diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/apiv2/10-images.at | 12 | ||||
| -rw-r--r-- | test/apiv2/70-short-names.at | 21 | ||||
| -rw-r--r-- | test/e2e/play_kube_test.go | 147 | ||||
| -rw-r--r-- | test/e2e/run_test.go | 8 | ||||
| -rw-r--r-- | test/e2e/search_test.go | 1 | ||||
| -rw-r--r-- | test/system/015-help.bats | 58 | ||||
| -rw-r--r-- | test/system/060-mount.bats | 8 | ||||
| -rw-r--r-- | test/system/200-pod.bats | 14 | ||||
| -rw-r--r-- | test/system/255-auto-update.bats | 12 | ||||
| -rw-r--r-- | test/system/helpers.bash | 10 |
10 files changed, 239 insertions, 52 deletions
diff --git a/test/apiv2/10-images.at b/test/apiv2/10-images.at index fd04e3f1b..13aaea317 100644 --- a/test/apiv2/10-images.at +++ b/test/apiv2/10-images.at @@ -225,6 +225,18 @@ t POST "images/load" ${TMPD}/test.tar 200 \ t GET libpod/images/quay.io/libpod/alpine:latest/exists 204 t GET libpod/images/quay.io/libpod/busybox:latest/exists 204 +CONTAINERFILE_WITH_ERR_TAR="${TMPD}/containerfile.tar" +cat > $TMPD/containerfile << EOF +FROM quay.io/fedora/fedora +RUN echo 'some error' >&2 +EOF +tar --format=posix -C $TMPD -cvf ${CONTAINERFILE_WITH_ERR_TAR} containerfile &> /dev/null +t POST "build?q=1&dockerfile=containerfile" $CONTAINERFILE_WITH_ERR_TAR 200 +response_output=$(cat "$WORKDIR/curl.result.out") +if [[ ${response_output} == *"some error"* ]];then + _show_ok 0 "compat quiet build" "~ $response_output" "found output from stderr in API" +fi + cleanBuildTest # vim: filetype=sh diff --git a/test/apiv2/70-short-names.at b/test/apiv2/70-short-names.at index a5087c115..dbf816f55 100644 --- a/test/apiv2/70-short-names.at +++ b/test/apiv2/70-short-names.at @@ -6,11 +6,16 @@ # Pull the libpod/quay image which is used in all tests below. t POST "images/create?fromImage=quay.io/libpod/alpine:latest" 200 .error~null .status~".*Download complete.*" +# 14291 - let a short-name resolve to a *local* non Docker-Hub image. +t POST containers/create Image=alpine 201 .Id~[0-9a-f]\\{64\\} +cid=$(jq -r '.Id' <<<"$output") +t GET containers/$cid/json 200 .Image="quay.io/libpod/alpine:latest" +podman rm -f $cid ########## TAG t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 -t DELETE "images/foo" 200 +t DELETE "images/docker.io/library/foo" 200 ########## BUILD @@ -52,9 +57,6 @@ t DELETE "images/foo" 200 ########## TAG -# Looking up 'alpine' will fail as it gets normalized to docker.io. -t POST "images/alpine/tag?repo=foo" 404 .cause="image not known" - # The libpod endpoint will resolve to it without issues. t GET "libpod/images/alpine/exists" 204 @@ -67,22 +69,21 @@ t GET "libpod/images/docker.io/library/foo/exists" 204 ########## REMOVE -t DELETE "images/alpine" 404 .cause="image not known" # fails since docker.io/library/alpine does not exist t DELETE "images/foo" 200 # removes the previously tagged image ########## GET # Same procedure as above but with the /get endpoint. -t GET "images/alpine/get" 404 .cause="image not known" t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 t GET "images/foo/get" 200 '[POSIX tar archive]' t DELETE "images/foo" 200 +t GET "images/alpine/get" 200 ########## HISTORY -t GET "images/alpine/history" 404 .cause="image not known" +t GET "images/alpine/history" 200 t GET "images/quay.io/libpod/alpine/history" 200 t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 t GET "libpod/images/foo/history" 200 @@ -91,7 +92,7 @@ t DELETE "images/foo" 200 ########## PUSH -t POST "images/alpine/push?destination=localhost:9999/do/not:exist" 404 .cause="image not known" +t POST "images/alpine/push?destination=localhost:9999/do:exist" 200 t POST "images/quay.io/libpod/alpine/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 t POST "images/foo/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response @@ -100,7 +101,7 @@ t DELETE "images/foo" ########## CREATE A CONTAINER -t POST "containers/create" Image=alpine 404 .cause="image not known" +t POST "containers/create" Image=alpine 201 t POST "containers/create" Image=quay.io/libpod/alpine:latest 