diff options
Diffstat (limited to 'test/system')
| -rw-r--r-- | test/system/010-images.bats | 15 | ||||
| -rw-r--r-- | test/system/045-start.bats | 11 | ||||
| -rw-r--r-- | test/system/070-build.bats | 49 | ||||
| -rw-r--r-- | test/system/255-auto-update.bats | 2 | ||||
| -rw-r--r-- | test/system/410-selinux.bats | 5 | ||||
| -rw-r--r-- | test/system/450-interactive.bats | 13 | ||||
| -rw-r--r-- | test/system/500-networking.bats | 14 | ||||
| -rwxr-xr-x | test/system/build-testimage | 65 | ||||
| -rw-r--r-- | test/system/helpers.bash | 9 |
9 files changed, 140 insertions, 43 deletions
diff --git a/test/system/010-images.bats b/test/system/010-images.bats index 2d7ac1e0c..649987dfd 100644 --- a/test/system/010-images.bats +++ b/test/system/010-images.bats @@ -19,21 +19,22 @@ load helpers @test "podman images - custom formats" { tests=" ---format {{.ID}} | [0-9a-f]\\\{12\\\} ---format {{.ID}} --no-trunc | sha256:[0-9a-f]\\\{64\\\} ---format {{.Repository}}:{{.Tag}} | $PODMAN_TEST_IMAGE_FQN ---format {{.Labels.created_by}} | test/system/build-testimage ---format {{.Labels.created_at}} | 20[0-9-]\\\+T[0-9:]\\\+Z +{{.ID}} | [0-9a-f]\\\{12\\\} +{{.ID| upper}} | [0-9A-F]\\\{12\\\} +{{.Repository}}:{{.Tag}} | $PODMAN_TEST_IMAGE_FQN +{{.Labels.created_by}} | test/system/build-testimage +{{.Labels.created_at}} | 20[0-9-]\\\+T[0-9:]\\\+Z " parse_table "$tests" | while read fmt expect; do - run_podman images $fmt + run_podman images --format "$fmt" is "$output" "$expect\$" "podman images $fmt" done + run_podman images --format "{{.ID}}" --no-trunc + is "$output" "sha256:[0-9a-f]\\{64\\}\$" "podman images --no-trunc" } - @test "podman images - json" { # 'created': podman includes fractional seconds, podman-remote does not tests=" diff --git a/test/system/045-start.bats b/test/system/045-start.bats index 3e0118dba..7e4bbde8d 100644 --- a/test/system/045-start.bats +++ b/test/system/045-start.bats @@ -59,4 +59,15 @@ load helpers is "$output" "Error: fakepolicy invalid restart policy" } +@test "podman start --all --filter" { + run_podman run -d $IMAGE /bin/true + cid_exited_0="$output" + run_podman run -d $IMAGE /bin/false + cid_exited_1="$output" + + run_podman wait $cid_exited_0 $cid_exited_1 + run_podman start --all --filter exited=0 + is "$output" "$cid_exited_0" +} + # vim: filetype=sh diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 0f3f3fa7f..6843e28a5 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -29,6 +29,29 @@ EOF run_podman rmi -f build_test } +@test "podman build test -f -" { + rand_filename=$(random_string 20) + rand_content=$(random_string 50) + + tmpdir=$PODMAN_TMPDIR/build-test + mkdir -p $tmpdir + containerfile=$PODMAN_TMPDIR/Containerfile + cat >$containerfile <<EOF +FROM $IMAGE +RUN apk add nginx +RUN echo $rand_content > /$rand_filename +EOF + + # The 'apk' command can take a long time to fetch files; bump timeout + PODMAN_TIMEOUT=240 run_podman build -t build_test -f - --format=docker $tmpdir < $containerfile + is "$output" ".