diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/apiv2/20-containers.at | 9 | ||||
| -rw-r--r-- | test/e2e/common_test.go | 10 | ||||
| -rw-r--r-- | test/e2e/create_staticip_test.go | 6 | ||||
| -rw-r--r-- | test/e2e/create_staticmac_test.go | 8 | ||||
| -rw-r--r-- | test/e2e/create_test.go | 4 | ||||
| -rw-r--r-- | test/e2e/generate_systemd_test.go | 21 | ||||
| -rw-r--r-- | test/e2e/history_test.go | 17 | ||||
| -rw-r--r-- | test/e2e/inspect_test.go | 23 | ||||
| -rw-r--r-- | test/e2e/network_create_test.go | 111 | ||||
| -rw-r--r-- | test/e2e/network_test.go | 77 | ||||
| -rw-r--r-- | test/e2e/pod_create_test.go | 4 | ||||
| -rw-r--r-- | test/e2e/pod_inspect_test.go | 2 | ||||
| -rw-r--r-- | test/e2e/run_networking_test.go | 6 | ||||
| -rw-r--r-- | test/e2e/run_staticip_test.go | 2 | ||||
| -rw-r--r-- | test/e2e/run_working_dir_test.go | 6 | ||||
| -rw-r--r-- | test/system/030-run.bats | 21 | ||||
| -rw-r--r-- | test/system/070-build.bats | 4 | ||||
| -rw-r--r-- | test/system/075-exec.bats | 2 | ||||
| -rw-r--r-- | test/system/400-unprivileged-access.bats | 11 |
19 files changed, 254 insertions, 90 deletions
diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index decdc4754..0da196e46 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -237,3 +237,12 @@ t GET containers/$cid/json 200 \ t DELETE containers/$cid 204 t DELETE images/${MultiTagName}?force=true 200 # vim: filetype=sh + +# Test Volumes field adds an anonymous volume +t POST containers/create '"Image":"'$IMAGE'","Volumes":{"/test":{}}' 201 \ + .Id~[0-9a-f]\\{64\\} +cid=$(jq -r '.Id' <<<"$output") +t GET containers/$cid/json 200 \ + .Mounts[0].Destination="/test" + +t DELETE containers/$cid?v=true 204 diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go index 2668b1e7b..59b52bff7 100644 --- a/test/e2e/common_test.go +++ b/test/e2e/common_test.go @@ -1,6 +1,7 @@ package integration import ( + "bytes" "fmt" "io/ioutil" "math/rand" @@ -790,3 +791,12 @@ func (p *PodmanTestIntegration) removeCNINetwork(name string) { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(BeNumerically("<=", 1)) } + +func (p *PodmanSessionIntegration) jq(jqCommand string) (string, error) { + var out bytes.Buffer + cmd := exec.Command("jq", jqCommand) + cmd.Stdin = strings.NewReader(p.OutputToString()) + cmd.Stdout = &out + err := cmd.Run() + return strings.TrimRight(out.String(), "\n"), err +} diff --git a/test/e2e/create_staticip_test.go b/test/e2e/create_staticip_test.go index 7a2267617..698bbf976 100644 --- a/test/e2e/create_staticip_test.go +++ b/test/e2e/create_staticip_test.go @@ -49,7 +49,7 @@ var _ = Describe("Podman create with --ip flag", func() { }) It("Podman create --ip with non-allocatable IP", func() { - SkipIfRootless("--ip is not supported in rootless mode") + SkipIfRootless("--ip not supported without network in rootless mode") result := podmanTest.Podman([]string{"create", "--name", "test", "--ip", "203.0.113.124", ALPINE, "ls"}) result.WaitWithDefaultTimeout() Expect(result.ExitCode()).To(Equal(0)) @@ -63,7 +63,7 @@ var _ = Describe("Podman create with --ip flag", func() { ip := GetRandomIPAddress() result := podmanTest.Podman([]string{"create", "--name", "test", "--ip", ip, ALPINE, "ip", "addr"}) result.WaitWithDefaultTimeout() - // Rootless static ip assignment should error + // Rootless static ip assignment without network should error if rootless.IsRootless() { Expect(result.ExitCode()).To(Equal(125)) } else { @@ -81,7 +81,7 @@ var _ = Describe("Podman create with --ip flag", func() { }) It("Podman create two containers with the same IP", func() { - SkipIfRootless("--ip not supported in rootless mode") + SkipIfRootless("--ip not supported without network in rootless mode") ip := GetRandomIPAddress() result := podmanTest.Podman([]string{"create", "--name", "test1", "--ip", ip, ALPINE, "sleep", "999"}) result.WaitWithDefaultTimeout() diff --git a/test/e2e/create_staticmac_test.go