diff options
Diffstat (limited to 'test/system')
| -rw-r--r-- | test/system/001-basic.bats | 7 | ||||
| -rw-r--r-- | test/system/015-help.bats | 10 | ||||
| -rw-r--r-- | test/system/030-run.bats | 29 | ||||
| -rw-r--r-- | test/system/032-sig-proxy.bats | 43 | ||||
| -rw-r--r-- | test/system/035-logs.bats | 23 | ||||
| -rw-r--r-- | test/system/045-start.bats | 2 | ||||
| -rw-r--r-- | test/system/065-cp.bats | 4 | ||||
| -rw-r--r-- | test/system/070-build.bats | 8 | ||||
| -rw-r--r-- | test/system/075-exec.bats | 2 | ||||
| -rw-r--r-- | test/system/160-volumes.bats | 4 | ||||
| -rw-r--r-- | test/system/200-pod.bats | 4 | ||||
| -rw-r--r-- | test/system/260-sdnotify.bats | 3 | ||||
| -rw-r--r-- | test/system/272-system-connection.bats | 22 | ||||
| -rw-r--r-- | test/system/400-unprivileged-access.bats | 4 | ||||
| -rw-r--r-- | test/system/410-selinux.bats | 3 | ||||
| -rw-r--r-- | test/system/420-cgroups.bats | 5 | ||||
| -rw-r--r-- | test/system/610-format.bats | 65 |
17 files changed, 176 insertions, 62 deletions
diff --git a/test/system/001-basic.bats b/test/system/001-basic.bats index 378edc013..ba6bde4df 100644 --- a/test/system/001-basic.bats +++ b/test/system/001-basic.bats @@ -56,14 +56,17 @@ function setup() { @test "podman --context emits reasonable output" { + if ! is_remote; then + skip "only applicable on podman-remote" + fi # All we care about here is that the command passes run_podman --context=default version # This one must fail run_podman 125 --context=swarm version is "$output" \ - "Error: podman does not support swarm, the only --context value allowed is \"default\"" \ - "--context=default or fail" + "Error: failed to resolve active destination: \"swarm\" service destination not found" \ + "--context=swarm should fail" } @test "podman can pull an image" { diff --git a/test/system/015-help.bats b/test/system/015-help.bats index dd5a7ed44..927645f29 100644 --- a/test/system/015-help.bats +++ b/test/system/015-help.bats @@ -121,7 +121,7 @@ function check_help() { # Exceptions: these commands don't work rootless if is_rootless; then # "pause is not supported for rootless containers" - if [ "$cmd" = "pause" -o "$cmd" = "unpause" ]; then + if [[ "$cmd" = "pause" ]] || [[ "$cmd" = "unpause" ]]; then continue fi # "network rm" too @@ -162,17 +162,17 @@ function check_help() { # Any command that takes subcommands, prints its help and errors if called # without one. - dprint "podman $@" + dprint "podman $*" run_podman '?' "$@" is "$status" 125 "'podman $*' without any subcommand - exit status" - is "$output" ".*Usage:.*Error: missing command '.*$@ COMMAND'" \ + is "$output" ".*Usage:.*Error: missing command '.*$* COMMAND'" \ "'podman $*' without any subcommand - expected error message" # Assume that 'NoSuchCommand' is not a command - dprint "podman $@ NoSuchCommand" + dprint "podman $* NoSuchCommand" run_podman '?' "$@" NoSuchCommand is "$status" 125 "'podman $* NoSuchCommand' - exit status" - is "$output" "Error: unrecognized command .*$@ NoSuchCommand" \ + is "$output" "Error: unrecognized command .*$* NoSuchCommand" \ "'podman $* NoSuchCommand' - expected error message" # This can happen if the output of --help changes, such as between diff --git a/test/system/030-run.bats b/test/system/030-run.bats index b1ce91d14..65a1150a3 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -3,7 +3,6 @@ load helpers @test "podman run - basic tests" { - skip_if_aarch64 "FIXME: #15074 - fails on aarch64" rand=$(random_string 30) err_no_such_cmd="Error:.*/no/such/command.