images", fmt.Sprintf("--format=%s", formatStr)})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
})
@@ -270,26 +271,36 @@ RUN apk update && apk add man
Expect(result.ExitCode()).To(Equal(0))
})
- It("podman images sort by tag", func() {
- session := podmanTest.Podman([]string{"images", "--sort", "tag", "--format={{.Tag}}"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
+ It("podman images sort by values", func() {
+ sortValueTest := func(value string, result int, format string) []string {
+ f := fmt.Sprintf("{{.%s}}", format)
+ session := podmanTest.Podman([]string{"images", "--sort", value, "--format", f})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(result))
+
+ return session.OutputToStringArray()
+ }
+
+ sortedArr := sortValueTest("created", 0, "CreatedAt")
+ Expect(sort.SliceIsSorted(sortedArr, func(i, j int) bool { return sortedArr[i] > sortedArr[j] })).To(BeTrue())
- sortedArr := session.OutputToStringArray()
+ sortedArr = sortValueTest("id", 0, "ID")
Expect(sort.SliceIsSorted(sortedArr, func(i, j int) bool { return sortedArr[i] < sortedArr[j] })).To(BeTrue())
- })
- It("podman images sort by size", func() {
- session := podmanTest.Podman([]string{"images", "--sort", "size", "--format={{.Size}}"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
+ sortedArr = sortValueTest("repository", 0, "Repository")
+ Expect(sort.SliceIsSorted(sortedArr, func(i, j int) bool { return sortedArr[i] < sortedArr[j] })).To(BeTrue())
- sortedArr := session.OutputToStringArray()
+ sortedArr = sortValueTest("size", 0, "Size")
Expect(sort.SliceIsSorted(sortedArr, func(i, j int) bool {
size1, _ := units.FromHumanSize(sortedArr[i])
size2, _ := units.FromHumanSize(sortedArr[j])
return size1 < size2
})).To(BeTrue())
+ sortedArr = sortValueTest("tag", 0, "Tag")
+ Expect(sort.SliceIsSorted(sortedArr, func(i, j int) bool { return sortedArr[i] < sortedArr[j] })).To(BeTrue())
+
+ sortValueTest("badvalue", 125, "Tag")
+ sortValueTest("id", 125, "badvalue")
})
It("podman images --all flag", func() {
diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go
index 9d23384ea..ebac087ac 100644
--- a/test/e2e/inspect_test.go
+++ b/test/e2e/inspect_test.go
@@ -164,4 +164,17 @@ var _ = Describe("Podman inspect", func() {
Expect(inspectDst.ExitCode()).To(Equal(0))
Expect(inspectDst.OutputToString()).To(Equal("/test1"))
})
+
+ It("podman inspect shows healthcheck on docker image", func() {
+ pull := podmanTest.Podman([]string{"pull", healthcheck})
+ pull.WaitWithDefaultTimeout()
+ Expect(pull.ExitCode()).To(BeZero())
+
+ session := podmanTest.Podman([]string{"inspect", "--format=json", healthcheck})
+ session.WaitWithDefaultTimeout()
+ imageData := session.InspectImageJSON()
+ Expect(imageData[0].HealthCheck.Timeout).To(BeNumerically("==", 3000000000))
+ Expect(imageData[0].HealthCheck.Interval).To(BeNumerically("==", 60000000000))
+ Expect(imageData[0].HealthCheck.Test).To(Equal([]string{"CMD-SHELL", "curl -f http://localhost/ || exit 1"}))
+ })
})
diff --git a/test/e2e/libpod_suite_test.go b/test/e2e/libpod_suite_test.go
index 43f08bf03..dc5e91c72 100644
--- a/test/e2e/libpod_suite_test.go
+++ b/test/e2e/libpod_suite_test.go
@@ -122,6 +122,8 @@ func populateCache(podman *PodmanTestIntegration) {
for _, image := range CACHE_IMAGES {
podman.RestoreArtifactToCache(image)
}
+ // logformatter uses this to recognize the first test
+ fmt.Printf("-----------------------------\n")
}
func removeCache() {
diff --git a/test/e2e/load_test.go b/test/e2e/load_test.go
index 9ff358d26..9a2cee9e1 100644
--- a/test/e2e/load_test.go
+++ b/test/e2e/load_test.go
@@ -205,7 +205,7 @@ var _ = Describe("Podman load", func() {
podmanTest.RestoreArtifact(fedoraMinimal)
outfile := filepath.Join(podmanTest.TempDir, "load_test.tar.gz")
- setup := podmanTest.PodmanNoCache([]string{"tag", "fedora-minimal", "hello"})
+ setup := podmanTest.PodmanNoCache([]string{"tag", fedoraMinimal, "hello"})
setup.WaitWithDefaultTimeout()
Expect(setup.ExitCode()).To(Equal(0))
diff --git a/test/e2e/login_logout_test.go b/test/e2e/login_logout_test.go
index c3df10f5e..42698d270 100644
--- a/test/e2e/login_logout_test.go
+++ b/test/e2e/login_logout_test.go
@@ -19,14 +19,15 @@ import (
var _ = Describe("Podman login and logout", func() {
var (
- tempdir string
- err error
- podmanTest *PodmanTestIntegration
- authPath string
- certPath string
- port int
- server string
- testImg string
+ tempdir string
+ err error
+ podmanTest *PodmanTestIntegration
+ authPath string
+ certPath string
+ port int
+ server string
+ testImg string
+ registriesConfWithSearch []byte
)
BeforeEach(func() {
@@ -64,6 +65,9 @@ var _ = Describe("Podman login and logout", func() {
f.Sync()
port = 4999 + config.GinkgoConfig.ParallelNode
server = strings.Join([]string{"localhost", strconv.Itoa(port)}, ":")
+
+ registriesConfWithSearch = []byte(fmt.Sprintf("[registries.search]\nregistries = ['%s']", server))
+
testImg = strings.Join([]string{server, "test-apline"}, "/")
os.MkdirAll(filepath.Join("/etc/containers/certs.d", server), os.ModePerm)
@@ -95,6 +99,7 @@ var _ = Describe("Podman login and logout", func() {
})
It("podman login and logout", func() {
+ SkipIfRootless()
session := podmanTest.Podman([]string{"login", "-u", "podmantest", "-p", "test", server})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
@@ -112,7 +117,40 @@ var _ = Describe("Podman login and logout", func() {
Expect(session).To(ExitWithError())
})
+ It("podman login and logout without registry parameter", func() {
+ SkipIfRootless()
+
+ registriesConf, err := ioutil.TempFile("", "TestLoginWithoutParameter")
+ Expect(err).To(BeNil())
+ defer registriesConf.Close()
+ defer os.Remove(registriesConf.Name())
+
+ err = ioutil.WriteFile(registriesConf.Name(), []byte(registriesConfWithSearch), os.ModePerm)
+ Expect(err).To(BeNil())
+
+ // Environment is per-process, so this looks very unsafe; actually it seems fine because tests are not
+ // run in parallel unless they opt in by calling t.Parallel(). So don’t do that.