b/test/e2e/create_staticmac_test.go index 1ac431da2..4c8f371a4 100644 --- a/test/e2e/create_staticmac_test.go +++ b/test/e2e/create_staticmac_test.go @@ -56,11 +56,7 @@ var _ = Describe("Podman run with --mac-address flag", func() { result := podmanTest.Podman([]string{"run", "--network", net, "--mac-address", "92:d0:c6:00:29:34", ALPINE, "ip", "addr"}) result.WaitWithDefaultTimeout() - if rootless.IsRootless() { - Expect(result.ExitCode()).To(Equal(125)) - } else { - Expect(result.ExitCode()).To(Equal(0)) - Expect(result.OutputToString()).To(ContainSubstring("92:d0:c6:00:29:34")) - } + Expect(result.ExitCode()).To(Equal(0)) + Expect(result.OutputToString()).To(ContainSubstring("92:d0:c6:00:29:34")) }) }) diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index a4931ff2d..2e9f5455d 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -553,7 +553,7 @@ var _ = Describe("Podman create", func() { }) It("create container in pod with IP should fail", func() { - SkipIfRootless("Setting IP not supported in rootless mode") + SkipIfRootless("Setting IP not supported in rootless mode without network") name := "createwithstaticip" pod := podmanTest.RunTopContainerInPod("", "new:"+name) pod.WaitWithDefaultTimeout() @@ -565,7 +565,7 @@ var _ = Describe("Podman create", func() { }) It("create container in pod with mac should fail", func() { - SkipIfRootless("Setting MAC Address not supported in rootless mode") + SkipIfRootless("Setting MAC Address not supported in rootless mode without network") name := "createwithstaticmac" pod := podmanTest.RunTopContainerInPod("", "new:"+name) pod.WaitWithDefaultTimeout() diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go index be9727591..606d756b0 100644 --- a/test/e2e/generate_systemd_test.go +++ b/test/e2e/generate_systemd_test.go @@ -355,4 +355,25 @@ var _ = Describe("Podman generate systemd", func() { Expect(session.ExitCode()).To(Equal(0)) Expect(session.IsJSONOutputValid()).To(BeTrue()) }) + + It("podman generate systemd --new create command with double curly braces", func() { + // Regression test for #9034 + session := podmanTest.Podman([]string{"create", "--name", "foo", "--log-driver=journald", "--log-opt=tag={{.Name}}", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"generate", "systemd", "--new", "foo"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring(" --log-opt=tag={{.Name}} ")) + + session = podmanTest.Podman([]string{"pod", "create", "--name", "pod", "--label", "key={{someval}}"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"generate", "systemd", "--new", "pod"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring(" --label key={{someval}}")) + }) }) diff --git a/test/e2e/history_test.go b/test/e2e/history_test.go index fea3f4d43..1c57c60de 100644 --- a/test/e2e/history_test.go +++ b/test/e2e/history_test.go @@ -65,6 +65,23 @@ var _ = Describe("Podman history", func() { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) Expect(len(session.OutputToStringArray())).To(BeNumerically(">", 0)) + + session = podmanTest.Podman([]string{"history", "--no-trunc", "--format", "{{.ID}}", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + lines := session.OutputToStringArray() + Expect(len(lines)).To(BeNumerically(">", 0)) + // the image id must be 64 chars long + Expect(len(lines[0])).To(BeNumerically("==", 64)) + + session = podmanTest.Podman([]string{"history", "--no-trunc", "--format", "{{.CreatedBy}}", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + lines = session.OutputToStringArray() + Expect(len(lines)).To(BeNumerically(">", 0)) + Expect(session.OutputToString()).ToNot(ContainSubstring("...")) + // the second line in the alpine history contains a command longer than 45 chars + Expect(len(lines[1])).To(BeNumerically(">", 45)) }) It("podman history with json flag", func() { diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index 97f77414e..8fc9721f9 