201 cid=$(jq -r '.Id' <<<"$output") t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 @@ -113,7 +114,7 @@ t DELETE "containers/$cid" t POST "containers/create" Image=quay.io/libpod/alpine:latest 201 cid=$(jq -r '.Id' <<<"$output") -t GET "images/alpine/get" 404 .cause="image not known" +t GET "images/alpine/get" 200 t POST "commit?container=$cid&repo=foo&tag=tag" 201 t GET "images/foo/get" 404 .cause="image not known" t GET "images/foo:tag/get" 200 diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index 216c3357c..31044f68b 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -21,6 +21,7 @@ import ( "github.com/containers/podman/v4/pkg/util" . "github.com/containers/podman/v4/test/utils" "github.com/containers/storage/pkg/stringid" + "github.com/google/uuid" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/onsi/gomega/format" @@ -3685,4 +3686,150 @@ ENV OPENJ9_JAVA_OPTIONS=%q Expect(usernsInCtr).Should(Exit(0)) Expect(string(usernsInCtr.Out.Contents())).To(Not(Equal(string(initialUsernsConfig)))) }) + + // Check the block devices are exposed inside container + It("ddpodman play kube expose block device inside container", func() { + SkipIfRootless("It needs root access to create devices") + + // randomize the folder name to avoid error when running tests with multiple nodes + uuid, err := uuid.NewUUID() + Expect(err).To(BeNil()) + devFolder := fmt.Sprintf("/dev/foodev%x", uuid[:6]) + Expect(os.MkdirAll(devFolder, os.ModePerm)).To(BeNil()) + defer os.RemoveAll(devFolder) + + devicePath := fmt.Sprintf("%s/blockdevice", devFolder) + mknod := SystemExec("mknod", []string{devicePath, "b", "7", "0"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + blockVolume := getHostPathVolume("BlockDevice", devicePath) + + pod := getPod(withVolume(blockVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + // Container should be in running state + inspect := podmanTest.Podman([]string{"inspect", "--format", "{{.State.Status}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring("running")) + + // Container should have a block device /dev/loop1 + inspect = podmanTest.Podman([]string{"inspect", "--format", "{{.HostConfig.Devices}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring(devicePath)) + }) + + // Check the char devices are exposed inside container + It("ddpodman play kube expose character device inside container", func() { + SkipIfRootless("It needs root access to create devices") + + // randomize the folder name to avoid error when running tests with multiple nodes + uuid, err := uuid.NewUUID() + Expect(err).To(BeNil()) + devFolder := fmt.Sprintf("/dev/foodev%x", uuid[:6]) + Expect(os.MkdirAll(devFolder, os.ModePerm)).To(BeNil()) + defer os.RemoveAll(devFolder) + + devicePath := fmt.Sprintf("%s/chardevice", devFolder) + mknod := SystemExec("mknod", []string{devicePath, "c", "3", "1"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + charVolume := getHostPathVolume("CharDevice", devicePath) + + pod := getPod(withVolume(charVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + // Container should be in running state + inspect := podmanTest.Podman([]string{"inspect", "--format", "{{.State.Status}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring("running")) + + // Container should have a block device /dev/loop1 + inspect = podmanTest.Podman([]string{"inspect", "--format", "{{.HostConfig.Devices}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring(devicePath)) + }) + + It("podman play kube reports error when the device does not exists", func() { + SkipIfRootless("It needs root access to create devices") + + devicePath := "/dev/foodevdir/baddevice" + + blockVolume := getHostPathVolume("BlockDevice", devicePath) + + pod := getPod(withVolume(blockVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(125)) + }) + + It("ddpodman play kube reports error when we try to expose char device as block device", func() { + SkipIfRootless("It needs root access to create devices") + + // randomize the folder name to avoid error when running tests