+ oldRCP, hasRCP := os.LookupEnv("REGISTRIES_CONFIG_PATH")
+ defer func() {
+ if hasRCP {
+ os.Setenv("REGISTRIES_CONFIG_PATH", oldRCP)
+ } else {
+ os.Unsetenv("REGISTRIES_CONFIG_PATH")
+ }
+ }()
+ os.Setenv("REGISTRIES_CONFIG_PATH", registriesConf.Name())
+
+ session := podmanTest.Podman([]string{"login", "-u", "podmantest", "-p", "test"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To((Equal(0)))
+
+ session = podmanTest.Podman([]string{"logout"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ })
+
It("podman login and logout with flag --authfile", func() {
+ SkipIfRootless()
authFile := filepath.Join(podmanTest.TempDir, "auth.json")
session := podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "--authfile", authFile, server})
session.WaitWithDefaultTimeout()
@@ -145,6 +183,7 @@ var _ = Describe("Podman login and logout", func() {
})
It("podman login and logout with --tls-verify", func() {
+ SkipIfRootless()
session := podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "--tls-verify=false", server})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
@@ -158,6 +197,7 @@ var _ = Describe("Podman login and logout", func() {
Expect(session.ExitCode()).To(Equal(0))
})
It("podman login and logout with --cert-dir", func() {
+ SkipIfRootless()
certDir := filepath.Join(podmanTest.TempDir, "certs")
os.MkdirAll(certDir, os.ModePerm)
@@ -177,6 +217,7 @@ var _ = Describe("Podman login and logout", func() {
Expect(session.ExitCode()).To(Equal(0))
})
It("podman login and logout with multi registry", func() {
+ SkipIfRootless()
os.MkdirAll("/etc/containers/certs.d/localhost:9001", os.ModePerm)
cwd, _ := os.Getwd()
diff --git a/test/e2e/network_create_test.go b/test/e2e/network_create_test.go
index b83757cc0..7eccaa9ab 100644
--- a/test/e2e/network_create_test.go
+++ b/test/e2e/network_create_test.go
@@ -58,7 +58,7 @@ func genericPluginsToPortMap(plugins interface{}, pluginType string) (network.Po
}
func (p *PodmanTestIntegration) removeCNINetwork(name string) {
- session := p.Podman([]string{"network", "rm", name})
+ session := p.Podman([]string{"network", "rm", "-f", name})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(BeZero())
}
diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go
index 9aed5351a..440d307b5 100644
--- a/test/e2e/network_test.go
+++ b/test/e2e/network_test.go
@@ -4,13 +4,15 @@ package integration
import (
"fmt"
+ "io/ioutil"
+ "os"
+ "path/filepath"
+ "strings"
+
. "github.com/containers/libpod/test/utils"
"github.com/containers/storage/pkg/stringid"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
- "io/ioutil"
- "os"
- "path/filepath"
)
func writeConf(conf []byte, confPath string) {
@@ -155,4 +157,76 @@ var _ = Describe("Podman network", func() {
Expect(session.IsJSONOutputValid()).To(BeTrue())
})
+ It("podman inspect container single CNI network", func() {
+ SkipIfRootless()
+ netName := "testNetSingleCNI"
+ network := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.50.0/24", netName})
+ network.WaitWithDefaultTimeout()
+ Expect(network.ExitCode()).To(BeZero())
+ defer podmanTest.removeCNINetwork(netName)
+
+ ctrName := "testCtr"
+ container := podmanTest.Podman([]string{"run", "-dt", "--network", netName, "--name", ctrName, ALPINE, "top"})
+ container.WaitWithDefaultTimeout()
+ Expect(container.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", ctrName})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(BeZero())
+ conData := inspect.InspectContainerToJSON()
+ Expect(len(conData)).To(Equal(1))
+ Expect(len(conData[0].NetworkSettings.Networks)).To(Equal(1))
+ net, ok := conData[0].NetworkSettings.Networks[netName]
+ Expect(ok).To(BeTrue())
+ Expect(net.NetworkID).To(Equal(netName))
+ Expect(net.IPPrefixLen).To(Equal(24))
+ Expect(strings.HasPrefix(net.IPAddress, "10.50.50.")).To(BeTrue())
+
+ // Necessary to ensure the CNI network is removed cleanly
+ rmAll := podmanTest.Podman([]string{"rm", "-f", ctrName})
+ rmAll.WaitWithDefaultTimeout()
+ Expect(rmAll.ExitCode()).To(BeZero())
+ })
+
+ It("podman inspect container two CNI networks", func() {
+ SkipIfRootless()
+ netName1 := "testNetTwoCNI1"
+ network1 := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.51.0/25", netName1})
+ network1.WaitWithDefaultTimeout()
+ Expect(network1.ExitCode()).To(BeZero())
+ defer podmanTest.removeCNINetwork(netName1)
+
+ netName2 := "testNetTwoCNI2"
+ network2 := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.51.128/26", netName2})
+ network2.WaitWithDefaultTimeout()
+ Expect(network2.ExitCode()).To(BeZero())
+ defer podmanTest.removeCNINetwork(netName2)
+
+ ctrName := "testCtr"
+ container := podmanTest.Podman([]string{"run", "-dt", "--network", fmt.Sprintf("%s,%s", netName1, netName2), "--name", ctrName, ALPINE, "top"})
+ container.WaitWithDefaultTimeout()
+ Expect(container.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", ctrName})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(BeZero())
+ conData := inspect.InspectContainerToJSON()
+ Expect(len(conData)).To(Equal(1))
+ Expect(len(conData[0].NetworkSettings.Networks)).To(Equal(2))