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -443,4 +443,27 @@ var _ = Describe("Podman inspect", func() { Expect(inspect.OutputToString()).To(Equal(`"{"80/tcp":[{"HostIp":"","HostPort":"8080"}]}"`)) }) + It("Verify container inspect has default network", func() { + SkipIfRootless("Requires root CNI networking") + ctrName := "testctr" + session := podmanTest.Podman([]string{"run", "-d", "--name", ctrName, ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + inspect := podmanTest.InspectContainer(ctrName) + Expect(len(inspect)).To(Equal(1)) + Expect(len(inspect[0].NetworkSettings.Networks)).To(Equal(1)) + }) + + It("Verify stopped container still has default network in inspect", func() { + SkipIfRootless("Requires root CNI networking") + ctrName := "testctr" + session := podmanTest.Podman([]string{"create", "--name", ctrName, ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + inspect := podmanTest.InspectContainer(ctrName) + Expect(len(inspect)).To(Equal(1)) + Expect(len(inspect[0].NetworkSettings.Networks)).To(Equal(1)) + }) }) diff --git a/test/e2e/network_create_test.go b/test/e2e/network_create_test.go index 7e9a18ab2..1bf2a2691 100644 --- a/test/e2e/network_create_test.go +++ b/test/e2e/network_create_test.go @@ -10,6 +10,7 @@ import ( cniversion "github.com/containernetworking/cni/pkg/version" "github.com/containers/podman/v2/libpod/network" . "github.com/containers/podman/v2/test/utils" + "github.com/containers/storage/pkg/stringid" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/pkg/errors" @@ -116,18 +117,19 @@ var _ = Describe("Podman network create", func() { results []network.NcList ) - nc := podmanTest.Podman([]string{"network", "create", "newname"}) + netName := "inspectnet-" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", netName}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName) Expect(nc.ExitCode()).To(BeZero()) - defer podmanTest.removeCNINetwork("newname") - inspect := podmanTest.Podman([]string{"network", "inspect", "newname"}) + inspect := podmanTest.Podman([]string{"network", "inspect", netName}) inspect.WaitWithDefaultTimeout() err := json.Unmarshal([]byte(inspect.OutputToString()), &results) Expect(err).To(BeNil()) result := results[0] - Expect(result["name"]).To(Equal("newname")) + Expect(result["name"]).To(Equal(netName)) }) @@ -135,21 +137,21 @@ var _ = Describe("Podman network create", func() { var ( results []network.NcList ) - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/24", "newnetwork"}) + netName := "subnet-" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/24", netName}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName) Expect(nc.ExitCode()).To(BeZero()) - defer podmanTest.removeCNINetwork("newnetwork") - // Inspect the network configuration - inspect := podmanTest.Podman([]string{"network", "inspect", "newnetwork"}) + inspect := podmanTest.Podman([]string{"network", "inspect", netName}) inspect.WaitWithDefaultTimeout() // JSON the network configuration into something usable err := json.Unmarshal([]byte(inspect.OutputToString()), &results) Expect(err).To(BeNil()) result := results[0] - Expect(result["name"]).To(Equal("newnetwork")) + Expect(result["name"]).To(Equal(netName)) // JSON the bridge info bridgePlugin, err := genericPluginsToBridge(result["plugins"], "bridge") @@ -161,7 +163,7 @@ var _ = Describe("Podman network create", func() { // best we can defer removeNetworkDevice(bridgePlugin.BrName) - try := podmanTest.Podman([]string{"run", "-it", "--rm", "--network", "newnetwork", ALPINE, "sh", "-c", "ip addr show eth0 | awk ' /inet / {print $2}'"}) + try := podmanTest.Podman([]string{"run", "-it", "--rm", "--network", netName, ALPINE, "sh", "-c", "ip addr show eth0 | awk ' /inet / {print $2}'"}) try.WaitWithDefaultTimeout() _, subnet, err := net.ParseCIDR("10.11.12.0/24") @@ -178,21 +180,21 @@ var _ = Describe("Podman network create", func() { var ( results []network.NcList ) - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:1:2:3:4::/64", "newIPv6network"}) + netName := "ipv6-" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:1:2:3:4::/64", netName}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName) Expect(nc.ExitCode()).To(BeZero()) - defer podmanTest.removeCNINetwork("newIPv6network") - // Inspect the network configuration - inspect := podmanTest.Podman([]string{"network", "inspect", "newIPv6network"}) + inspect := podmanTest.Podman([]string{"network", "inspect", netName}) inspect.WaitWithDefaultTimeout() // JSON the network configuration into something usable err := json.Unmarshal([]byte(inspect.OutputToString()), &results) Expect(err).To(BeNil()) result := results[0] - Expect(result["name"]).To(Equal("newIPv6network")) + Expect(result["name"]).To(Equal(netName)) // JSON the bridge info bridgePlugin, err := genericPluginsToBridge(result["plugins"], "bridge") @@ -203,7 +205,7 @@ var _ = Describe("Podman network create", func() { // best we can defer removeNetworkDevice(bridgePlugin.BrName) - try := podmanTest.Podman([]string{"run", "-it", "--rm", "--network", "newIPv6network", ALPINE, "sh", "-c", "ip addr show eth0 | grep global | awk ' /inet6 / {print $2}'"}) + try := podmanTest.Podman([]string{"run", "-it", "--rm", "--network", netName, ALPINE, "sh", "-c", "ip addr show eth0 | grep global | awk ' /inet6 / {print $2}'"}) try.WaitWithDefaultTimeout() _, subnet, err := net.ParseCIDR("fd00:1:2:3:4::/64") @@ -219,21 +221,21 @@ var _ = Describe("Podman network create", func() { var ( results []network.NcList ) - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:3:2:1::/64", "--ipv6", "newDualStacknetwork"}) + netName := "dual-" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:3:2:1::/64", "--ipv6", netName}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName) Expect(nc.ExitCode()).To(BeZero()) - defer podmanTest.removeCNINetwork("newDualStacknetwork") - // Inspect the network configuration - inspect := podmanTest.Podman([]string{"network", "inspect", "newDualStacknetwork"}) + inspect := podmanTest.Podman([]string{"network", "inspect", netName}) inspect.WaitWithDefaultTimeout() // JSON the network configuration into something usable err := json.Unmarshal([]byte(inspect.OutputToString()), &results) Expect(err).To(BeNil()) result := results[0] - Expect(result["name"]).To(Equal("newDualStacknetwork")) + Expect(result["name"]).To(Equal(netName)) // JSON the bridge info bridgePlugin, err := genericPluginsToBridge(result["plugins"], "bridge") @@ -245,7 +247,7 @@ var _ = Describe("Podman network create", func() { // best we can defer removeNetworkDevice(bridgePlugin.BrName) - try := podmanTest.Podman([]string{"run", "-it", "--rm", "--network", "newDualStacknetwork", ALPINE, "sh", "-c", "ip addr show eth0 | grep global | awk ' /inet6 / {print $2}'"}) + try := podmanTest.Podman([]string{"run", "-it", "--rm", "--network", netName, ALPINE, "sh", "-c", "ip addr show eth0 | grep global | awk ' /inet6 / {print $2}'"}) try.WaitWithDefaultTimeout() _, subnet, err := net.ParseCIDR("fd00:4:3:2:1::/64") @@ -255,7 +257,7 @@ var _ = Describe("Podman network create", func() { // Ensure that the IP the container got is within the subnet the user asked for Expect(subnet.Contains(containerIP)).To(BeTrue()) // verify the container has an IPv4 address too (the IPv4 subnet is autogenerated) - try = podmanTest.Podman([]string{"run", "-it", "--rm", "--network", "newDualStacknetwork", ALPINE, "sh", "-c", "ip addr show eth0 | awk ' /inet / {print $2}'"}) + try = podmanTest.Podman([]string{"run", "-it", "--rm", "--network", netName, ALPINE, "sh", "-c", "ip addr show eth0 | awk ' /inet / {print $2}'"}) try.WaitWithDefaultTimeout() containerIP, _, err = net.ParseCIDR(try.OutputToString()) Expect(err).To(BeNil()) @@ -263,66 +265,73 @@ var _ = Describe("Podman network create", func() { }) It("podman network create with invalid