*[Nn]o such file or directory" @@ -892,4 +891,32 @@ $IMAGE--c_ok" \ run_podman container rm -f -t 0 c_ok c_fail_no_rm } +@test "podman run --attach stdin prints container ID" { + ctr_name="container-$(random_string 5)" + run_podman run --name $ctr_name --attach stdin $IMAGE echo hello + run_output=$output + run_podman inspect --format "{{.Id}}" $ctr_name + ctr_id=$output + is "$run_output" "$ctr_id" "Did not find container ID in the output" + run_podman rm $ctr_name +} + +@test "podman run --privileged as root with systemd will not mount /dev/tty" { + skip_if_rootless "this test only makes sense as root" + + ctr_name="container-$(random_string 5)" + run_podman run --rm -d --privileged --systemd=always --name "$ctr_name" "$IMAGE" /home/podman/pause + + TTYs=$(ls /dev/tty*|sed '/^\/dev\/tty$/d') + + if [[ $TTYs = "" ]]; then + die "Did not find any /dev/ttyN devices on local host" + else + run_podman exec "$ctr_name" ls /dev/ + assert "$(grep tty <<<$output)" = "tty" "There must be no /dev/ttyN devices in the container" + fi + + run_podman stop "$ctr_name" +} + # vim: filetype=sh diff --git a/test/system/032-sig-proxy.bats b/test/system/032-sig-proxy.bats new file mode 100644 index 000000000..686df0e1b --- /dev/null +++ b/test/system/032-sig-proxy.bats @@ -0,0 +1,43 @@ +#!/usr/bin/env bats + +load helpers + +@test "podman sigkill" { + $PODMAN run -i --name foo $IMAGE sh -c 'trap "echo BYE;exit 0" INT;echo READY;while :;do sleep 0.1;done' & + local kidpid=$! + + # Wait for container to appear + local timeout=5 + while :;do + sleep 0.5 + run_podman '?' container exists foo + if [[ $status -eq 0 ]]; then + break + fi + timeout=$((timeout - 1)) + if [[ $timeout -eq 0 ]]; then + die "Timed out waiting for container to start" + fi + done + + wait_for_ready foo + + # Signal, and wait for container to exit + kill -INT $kidpid + local timeout=5 + while :;do + sleep 0.5 + run_podman logs foo + if [[ "$output" =~ BYE ]]; then + break + fi + timeout=$((timeout - 1)) + if [[ $timeout -eq 0 ]]; then + die "Timed out waiting for BYE from container" + fi + done + + run_podman rm -f -t0 foo +} + +# vim: filetype=sh diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats index 6b8d5fbc5..6e84e10fc 100644 --- a/test/system/035-logs.bats +++ b/test/system/035-logs.bats @@ -36,13 +36,28 @@ function _log_test_tail() { run_podman run -d --log-driver=$driver $IMAGE sh -c "echo test1; echo test2" cid="$output" - run_podman logs --tail 1 $cid - is "$output" "test2" "logs should only show last line" + run_podman wait $cid + run_podman logs --tail 1 --timestamps $cid + log1="$output" + assert "$log1" =~ "^[0-9-]+T[0-9:.]+([\+-][0-9:]+|Z) test2" \ + "logs should only show last line" + + # Sigh. I hate doing this, but podman-remote --timestamp only has 1-second + # resolution (regular podman has sub-second). For the timestamps-differ + # check below, we need to force a different second. + if is_remote; then + sleep 2 + fi run_podman restart $cid + run_podman wait $cid + + run_podman logs -t --tail 1 $cid + log2="$output" + assert "$log2" =~ "^[0-9-]+T[0-9:.]+([\+-][0-9:]+|Z) test2" \ + "logs, after restart, shows only last line" - run_podman logs --tail 1 $cid - is "$output" "test2" "logs should only show last line after restart" + assert "$log2" != "$log1" "log timestamps should differ" run_podman rm $cid } diff --git a/test/system/045-start.bats b/test/system/045-start.bats index d19171ec3..773a0acd2 100644 --- a/test/system/045-start.bats +++ b/test/system/045-start.bats @@ -40,6 +40,8 @@ load helpers @test "podman start --filter - start only containers that match the filter" { run_podman run -d $IMAGE /bin/true cid="$output" + run_podman wait $cid + run_podman start --filter restart-policy=always $cid is "$output" "" "CID of restart-policy=always container" diff --git a/test/system/065-cp.bats b/test/system/065-cp.bats index 8f5abd228..c8ad8468c 100644 --- a/test/system/065-cp.bats +++ b/test/system/065-cp.bats @@ -436,7 +436,7 @@ load helpers run_podman cp cpcontainer:$src $destdir$dest is "$(< $destdir$dest_fullname/containerfile0)" "${randomcontent[0]}" "$description" is "$(< $destdir$dest_fullname/containerfile1)" "${randomcontent[1]}" "$description" - rm -rf $destdir/* + rm -rf ${destdir:?}/* done < <(parse_table "$tests") run_podman kill cpcontainer run_podman rm -t 0 -f cpcontainer @@ -456,7 +456,7 @@ load helpers run_podman cp cpcontainer:$src $destdir$dest is "$(< $destdir$dest_fullname/containerfile0)" "${randomcontent[0]}" "$description" is "$(< $destdir$dest_fullname/containerfile1)" "${randomcontent[1]}" "$description" - rm -rf $destdir/* + rm -rf ${destdir:?