+ net1, ok := conData[0].NetworkSettings.Networks[netName1]
+ Expect(ok).To(BeTrue())
+ Expect(net1.NetworkID).To(Equal(netName1))
+ Expect(net1.IPPrefixLen).To(Equal(25))
+ Expect(strings.HasPrefix(net1.IPAddress, "10.50.51.")).To(BeTrue())
+ net2, ok := conData[0].NetworkSettings.Networks[netName2]
+ Expect(ok).To(BeTrue())
+ Expect(net2.NetworkID).To(Equal(netName2))
+ Expect(net2.IPPrefixLen).To(Equal(26))
+ Expect(strings.HasPrefix(net2.IPAddress, "10.50.51.")).To(BeTrue())
+
+ // Necessary to ensure the CNI network is removed cleanly
+ rmAll := podmanTest.Podman([]string{"rm", "-f", ctrName})
+ rmAll.WaitWithDefaultTimeout()
+ Expect(rmAll.ExitCode()).To(BeZero())
+ })
})
diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
index 89a5eddf4..9daf266b8 100644
--- a/test/e2e/play_kube_test.go
+++ b/test/e2e/play_kube_test.go
@@ -4,6 +4,7 @@ package integration
import (
"fmt"
+ "io/ioutil"
"os"
"path/filepath"
"text/template"
@@ -47,6 +48,7 @@ spec:
value: podman
image: {{ .Image }}
name: {{ .Name }}
+ imagePullPolicy: {{ .PullPolicy }}
resources: {}
{{ if .SecurityContext }}
securityContext:
@@ -153,12 +155,13 @@ type Ctr struct {
Caps bool
CapAdd []string
CapDrop []string
+ PullPolicy string
}
// getCtr takes a list of ctrOptions and returns a Ctr with sane defaults
// and the configured options
func getCtr(options ...ctrOption) *Ctr {
- c := Ctr{defaultCtrName, defaultCtrImage, defaultCtrCmd, true, false, nil, nil}
+ c := Ctr{defaultCtrName, defaultCtrImage, defaultCtrCmd, true, false, nil, nil, ""}
for _, option := range options {
option(&c)
}
@@ -199,6 +202,12 @@ func withCapDrop(caps []string) ctrOption {
}
}
+func withPullPolicy(policy string) ctrOption {
+ return func(c *Ctr) {
+ c.PullPolicy = policy
+ }
+}
+
var _ = Describe("Podman generate kube", func() {
var (
tempdir string
@@ -396,4 +405,128 @@ var _ = Describe("Podman generate kube", func() {
Expect(logs.ExitCode()).To(Equal(0))
Expect(logs.OutputToString()).To(ContainSubstring("Operation not permitted"))
})
+
+ It("podman play kube with pull policy of never should be 125", func() {
+ ctr := getCtr(withPullPolicy("never"), withImage(BB_GLIBC))
+ err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(125))
+ })
+
+ It("podman play kube with pull policy of missing", func() {
+ ctr := getCtr(withPullPolicy("missing"), withImage(BB))
+ err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+ })
+
+ It("podman play kube with pull always", func() {
+ oldBB := "docker.io/library/busybox:1.30.1"
+ pull := podmanTest.Podman([]string{"pull", oldBB})
+ pull.WaitWithDefaultTimeout()
+
+ tag := podmanTest.Podman([]string{"tag", oldBB, BB})
+ tag.WaitWithDefaultTimeout()
+ Expect(tag.ExitCode()).To(BeZero())
+
+ rmi := podmanTest.Podman([]string{"rmi", oldBB})
+ rmi.WaitWithDefaultTimeout()
+ Expect(rmi.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", BB})
+ inspect.WaitWithDefaultTimeout()
+ oldBBinspect := inspect.InspectImageJSON()
+
+ ctr := getCtr(withPullPolicy("always"), withImage(BB))
+ err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ inspect = podmanTest.Podman([]string{"inspect", BB})
+ inspect.WaitWithDefaultTimeout()
+ newBBinspect := inspect.InspectImageJSON()
+ Expect(oldBBinspect[0].Digest).To(Not(Equal(newBBinspect[0].Digest)))
+ })
+
+ It("podman play kube with latest image should always pull", func() {
+ oldBB := "docker.io/library/busybox:1.30.1"
+ pull := podmanTest.Podman([]string{"pull", oldBB})
+ pull.WaitWithDefaultTimeout()
+
+ tag := podmanTest.Podman([]string{"tag", oldBB, BB})
+ tag.WaitWithDefaultTimeout()
+ Expect(tag.ExitCode()).To(BeZero())
+
+ rmi := podmanTest.Podman([]string{"rmi", oldBB})
+ rmi.WaitWithDefaultTimeout()
+ Expect(rmi.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", BB})
+ inspect.WaitWithDefaultTimeout()
+ oldBBinspect := inspect.InspectImageJSON()
+
+ ctr := getCtr(withImage(BB))
+ err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ inspect = podmanTest.Podman([]string{"inspect", BB})
+ inspect.WaitWithDefaultTimeout()
+ newBBinspect := inspect.InspectImageJSON()
+ Expect(oldBBinspect[0].Digest).To(Not(Equal(newBBinspect[0].Digest)))
+ })
+
+ It("podman play kube with image data", func() {
+ testyaml := `
+apiVersion: v1
+kind: Pod
+metadata:
+ name: demo_pod
+spec:
+ containers:
+ - image: demo
+ name: demo_kube
+`
+ pull := podmanTest.Podman([]string{"create", "--workdir", "/etc", "--name", "newBB", "--label", "key1=value1", "alpine"})
+
+ pull.WaitWithDefaultTimeout()
+ Expect(pull.ExitCode()).To(BeZero())
+
+ c := podmanTest.Podman([]string{"commit", "-c", "STOPSIGNAL=51", "newBB", "demo"})
+ c.WaitWithDefaultTimeout()
+ Expect(c.ExitCode()).To(Equal(0))
+
+ conffile := filepath.Join(podmanTest.TempDir, "kube.yaml")
+ tempdir, err = CreateTempDirInTempDir()
+ Expect(err).To(BeNil())
+
+ err := ioutil.WriteFile(conffile, []byte(testyaml), 0755)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", conffile})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ inspect := podmanTest.Podman([]string{"inspect", "demo_kube"})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+