with multiple nodes + uuid, err := uuid.NewUUID() + Expect(err).To(BeNil()) + devFolder := fmt.Sprintf("/dev/foodev%x", uuid[:6]) + Expect(os.MkdirAll(devFolder, os.ModePerm)).To(BeNil()) + defer os.RemoveAll(devFolder) + + devicePath := fmt.Sprintf("%s/chardevice", devFolder) + mknod := SystemExec("mknod", []string{devicePath, "c", "3", "1"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + charVolume := getHostPathVolume("BlockDevice", devicePath) + + pod := getPod(withVolume(charVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(125)) + }) + + It("ddpodman play kube reports error when we try to expose block device as char device", func() { + SkipIfRootless("It needs root access to create devices") + + // randomize the folder name to avoid error when running tests with multiple nodes + uuid, err := uuid.NewUUID() + Expect(err).To(BeNil()) + devFolder := fmt.Sprintf("/dev/foodev%x", uuid[:6]) + Expect(os.MkdirAll(devFolder, os.ModePerm)).To(BeNil()) + + devicePath := fmt.Sprintf("%s/blockdevice", devFolder) + mknod := SystemExec("mknod", []string{devicePath, "b", "7", "0"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + charVolume := getHostPathVolume("CharDevice", devicePath) + + pod := getPod(withVolume(charVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(125)) + }) + }) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 182ae1888..828e92170 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -13,6 +13,7 @@ import ( "time" "github.com/containers/common/pkg/cgroups" + "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/rootless" . "github.com/containers/podman/v4/test/utils" "github.com/containers/storage/pkg/stringid" @@ -286,19 +287,20 @@ var _ = Describe("Podman run", func() { result.WaitWithDefaultTimeout() Expect(result).Should(Exit(0)) conData := result.InspectContainerToJSON() - Expect(conData[0]).To(HaveField("Path", "/dev/init")) + Expect(conData[0]).To(HaveField("Path", define.ContainerInitPath)) Expect(conData[0].Config.Annotations).To(HaveKeyWithValue("io.podman.annotations.init", "TRUE")) }) It("podman run a container with --init and --init-path", func() { - session := podmanTest.Podman([]string{"run", "--name", "test", "--init", "--init-path", "/usr/libexec/podman/catatonit", ALPINE, "ls"}) + // Also bind-mount /dev (#14251). + session := podmanTest.Podman([]string{"run", "-v", "/dev:/dev", "--name", "test", "--init", "--init-path", "/usr/libexec/podman/catatonit", ALPINE, "ls"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) result := podmanTest.Podman([]string{"inspect", "test"}) result.WaitWithDefaultTimeout() Expect(result).Should(Exit(0)) conData := result.InspectContainerToJSON() - Expect(conData[0]).To(HaveField("Path", "/dev/init")) + Expect(conData[0]).To(HaveField("Path", define.ContainerInitPath)) Expect(conData[0].Config.Annotations).To(HaveKeyWithValue("io.podman.annotations.init", "TRUE")) }) diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index 64677ba54..d37d8fd1a 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -455,7 +455,6 @@ registries = ['{{.Host}}:{{.Port}}']` }) It("podman search with wildcards", func() { - Skip("FIXME: search on registry.redhat.io is broken (Dec 16 '21)") search := podmanTest.Podman([]string{"search", "registry.redhat.io/*openshift*"}) search.WaitWithDefaultTimeout() Expect(search).Should(Exit(0)) diff --git a/test/system/015-help.bats b/test/system/015-help.bats index 5757d51dc..1356c99a0 100644 --- a/test/system/015-help.bats +++ b/test/system/015-help.bats @@ -34,10 +34,16 @@ function check_help() { # has no ' [options]' is "$usage " " $command_string .*" "Usage string matches command" + # Strip off the leading command string; we no longer need it + usage=$(sed -e "s/^ $command_string \?//" <<<"$usage") + # If usage ends in '[command]', recurse into subcommands - if expr "$usage" : '.*\[command\]$' >/dev/null; then + if expr "$usage" : '\[command\]' >/dev/null; then found[subcommands]=1 - check_help "$@" $cmd + # (except for 'podman help', which is a special case) + if [[ $cmd != "help" ]]; then + check_help "$@" $cmd + fi continue fi @@ -49,10 +55,26 @@ function check_help() { assert "$usage" !