subnet", func() { - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/17000", "fail"}) + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/17000", stringid.GenerateNonCryptoID()}) nc.WaitWithDefaultTimeout() Expect(nc).To(ExitWithError()) }) It("podman network create with ipv4 subnet and ipv6 flag", func() { - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/24", "--ipv6", "fail"}) + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/24", "--ipv6", stringid.GenerateNonCryptoID()}) nc.WaitWithDefaultTimeout() Expect(nc).To(ExitWithError()) }) It("podman network create with empty subnet and ipv6 flag", func() { - nc := podmanTest.Podman([]string{"network", "create", "--ipv6", "fail"}) + nc := podmanTest.Podman([]string{"network", "create", "--ipv6", stringid.GenerateNonCryptoID()}) nc.WaitWithDefaultTimeout() Expect(nc).To(ExitWithError()) }) It("podman network create with invalid IP", func() { - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.0/17000", "fail"}) + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.0/17000", stringid.GenerateNonCryptoID()}) nc.WaitWithDefaultTimeout() Expect(nc).To(ExitWithError()) }) It("podman network create with invalid gateway for subnet", func() { - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/24", "--gateway", "192.168.1.1", "fail"}) + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/24", "--gateway", "192.168.1.1", stringid.GenerateNonCryptoID()}) nc.WaitWithDefaultTimeout() Expect(nc).To(ExitWithError()) }) It("podman network create two networks with same name should fail", func() { - nc := podmanTest.Podman([]string{"network", "create", "samename"}) + netName := "same-" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", netName}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName) Expect(nc.ExitCode()).To(BeZero()) - defer podmanTest.removeCNINetwork("samename") - ncFail := podmanTest.Podman([]string{"network", "create", "samename"}) + ncFail := podmanTest.Podman([]string{"network", "create", netName}) ncFail.WaitWithDefaultTimeout() Expect(ncFail).To(ExitWithError()) }) It("podman network create two networks with same subnet should fail", func() { - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.13.0/24", "subnet1"}) + netName1 := "sub1-" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.13.0/24", netName1}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName1) Expect(nc.ExitCode()).To(BeZero()) - defer podmanTest.removeCNINetwork("subnet1") - ncFail := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.13.0/24", "subnet2"}) + netName2 := "sub2-" + stringid.GenerateNonCryptoID() + ncFail := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.13.0/24", netName2}) ncFail.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName2) Expect(ncFail).To(ExitWithError()) }) It("podman network create two IPv6 networks with same subnet should fail", func() { SkipIfRootless("FIXME It needs the ip6tables modules loaded") - nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:4:4:4::/64", "--ipv6", "subnet1v6"}) + netName1 := "subipv61-" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:4:4:4::/64", "--ipv6", netName1}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName1) Expect(nc.ExitCode()).To(BeZero()) - defer podmanTest.removeCNINetwork("subnet1v6") - ncFail := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:4:4:4::/64", "--ipv6", "subnet2v6"}) + netName2 := "subipv62-" + stringid.GenerateNonCryptoID() + ncFail := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:4:4:4::/64", "--ipv6", netName2}) ncFail.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(netName2) Expect(ncFail).To(ExitWithError()) }) @@ -333,11 +342,11 @@ var _ = Describe("Podman network create", func() { }) It("podman network create with mtu option", func() { - net := "mtu-test" + net := "mtu-test" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--opt", "mtu=9000", net}) nc.WaitWithDefaultTimeout() - Expect(nc.