+ ctr := inspect.InspectContainerToJSON()
+ Expect(ctr[0].Config.WorkingDir).To(ContainSubstring("/etc"))
+ Expect(ctr[0].Config.Labels["key1"]).To(ContainSubstring("value1"))
+ Expect(ctr[0].Config.Labels["key1"]).To(ContainSubstring("value1"))
+ Expect(ctr[0].Config.StopSignal).To(Equal(uint(51)))
+ })
})
diff --git a/test/e2e/pod_create_test.go b/test/e2e/pod_create_test.go
index 2efa36141..e0a10c202 100644
--- a/test/e2e/pod_create_test.go
+++ b/test/e2e/pod_create_test.go
@@ -1,7 +1,9 @@
package integration
import (
+ "fmt"
"os"
+ "strings"
. "github.com/containers/libpod/test/utils"
. "github.com/onsi/ginkgo"
@@ -117,4 +119,167 @@ var _ = Describe("Podman pod create", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(125))
})
+
+ It("podman create pod with --no-hosts", func() {
+ SkipIfRemote()
+ name := "test"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--no-hosts", "--name", name})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(0))
+
+ alpineResolvConf := podmanTest.Podman([]string{"run", "-ti", "--rm", "--no-hosts", ALPINE, "cat", "/etc/hosts"})
+ alpineResolvConf.WaitWithDefaultTimeout()
+ Expect(alpineResolvConf.ExitCode()).To(Equal(0))
+
+ podResolvConf := podmanTest.Podman([]string{"run", "--pod", name, "-ti", "--rm", ALPINE, "cat", "/etc/hosts"})
+ podResolvConf.WaitWithDefaultTimeout()
+ Expect(podResolvConf.ExitCode()).To(Equal(0))
+ Expect(podResolvConf.OutputToString()).To(Equal(alpineResolvConf.OutputToString()))
+ })
+
+ It("podman create pod with --no-hosts and no infra should fail", func() {
+ SkipIfRemote()
+ name := "test"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--no-hosts", "--name", name, "--infra=false"})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(125))
+ })
+
+ It("podman create pod with --add-host", func() {
+ SkipIfRemote()
+ name := "test"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--add-host", "test.example.com:12.34.56.78", "--name", name})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(0))
+
+ podResolvConf := podmanTest.Podman([]string{"run", "--pod", name, "-ti", "--rm", ALPINE, "cat", "/etc/hosts"})
+ podResolvConf.WaitWithDefaultTimeout()
+ Expect(podResolvConf.ExitCode()).To(Equal(0))
+ Expect(strings.Contains(podResolvConf.OutputToString(), "12.34.56.78 test.example.com")).To(BeTrue())
+ })
+
+ It("podman create pod with --add-host and no infra should fail", func() {
+ SkipIfRemote()
+ name := "test"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--add-host", "test.example.com:12.34.56.78", "--name", name, "--infra=false"})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(125))
+ })
+
+ It("podman create pod with DNS server set", func() {
+ SkipIfRemote()
+ name := "test"
+ server := "12.34.56.78"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--dns", server, "--name", name})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(0))
+
+ podResolvConf := podmanTest.Podman([]string{"run", "--pod", name, "-ti", "--rm", ALPINE, "cat", "/etc/resolv.conf"})
+ podResolvConf.WaitWithDefaultTimeout()
+ Expect(podResolvConf.ExitCode()).To(Equal(0))
+ Expect(strings.Contains(podResolvConf.OutputToString(), fmt.Sprintf("nameserver %s", server))).To(BeTrue())
+ })
+
+ It("podman create pod with DNS server set and no infra should fail", func() {
+ SkipIfRemote()
+ name := "test"
+ server := "12.34.56.78"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--dns", server, "--name", name, "--infra=false"})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(125))
+ })
+
+ It("podman create pod with DNS option set", func() {
+ SkipIfRemote()
+ name := "test"
+ option := "attempts:5"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--dns-opt", option, "--name", name})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(0))
+
+ podResolvConf := podmanTest.Podman([]string{"run", "--pod", name, "-ti", "--rm", ALPINE, "cat", "/etc/resolv.conf"})
+ podResolvConf.WaitWithDefaultTimeout()
+ Expect(podResolvConf.ExitCode()).To(Equal(0))
+ Expect(strings.Contains(podResolvConf.OutputToString(), fmt.Sprintf("options %s", option))).To(BeTrue())
+ })
+
+ It("podman create pod with DNS option set and no infra should fail", func() {
+ SkipIfRemote()
+ name := "test"
+ option := "attempts:5"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--dns-opt", option, "--name", name, "--infra=false"})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(125))
+ })
+
+ It("podman create pod with DNS search domain set", func() {
+ SkipIfRemote()
+ name := "test"
+ search := "example.com"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--dns-search", search, "--name", name})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(0))
+
+ podResolvConf := podmanTest.Podman([]string{"run", "--pod", name, "-ti", "--rm", ALPINE, "cat", "/etc/resolv.conf"})
+ podResolvConf.WaitWithDefaultTimeout()
+ Expect(podResolvConf.ExitCode()).To(Equal(0))
+ Expect(strings.Contains(podResolvConf.OutputToString(), fmt.Sprintf("search %s", search))).To(BeTrue())
+ })
+
+ It("podman create pod with DNS search domain set and no infra should fail", func() {