~ '[A-Z].*\[option' \ "'options' must precede arguments in usage" + # Strip off '[options]' but remember if we've seen it. + local has_options= + if [[ $usage =~ \[options\] ]]; then + has_options=1 + usage=$(sed -e 's/^\[options\] \?//' <<<"$usage") + fi + + # From this point on, remaining argument descriptions must be UPPER CASE + # e.g., 'podman cmd [options] arg' or 'podman cmd [arg]' are invalid. + assert "$usage" !~ '[a-z]' \ + "$command_string: argument names must be UPPER CASE" + + # It makes no sense to have an optional arg followed by a mandatory one + assert "$usage" !~ '\[.*\] [A-Z]' \ + "$command_string: optional args must be _after_ required ones" + # Cross-check: if usage includes '[options]', there must be a # longer 'Options:' section in the full --help output; vice-versa, # if 'Options:' is in full output, usage line must have '[options]'. - if expr "$usage" : '.*\[option' >/dev/null; then + if [[ $has_options ]]; then if ! expr "$full_help" : ".*Options:" >/dev/null; then die "$command_string: Usage includes '[options]' but has no 'Options:' subsection" fi @@ -95,9 +117,7 @@ function check_help() { fi # If usage has required arguments, try running without them. - # The expression here is 'first capital letter is not in [BRACKETS]'. - # It is intended to handle 'podman foo [options] ARG' but not ' [ARG]'. - if expr "$usage" : '[^A-Z]\+ [A-Z]' >/dev/null; then + if expr "$usage" : '[A-Z]' >/dev/null; then # Exceptions: these commands don't work rootless if is_rootless; then # "pause is not supported for rootless containers" @@ -126,25 +146,15 @@ function check_help() { # the required args, then invoke with one extra. We should get a # usage error. if ! expr "$usage" : ".*\.\.\."; then - # "podman help" can take infinite args, so skip that one - if [ "$cmd" != "help" ]; then - # Get the args part of the command line; this should be - # everything from the first CAPITAL LETTER onward. We - # don't actually care about the letter itself, so just - # make it 'X'. And we don't care about [OPTIONAL] brackets - # either. What we do care about is stuff like 'IMAGE | CTR' - # which is actually one argument; convert to 'IMAGE-or-CTR' - local rhs=$(sed -e 's/^[^A-Z]\+[A-Z]/X/' -e 's/ | /-or-/g' <<<"$usage") - local n_args=$(wc -w <<<"$rhs") - - run_podman '?' "$@" $cmd $(seq --format='x%g' 0 $n_args) - is "$status" 125 \ - "'$usage' indicates a maximum of $n_args args. I invoked it with more, and expected this exit status" - is "$output" "Error:.* \(takes no arguments\|requires exactly $n_args arg\|accepts at most\|too many arguments\|accepts $n_args arg(s), received\|accepts between .* and .* arg(s), received \)" \ - "'$usage' indicates a maximum of $n_args args. I invoked it with more, and expected one of these error messages" + local n_args=$(wc -w <<<"$usage") - found[fixed_args]=1 - fi + run_podman '?' "$@" $cmd $(seq --format='x%g' 0 $n_args) + is "$status" 125 \ + "'$usage' indicates a maximum of $n_args args. I invoked it with more, and expected this exit status" + is "$output" "Error:.* \(takes no arguments\|requires exactly $n_args arg\|accepts at most\|too many arguments\|accepts $n_args arg(s), received\|accepts between .* and .* arg(s), received \)" \ + "'$usage' indicates a maximum of $n_args args. I invoked it with more, and expected one of these error messages" + + found[fixed_args]=1 fi count=$(expr $count + 1) diff --git a/test/system/060-mount.bats b/test/system/060-mount.bats index 7addbd88e..2735d2afd 100644 --- a/test/system/060-mount.bats +++ b/test/system/060-mount.bats @@ -50,6 +50,10 @@ load helpers run_podman image mount $IMAGE mount_path="$output" + # Make sure that `mount -a` prints a table + run_podman image mount -a + is "$output" "$IMAGE .