*STEP 4: COMMIT" "COMMIT seen in log" + + run_podman run --rm build_test cat /$rand_filename + is "$output" "$rand_content" "reading generated file in image" + + run_podman rmi -f build_test +} + @test "podman build - global runtime flags test" { skip_if_remote "--runtime-flag flag not supported for remote" @@ -794,6 +817,32 @@ EOF run_podman rmi -f build_test } +@test "podman build -f test " { + tmpdir=$PODMAN_TMPDIR/build-test + subdir=$tmpdir/subdir + mkdir -p $subdir + + containerfile1=$tmpdir/Containerfile1 + cat >$containerfile1 <<EOF +FROM scratch +copy . /tmp +EOF + containerfile2=$PODMAN_TMPDIR/Containerfile2 + cat >$containerfile2 <<EOF +FROM $IMAGE +EOF + run_podman build -t build_test -f Containerfile1 $tmpdir + run_podman 125 build -t build_test -f Containerfile2 $tmpdir + is "$output" ".*Containerfile2: no such file or directory" "Containerfile2 should not exist" + run_podman build -t build_test -f $containerfile1 $tmpdir + run_podman build -t build_test -f $containerfile2 $tmpdir + run_podman build -t build_test -f $containerfile1 + run_podman build -t build_test -f $containerfile2 + run_podman build -t build_test -f $containerfile1 -f $containerfile2 $tmpdir + is "$output" ".*$IMAGE" "Containerfile2 is also passed to server" + run_podman rmi -f build_test +} + function teardown() { # A timeout or other error in 'build' can leave behind stale images # that podman can't even see and which will cascade into subsequent diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index 9bfb44791..3713243d5 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -194,7 +194,7 @@ function _confirm_update() { run_podman 125 auto-update update_log=$output is "$update_log" ".*invalid auto-update policy.*" "invalid policy setup" - is "$update_log" ".*1 error occurred.*" "invalid policy setup" + is "$update_log" ".*Error: invalid auto-update policy.*" "invalid policy setup" local n_updated=$(grep -c 'Trying to pull' <<<"$update_log") is "$n_updated" "2" "Number of images updated from registry." diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats index f8cee0e59..4ef9c8b30 100644 --- a/test/system/410-selinux.bats +++ b/test/system/410-selinux.bats @@ -183,7 +183,10 @@ function check_label() { # runc and crun emit different diagnostics runtime=$(podman_runtime) case "$runtime" in - crun) expect="\`/proc/thread-self/attr/exec\`: OCI runtime error: unable to assign security attribute" ;; + # crun 0.20.1 changes the error message + # from /proc/thread-self/attr/exec`: .* unable to assign + # to /proc/self/attr/keycreate`: .* unable to process + crun) expect="\`/proc/.*\`: OCI runtime error: unable to \(assign\|process\) security attribute" ;; runc) expect="OCI runtime error: .*: failed to set /proc/self/attr/keycreate on procfs" ;; *) skip "Unknown runtime '$runtime'";; esac diff --git a/test/system/450-interactive.bats b/test/system/450-interactive.bats index a2db39492..47bdff9ab 100644 --- a/test/system/450-interactive.bats +++ b/test/system/450-interactive.bats @@ -57,7 +57,18 @@ function teardown() { # ...and make sure stty under podman reads that. run_podman run -it --name mystty $IMAGE stty size <$PODMAN_TEST_PTY - is "$output" "$rows $cols" "stty under podman reads the correct dimensions" + is "$output" "$rows $cols" "stty under podman run reads the correct dimensions" + + run_podman rm -f mystty + + # FIXME: the checks below are flaking a lot (see #10710). + + # check that the same works for podman exec +# run_podman run -d --name mystty $IMAGE top +# run_podman exec -it mystty stty size <$PODMAN_TEST_PTY +# is "$output" "$rows $cols" "stty under podman exec reads the correct dimensions" +# +# run_podman rm -f mystty } diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index 55ec80bb2..d55a786f7 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -162,23 +162,25 @@ load helpers done } -@test "podman run with slirp4ns assigns correct gateway address to host.containers.internal" { +@test "podman run with slirp4ns assigns correct addresses to /etc/hosts" { CIDR="$(random_rfc1918_subnet)" - run_podman run --network slirp4netns:cidr="${CIDR}.0/24" \ - $IMAGE grep 'host.containers.internal' /etc/hosts - is "$output" "${CIDR}.2 host.containers.internal" "host.containers.internal should be the cidr+2 address" + local conname=con-$(random_string 10) + run_podman run --rm --network slirp4netns:cidr="${CIDR}.0/24" \ + --name $conname --hostname $conname $IMAGE cat /etc/hosts + is "$output" ".*${CIDR}.2 host.containers.internal" "host.containers.internal should be the cidr+2 address" + is "$output" ".*${CIDR}.100 $conname $conname" "$conname should be the cidr+100 address" } @test "podman run with slirp4ns adds correct dns address to resolv.conf" { CIDR="$(random_rfc1918_subnet)" - run_podman run --network slirp4netns:cidr="${CIDR}.0/24" \ + run_podman run --rm --network slirp4netns:cidr="${CIDR}.0/24" \ $IMAGE grep "${CIDR}" /etc/resolv.conf is "$output" "nameserver ${CIDR}.3" "resolv.conf should have slirp4netns cidr+3 as a nameserver" } @test "podman run with slirp4ns assigns correct ip address container" { CIDR="$(random_rfc1918_subnet)" - run_podman run --network slirp4netns:cidr="${CIDR}.0/24" \ + run_podman run --rm --network slirp4netns:cidr="${CIDR}.0/24" \ $IMAGE sh -c "ip address | grep ${CIDR}" is "$output" ".*inet ${CIDR}.100/24 \+" "container should have slirp4netns cidr+100 assigned to interface" } diff --git a/test/system/build-testimage b/test/system/build-testimage index 3e5b982ce..eb5849b5e 100755 --- a/test/system/build-testimage +++ b/test/system/build-testimage @@ -61,8 +61,8 @@ chmod 755 pause # - check for updates @ https://hub.docker.com/_/alpine # busybox-extras provides httpd needed in 500-networking.bats cat >Containerfile <<EOF -ARG ARCH=please-override-arch -FROM docker.io/\${ARCH}/alpine:3.12.0 +ARG REPO=please-override-repo +FROM docker.io/\${REPO}/alpine:3.13.5 RUN apk add busybox-extras ADD testimage-id pause /home/podman/ LABEL created_by=$create_script @@ -74,17 +74,46 @@ EOF # --squash-all : needed by 'tree' test in 070-build.bats podman rmi -f testimage &> /dev/null || true +# There should always be a testimage tagged ':0000000<X>' (eight digits, +# zero-padded sequence ID) in the same location; this is used by tests +# which need to pull a non-locally-cached image. This image will rarely +# if ever need to change, nor in fact does it even have to be a copy of +# this testimage since all we use it for is 'true'. +# However, it does need to be multiarch :-( +zerotag_latest=$(skopeo list-tags docker://quay.io/libpod/testimage |\ + jq -r '.Tags[]' |\ + sort --version-sort |\ + grep '^000' |\ + tail -n 1) +zerotag_next=$(printf "%08d" $((zerotag_latest + 1))) + +# We don't always need to push the :00xx image, but build it anyway. +zeroimg=quay.io/libpod/testimage:${zerotag_next} +buildah manifest create $zeroimg + # We need to use buildah because (as of 2021-02-23) only buildah has --manifest # and because Dan says arch emulation is not currently working on podman # (no further details). # Arch