+ SkipIfRemote()
+ name := "test"
+ search := "example.com"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--dns-search", search, "--name", name, "--infra=false"})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(125))
+ })
+
+ It("podman create pod with IP address", func() {
+ SkipIfRemote()
+ SkipIfRootless()
+ name := "test"
+ ip := GetRandomIPAddress()
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--ip", ip, "--name", name})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(0))
+
+ podResolvConf := podmanTest.Podman([]string{"run", "--pod", name, "-ti", "--rm", ALPINE, "ip", "addr"})
+ podResolvConf.WaitWithDefaultTimeout()
+ Expect(podResolvConf.ExitCode()).To(Equal(0))
+ Expect(strings.Contains(podResolvConf.OutputToString(), ip)).To(BeTrue())
+ })
+
+ It("podman create pod with IP address and no infra should fail", func() {
+ SkipIfRemote()
+ name := "test"
+ ip := GetRandomIPAddress()
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--ip", ip, "--name", name, "--infra=false"})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(125))
+ })
+
+ It("podman create pod with MAC address", func() {
+ SkipIfRemote()
+ SkipIfRootless()
+ name := "test"
+ mac := "92:d0:c6:0a:29:35"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--mac-address", mac, "--name", name})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(0))
+
+ podResolvConf := podmanTest.Podman([]string{"run", "--pod", name, "-ti", "--rm", ALPINE, "ip", "addr"})
+ podResolvConf.WaitWithDefaultTimeout()
+ Expect(podResolvConf.ExitCode()).To(Equal(0))
+ Expect(strings.Contains(podResolvConf.OutputToString(), mac)).To(BeTrue())
+ })
+
+ It("podman create pod with MAC address and no infra should fail", func() {
+ SkipIfRemote()
+ name := "test"
+ mac := "92:d0:c6:0a:29:35"
+ podCreate := podmanTest.Podman([]string{"pod", "create", "--mac-address", mac, "--name", name, "--infra=false"})
+ podCreate.WaitWithDefaultTimeout()
+ Expect(podCreate.ExitCode()).To(Equal(125))
+ })
})
diff --git a/test/e2e/pod_ps_test.go b/test/e2e/pod_ps_test.go
index aa07be55c..551ad3818 100644
--- a/test/e2e/pod_ps_test.go
+++ b/test/e2e/pod_ps_test.go
@@ -204,4 +204,27 @@ var _ = Describe("Podman ps", func() {
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(BeEmpty())
})
+
+ It("podman pod ps filter labels", func() {
+ _, ec, podid1 := podmanTest.CreatePod("")
+ Expect(ec).To(Equal(0))
+
+ _, ec, podid2 := podmanTest.CreatePodWithLabels("", map[string]string{
+ "io.podman.test.label": "value1",
+ "io.podman.test.key": "irrelevant-value",
+ })
+ Expect(ec).To(Equal(0))
+
+ _, ec, podid3 := podmanTest.CreatePodWithLabels("", map[string]string{
+ "io.podman.test.label": "value2",
+ })
+ Expect(ec).To(Equal(0))
+
+ session := podmanTest.Podman([]string{"pod", "ps", "--no-trunc", "--filter", "label=io.podman.test.key", "--filter", "label=io.podman.test.label=value1"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(Not(ContainSubstring(podid1)))
+ Expect(session.OutputToString()).To(ContainSubstring(podid2))
+ Expect(session.OutputToString()).To(Not(ContainSubstring(podid3)))
+ })
})
diff --git a/test/e2e/prune_test.go b/test/e2e/prune_test.go
index c9b01ad4a..672b0e103 100644
--- a/test/e2e/prune_test.go
+++ b/test/e2e/prune_test.go
@@ -59,6 +59,34 @@ var _ = Describe("Podman prune", func() {
Expect(podmanTest.NumberOfContainers()).To(Equal(1))
})
+ It("podman container prune after create containers", func() {
+ create := podmanTest.Podman([]string{"create", "--name", "test", BB})
+ create.WaitWithDefaultTimeout()
+ Expect(create.ExitCode()).To(Equal(0))
+
+ prune := podmanTest.Podman([]string{"container", "prune", "-f"})
+ prune.WaitWithDefaultTimeout()
+ Expect(prune.ExitCode()).To(Equal(0))
+
+ Expect(podmanTest.NumberOfContainers()).To(Equal(0))
+ })
+
+ It("podman container prune after create & init containers", func() {
+ create := podmanTest.Podman([]string{"create", "--name", "test", BB})
+ create.WaitWithDefaultTimeout()
+ Expect(create.ExitCode()).To(Equal(0))
+
+ init := podmanTest.Podman([]string{"init", "test"})
+ init.WaitWithDefaultTimeout()
+ Expect(init.ExitCode()).To(Equal(0))
+
+ prune := podmanTest.Podman([]string{"container", "prune", "-f"})
+ prune.WaitWithDefaultTimeout()
+ Expect(prune.ExitCode()).To(Equal(0))
+
+ Expect(podmanTest.NumberOfContainers()).To(Equal(0))
+ })
+
It("podman image prune none images", func() {
SkipIfRemote()
podmanTest.BuildImage(pruneImage, "alpine_bash:latest", "true")
diff --git a/test/e2e/ps_test.go b/test/e2e/ps_test.go
index 12bfdfe41..adbb9c16c 100644
--- a/test/e2e/ps_test.go
+++ b/test/e2e/ps_test.go
@@ -170,10 +170,11 @@ var _ = Describe("Podman ps", func() {
_, ec, _ := podmanTest.RunLsContainer("test1")
Expect(ec).To(Equal(0))
- result := podmanTest.Podman([]string{"ps", "-a", "--format", "table {{.ID}} {{.Image}} {{.Labels}}"})
+ result := podmanTest.Podman([]string{"ps", "-a", "--format", "table {{.ID}} {{.Image}} {{.ImageID}} {{.Labels}}"})
result.WaitWithDefaultTimeout()
Expect(strings.Contains(result.OutputToStringArray()[0], "table")).To(BeFalse())