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(net) + Expect(nc.ExitCode()).To(BeZero()) nc = podmanTest.Podman([]string{"network", "inspect", net}) nc.WaitWithDefaultTimeout() @@ -346,11 +355,11 @@ var _ = Describe("Podman network create", func() { }) It("podman network create with vlan option", func() { - net := "vlan-test" + net := "vlan-test" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--opt", "vlan=9", net}) nc.WaitWithDefaultTimeout() - Expect(nc.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(net) + Expect(nc.ExitCode()).To(BeZero()) nc = podmanTest.Podman([]string{"network", "inspect", net}) nc.WaitWithDefaultTimeout() @@ -359,10 +368,28 @@ var _ = Describe("Podman network create", func() { }) It("podman network create with invalid option", func() { - net := "invalid-test" + net := "invalid-test" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--opt", "foo=bar", net}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(net) Expect(nc).To(ExitWithError()) }) + It("podman network create with internal should not have dnsname", func() { + net := "internal-test" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "--internal", net}) + nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(net) + Expect(nc.ExitCode()).To(BeZero()) + // Not performing this check on remote tests because it is a logrus error which does + // not come back via stderr on the remote client. + if !IsRemote() { + Expect(nc.ErrorToString()).To(ContainSubstring("dnsname and --internal networks are incompatible")) + } + nc = podmanTest.Podman([]string{"network", "inspect", net}) + nc.WaitWithDefaultTimeout() + Expect(nc.ExitCode()).To(BeZero()) + Expect(nc.OutputToString()).ToNot(ContainSubstring("dnsname")) + }) + }) diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go index 4e8ab5ad5..df8ff0684 100644 --- a/test/e2e/network_test.go +++ b/test/e2e/network_test.go @@ -238,11 +238,11 @@ var _ = Describe("Podman network", func() { }) It("podman inspect container single CNI network", func() { - netName := "testNetSingleCNI" + netName := "net-" + stringid.GenerateNonCryptoID() network := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.50.0/24", netName}) network.WaitWithDefaultTimeout() - Expect(network.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName) + Expect(network.ExitCode()).To(BeZero()) ctrName := "testCtr" container := podmanTest.Podman([]string{"run", "-dt", "--network", netName, "--name", ctrName, ALPINE, "top"}) @@ -268,17 +268,17 @@ var _ = Describe("Podman network", func() { }) It("podman inspect container two CNI networks (container not running)", func() { - netName1 := "testNetThreeCNI1" + netName1 := "net1-" + stringid.GenerateNonCryptoID() network1 := podmanTest.Podman([]string{"network", "create", netName1}) network1.WaitWithDefaultTimeout() - Expect(network1.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName1) + Expect(network1.ExitCode()).To(BeZero()) - netName2 := "testNetThreeCNI2" + netName2 := "net2-" + stringid.GenerateNonCryptoID() network2 := podmanTest.Podman([]string{"network", "create", netName2}) network2.WaitWithDefaultTimeout() - Expect(network2.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName2) + Expect(network2.ExitCode()).To(BeZero()) ctrName := "testCtr" container := podmanTest.Podman([]string{"create", "--network", fmt.Sprintf("%s,%s", netName1, netName2), "--name", ctrName, ALPINE, "top"}) @@ -305,17 +305,17 @@ var _ = Describe("Podman network", func() { }) It("podman inspect container two CNI networks", func() { - netName1 := "testNetTwoCNI1" + netName1 := "net1-" + stringid.GenerateNonCryptoID() network1 := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.51.0/25", netName1}) network1.WaitWithDefaultTimeout() - Expect(network1.