}/* done < <(parse_table "$tests") touch $destdir/testfile diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 9fddbaa21..b392fd8e9 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -246,7 +246,7 @@ EOF # Now test COPY. That should fail. sed -i -e 's/ADD/COPY/' $tmpdir/Dockerfile run_podman 125 build -t copy_url $tmpdir - is "$output" ".*error building at STEP .*: source can't be a URL for COPY" + is "$output" ".* building at STEP .*: source can't be a URL for COPY" } @@ -541,7 +541,7 @@ Labels.$label_name | $label_value this-file-does-not-match-anything-in-ignore-file comment ) - for f in ${files[@]}; do + for f in "${files[@]}"; do # The magic '##-' strips off the '-' prefix echo "$f" > $tmpdir/${f##-} done @@ -853,7 +853,7 @@ EOF run_podman 125 build -t build_test --pull-never $tmpdir is "$output" \ - ".*Error: error creating build container: quay.io/libpod/nosuchimage:nosuchtag: image not known" \ + ".*Error: creating build container: quay.io/libpod/nosuchimage:nosuchtag: image not known" \ "--pull-never fails with expected error message" } @@ -988,7 +988,7 @@ COPY ./ ./ COPY subdir ./ EOF run_podman 125 build -t build_test $tmpdir - is "$output" ".*Error: error building at STEP \"COPY subdir ./\"" ".dockerignore was ignored" + is "$output" ".*Error: building at STEP \"COPY subdir ./\"" ".dockerignore was ignored" } @test "podman build .containerignore and .dockerignore test" { diff --git a/test/system/075-exec.bats b/test/system/075-exec.bats index 7dd43c2c3..0a6048b7e 100644 --- a/test/system/075-exec.bats +++ b/test/system/075-exec.bats @@ -6,8 +6,6 @@ load helpers @test "podman exec - basic test" { - skip_if_aarch64 "FIXME: #15074 - fails on aarch64" - rand_filename=$(random_string 20) rand_content=$(random_string 50) diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats index 6829c6a78..08baaf468 100644 --- a/test/system/160-volumes.bats +++ b/test/system/160-volumes.bats @@ -315,11 +315,11 @@ EOF # List available volumes for pruning after using 1,2,3 run_podman volume prune <<< N - is "$(echo $(sort <<<${lines[@]:1:3}))" "${v[4]} ${v[5]} ${v[6]}" "volume prune, with 1,2,3 in use, lists 4,5,6" + is "$(echo $(sort <<<${lines[*]:1:3}))" "${v[4]} ${v[5]} ${v[6]}" "volume prune, with 1,2,3 in use, lists 4,5,6" # List available volumes for pruning after using 1,2,3 and filtering; see #8913 run_podman volume prune --filter label=mylabel <<< N - is "$(echo $(sort <<<${lines[@]:1:2}))" "${v[5]} ${v[6]}" "volume prune, with 1,2,3 in use and 4 filtered out, lists 5,6" + is "$(echo $(sort <<<${lines[*]:1:2}))" "${v[5]} ${v[6]}" "volume prune, with 1,2,3 in use and 4 filtered out, lists 5,6" # prune should remove v4 run_podman volume prune --force diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats index 9bbd56fef..8ece6e476 100644 --- a/test/system/200-pod.bats +++ b/test/system/200-pod.bats @@ -221,7 +221,7 @@ EOF --add-host "$add_host_n:$add_host_ip" \ --dns "$dns_server" \ --dns-search "$dns_search" \ - --dns-opt "$dns_opt" \ + --dns-option "$dns_opt" \ --publish "$port_out:$port_in" \ --label "${labelname}=${labelvalue}" \ --infra-image "$infra_image" \ @@ -262,7 +262,7 @@ EOF run_podman run --rm --pod mypod $IMAGE cat /etc/resolv.conf is "$output" ".*nameserver $dns_server" "--dns [server] was added" is "$output" ".*search $dns_search" "--dns-search was added" - is "$output" ".*options $dns_opt" "--dns-opt was added" + is "$output" ".*options $dns_opt" "--dns-option was added" # pod inspect run_podman pod inspect --format '{{.Name}}: {{.ID}} : {{.NumContainers}} : {{.Labels}}' mypod diff --git a/test/system/260-sdnotify.bats b/test/system/260-sdnotify.bats index 6c3ef7f3f..c4724d605 100644 --- a/test/system/260-sdnotify.bats +++ b/test/system/260-sdnotify.bats @@ -142,7 +142,6 @@ READY=1" "sdnotify sent MAINPID and READY" # These tests can fail in dev. environment because of SELinux. # quick fix: chcon -t container_runtime_exec_t ./bin/podman @test "sdnotify : container" { - skip_if_aarch64 "FIXME: #15277 sdnotify doesn't work on aarch64" # Sigh... we need to pull a humongous image because it has systemd-notify. # (IMPORTANT: fedora:32 and above