Expect(strings.Contains(result.OutputToStringArray()[0], "ID")).To(BeTrue())
+ Expect(strings.Contains(result.OutputToStringArray()[0], "ImageID")).To(BeTrue())
Expect(strings.Contains(result.OutputToStringArray()[1], "alpine:latest")).To(BeTrue())
Expect(result.ExitCode()).To(Equal(0))
})
@@ -227,6 +228,35 @@ var _ = Describe("Podman ps", func() {
Expect(output[0]).To(Equal(fullCid))
})
+ It("podman ps filter by exited does not need all", func() {
+ ctr := podmanTest.Podman([]string{"run", "-t", "-i", ALPINE, "ls", "/"})
+ ctr.WaitWithDefaultTimeout()
+ Expect(ctr.ExitCode()).To(Equal(0))
+
+ psAll := podmanTest.Podman([]string{"ps", "-aq", "--no-trunc"})
+ psAll.WaitWithDefaultTimeout()
+ Expect(psAll.ExitCode()).To(Equal(0))
+
+ psFilter := podmanTest.Podman([]string{"ps", "--no-trunc", "--quiet", "--filter", "status=exited"})
+ psFilter.WaitWithDefaultTimeout()
+ Expect(psFilter.ExitCode()).To(Equal(0))
+
+ Expect(psAll.OutputToString()).To(Equal(psFilter.OutputToString()))
+ })
+
+ It("podman filter without status does not find non-running", func() {
+ ctrName := "aContainerName"
+ ctr := podmanTest.Podman([]string{"create", "--name", ctrName, "-t", "-i", ALPINE, "ls", "/"})
+ ctr.WaitWithDefaultTimeout()
+ Expect(ctr.ExitCode()).To(Equal(0))
+
+ psFilter := podmanTest.Podman([]string{"ps", "--no-trunc", "--quiet", "--format", "{{.Names}}", "--filter", fmt.Sprintf("name=%s", ctrName)})
+ psFilter.WaitWithDefaultTimeout()
+ Expect(psFilter.ExitCode()).To(Equal(0))
+
+ Expect(strings.Contains(psFilter.OutputToString(), ctrName)).To(BeFalse())
+ })
+
It("podman ps mutually exclusive flags", func() {
session := podmanTest.Podman([]string{"ps", "-aqs"})
session.WaitWithDefaultTimeout()
diff --git a/test/e2e/run_memory_test.go b/test/e2e/run_memory_test.go
index a45735a8a..d60f2a8cd 100644
--- a/test/e2e/run_memory_test.go
+++ b/test/e2e/run_memory_test.go
@@ -70,7 +70,11 @@ var _ = Describe("Podman run memory", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- Expect(session.OutputToString()).To(Equal("41943040"))
+ if cgroupsv2 {
+ Expect(session.OutputToString()).To(Equal("max"))
+ } else {
+ Expect(session.OutputToString()).To(Equal("41943040"))
+ }
})
It("podman run memory-swappiness test", func() {
diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go
index 5e587b198..5be9db810 100644
--- a/test/e2e/run_networking_test.go
+++ b/test/e2e/run_networking_test.go
@@ -146,6 +146,17 @@ var _ = Describe("Podman run networking", func() {
Expect(match).Should(BeTrue())
})
+ It("podman run --net container: and --uts container:", func() {
+ ctrName := "ctrToJoin"
+ ctr1 := podmanTest.RunTopContainer(ctrName)
+ ctr1.WaitWithDefaultTimeout()
+ Expect(ctr1.ExitCode()).To(Equal(0))
+
+ ctr2 := podmanTest.Podman([]string{"run", "-d", "--net=container:" + ctrName, "--uts=container:" + ctrName, ALPINE, "true"})
+ ctr2.WaitWithDefaultTimeout()
+ Expect(ctr2.ExitCode()).To(Equal(0))
+ })
+
It("podman run --net container: copies hosts and resolv", func() {
SkipIfRootless()
ctrName := "ctr1"
diff --git a/test/e2e/run_security_labels.go b/test/e2e/run_security_labels.go
new file mode 100644
index 000000000..a04bdc739
--- /dev/null
+++ b/test/e2e/run_security_labels.go
@@ -0,0 +1,152 @@
+// +build !remoteclient
+
+package integration
+
+import (
+ "os"
+ "strings"
+
+ . "github.com/containers/libpod/test/utils"
+ . "github.com/onsi/ginkgo"
+ . "github.com/onsi/gomega"
+)
+
+var _ = Describe("Podman generate kube", func() {
+ var (
+ tempdir string
+ err error
+ podmanTest *PodmanTestIntegration
+ )
+
+ BeforeEach(func() {
+ tempdir, err = CreateTempDirInTempDir()
+ if err != nil {
+ os.Exit(1)
+ }
+ podmanTest = PodmanTestCreate(tempdir)
+ podmanTest.Setup()
+ podmanTest.SeedImages()
+
+ })
+
+ AfterEach(func() {
+ podmanTest.Cleanup()
+ f := CurrentGinkgoTestDescription()
+ processTestResult(f)
+ })
+
+ It("podman security labels", func() {
+ test1 := podmanTest.Podman([]string{"create", "--label", "io.containers.capabilities=setuid,setgid", "--name", "test1", "alpine", "echo", "test1"})
+ test1.WaitWithDefaultTimeout()
+ Expect(test1.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", "test1"})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+
+ ctr := inspect.InspectContainerToJSON()
+ caps := strings.Join(ctr[0].EffectiveCaps, ",")
+ Expect(caps).To(Equal("CAP_SETUID,CAP_SETGID"))
+ })
+
+ It("podman bad security labels", func() {
+ test1 := podmanTest.Podman([]string{"create", "--label", "io.containers.capabilities=sys_admin", "--name", "test1", "alpine", "echo", "test1"})
+ test1.WaitWithDefaultTimeout()
+ Expect(test1.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", "test1"})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+
+ ctr := inspect.InspectContainerToJSON()
+ caps := strings.Join(ctr[0].EffectiveCaps, ",")
+ Expect(caps).To(Not(Equal("CAP_SYS_ADMIN")))
+ })
+
+ It("podman --cap-add sys_admin security labels", func() {
+ test1 := podmanTest.Podman([]string{"create", "--cap-add", "SYS_ADMIN", "--label", "io.containers.capabilities=sys_admin", "--name", "test1", "alpine", "echo", "test1"})