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName1) + Expect(network1.ExitCode()).To(BeZero()) - netName2 := "testNetTwoCNI2" + netName2 := "net2-" + stringid.GenerateNonCryptoID() network2 := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.51.128/26", netName2}) network2.WaitWithDefaultTimeout() - Expect(network2.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName2) + Expect(network2.ExitCode()).To(BeZero()) ctrName := "testCtr" container := podmanTest.Podman([]string{"run", "-dt", "--network", fmt.Sprintf("%s,%s", netName1, netName2), "--name", ctrName, ALPINE, "top"}) @@ -352,11 +352,11 @@ var _ = Describe("Podman network", func() { }) It("podman network remove --force with pod", func() { - netName := "testnet" + netName := "net-" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName) + Expect(session.ExitCode()).To(BeZero()) session = podmanTest.Podman([]string{"pod", "create", "--network", netName}) session.WaitWithDefaultTimeout() @@ -388,17 +388,17 @@ var _ = Describe("Podman network", func() { }) It("podman network remove with two networks", func() { - netName1 := "net1" + netName1 := "net1-" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName1}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName1) + Expect(session.ExitCode()).To(BeZero()) - netName2 := "net2" + netName2 := "net2-" + stringid.GenerateNonCryptoID() session = podmanTest.Podman([]string{"network", "create", netName2}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName2) + Expect(session.ExitCode()).To(BeZero()) session = podmanTest.Podman([]string{"network", "rm", netName1, netName2}) session.WaitWithDefaultTimeout() @@ -408,13 +408,12 @@ var _ = Describe("Podman network", func() { Expect(lines[1]).To(Equal(netName2)) }) It("podman network with multiple aliases", func() { - Skip("Until DNSName is updated on our CI images") var worked bool netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(BeZero()) defer podmanTest.removeCNINetwork(netName) + Expect(session.ExitCode()).To(BeZero()) top := podmanTest.Podman([]string{"run", "-dt", "--name=web", "--network=" + netName, "--network-alias=web1", "--network-alias=web2", nginx}) top.WaitWithDefaultTimeout() @@ -450,7 +449,49 @@ var _ = Describe("Podman network", func() { net := "macvlan" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--macvlan", "lo", net}) nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(net) + Expect(nc.ExitCode()).To(Equal(0)) + + nc = podmanTest.Podman([]string{"network", "rm", net}) + nc.WaitWithDefaultTimeout() Expect(nc.ExitCode()).To(Equal(0)) + }) + + It("podman network create/remove macvlan as driver (-d) no device name", func() { + net := "macvlan" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "-d", "macvlan", net}) + nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(net) + Expect(nc.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"network", "inspect", net}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(BeZero()) + + out, err := inspect.jq(".[0].plugins[0].master") + Expect(err).To(BeNil()) + Expect(out).To(Equal("\"\"")) + + nc = podmanTest.Podman([]string{"network", "rm", net}) + nc.WaitWithDefaultTimeout() + Expect(nc.ExitCode()).To(Equal(0)) + }) + + It("podman network create/remove macvlan as driver (-d) with device name", func() { + net := "macvlan" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "-d", "macvlan", "-o", "parent=lo", net}) + nc.WaitWithDefaultTimeout() + defer podmanTest.removeCNINetwork(net) + Expect(nc.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"network", "inspect", net}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(BeZero()) + fmt.Println(inspect.OutputToString()) + + out, err := inspect.jq(".