silently removed systemd-notify; this # caused CI to hang. That's why we explicitly require fedora:31) @@ -248,8 +247,6 @@ READY=1" "sdnotify sent MAINPID and READY" } @test "sdnotify : play kube - with policies" { - skip_if_aarch64 "FIXME: #15277 sdnotify doesn't work on aarch64" - # Sigh... we need to pull a humongous image because it has systemd-notify. # (IMPORTANT: fedora:32 and above silently removed systemd-notify; this # caused CI to hang. That's why we explicitly require fedora:31) diff --git a/test/system/272-system-connection.bats b/test/system/272-system-connection.bats index e937a7273..402e69736 100644 --- a/test/system/272-system-connection.bats +++ b/test/system/272-system-connection.bats @@ -56,8 +56,22 @@ function _run_podman_remote() { c1="c1_$(random_string 15)" c2="c2_$(random_string 15)" - run_podman system connection add $c1 tcp://localhost:12345 - run_podman system connection add --default $c2 tcp://localhost:54321 + run_podman system connection add $c1 tcp://localhost:12345 + run_podman context create --docker "host=tcp://localhost:54321" $c2 + run_podman system connection ls + is "$output" \ + ".*$c1[ ]\+tcp://localhost:12345[ ]\+true +$c2[ ]\+tcp://localhost:54321[ ]\+false" \ + "system connection ls" + run_podman system connection ls -q + is "$(echo $(sort <<<$output))" \ + "$c1 $c2" \ + "system connection ls -q should show two names" + run_podman context ls -q + is "$(echo $(sort <<<$output))" \ + "$c1 $c2" \ + "context ls -q should show two names" + run_podman context use $c2 run_podman system connection ls is "$output" \ ".*$c1[ ]\+tcp://localhost:12345[ ]\+false @@ -66,11 +80,11 @@ $c2[ ]\+tcp://localhost:54321[ ]\+true" \ # Remove default connection; the remaining one should still not be default run_podman system connection rm $c2 - run_podman system connection ls + run_podman context ls is "$output" ".*$c1[ ]\+tcp://localhost:12345[ ]\+false" \ "system connection ls (after removing default connection)" - run_podman system connection rm $c1 + run_podman context rm $c1 } # Test tcp socket; requires starting a local server diff --git a/test/system/400-unprivileged-access.bats b/test/system/400-unprivileged-access.bats index 0d6be2d60..d70c95973 100644 --- a/test/system/400-unprivileged-access.bats +++ b/test/system/400-unprivileged-access.bats @@ -119,7 +119,7 @@ EOF # Some of the above may not exist on our host. Find only the ones that do. local -a subset=() - for mp in ${mps[@]}; do + for mp in "${mps[@]}"; do if [ -e $mp ]; then subset+=($mp) fi @@ -128,7 +128,7 @@ EOF # Run 'stat' on all the files, plus /dev/null. Get path, file type, # number of links, major, and minor (see below for why). Do it all # in one go, to avoid multiple podman-runs - run_podman '?' run --rm $IMAGE stat -c'%n:%F:%h:%T:%t' /dev/null ${subset[@]} + run_podman '?' run --rm $IMAGE stat -c'%n:%F:%h:%T:%t' /dev/null "${subset[@]}" assert $status -le 1 "stat exit status: expected 0 or 1" local devnull= diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats index cc86f282a..52c428884 100644 --- a/test/system/410-selinux.bats +++ b/test/system/410-selinux.bats @@ -39,12 +39,10 @@ function check_label() { } @test "podman selinux: container with label=disable" { - skip_if_aarch64 "FIXME: #15074 - fails on aarch64" check_label "--security-opt label=disable" "spc_t" } @test "podman selinux: privileged container" { - skip_if_aarch64 "FIXME: #15074 - fails on aarch64" check_label "--privileged --userns=host" "spc_t" } @@ -65,7 +63,6 @@ function check_label() { } @test "podman selinux: pid=host" { - skip_if_aarch64 "FIXME: #15074 - fails on aarch64" # FIXME this test fails when run rootless with runc: # Error: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: readonly path /proc/asound: operation not permitted: OCI permission denied if is_rootless; then diff --git a/test/system/420-cgroups.bats b/test/system/420-cgroups.bats index 025a20012..3269f666c 100644 --- a/test/system/420-cgroups.bats +++ b/test/system/420-cgroups.bats @@ -19,6 +19,8 @@ load helpers esac run_podman --cgroup-manager=$other run --name myc $IMAGE true + assert "$output" = "" "run true, with cgroup-manager=$other, is silent" + run_podman container inspect --format '{{.HostConfig.CgroupManager}}' myc is "$output" "$other" "podman preserved .HostConfig.CgroupManager" @@ -29,7 +31,8 @@ load helpers # Restart the container, without --cgroup-manager option (ie use default) # Prior to #7970, this would fail with an OCI runtime error - run_podman start myc + run_podman start -a myc + assert "$output" = "" "restarted container emits no output" run_podman rm myc } diff --git a/test/system/610-format.bats b/test/system/610-format.bats index 096d0228b..8f74634d1 100644 --- a/test/system/610-format.bats +++ b/test/system/610-format.bats @@ -25,24 +25,26 @@ history | $IMAGE image history | $IMAGE image inspect | $IMAGE container inspect | mycontainer -machine inspect | mymachine volume inspect | -a secret inspect | mysecret network inspect | podman ps | -a -image search | sdfsdf -search | sdfsdf +image search | $IMAGE +search | $IMAGE pod inspect | mypod -container stats | --no-stream -pod stats | --no-stream -stats | --no-stream events | --stream=false --events-backend=file " +# podman machine is finicky. Assume we can't run it, but see below for more. +can_run_podman_machine= + +# podman stats, too +can_run_stats= + # Main test loop. Recursively runs 'podman [subcommand] help', looks for: # > '[command]', which indicates, recurse; or # > '--format', in which case we @@ -50,12 +52,12 @@ events | --stream=false --events-backend=file # > run the command with --format '{{"\n"}}' and make sure it passes function check_subcommand() { for cmd in $(_podman_commands "$@"); do - # Special case: 'podman machine' can't be run as root. No override. - if [[ "$cmd" = "machine" ]]; then - if ! is_rootless; then - unset extra_args["podman machine inspect"] - continue - fi + # Special case: 'podman machine' can only be run under ideal conditions + if [[ "$cmd" = "machine" ]] && [[ -z "$can_run_podman_machine" ]]; then + continue + fi + if [[ "$cmd" = "stats" ]] && [[ -z "$can_run_stats" ]]; then + continue fi # Human-readable podman command string, with multiple spaces collapsed @@ -129,8 +131,31 @@ function check_subcommand() { # Test entry point @test "check Go template formatting" { skip_if_remote - if is_ubuntu; then - skip 'ubuntu VMs do not have qemu (exec: "qemu-system-x86_64": executable file not found in $PATH)' + + # Setup: some commands need a container, pod, secret, ... + run_podman run -d --name mycontainer $IMAGE top + run_podman pod create mypod + run_podman secret create mysecret /etc/hosts + + # ...or machine. But podman machine is ultra-finicky, it fails as root + # or if qemu is missing. Instead of checking for all the possible ways + # to skip it, just try running init. If it works, we can test it. + run_podman '?' machine init --image-path=/dev/null mymachine + if [[ $status -eq 0 ]]; then + can_run_podman_machine=true + extra_args_table+=" +machine inspect | mymachine +" + fi + + # Similarly, 'stats' cannot run rootless under cgroups v1 + if ! is_rootless || is_cgroupsv2; then + can_run_stats=true + extra_args_table+=" +container stats | --no-stream +pod stats | --no-stream +stats | --no-stream +" fi # Convert the table at top to an associative array, keyed on subcommand @@ -139,14 +164,6 @@ function check_subcommand() { extra_args["podman $subcommand"]=$extra done < <(parse_table "$extra_args_table") - # Setup: some commands need a container, pod, machine, or secret - run_podman run -d --name mycontainer $IMAGE top - run_podman pod create mypod - run_podman secret create mysecret /etc/hosts - if is_rootless; then - run_podman machine init --image-path=/dev/null mymachine - fi - # Run the test check_subcommand @@ -155,9 +172,7 @@ function check_subcommand() { run_podman rmi $(pause_image) run_podman rm -f -t0 mycontainer run_podman secret rm mysecret - if is_rootless; then - run_podman machine rm -f mymachine - fi + run_podman '?' machine rm -f mymachine # Make sure there are no leftover commands in our table - this would # indicate a typo in the table, or a flaw in our logic such that |