+ test1.WaitWithDefaultTimeout()
+ Expect(test1.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", "test1"})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+
+ ctr := inspect.InspectContainerToJSON()
+ caps := strings.Join(ctr[0].EffectiveCaps, ",")
+ Expect(caps).To(Equal("CAP_SYS_ADMIN"))
+ })
+
+ It("podman --cap-drop all sys_admin security labels", func() {
+ test1 := podmanTest.Podman([]string{"create", "--cap-drop", "all", "--label", "io.containers.capabilities=sys_admin", "--name", "test1", "alpine", "echo", "test1"})
+ test1.WaitWithDefaultTimeout()
+ Expect(test1.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", "test1"})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+
+ ctr := inspect.InspectContainerToJSON()
+ caps := strings.Join(ctr[0].EffectiveCaps, ",")
+ Expect(caps).To(Equal(""))
+ })
+
+ It("podman security labels from image", func() {
+ test1 := podmanTest.Podman([]string{"create", "--name", "test1", "alpine", "echo", "test1"})
+ test1.WaitWithDefaultTimeout()
+ Expect(test1.ExitCode()).To(BeZero())
+
+ commit := podmanTest.Podman([]string{"commit", "-c", "label=io.containers.capabilities=sys_chroot,net_raw", "test1", "image1"})
+ commit.WaitWithDefaultTimeout()
+ Expect(commit.ExitCode()).To(BeZero())
+
+ image1 := podmanTest.Podman([]string{"create", "--name", "test2", "image1", "echo", "test1"})
+ image1.WaitWithDefaultTimeout()
+ Expect(image1.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", "test2"})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+
+ ctr := inspect.InspectContainerToJSON()
+ caps := strings.Join(ctr[0].EffectiveCaps, ",")
+ Expect(caps).To(Equal("CAP_SYS_CHROOT,CAP_NET_RAW"))
+
+ })
+
+ It("podman --privileged security labels", func() {
+ pull := podmanTest.Podman([]string{"create", "--privileged", "--label", "io.containers.capabilities=setuid,setgid", "--name", "test1", "alpine", "echo", "test"})
+ pull.WaitWithDefaultTimeout()
+ Expect(pull.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", "test1"})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+
+ ctr := inspect.InspectContainerToJSON()
+ caps := strings.Join(ctr[0].EffectiveCaps, ",")
+ Expect(caps).To(Not(Equal("CAP_SETUID,CAP_SETGID")))
+ })
+
+ It("podman container runlabel (podman --version)", func() {
+ PodmanDockerfile := `
+FROM alpine:latest
+LABEL io.containers.capabilities=chown,mknod`
+
+ image := "podman-caps:podman"
+ podmanTest.BuildImage(PodmanDockerfile, image, "false")
+
+ test1 := podmanTest.Podman([]string{"create", "--name", "test1", image, "echo", "test1"})
+ test1.WaitWithDefaultTimeout()
+ Expect(test1.ExitCode()).To(BeZero())
+
+ inspect := podmanTest.Podman([]string{"inspect", "test1"})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+
+ ctr := inspect.InspectContainerToJSON()
+ caps := strings.Join(ctr[0].EffectiveCaps, ",")
+ Expect(caps).To(Equal("CAP_CHOWN,CAP_MKNOD"))
+ })
+
+})
diff --git a/test/e2e/run_staticip_test.go b/test/e2e/run_staticip_test.go
index 5b4842fea..5ad8f9fb0 100644
--- a/test/e2e/run_staticip_test.go
+++ b/test/e2e/run_staticip_test.go
@@ -3,7 +3,10 @@
package integration
import (
+ "fmt"
+ "net/http"
"os"
+ "time"
. "github.com/containers/libpod/test/utils"
. "github.com/onsi/ginkgo"
@@ -65,9 +68,20 @@ var _ = Describe("Podman run with --ip flag", func() {
It("Podman run two containers with the same IP", func() {
ip := GetRandomIPAddress()
- result := podmanTest.Podman([]string{"run", "-d", "--ip", ip, ALPINE, "sleep", "999"})
+ result := podmanTest.Podman([]string{"run", "-dt", "--ip", ip, nginx})
result.WaitWithDefaultTimeout()
Expect(result.ExitCode()).To(Equal(0))
+ for i := 0; i < 10; i++ {
+ fmt.Println("Waiting for nginx", err)
+ time.Sleep(1 * time.Second)
+ response, err := http.Get(fmt.Sprintf("http://%s", ip))
+ if err != nil {
+ continue
+ }
+ if response.StatusCode == http.StatusOK {
+ break
+ }
+ }
result = podmanTest.Podman([]string{"run", "-ti", "--ip", ip, ALPINE, "ip", "addr"})
result.WaitWithDefaultTimeout()
Expect(result).To(ExitWithError())
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 72547ea00..9b6de6f65 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -374,7 +374,9 @@ var _ = Describe("Podman run", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- Expect(session.OutputToString()).To(ContainSubstring("1048576"))
+ if !cgroupsv2 { // TODO: Test Simplification. For now, we only care about exit(0) w/ cgroupsv2
+ Expect(session.OutputToString()).To(ContainSubstring("1048576"))
+ }
})
It("podman run device-write-bps test", func() {
@@ -392,7 +394,9 @@ var _ = Describe("Podman run", func() {
}
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- Expect(session.OutputToString()).To(ContainSubstring("1048576"))
+ if !cgroupsv2 { // TODO: Test Simplification. For now, we only care about exit(0) w/ cgroupsv2
+ Expect(session.OutputToString()).To(ContainSubstring("1048576"))
+ }
})
It("podman run device-read-iops test", func() {
@@ -411,7 +415,9 @@ var _ = Describe("Podman run", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- Expect(session.OutputToString()).To(ContainSubstring("100"))