emulation on Fedora requires the qemu-user-static package. -for arch in amd64 arm64v8 ppc64le s390x;do +for arch in amd64 arm64 ppc64le s390x;do + # docker.io repo is usually the same name as the desired arch; except + # for arm64, where podman needs to have the arch be 'arm64' but the + # image lives in 'arm64v8'. + repo=$arch + if [[ $repo = "arm64" ]]; then + repo="${repo}v8" + fi + ${BUILDAH} bud \ --arch=$arch \ - --build-arg ARCH=$arch \ + --build-arg REPO=$repo \ --manifest=testimage \ --squash \ . + + # The zero-tag image + ${BUILDAH} pull --arch $arch docker.io/$repo/busybox:1.33.1 + ${BUILDAH} manifest add $zeroimg docker.io/$repo/busybox:1.33.1 done # Clean up @@ -94,23 +123,13 @@ rm -rf $tmpdir # Tag image and push (all arches) to quay. remote_tag=quay.io/libpod/testimage:$YMD podman tag testimage ${remote_tag} -${BUILDAH} manifest push --all ${remote_tag} docker://${remote_tag} +cat <<EOF -# Side note: there should always be a testimage tagged ':0000000<X>' -# (eight digits, zero-padded sequence ID) in the same location; this is -# used by tests which need to pull a non-locally-cached image. This -# image will rarely if ever need to change, nor in fact does it even -# have to be a copy of this testimage since all we use it for is 'true'. -# However, it does need to be multiarch :-( -# -# As of 2021-02-24 it is simply busybox, because it is super small, -# but it's complicated because of multiarch: -# -# img=quay.io/libpod/testimage:0000000<current+1> -# buildah manifest create $img -# for arch in amd64 arm64v8 ppc64le s390x;do -# buildah pull --arch $arch docker.io/$arch/busybox:1.32.0 -# buildah manifest add $img docker.io/$arch/busybox:1.32.0 -# done -# buildah manifest push --all $img docker://$img -# +If you're happy with these images, run: + + ${BUILDAH} manifest push --all ${remote_tag} docker://${remote_tag} + ${BUILDAH} manifest push --all ${zeroimg} docker://${zeroimg} + +(You do not always need to push the :0000 image) + +EOF diff --git a/test/system/helpers.bash b/test/system/helpers.bash index e0c208f57..1859a2168 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -7,14 +7,15 @@ PODMAN=${PODMAN:-podman} PODMAN_TEST_IMAGE_REGISTRY=${PODMAN_TEST_IMAGE_REGISTRY:-"quay.io"} PODMAN_TEST_IMAGE_USER=${PODMAN_TEST_IMAGE_USER:-"libpod"} PODMAN_TEST_IMAGE_NAME=${PODMAN_TEST_IMAGE_NAME:-"testimage"} -PODMAN_TEST_IMAGE_TAG=${PODMAN_TEST_IMAGE_TAG:-"20210427"} +PODMAN_TEST_IMAGE_TAG=${PODMAN_TEST_IMAGE_TAG:-"20210610"} PODMAN_TEST_IMAGE_FQN="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$PODMAN_TEST_IMAGE_NAME:$PODMAN_TEST_IMAGE_TAG" PODMAN_TEST_IMAGE_ID= # Remote image that we *DO NOT* fetch or keep by default; used for testing pull -# This changed from 0 to 1 on 2021-02-24 due to multiarch considerations; it -# should change only very rarely. -PODMAN_NONLOCAL_IMAGE_FQN="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$PODMAN_TEST_IMAGE_NAME:00000002" +# This has changed in 2021, from 0 through 3, various iterations of getting +# multiarch to work. It should change only very rarely. +PODMAN_NONLOCAL_IMAGE_TAG=${PODMAN_NONLOCAL_IMAGE_TAG:-"00000003"} +PODMAN_NONLOCAL_IMAGE_FQN="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$PODMAN_TEST_IMAGE_NAME:$PODMAN_NONLOCAL_IMAGE_TAG" # Because who wants to spell that out each time? IMAGE=$PODMAN_TEST_IMAGE_FQN |