diff options
Diffstat (limited to 'test/e2e')
39 files changed, 559 insertions, 92 deletions
diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go index d7bbdc633..a076ada6b 100644 --- a/test/e2e/common_test.go +++ b/test/e2e/common_test.go @@ -62,7 +62,7 @@ type PodmanTestIntegration struct { var LockTmpDir string -// PodmanSessionIntegration sturct for command line session +// PodmanSessionIntegration struct for command line session type PodmanSessionIntegration struct { *PodmanSession } @@ -121,7 +121,7 @@ var _ = SynchronizedBeforeSuite(func() []byte { } } - // Pull cirros but dont put it into the cache + // Pull cirros but don't put it into the cache pullImages := []string{cirros, fedoraToolbox} pullImages = append(pullImages, CACHE_IMAGES...) for _, image := range pullImages { diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go index 28672cfc6..719ac9fac 100644 --- a/test/e2e/containers_conf_test.go +++ b/test/e2e/containers_conf_test.go @@ -82,6 +82,7 @@ var _ = Describe("Podman run", func() { }) It("podman Capabilities in containers.conf", func() { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") cap := podmanTest.Podman([]string{"run", ALPINE, "grep", "CapEff", "/proc/self/status"}) cap.WaitWithDefaultTimeout() Expect(cap.ExitCode()).To(Equal(0)) @@ -121,6 +122,7 @@ var _ = Describe("Podman run", func() { }) verifyNSHandling := func(nspath, option string) { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") os.Setenv("CONTAINERS_CONF", "config/containers-ns.conf") if IsRemote() { podmanTest.RestartRemoteService() diff --git a/test/e2e/cp_test.go b/test/e2e/cp_test.go index 33908b60e..f81323847 100644 --- a/test/e2e/cp_test.go +++ b/test/e2e/cp_test.go @@ -24,7 +24,6 @@ var _ = Describe("Podman cp", func() { ) BeforeEach(func() { - SkipIfRemote("FIXME: Podman-remote cp needs to work") tempdir, err = CreateTempDirInTempDir() if err != nil { os.Exit(1) @@ -61,7 +60,7 @@ var _ = Describe("Podman cp", func() { // Copy TO the container. - // Cannot copy to a non-existent path (note the trailing "/"). + // Cannot copy to a nonexistent path (note the trailing "/"). session = podmanTest.Podman([]string{"cp", srcFile.Name(), name + ":foo/"}) session.WaitWithDefaultTimeout() Expect(session).To(ExitWithError()) diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index aaf089d97..a4931ff2d 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -233,7 +233,7 @@ var _ = Describe("Podman create", func() { Expect(err).To(BeNil()) defer os.RemoveAll(tmpDir) - podName := "rudoplh" + podName := "rudolph" ctrName := "prancer" podIDFile := tmpDir + "pod-id-file" @@ -337,8 +337,8 @@ var _ = Describe("Podman create", func() { Expect(string(session.Out.Contents())).To(ContainSubstring(ALPINEARM64DIGEST)) }) - It("podman create --authfile with nonexist authfile", func() { - session := podmanTest.Podman([]string{"create", "--authfile", "/tmp/nonexist", "--name=foo", ALPINE}) + It("podman create --authfile with nonexistent authfile", func() { + session := podmanTest.Podman([]string{"create", "--authfile", "/tmp/nonexistent", "--name=foo", ALPINE}) session.WaitWithDefaultTimeout() Expect(session).To(Not(Equal(0))) }) @@ -655,7 +655,7 @@ var _ = Describe("Podman create", func() { session = podmanTest.Podman([]string{"create", "--platform=linux/arm64", "--override-os", "windows", ALPINE}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(125)) - expectedError = "--platform option can not be specified with --overide-arch or --override-os" + expectedError = "--platform option can not be specified with --override-arch or --override-os" Expect(session.ErrorToString()).To(ContainSubstring(expectedError)) session = podmanTest.Podman([]string{"create", "-q", "--platform=linux/arm64", ALPINE}) diff --git a/test/e2e/events_test.go b/test/e2e/events_test.go index b37bd584e..0c7a1bd66 100644 --- a/test/e2e/events_test.go +++ b/test/e2e/events_test.go @@ -5,9 +5,11 @@ import ( "fmt" "os" "strings" + "sync" "time" . "github.com/containers/podman/v2/test/utils" + "github.com/containers/storage/pkg/stringid" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" . "github.com/onsi/gomega/gexec" @@ -115,10 +117,7 @@ var _ = Describe("Podman events", func() { SkipIfNotFedora() _, ec, _ := podmanTest.RunLsContainer("") Expect(ec).To(Equal(0)) - test := podmanTest.Podman([]string{"events", "--help"}) - test.WaitWithDefaultTimeout() - fmt.Println(test.OutputToStringArray()) - result := podmanTest.Podman([]string{"events", "--stream=false", "--since", "1h"}) + result := podmanTest.Podman([]string{"events", "--stream=false", "--until", "1h"}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(BeZero()) }) @@ -154,4 +153,40 @@ var _ = Describe("Podman events", func() { Expect(eventsMap).To(HaveKey("Status")) }) + + It("podman events --until future", func() { + name1 := stringid.GenerateNonCryptoID() + name2 := stringid.GenerateNonCryptoID() + name3 := stringid.GenerateNonCryptoID() + session := podmanTest.Podman([]string{"create", "--name", name1, ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + var wg sync.WaitGroup + wg.Add(1) + go func() { + defer GinkgoRecover() + defer wg.Done() + + // wait 2 seconds to be sure events is running + time.Sleep(time.Second * 2) + session = podmanTest.Podman([]string{"create", "--name", name2, ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + session = podmanTest.Podman([]string{"create", "--name", name3, ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }() + + // unix timestamp in 10 seconds + until := time.Now().Add(time.Second * 10).Unix() + result := podmanTest.Podman([]string{"events", "--since", "30s", "--until", fmt.Sprint(until)}) + result.Wait(11) + Expect(result.ExitCode()).To(BeZero()) + Expect(result.OutputToString()).To(ContainSubstring(name1)) + Expect(result.OutputToString()).To(ContainSubstring(name2)) + Expect(result.OutputToString()).To(ContainSubstring(name3)) + + wg.Wait() + }) }) diff --git a/test/e2e/exec_test.go b/test/e2e/exec_test.go index f61f52589..18737105e 100644 --- a/test/e2e/exec_test.go +++ b/test/e2e/exec_test.go @@ -119,6 +119,21 @@ var _ = Describe("Podman exec", func() { Expect(session.ExitCode()).To(Equal(100)) }) + It("podman exec --privileged", func() { + hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) + Expect(hostCap.ExitCode()).To(Equal(0)) + + setup := podmanTest.RunTopContainer("test-privileged") + setup.WaitWithDefaultTimeout() + Expect(setup.ExitCode()).To(Equal(0)) + + session := podmanTest.Podman([]string{"exec", "--privileged", "test-privileged", "sh", "-c", "grep ^CapEff /proc/self/status | cut -f 2"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + containerCapMatchesHost(session.OutputToString(), hostCap.OutputToString()) + }) + It("podman exec terminal doesn't hang", func() { setup := podmanTest.Podman([]string{"run", "-dti", "--name", "test1", fedoraMinimal, "sleep", "+Inf"}) setup.WaitWithDefaultTimeout() diff --git a/test/e2e/exists_test.go b/test/e2e/exists_test.go index 7ff5d4207..480bfe5fc 100644 --- a/test/e2e/exists_test.go +++ b/test/e2e/exists_test.go @@ -38,7 +38,6 @@ var _ = Describe("Podman image|container exists", func() { Expect(session).Should(Exit(0)) }) It("podman image exists in local storage by short name", func() { - Skip("FIXME-8165: shortnames don't seem to work with quay (#8176)") session := podmanTest.Podman([]string{"image", "exists", "alpine"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index 0950a9321..239817e6c 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -471,6 +471,7 @@ var _ = Describe("Podman generate kube", func() { }) It("podman generate kube multiple pods should fail", func() { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") pod1 := podmanTest.Podman([]string{"run", "-dt", "--pod", "new:pod1", ALPINE, "top"}) pod1.WaitWithDefaultTimeout() Expect(pod1.ExitCode()).To(Equal(0)) diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go index 765844265..3f059300b 100644 --- a/test/e2e/generate_systemd_test.go +++ b/test/e2e/generate_systemd_test.go @@ -74,6 +74,9 @@ var _ = Describe("Podman generate systemd", func() { found, _ := session.GrepString(" stop -t 1234 ") Expect(found).To(BeTrue()) + + found, _ = session.GrepString("TimeoutStopSec=1294") + Expect(found).To(BeTrue()) }) It("podman generate systemd", func() { diff --git a/test/e2e/image_sign_test.go b/test/e2e/image_sign_test.go index c9041eaba..57739419c 100644 --- a/test/e2e/image_sign_test.go +++ b/test/e2e/image_sign_test.go @@ -1,6 +1,7 @@ package integration import ( + "io/ioutil" "os" "os/exec" "path/filepath" @@ -58,4 +59,19 @@ var _ = Describe("Podman image sign", func() { _, err = os.Stat(filepath.Join(sigDir, "library")) Expect(err).To(BeNil()) }) + + It("podman sign --all multi-arch image", func() { + cmd := exec.Command("gpg", "--import", "sign/secret-key.asc") + err := cmd.Run() + Expect(err).To(BeNil()) + sigDir := filepath.Join(podmanTest.TempDir, "test-sign-multi") + err = os.MkdirAll(sigDir, os.ModePerm) + Expect(err).To(BeNil()) + session := podmanTest.Podman([]string{"image", "sign", "--all", "--directory", sigDir, "--sign-by", "foo@bar.com", "docker://library/alpine"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + fInfos, err := ioutil.ReadDir(filepath.Join(sigDir, "library")) + Expect(err).To(BeNil()) + Expect(len(fInfos) > 1).To(BeTrue()) + }) }) diff --git a/test/e2e/images_test.go b/test/e2e/images_test.go index 281b2c313..2dab4858e 100644 --- a/test/e2e/images_test.go +++ b/test/e2e/images_test.go @@ -146,17 +146,17 @@ var _ = Describe("Podman images", func() { Expect(result).Should(Exit(0)) Expect(len(result.OutputToStringArray())).To(Equal(8)) - retapline := podmanTest.Podman([]string{"images", "-f", "reference=a*pine"}) - retapline.WaitWithDefaultTimeout() - Expect(retapline).Should(Exit(0)) - Expect(len(retapline.OutputToStringArray())).To(Equal(6)) - Expect(retapline.LineInOutputContains("alpine")).To(BeTrue()) - - retapline = podmanTest.Podman([]string{"images", "-f", "reference=alpine"}) - retapline.WaitWithDefaultTimeout() - Expect(retapline).Should(Exit(0)) - Expect(len(retapline.OutputToStringArray())).To(Equal(6)) - Expect(retapline.LineInOutputContains("alpine")).To(BeTrue()) + retalpine := podmanTest.Podman([]string{"images", "-f", "reference=a*pine"}) + retalpine.WaitWithDefaultTimeout() + Expect(retalpine).Should(Exit(0)) + Expect(len(retalpine.OutputToStringArray())).To(Equal(6)) + Expect(retalpine.LineInOutputContains("alpine")).To(BeTrue()) + + retalpine = podmanTest.Podman([]string{"images", "-f", "reference=alpine"}) + retalpine.WaitWithDefaultTimeout() + Expect(retalpine).Should(Exit(0)) + Expect(len(retalpine.OutputToStringArray())).To(Equal(6)) + Expect(retalpine.LineInOutputContains("alpine")).To(BeTrue()) retnone := podmanTest.Podman([]string{"images", "-q", "-f", "reference=bogus"}) retnone.WaitWithDefaultTimeout() diff --git a/test/e2e/kill_test.go b/test/e2e/kill_test.go index 8a4828583..8b31cae72 100644 --- a/test/e2e/kill_test.go +++ b/test/e2e/kill_test.go @@ -1,6 +1,7 @@ package integration import ( + "io/ioutil" "os" . "github.com/containers/podman/v2/test/utils" @@ -112,4 +113,58 @@ var _ = Describe("Podman kill", func() { Expect(result.ExitCode()).To(Equal(0)) Expect(podmanTest.NumberOfContainersRunning()).To(Equal(0)) }) + + It("podman kill --cidfile", func() { + tmpDir, err := ioutil.TempDir("", "") + Expect(err).To(BeNil()) + tmpFile := tmpDir + "cid" + defer os.RemoveAll(tmpDir) + + session := podmanTest.Podman([]string{"run", "-dt", "--cidfile", tmpFile, ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + cid := session.OutputToStringArray()[0] + + kill := podmanTest.Podman([]string{"kill", "--cidfile", tmpFile}) + kill.WaitWithDefaultTimeout() + Expect(kill.ExitCode()).To(BeZero()) + + wait := podmanTest.Podman([]string{"wait", "--condition", "exited", cid}) + wait.WaitWithDefaultTimeout() + Expect(wait.ExitCode()).To(BeZero()) + }) + + It("podman kill multiple --cidfile", func() { + tmpDir1, err := ioutil.TempDir("", "") + Expect(err).To(BeNil()) + tmpFile1 := tmpDir1 + "cid" + defer os.RemoveAll(tmpDir1) + + tmpDir2, err := ioutil.TempDir("", "") + Expect(err).To(BeNil()) + tmpFile2 := tmpDir2 + "cid" + defer os.RemoveAll(tmpDir2) + + session := podmanTest.Podman([]string{"run", "-dt", "--cidfile", tmpFile1, ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + cid1 := session.OutputToStringArray()[0] + + session2 := podmanTest.Podman([]string{"run", "-dt", "--cidfile", tmpFile2, ALPINE, "top"}) + session2.WaitWithDefaultTimeout() + Expect(session2.ExitCode()).To(Equal(0)) + cid2 := session2.OutputToStringArray()[0] + + kill := podmanTest.Podman([]string{"kill", "--cidfile", tmpFile1, "--cidfile", tmpFile2}) + kill.WaitWithDefaultTimeout() + Expect(kill.ExitCode()).To(BeZero()) + + wait := podmanTest.Podman([]string{"wait", "--condition", "exited", cid1}) + wait.WaitWithDefaultTimeout() + Expect(wait.ExitCode()).To(BeZero()) + wait = podmanTest.Podman([]string{"wait", "--condition", "exited", cid2}) + wait.WaitWithDefaultTimeout() + Expect(wait.ExitCode()).To(BeZero()) + }) + }) diff --git a/test/e2e/login_logout_test.go b/test/e2e/login_logout_test.go index 5de77f158..a2e88ecd2 100644 --- a/test/e2e/login_logout_test.go +++ b/test/e2e/login_logout_test.go @@ -66,7 +66,7 @@ var _ = Describe("Podman login and logout", func() { registriesConfWithSearch = []byte(fmt.Sprintf("[registries.search]\nregistries = ['%s']", server)) - testImg = strings.Join([]string{server, "test-apline"}, "/") + testImg = strings.Join([]string{server, "test-alpine"}, "/") certDirPath = filepath.Join(os.Getenv("HOME"), ".config/containers/certs.d", server) os.MkdirAll(certDirPath, os.ModePerm) @@ -155,8 +155,8 @@ var _ = Describe("Podman login and logout", func() { json.Unmarshal(authInfo, &info) fmt.Println(info) - // push should fail with nonexist authfile - session = podmanTest.Podman([]string{"push", "--authfile", "/tmp/nonexist", ALPINE, testImg}) + // push should fail with nonexistent authfile + session = podmanTest.Podman([]string{"push", "--authfile", "/tmp/nonexistent", ALPINE, testImg}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Not(Equal(0))) @@ -168,8 +168,8 @@ var _ = Describe("Podman login and logout", func() { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - // logout should fail with nonexist authfile - session = podmanTest.Podman([]string{"logout", "--authfile", "/tmp/nonexist", server}) + // logout should fail with nonexistent authfile + session = podmanTest.Podman([]string{"logout", "--authfile", "/tmp/nonexistent", server}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Not(Equal(0))) diff --git a/test/e2e/logs_test.go b/test/e2e/logs_test.go index a749a86ff..b370aeec1 100644 --- a/test/e2e/logs_test.go +++ b/test/e2e/logs_test.go @@ -332,6 +332,11 @@ var _ = Describe("Podman logs", func() { wait.WaitWithDefaultTimeout() Expect(wait).To(Exit(0)) + inspect := podmanTest.Podman([]string{"container", "inspect", "--format", "{{.HostConfig.LogConfig.Size}}", cid}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).To(Exit(0)) + Expect(inspect.OutputToString()).To(Equal("10kB")) + results := podmanTest.Podman([]string{"logs", cid}) results.WaitWithDefaultTimeout() Expect(results).To(Exit(0)) @@ -355,4 +360,21 @@ var _ = Describe("Podman logs", func() { Expect(outlines[0]).To(Equal("1\r")) Expect(outlines[1]).To(Equal("2\r")) }) + + It("podman logs test stdout and stderr", func() { + cname := "log-test" + logc := podmanTest.Podman([]string{"run", "--name", cname, ALPINE, "sh", "-c", "echo stdout; echo stderr >&2"}) + logc.WaitWithDefaultTimeout() + Expect(logc).To(Exit(0)) + + wait := podmanTest.Podman([]string{"wait", cname}) + wait.WaitWithDefaultTimeout() + Expect(wait).To(Exit(0)) + + results := podmanTest.Podman([]string{"logs", cname}) + results.WaitWithDefaultTimeout() + Expect(results).To(Exit(0)) + Expect(results.OutputToString()).To(Equal("stdout")) + Expect(results.ErrorToString()).To(Equal("stderr")) + }) }) diff --git a/test/e2e/mount_rootless_test.go b/test/e2e/mount_rootless_test.go index 1e4152709..c410a2507 100644 --- a/test/e2e/mount_rootless_test.go +++ b/test/e2e/mount_rootless_test.go @@ -16,7 +16,7 @@ var _ = Describe("Podman mount", func() { ) BeforeEach(func() { - SkipIfNotRootless("This function is not enabled for rootfull podman") + SkipIfNotRootless("This function is not enabled for rootful podman") SkipIfRemote("Podman mount not supported for remote connections") tempdir, err = CreateTempDirInTempDir() if err != nil { diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go index 7cdad9bf2..dd94bd7ca 100644 --- a/test/e2e/network_connect_disconnect_test.go +++ b/test/e2e/network_connect_disconnect_test.go @@ -33,7 +33,7 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("bad network name in disconnect should result in error", func() { - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") dis := podmanTest.Podman([]string{"network", "disconnect", "foobar", "test"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) @@ -41,7 +41,7 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("bad container name in network disconnect should result in error", func() { - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -55,7 +55,7 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("podman network disconnect", func() { - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -80,7 +80,7 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("bad network name in connect should result in error", func() { - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") dis := podmanTest.Podman([]string{"network", "connect", "foobar", "test"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) @@ -88,7 +88,7 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("bad container name in network connect should result in error", func() { - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -102,7 +102,7 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("podman connect on a container that already is connected to the network should error", func() { - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -120,7 +120,7 @@ var _ = Describe("Podman network connect and disconnect", func() { It("podman network connect", func() { SkipIfRemote("This requires a pending PR to be merged before it will work") - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -152,7 +152,7 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("podman network connect when not running", func() { - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() @@ -181,7 +181,7 @@ var _ = Describe("Podman network connect and disconnect", func() { }) It("podman network disconnect when not running", func() { - SkipIfRootless("network connect and disconnect are only rootfull") + SkipIfRootless("network connect and disconnect are only rootful") netName1 := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName1}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/network_create_test.go b/test/e2e/network_create_test.go index 21b3074fc..7e9a18ab2 100644 --- a/test/e2e/network_create_test.go +++ b/test/e2e/network_create_test.go @@ -106,6 +106,7 @@ var _ = Describe("Podman network create", func() { Expect(bridgePlugin.IPAM.Routes[0].Dest).To(Equal("0.0.0.0/0")) Expect(bridgePlugin.IsGW).To(BeTrue()) Expect(bridgePlugin.IPMasq).To(BeTrue()) + Expect(bridgePlugin.IPAM.Ranges[0][0].Gateway).ToNot(BeEmpty()) Expect(portMapPlugin.Capabilities["portMappings"]).To(BeTrue()) }) @@ -153,6 +154,8 @@ var _ = Describe("Podman network create", func() { // JSON