+ if !cgroupsv2 { // TODO: Test Simplification. For now, we only care about exit(0) w/ cgroupsv2
+ Expect(session.OutputToString()).To(ContainSubstring("100"))
+ }
})
It("podman run device-write-iops test", func() {
@@ -430,7 +436,9 @@ var _ = Describe("Podman run", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- Expect(session.OutputToString()).To(ContainSubstring("100"))
+ if !cgroupsv2 { // TODO: Test Simplification. For now, we only care about exit(0) w/ cgroupsv2
+ Expect(session.OutputToString()).To(ContainSubstring("100"))
+ }
})
It("podman run notify_socket", func() {
@@ -999,4 +1007,16 @@ USER mail`
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Not(Equal(0)))
})
+
+ It("podman run --device-cgroup-rule", func() {
+ SkipIfRemote()
+ SkipIfRootless()
+ deviceCgroupRule := "c 42:* rwm"
+ session := podmanTest.Podman([]string{"run", "--name", "test", "-d", "--device-cgroup-rule", deviceCgroupRule, ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ session = podmanTest.Podman([]string{"exec", "test", "mknod", "newDev", "c", "42", "1"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ })
})
diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go
index 0c2389e40..e31338dbc 100644
--- a/test/e2e/run_volume_test.go
+++ b/test/e2e/run_volume_test.go
@@ -15,6 +15,10 @@ import (
"github.com/onsi/gomega/gexec"
)
+var VolumeTrailingSlashDockerfile = `
+FROM alpine:latest
+VOLUME /test/`
+
var _ = Describe("Podman run with volumes", func() {
var (
tempdir string
@@ -397,4 +401,44 @@ var _ = Describe("Podman run with volumes", func() {
volMount.WaitWithDefaultTimeout()
Expect(volMount.ExitCode()).To(Not(Equal(0)))
})
+
+ It("Podman fix for CVE-2020-1726", func() {
+ volName := "testVol"
+ volCreate := podmanTest.Podman([]string{"volume", "create", volName})
+ volCreate.WaitWithDefaultTimeout()
+ Expect(volCreate.ExitCode()).To(Equal(0))
+
+ volPath := podmanTest.Podman([]string{"volume", "inspect", "--format", "{{.Mountpoint}}", volName})
+ volPath.WaitWithDefaultTimeout()
+ Expect(volPath.ExitCode()).To(Equal(0))
+ path := volPath.OutputToString()
+
+ fileName := "thisIsATestFile"
+ file, err := os.Create(filepath.Join(path, fileName))
+ Expect(err).To(BeNil())
+ defer file.Close()
+
+ runLs := podmanTest.Podman([]string{"run", "-t", "-i", "--rm", "-v", fmt.Sprintf("%v:/etc/ssl", volName), ALPINE, "ls", "-1", "/etc/ssl"})
+ runLs.WaitWithDefaultTimeout()
+ Expect(runLs.ExitCode()).To(Equal(0))
+ outputArr := runLs.OutputToStringArray()
+ Expect(len(outputArr)).To(Equal(1))
+ Expect(strings.Contains(outputArr[0], fileName)).To(BeTrue())
+ })
+
+ It("Podman mount over image volume with trailing /", func() {
+ image := "podman-volume-test:trailing"
+ podmanTest.BuildImage(VolumeTrailingSlashDockerfile, image, "false")
+
+ ctrName := "testCtr"
+ create := podmanTest.Podman([]string{"create", "-v", "/tmp:/test", "--name", ctrName, image, "ls"})
+ create.WaitWithDefaultTimeout()
+ Expect(create.ExitCode()).To(Equal(0))
+
+ data := podmanTest.InspectContainer(ctrName)
+ Expect(len(data)).To(Equal(1))
+ Expect(len(data[0].Mounts)).To(Equal(1))
+ Expect(data[0].Mounts[0].Source).To(Equal("/tmp"))
+ Expect(data[0].Mounts[0].Destination).To(Equal("/test"))
+ })
})
diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go
index d88231510..9ba0241fe 100644
--- a/test/e2e/search_test.go
+++ b/test/e2e/search_test.go
@@ -164,13 +164,6 @@ registries = ['{{.Host}}:{{.Port}}']`
}
})
- It("podman search v2 registry with empty query", func() {
- search := podmanTest.Podman([]string{"search", "registry.fedoraproject.org/"})
- search.WaitWithDefaultTimeout()
- Expect(search.ExitCode()).To(Equal(0))
- Expect(len(search.OutputToStringArray())).To(BeNumerically(">=", 1))
- })
-
It("podman search attempts HTTP if tls-verify flag is set false", func() {
if podmanTest.Host.Arch == "ppc64le" {
Skip("No registry image for ppc64le")
@@ -225,6 +218,14 @@ registries = ['{{.Host}}:{{.Port}}']`
Expect(search.ExitCode()).To(Equal(0))
Expect(search.OutputToString()).ShouldNot(BeEmpty())
+
+ // podman search v2 registry with empty query
+ searchEmpty := podmanTest.PodmanNoCache([]string{"search", fmt.Sprintf("%s/", registryEndpoints[3].Address()), "--tls-verify=false"})
+ searchEmpty.WaitWithDefaultTimeout()
+ Expect(searchEmpty.ExitCode()).To(BeZero())
+ Expect(len(searchEmpty.OutputToStringArray())).To(BeNumerically(">=", 1))
+ match, _ := search.GrepString("my-alpine")
+ Expect(match).Should(BeTrue())
})
It("podman search attempts HTTP if registry is in registries.insecure and force secure is false", func() {
diff --git a/test/e2e/volume_prune_test.go b/test/e2e/volume_prune_test.go
index ba249278b..3049646b0 100644
--- a/test/e2e/volume_prune_test.go
+++ b/test/e2e/volume_prune_test.go
@@ -89,7 +89,7 @@ var _ = Describe("Podman volume prune", func() {
session = podmanTest.Podman([]string{"volume", "ls"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- Expect(len(session.OutputToStringArray())).To(Equal(2))
+ Expect(len(session.OutputToStringArray())).To(Equal(0))
podmanTest.Cleanup()
})