*$mount_path" + test -d $mount_path # Image is custom-built and has a file containing the YMD tag. Check it. @@ -62,8 +66,8 @@ load helpers run_podman image mount is "$output" "$IMAGE *$mount_path" "podman image mount with no args" - # Clean up - run_podman image umount $IMAGE + # Clean up: -f since we mounted it twice + run_podman image umount -f $IMAGE is "$output" "$iid" "podman image umount: image ID of what was umounted" run_podman image umount $IMAGE diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats index 4250f2680..8761b7131 100644 --- a/test/system/200-pod.bats +++ b/test/system/200-pod.bats @@ -387,20 +387,20 @@ EOF is "$output" "false" "Default network sharing should be false" run_podman pod rm test - run_podman pod create --name test --share ipc --network private + run_podman pod create --share ipc --network private test run_podman pod inspect test --format {{.InfraConfig.HostNetwork}} is "$output" "false" "Private network sharing with only ipc should be false" run_podman pod rm test - run_podman pod create --name test --share net --network private - run_podman pod inspect test --format {{.InfraConfig.HostNetwork}} + local name="$(random_string 10 | tr A-Z a-z)" + run_podman pod create --name $name --share net --network private + run_podman pod inspect $name --format {{.InfraConfig.HostNetwork}} is "$output" "false" "Private network sharing with only net should be false" - run_podman pod rm test - run_podman pod create --name test --share net --network host - run_podman pod inspect test --format {{.InfraConfig.HostNetwork}} + run_podman pod create --share net --network host --replace $name + run_podman pod inspect $name --format {{.InfraConfig.HostNetwork}} is "$output" "true" "Host network sharing with only net should be true" - run_podman pod rm test + run_podman pod rm $name run_podman pod create --name test --share ipc --network host run_podman pod inspect test --format {{.InfraConfig.HostNetwork}} diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index 6cdae2ada..6cee939fb 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -135,15 +135,27 @@ function _confirm_update() { # This test can fail in dev. environment because of SELinux. # quick fix: chcon -t container_runtime_exec_t ./bin/podman @test "podman auto-update - label io.containers.autoupdate=image" { + since=$(date --iso-8601=seconds) + run_podman auto-update + is "$output" "" + run_podman events --filter type=system --since $since --stream=false + is "$output" "" + generate_service alpine image _wait_service_ready container-$cname.service + since=$(date --iso-8601=seconds) run_podman auto-update --dry-run --format "{{.Unit}},{{.Image}},{{.Updated}},{{.Policy}}" is "$output" ".*container-$cname.service,quay.io/libpod/alpine:latest,pending,registry.*" "Image update is pending." + run_podman events --filter type=system --since $since --stream=false + is "$output" ".* system auto-update" + since=$(date --iso-8601=seconds) run_podman auto-update --format "{{.Unit}},{{.Image}},{{.Updated}},{{.Policy}}" is "$output" "Trying to pull.*" "Image is updated." is "$output" ".*container-$cname.service,quay.io/libpod/alpine:latest,true,registry.*" "Image is updated." + run_podman events --filter type=system --since $since --stream=false + is "$output" ".* system auto-update" _confirm_update $cname $ori_image } diff --git a/test/system/helpers.bash b/test/system/helpers.bash index 6868f2691..fe9e971fb 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -397,25 +397,25 @@ function _ensure_pod_state() { for i in {0..5}; do run_podman pod inspect $1 --format "{{.State}}" if [[ $output == "$2" ]]; then - break + return fi sleep 0.5 done - is "$output" "$2" "unexpected pod state" + die "Timed out waiting for pod $1 to enter state $2" } # Wait for the container's (1st arg) running state (2nd arg) function _ensure_container_running() { - for i in {0..5}; do + for i in {0..20}; do run_podman container inspect $1 --format "{{.State.Running}}" if [[ $output == "$2" ]]; then - break + return fi sleep 0.5 done - is "$output" "$2" "unexpected pod state" + die "Timed out waiting for container $1 to enter state running=$2" } ########################### |