the bridge info bridgePlugin, err := genericPluginsToBridge(result["plugins"], "bridge") Expect(err).To(BeNil()) + // check that gateway is added to config + Expect(bridgePlugin.IPAM.Ranges[0][0].Gateway).To(Equal("10.11.12.1")) // Once a container executes a new network, the nic will be created. We should clean those up // best we can diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index 5ecfdd6b5..f009e333e 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -16,7 +16,7 @@ import ( ) var unknownKindYaml = ` -apiVerson: v1 +apiVersion: v1 kind: UnknownKind metadata: labels: @@ -62,6 +62,7 @@ metadata: spec: restartPolicy: {{ .RestartPolicy }} hostname: {{ .Hostname }} + hostNetwork: {{ .HostNetwork }} hostAliases: {{ range .HostAliases }} - hostnames: @@ -220,6 +221,7 @@ spec: spec: restartPolicy: {{ .RestartPolicy }} hostname: {{ .Hostname }} + hostNetwork: {{ .HostNetwork }} containers: {{ with .Ctrs }} {{ range . }} @@ -376,6 +378,7 @@ type Pod struct { Name string RestartPolicy string Hostname string + HostNetwork bool HostAliases []HostAlias Ctrs []*Ctr Volumes []*Volume @@ -396,6 +399,7 @@ func getPod(options ...podOption) *Pod { Name: defaultPodName, RestartPolicy: "Never", Hostname: "", + HostNetwork: false, HostAliases: nil, Ctrs: make([]*Ctr, 0), Volumes: make([]*Volume, 0), @@ -464,6 +468,12 @@ func withVolume(v *Volume) podOption { } } +func withHostNetwork() podOption { + return func(pod *Pod) { + pod.HostNetwork = true + } +} + // Deployment describes the options a kube yaml can be configured at deployment level type Deployment struct { Name string @@ -793,11 +803,11 @@ var _ = Describe("Podman play kube", func() { }) - It("podman play kube fail with nonexist authfile", func() { + It("podman play kube fail with nonexistent authfile", func() { err := generateKubeYaml("pod", getPod(), kubeYaml) Expect(err).To(BeNil()) - kube := podmanTest.Podman([]string{"play", "kube", "--authfile", "/tmp/nonexist", kubeYaml}) + kube := podmanTest.Podman([]string{"play", "kube", "--authfile", "/tmp/nonexistent", kubeYaml}) kube.WaitWithDefaultTimeout() Expect(kube.ExitCode()).To(Not(Equal(0))) @@ -820,8 +830,28 @@ var _ = Describe("Podman play kube", func() { Expect(inspect.OutputToString()).To(ContainSubstring(correctCmd)) }) + // If you do not supply command or args for a Container, the defaults defined in the Docker image are used. + It("podman play kube test correct args and cmd when not specified", func() { + pod := getPod(withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil)))) + err := generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod), "--format", "'{{ .Config.Cmd }}'"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Equal(0)) + + // this image's ENTRYPOINT is `/entrypoint.sh` and it's COMMAND is `/etc/docker/registry/config.yml` + Expect(inspect.OutputToString()).To(ContainSubstring(`[/entrypoint.sh /etc/docker/registry/config.yml]`)) + }) + + // If you supply a command but no args for a Container, only the supplied command is used. + // The default EntryPoint and the default Cmd defined in the Docker image are ignored. It("podman play kube test correct command with only set command in yaml file", func() { - pod := getPod(withCtr(getCtr(withCmd([]string{"echo", "hello"}), withArg(nil)))) + pod := getPod(withCtr(getCtr(withImage(registry), withCmd([]string{"echo", "hello"}), withArg(nil)))) err := generateKubeYaml("pod", pod, kubeYaml) Expect(err).To(BeNil()) @@ -837,8 +867,29 @@ var _ = Describe("Podman play kube", func() { Expect(inspect.OutputToString()).To(ContainSubstring(`[echo hello]`)) }) + // If you supply only args for a Container, the default Entrypoint defined in the Docker image is run with the args that you supplied. It("podman play kube test correct command with only set args in yaml file", func() { - pod := getPod(withCtr(getCtr(withImage(redis), withCmd(nil), withArg([]string{"echo", "hello"})))) + pod := getPod(withCtr(getCtr(withImage(registry), withCmd(nil), withArg([]string{"echo", "hello"})))) + err := generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod), "--format", "'{{ .Config.Cmd }}'"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Equal(0)) + // this image's ENTRYPOINT is `/entrypoint.sh` + // so result should be `/entrypoint.sh + withArg(...)` + Expect(inspect.OutputToString()).To(ContainSubstring(`[/entrypoint.sh echo hello]`)) + }) + + // If you supply a command and args, + // the default Entrypoint and the default Cmd defined in the Docker image are ignored. + // Your command is run with your args. + It("podman play kube test correct command with both set args and cmd in yaml file", func() { + pod := getPod(withCtr(getCtr(withImage(registry), withCmd([]string{"echo"}), withArg([]string{"hello"})))) err := generateKubeYaml("pod", pod, kubeYaml) Expect(err).To(BeNil()) @@ -849,9 +900,7 @@ var _ = Describe("Podman play kube", func() { inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod), "--format", "'{{ .Config.Cmd }}'"}) inspect.WaitWithDefaultTimeout() Expect(inspect.ExitCode()).To(Equal(0)) - // this image's ENTRYPOINT is called `docker-entrypoint.sh` - // so result should be `docker-entrypoint.sh + withArg(...)` - Expect(inspect.OutputToString()).To(ContainSubstring(`[docker-entrypoint.sh echo hello]`)) + Expect(inspect.OutputToString()).To(ContainSubstring(`[echo hello]`)) }) It("podman play kube test correct output", func() { @@ -1072,7 +1121,7 @@ var _ = Describe("Podman play kube", func() { logs := podmanTest.Podman([]string{"logs", getCtrNameInPod(pod)}) logs.WaitWithDefaultTimeout() Expect(logs.ExitCode()).To(Equal(0)) - Expect(logs.OutputToString()).To(ContainSubstring("Operation not permitted")) + Expect(logs.ErrorToString()).To(ContainSubstring("Operation not permitted")) }) It("podman play kube seccomp pod level", func() { @@ -1099,7 +1148,7 @@ var _ = Describe("Podman play kube", func() { logs := podmanTest.Podman([]string{"logs", getCtrNameInPod(pod)}) logs.WaitWithDefaultTimeout() Expect(logs.ExitCode()).To(Equal(0)) - Expect(logs.OutputToString()).To(ContainSubstring("Operation not permitted")) + Expect(logs.ErrorToString()).To(ContainSubstring("Operation not permitted")) }) It("podman play kube with pull policy of never should be 125", func() { @@ -1240,7 +1289,7 @@ spec: inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(&podNames[0]), "--format", "'{{ .Config.Cmd }}'"}) inspect.WaitWithDefaultTimeout() Expect(inspect.ExitCode()).To(Equal(0)) - // yaml's command shuold override the image's Entrypoint + // yaml's command should override the image's Entrypoint correctCmd := "[" + strings.Join(defaultCtrCmd, " ") + " " + strings.Join(defaultCtrArg, " ") Expect(inspect.OutputToString()).To(ContainSubstring(correctCmd)) }) @@ -1285,7 +1334,7 @@ spec: Expect(inspect.OutputToString()).To(Equal("5000/tcp -> 127.0.0.100:5000")) }) - It("podman play kube test with non-existent empty HostPath type volume", func() { + It("podman play kube test with nonexistent empty HostPath type volume", func() { hostPathLocation := filepath.Join(tempdir, "file") pod := getPod(withVolume(getHostPathVolume(`""`, hostPathLocation))) @@ -1312,7 +1361,7 @@ spec: Expect(kube.ExitCode()).To(Equal(0)) }) - It("podman play kube test with non-existent File HostPath type volume", func() { + It("podman play kube test with nonexistent File HostPath type volume", func() { hostPathLocation := filepath.Join(tempdir, "file") pod := getPod(withVolume(getHostPathVolume("File", hostPathLocation))) @@ -1548,4 +1597,23 @@ MemoryReservation: {{ .HostConfig.MemoryReservation }}`}) Expect(inspect.ExitCode()).To(Equal(0)) Expect(inspect.OutputToString()).To(Equal("false")) }) + + It("podman play kube test with HostNetwork", func() { + if !strings.Contains(podmanTest.OCIRuntime, "crun") { + Skip("Test only works on crun") + } + + pod := getPod(withHostNetwork()) + err := generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"inspect", pod.Name, "--format", "{{ .InfraConfig.HostNetwork }}"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Equal(0)) + Expect(inspect.OutputToString()).To(Equal("true")) + }) }) diff --git a/test/e2e/pod_infra_container_test.go b/test/e2e/pod_infra_container_test.go index 7ec36b2f8..452a3de21 100644 --- a/test/e2e/pod_infra_container_test.go +++ b/test/e2e/pod_infra_container_test.go @@ -225,6 +225,7 @@ var _ = Describe("Podman pod create", func() { }) It("podman pod container can override pod pid NS", func() { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") session := podmanTest.Podman([]string{"pod", "create", "--share", "pid"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) diff --git a/test/e2e/pod_kill_test.go b/test/e2e/pod_kill_test.go index f968f73a6..710147893 100644 --- a/test/e2e/pod_kill_test.go +++ b/test/e2e/pod_kill_test.go @@ -127,6 +127,7 @@ var _ = Describe("Podman pod kill", func() { }) It("podman pod kill all", func() { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") _, ec, podid := podmanTest.CreatePod("") Expect(ec).To(Equal(0)) diff --git a/test/e2e/pod_ps_test.go b/test/e2e/pod_ps_test.go index ea8d10e78..225da785c 100644 --- a/test/e2e/pod_ps_test.go +++ b/test/e2e/pod_ps_test.go @@ -157,6 +157,7 @@ var _ = Describe("Podman ps", func() { }) It("podman pod ps --ctr-names", func() { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") _, ec, podid := podmanTest.CreatePod("") Expect(ec).To(Equal(0)) diff --git a/test/e2e/pod_stats_test.go b/test/e2e/pod_stats_test.go index 41fc59267..a034ec2d1 100644 --- a/test/e2e/pod_stats_test.go +++ b/test/e2e/pod_stats_test.go @@ -17,8 +17,9 @@ var _ = Describe("Podman pod stats", func() { ) BeforeEach(func() { - if os.Geteuid() != 0 { - SkipIfCgroupV2("--cgroup-manager=cgroupfs which doesn't work in rootless mode") + SkipIfRootless("Tests fail with both CGv1/2 + required --cgroup-manager=cgroupfs") + if isContainerized() { + SkipIfCgroupV1("All tests fail Error: unable to load cgroup at ...: cgroup deleted") } tempdir, err = CreateTempDirInTempDir() @@ -176,7 +177,8 @@ var _ = Describe("Podman pod stats", func() { It("podman stats on net=host post", func() { // --net=host not supported for rootless pods at present - SkipIfRootlessCgroupsV1("Pause stats not supported in cgroups v1") + // problem with sysctls being passed to containers of the pod. + SkipIfCgroupV1("Bug: Error: sysctl net.ipv4.ping_group_range is not allowed in the hosts network namespace: OCI runtime error") podName := "testPod" podCreate := podmanTest.Podman([]string{"pod", "create", "--net=host", "--name", podName}) podCreate.WaitWithDefaultTimeout() diff --git a/test/e2e/prune_test.go b/test/e2e/prune_test.go index c02ed5a50..3bc1012df 100644 --- a/test/e2e/prune_test.go +++ b/test/e2e/prune_test.go @@ -349,4 +349,64 @@ var _ = Describe("Podman prune", func() { // all images are unused, so they all should be deleted! Expect(len(images.OutputToStringArray())).To(Equal(len(CACHE_IMAGES))) }) + + It("podman system prune --volumes --filter", func() { + session := podmanTest.Podman([]string{"volume", "create", "--label", "label1=value1", "myvol1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "create", "--label", "sharedlabel1=slv1", "myvol2"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "create", "--label", "sharedlabel1=slv2", "myvol3"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "create", "--label", "sharedlabel1", "myvol4"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"create", "-v", "myvol5:/myvol5", ALPINE, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"create", "-v", "myvol6:/myvol6", ALPINE, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(7)) + + session = podmanTest.Podman([]string{"system", "prune", "--force", "--volumes", "--filter", "label=label1=value1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(6)) + + session = podmanTest.Podman([]string{"system", "prune", "--force", "--volumes", "--filter", "label=sharedlabel1=slv1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(5)) + + session = podmanTest.Podman([]string{"system", "prune", "--force", "--volumes", "--filter", "label=sharedlabel1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(3)) + + podmanTest.Cleanup() + }) }) diff --git a/test/e2e/ps_test.go b/test/e2e/ps_test.go index 05571157c..0c5d817ba 100644 --- a/test/e2e/ps_test.go +++ b/test/e2e/ps_test.go @@ -673,4 +673,55 @@ var _ = Describe("Podman ps", func() { Expect(session.LineInOutputContains("test3")).To(BeTrue()) Expect(session.LineInOutputContains("test4")).To(BeTrue()) }) + It("podman ps filter pod", func() { + pod1 := podmanTest.Podman([]string{"pod", "create", "--name", "pod1"}) + pod1.WaitWithDefaultTimeout() + Expect(pod1.ExitCode()).To(BeZero()) + con1 := podmanTest.Podman([]string{"run", "-dt", "--pod", "pod1", ALPINE, "top"}) + con1.WaitWithDefaultTimeout() + Expect(con1.ExitCode()).To(BeZero()) + + pod2 := podmanTest.Podman([]string{"pod", "create", "--name", "pod2"}) + pod2.WaitWithDefaultTimeout() + Expect(pod2.ExitCode()).To(BeZero()) + con2 := podmanTest.Podman([]string{"run", "-dt", "--pod", "pod2", ALPINE, "top"}) + con2.WaitWithDefaultTimeout() + Expect(con2.ExitCode()).To(BeZero()) + + // bogus pod name or id should not result in error + session := podmanTest.Podman([]string{"ps", "--filter", "pod=1234"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + // filter by pod name + session = podmanTest.Podman([]string{"ps", "-q", "--no-trunc", "--filter", "pod=pod1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + Expect(len(session.OutputToStringArray())).To(Equal(2)) + Expect(StringInSlice(pod1.OutputToString(), session.OutputToStringArray())) + + // filter by full pod id + session = podmanTest.Podman([]string{"ps", "-q", "--no-trunc", "--filter", "pod=" + pod1.OutputToString()}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + Expect(len(session.OutputToStringArray())).To(Equal(2)) + Expect(StringInSlice(pod1.OutputToString(), session.OutputToStringArray())) + + // filter by partial pod id + session = podmanTest.Podman([]string{"ps", "-q", "--no-trunc", "--filter", "pod=" + pod1.OutputToString()[0:12]}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + Expect(len(session.OutputToStringArray())).To(Equal(2)) + Expect(StringInSlice(pod1.OutputToString(), session.OutputToStringArray())) + + // filter by multiple pods is inclusive + session = podmanTest.Podman([]string{"ps", "-q", "--no-trunc", "--filter", "pod=pod1", "--filter", "pod=pod2"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + Expect(len(session.OutputToStringArray())).To(Equal(4)) + Expect(StringInSlice(pod1.OutputToString(), session.OutputToStringArray())) + Expect(StringInSlice(pod2.OutputToString(), session.OutputToStringArray())) + + }) + }) diff --git a/test/e2e/pull_test.go b/test/e2e/pull_test.go index 446e2bd38..7099a2904 100644 --- a/test/e2e/pull_test.go +++ b/test/e2e/pull_test.go @@ -393,8 +393,8 @@ var _ = Describe("Podman pull", func() { Expect(len(session.OutputToStringArray())).To(BeNumerically(">", 4)) }) - It("podman pull from docker with nonexist --authfile", func() { - session := podmanTest.Podman([]string{"pull", "--authfile", "/tmp/nonexist", ALPINE}) + It("podman pull from docker with nonexistent --authfile", func() { + session := podmanTest.Podman([]string{"pull", "--authfile", "/tmp/nonexistent", ALPINE}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Not(Equal(0))) }) @@ -506,7 +506,7 @@ var _ = Describe("Podman pull", func() { session = podmanTest.Podman([]string{"pull", "--platform=linux/arm64", "--override-os", "windows", ALPINE}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(125)) - expectedError = "--platform option can not be specified with --overide-arch or --override-os" + expectedError = "--platform option can not be specified with --override-arch or --override-os" Expect(session.ErrorToString()).To(ContainSubstring(expectedError)) session = podmanTest.Podman([]string{"pull", "-q", "--platform=linux/arm64", ALPINE}) diff --git a/test/e2e/rmi_test.go b/test/e2e/rmi_test.go index c8d77b7c6..1f40e4928 100644 --- a/test/e2e/rmi_test.go +++ b/test/e2e/rmi_test.go @@ -113,7 +113,7 @@ var _ = Describe("Podman rmi", func() { }) It("podman rmi image that is a parent of another image", func() { - Skip("I need help with this one. i dont understand what is going on") + Skip("I need help with this one. i don't understand what is going on") podmanTest.AddImageToRWStore(cirros) session := podmanTest.Podman([]string{"run", "--name", "c_test", cirros, "true"}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/run_ns_test.go b/test/e2e/run_ns_test.go index 5242e04d2..51657cb1e 100644 --- a/test/e2e/run_ns_test.go +++ b/test/e2e/run_ns_test.go @@ -35,6 +35,7 @@ var _ = Describe("Podman run ns", func() { }) It("podman run pidns test", func() { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") session := podmanTest.Podman([]string{"run", fedoraMinimal, "bash", "-c", "echo $$"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -105,6 +106,7 @@ var _ = Describe("Podman run ns", func() { }) It("podman run --ipc=host --pid=host", func() { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") cmd := exec.Command("ls", "-l", "/proc/self/ns/pid") res, err := cmd.Output() Expect(err).To(BeNil()) diff --git a/test/e2e/run_privileged_test.go b/test/e2e/run_privileged_test.go index ab11128ba..48f9ea76e 100644 --- a/test/e2e/run_privileged_test.go +++ b/test/e2e/run_privileged_test.go @@ -16,22 +16,22 @@ import ( // know about at compile time. That is: the kernel may have more caps // available than we are aware of, leading to host=FFF... and ctr=3FF... // because the latter is all we request. Accept that. -func containerCapMatchesHost(ctr_cap string, host_cap string) { +func containerCapMatchesHost(ctrCap string, hostCap string) { if isRootless() { return } - ctr_cap_n, err := strconv.ParseUint(ctr_cap, 16, 64) - Expect(err).NotTo(HaveOccurred(), "Error parsing %q as hex", ctr_cap) + ctrCap_n, err := strconv.ParseUint(ctrCap, 16, 64) + Expect(err).NotTo(HaveOccurred(), "Error parsing %q as hex", ctrCap) - host_cap_n, err := strconv.ParseUint(host_cap, 16, 64) - Expect(err).NotTo(HaveOccurred(), "Error parsing %q as hex", host_cap) + hostCap_n, err := strconv.ParseUint(hostCap, 16, 64) + Expect(err).NotTo(HaveOccurred(), "Error parsing %q as hex", hostCap) // host caps can never be zero (except rootless). // and host caps must always be a superset (inclusive) of container - Expect(host_cap_n).To(BeNumerically(">", 0), "host cap %q should be nonzero", host_cap) - Expect(host_cap_n).To(BeNumerically(">=", ctr_cap_n), "host cap %q should never be less than container cap %q", host_cap, ctr_cap) - host_cap_masked := host_cap_n & (1<<len(capability.List()) - 1) - Expect(ctr_cap_n).To(Equal(host_cap_masked), "container cap %q is not a subset of host cap %q", ctr_cap, host_cap) + Expect(hostCap_n).To(BeNumerically(">", 0), "host cap %q should be nonzero", hostCap) + Expect(hostCap_n).To(BeNumerically(">=", ctrCap_n), "host cap %q should never be less than container cap %q", hostCap, ctrCap) + hostCap_masked := hostCap_n & (1<<len(capability.List()) - 1) + Expect(ctrCap_n).To(Equal(hostCap_masked), "container cap %q is not a subset of host cap %q", ctrCap, hostCap) } var _ = Describe("Podman privileged container tests", func() { @@ -68,26 +68,38 @@ var _ = Describe("Podman privileged container tests", func() { }) It("podman privileged CapEff", func() { - host_cap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) - Expect(host_cap.ExitCode()).To(Equal(0)) + hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) + Expect(hostCap.ExitCode()).To(Equal(0)) session := podmanTest.Podman([]string{"run", "--privileged", "busybox", "awk", "/^CapEff/ { print $2 }", "/proc/self/status"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - containerCapMatchesHost(session.OutputToString(), host_cap.OutputToString()) + containerCapMatchesHost(session.OutputToString(), hostCap.OutputToString()) }) It("podman cap-add CapEff", func() { // Get caps of current process - host_cap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) - Expect(host_cap.ExitCode()).To(Equal(0)) + hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) + Expect(hostCap.ExitCode()).To(Equal(0)) session := podmanTest.Podman([]string{"run", "--cap-add", "all", "busybox", "awk", "/^CapEff/ { print $2 }", "/proc/self/status"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - containerCapMatchesHost(session.OutputToString(), host_cap.OutputToString()) + containerCapMatchesHost(session.OutputToString(), hostCap.OutputToString()) + }) + + It("podman cap-add CapEff with --user", func() { + // Get caps of current process + hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) + Expect(hostCap.ExitCode()).To(Equal(0)) + + session := podmanTest.Podman([]string{"run", "--user=bin", "--cap-add", "all", "busybox", "awk", "/^CapEff/ { print $2 }", "/proc/self/status"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + containerCapMatchesHost(session.OutputToString(), hostCap.OutputToString()) }) It("podman cap-drop CapEff", func() { @@ -98,6 +110,15 @@ var _ = Describe("Podman privileged container tests", func() { Expect("0000000000000000").To(Equal(capEff[1])) }) + It("podman privileged should disable seccomp by default", func() { + hostSeccomp := SystemExec("grep", []string{"-Ei", "^Seccomp:\\s+0$", "/proc/self/status"}) + Expect(hostSeccomp.ExitCode()).To(Equal(0)) + + session := podmanTest.Podman([]string{"run", "--privileged", ALPINE, "grep", "-Ei", "^Seccomp:\\s+0$", "/proc/self/status"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + It("podman non-privileged should have very few devices", func() { session := podmanTest.Podman([]string{"run", "-t", "busybox", "ls", "-l", "/dev"}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/run_selinux_test.go b/test/e2e/run_selinux_test.go index 3294f6d3b..2e9d38e2d 100644 --- a/test/e2e/run_selinux_test.go +++ b/test/e2e/run_selinux_test.go @@ -274,6 +274,7 @@ var _ = Describe("Podman run", func() { }) It("podman test --pid=host", func() { + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") session := podmanTest.Podman([]string{"run", "--pid=host", ALPINE, "cat", "/proc/self/attr/current"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index dbdd6a072..4888a676b 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -493,7 +493,9 @@ USER bin` Skip("Kernel does not support blkio.weight") } } - + if podmanTest.Host.Distribution == "ubuntu" { + Skip("Ubuntu <= 20.10 lacks BFQ scheduler") + } if CGROUPSV2 { // convert linearly from [10-1000] to [1-10000] session := podmanTest.Podman([]string{"run", "--rm", "--blkio-weight=15", ALPINE, "sh", "-c", "cat /sys/fs/cgroup/$(sed -e 's|0::||' < /proc/self/cgroup)/io.bfq.weight"}) @@ -1228,8 +1230,8 @@ USER mail` Expect(session).To(ExitWithError()) }) - It("podman run should fail with nonexist authfile", func() { - session := podmanTest.Podman([]string{"run", "--authfile", "/tmp/nonexist", ALPINE, "ls"}) + It("podman run should fail with nonexistent authfile", func() { + session := podmanTest.Podman([]string{"run", "--authfile", "/tmp/nonexistent", ALPINE, "ls"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Not(Equal(0))) }) diff --git a/test/e2e/runlabel_test.go b/test/e2e/runlabel_test.go index 7c0b8bc9b..10e16ea23 100644 --- a/test/e2e/runlabel_test.go +++ b/test/e2e/runlabel_test.go @@ -114,12 +114,12 @@ var _ = Describe("podman container runlabel", func() { Expect(result.ExitCode()).To(Equal(0)) }) - It("runlabel should fail with nonexist authfile", func() { + It("runlabel should fail with nonexistent authfile", func() { image := "podman-runlabel-test:podman" podmanTest.BuildImage(PodmanDockerfile, image, "false") - // runlabel should fail with nonexist authfile - result := podmanTest.Podman([]string{"container", "runlabel", "--authfile", "/tmp/nonexist", "RUN", image}) + // runlabel should fail with nonexistent authfile + result := podmanTest.Podman([]string{"container", "runlabel", "--authfile", "/tmp/nonexistent", "RUN", image}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Not(Equal(0))) diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index 5c3c69fd4..f809c5afe 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -430,9 +430,9 @@ registries = ['{{.Host}}:{{.Port}}']` resetRegistriesConfigEnv() }) - // search should fail with nonexist authfile - It("podman search fail with nonexist --authfile", func() { - search := podmanTest.Podman([]string{"search", "--authfile", "/tmp/nonexist", ALPINE}) + // search should fail with nonexistent authfile + It("podman search fail with nonexistent --authfile", func() { + search := podmanTest.Podman([]string{"search", "--authfile", "/tmp/nonexistent", ALPINE}) search.WaitWithDefaultTimeout() Expect(search.ExitCode()).To(Not(Equal(0))) }) diff --git a/test/e2e/start_test.go b/test/e2e/start_test.go index 942e00123..a6f22e007 100644 --- a/test/e2e/start_test.go +++ b/test/e2e/start_test.go @@ -49,6 +49,29 @@ var _ = Describe("Podman start", func() { Expect(session.ExitCode()).To(Equal(0)) }) + It("podman start --rm removed on failure", func() { + session := podmanTest.Podman([]string{"create", "--name=test", "--rm", ALPINE, "foo"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + session = podmanTest.Podman([]string{"start", "test"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) + session = podmanTest.Podman([]string{"container", "exists", "test"}) + Expect(session.ExitCode()).To(Not(Equal(0))) + }) + + It("podman start --rm --attach removed on failure", func() { + session := podmanTest.Podman([]string{"create", "--rm", ALPINE, "foo"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + cid := session.OutputToString() + session = podmanTest.Podman([]string{"start", "--attach", cid}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) + session = podmanTest.Podman([]string{"container", "exists", cid}) + Expect(session.ExitCode()).To(Not(Equal(0))) + }) + It("podman container start single container by id", func() { session := podmanTest.Podman([]string{"container", "create", ALPINE, "ls"}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/stats_test.go b/test/e2e/stats_test.go index ab117a2a0..53aa230e9 100644 --- a/test/e2e/stats_test.go +++ b/test/e2e/stats_test.go @@ -140,7 +140,7 @@ var _ = Describe("Podman stats", func() { // Regression test for #8265 It("podman stats with custom memory limits", func() { - // Run thre containers. One with a memory limit. Make sure + // Run three containers. One with a memory limit. Make sure // that the limits are different and the limited one has a // lower limit. ctrNoLimit0 := "no-limit-0" diff --git a/test/e2e/systemd_test.go b/test/e2e/systemd_test.go index 48294943b..49ab3b8ed 100644 --- a/test/e2e/systemd_test.go +++ b/test/e2e/systemd_test.go @@ -13,10 +13,10 @@ import ( var _ = Describe("Podman systemd", func() { var ( - tempdir string - err error - podmanTest *PodmanTestIntegration - systemd_unit_file string + tempdir string + err error + podmanTest *PodmanTestIntegration + systemdUnitFile string ) BeforeEach(func() { @@ -27,7 +27,7 @@ var _ = Describe("Podman systemd", func() { podmanTest = PodmanTestCreate(tempdir) podmanTest.Setup() podmanTest.SeedImages() - systemd_unit_file = `[Unit] + systemdUnitFile = `[Unit] Description=redis container [Service] Restart=always @@ -50,7 +50,7 @@ WantedBy=multi-user.target SkipIfRootless("rootless can not write to /etc") SkipIfContainerized("test does not have systemd as pid 1") - sys_file := ioutil.WriteFile("/etc/systemd/system/redis.service", []byte(systemd_unit_file), 0644) + sys_file := ioutil.WriteFile("/etc/systemd/system/redis.service", []byte(systemdUnitFile), 0644) Expect(sys_file).To(BeNil()) defer func() { stop := SystemExec("bash", []string{"-c", "systemctl stop redis"}) @@ -131,6 +131,21 @@ WantedBy=multi-user.target Expect(conData[0].Config.SystemdMode).To(BeTrue()) }) + It("podman create container with --uidmap and conmon PidFile accessible", func() { + ctrName := "testCtrUidMap" + run := podmanTest.Podman([]string{"run", "-d", "--uidmap=0:1:1000", "--name", ctrName, ALPINE, "top"}) + run.WaitWithDefaultTimeout() + Expect(run.ExitCode()).To(Equal(0)) + + session := podmanTest.Podman([]string{"inspect", "--format", "{{.ConmonPidFile}}", ctrName}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + pidFile := strings.TrimSuffix(session.OutputToString(), "\n") + _, err := ioutil.ReadFile(pidFile) + Expect(err).To(BeNil()) + }) + It("podman create container with systemd=always triggers systemd mode", func() { ctrName := "testCtr" run := podmanTest.Podman([]string{"create", "--name", ctrName, "--systemd", "always", ALPINE}) diff --git a/test/e2e/toolbox_test.go b/test/e2e/toolbox_test.go index 7393b13cb..6de775983 100644 --- a/test/e2e/toolbox_test.go +++ b/test/e2e/toolbox_test.go @@ -121,6 +121,7 @@ var _ = Describe("Toolbox-specific testing", func() { if podmanTest.RemoteTest { Skip("Shm size check does not work with a remote client") } + SkipIfRootlessCgroupsV1("Not supported for rootless + CGroupsV1") var session *PodmanSessionIntegration var cmd *exec.Cmd var hostShmSize, containerShmSize int @@ -239,7 +240,7 @@ var _ = Describe("Toolbox-specific testing", func() { session = podmanTest.Podman([]string{"logs", "test"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) - Expect(session.OutputToString()).To(ContainSubstring(expectedOutput)) + Expect(session.ErrorToString()).To(ContainSubstring(expectedOutput)) }) It("podman create --userns=keep-id + podman exec - adding group with groupadd", func() { diff --git a/test/e2e/tree_test.go b/test/e2e/tree_test.go index 2a7feaacb..9bdc3af9d 100644 --- a/test/e2e/tree_test.go +++ b/test/e2e/tree_test.go @@ -35,7 +35,7 @@ var _ = Describe("Podman image tree", func() { It("podman image tree", func() { SkipIfRemote("Does not work on remote client") - Skip("dont understand why this fails") + Skip("don't understand why this fails") podmanTest.AddImageToRWStore(cirros) dockerfile := `FROM quay.io/libpod/cirros:latest RUN mkdir hello diff --git a/test/e2e/volume_create_test.go b/test/e2e/volume_create_test.go index 8c44e57e4..544532ee0 100644 --- a/test/e2e/volume_create_test.go +++ b/test/e2e/volume_create_test.go @@ -82,5 +82,13 @@ var _ = Describe("Podman volume create", func() { inspectGID.WaitWithDefaultTimeout() Expect(inspectGID.ExitCode()).To(Equal(0)) Expect(inspectGID.OutputToString()).To(Equal(gid)) + + // options should containt `uid=3000,gid=4000:3000:4000` + optionFormat := `{{ .Options.o }}:{{ .Options.UID }}:{{ .Options.GID }}` + optionStrFormatExpect := fmt.Sprintf(`uid=%s,gid=%s:%s:%s`, uid, gid, uid, gid) + inspectOpts := podmanTest.Podman([]string{"volume", "inspect", "--format", optionFormat, volName}) + inspectOpts.WaitWithDefaultTimeout() + Expect(inspectOpts.ExitCode()).To(Equal(0)) + Expect(inspectOpts.OutputToString()).To(Equal(optionStrFormatExpect)) }) }) diff --git a/test/e2e/volume_prune_test.go b/test/e2e/volume_prune_test.go index c8521ebe7..a910c47a7 100644 --- a/test/e2e/volume_prune_test.go +++ b/test/e2e/volume_prune_test.go @@ -62,6 +62,66 @@ var _ = Describe("Podman volume prune", func() { podmanTest.Cleanup() }) + It("podman prune volume --filter", func() { + session := podmanTest.Podman([]string{"volume", "create", "--label", "label1=value1", "myvol1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "create", "--label", "sharedlabel1=slv1", "myvol2"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "create", "--label", "sharedlabel1=slv2", "myvol3"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "create", "--label", "sharedlabel1", "myvol4"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"create", "-v", "myvol5:/myvol5", ALPINE, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"create", "-v", "myvol6:/myvol6", ALPINE, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(7)) + + session = podmanTest.Podman([]string{"volume", "prune", "--force", "--filter", "label=label1=value1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(6)) + + session = podmanTest.Podman([]string{"volume", "prune", "--force", "--filter", "label=sharedlabel1=slv1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(5)) + + session = podmanTest.Podman([]string{"volume", "prune", "--force", "--filter", "label=sharedlabel1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"volume", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(3)) + + podmanTest.Cleanup() + }) + It("podman system prune --volume", func() { session := podmanTest.Podman([]string{"volume", "create"}) session.WaitWithDefaultTimeout() |