[0].plugins[0].master") + Expect(err).To(BeNil()) + Expect(out).To(Equal("\"lo\"")) nc = podmanTest.Podman([]string{"network", "rm", net}) nc.WaitWithDefaultTimeout() diff --git a/test/e2e/pod_create_test.go b/test/e2e/pod_create_test.go index be0a2f6f0..9c448a81e 100644 --- a/test/e2e/pod_create_test.go +++ b/test/e2e/pod_create_test.go @@ -233,7 +233,7 @@ var _ = Describe("Podman pod create", func() { ip := GetRandomIPAddress() podCreate := podmanTest.Podman([]string{"pod", "create", "--ip", ip, "--name", name}) podCreate.WaitWithDefaultTimeout() - // Rootless should error + // Rootless should error without network if rootless.IsRootless() { Expect(podCreate.ExitCode()).To(Equal(125)) } else { @@ -246,7 +246,7 @@ var _ = Describe("Podman pod create", func() { }) It("podman container in pod with IP address shares IP address", func() { - SkipIfRootless("Rootless does not support --ip") + SkipIfRootless("Rootless does not support --ip without network") podName := "test" ctrName := "testCtr" ip := GetRandomIPAddress() diff --git a/test/e2e/pod_inspect_test.go b/test/e2e/pod_inspect_test.go index 25212991d..fd9589afe 100644 --- a/test/e2e/pod_inspect_test.go +++ b/test/e2e/pod_inspect_test.go @@ -101,7 +101,7 @@ var _ = Describe("Podman pod inspect", func() { }) It("podman pod inspect outputs show correct MAC", func() { - SkipIfRootless("--mac-address is not supported in rootless mode") + SkipIfRootless("--mac-address is not supported in rootless mode without network") podName := "testPod" macAddr := "42:43:44:00:00:01" create := podmanTest.Podman([]string{"pod", "create", "--name", podName, "--mac-address", macAddr}) diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index cbaae7186..ebea2132a 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -621,7 +621,6 @@ var _ = Describe("Podman run networking", func() { }) It("podman run in custom CNI network with --static-ip", func() { - SkipIfRootless("Rootless mode does not support --ip") netName := stringid.GenerateNonCryptoID() ipAddr := "10.25.30.128" create := podmanTest.Podman([]string{"network", "create", "--subnet", "10.25.30.0/24", netName}) @@ -633,10 +632,6 @@ var _ = Describe("Podman run networking", func() { run.WaitWithDefaultTimeout() Expect(run.ExitCode()).To(BeZero()) Expect(run.OutputToString()).To(ContainSubstring(ipAddr)) - - create = podmanTest.Podman([]string{"network", "rm", netName}) - create.WaitWithDefaultTimeout() - Expect(create.ExitCode()).To(BeZero()) }) It("podman rootless fails custom CNI network with --uidmap", func() { @@ -658,7 +653,6 @@ var _ = Describe("Podman run networking", func() { }) It("podman run with new:pod and static-ip", func() { - SkipIfRootless("Rootless does not support --ip") netName := stringid.GenerateNonCryptoID() ipAddr := "10.25.40.128" podname := "testpod" diff --git a/test/e2e/run_staticip_test.go b/test/e2e/run_staticip_test.go index 8383b1812..aeb462ae9 100644 --- a/test/e2e/run_staticip_test.go +++ b/test/e2e/run_staticip_test.go @@ -19,7 +19,7 @@ var _ = Describe("Podman run with --ip flag", func() { ) BeforeEach(func() { - SkipIfRootless("rootless does not support --ip") + SkipIfRootless("rootless does not support --ip without network") tempdir, err = CreateTempDirInTempDir() if err != nil { os.Exit(1) diff --git a/test/e2e/run_working_dir_test.go b/test/e2e/run_working_dir_test.go index 7d8db361c..59538448e 100644 --- a/test/e2e/run_working_dir_test.go +++ b/test/e2e/run_working_dir_test.go @@ -2,7 +2,6 @@ package integration import ( "os" - "strings" . "github.com/containers/podman/v2/test/utils" . "github.com/onsi/ginkgo" @@ -41,12 +40,9 @@ var _ = Describe("Podman run", func() { }) It("podman run a container using non existing --workdir", func() { - if !strings.Contains(podmanTest.OCIRuntime, "crun") { - Skip("Test only works on crun") - } session := podmanTest.Podman([]string{"run", "--workdir", "/home/foobar", ALPINE, "pwd"}) session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(127)) + Expect(session.ExitCode()).To(Equal(126)) }) It("podman run a container on an image with a workdir", func() { diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 29dc95dc3..dcf1da370 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -589,4 +589,25 @@ json-file | f is "${lines[1]}" "$rand" "Container runs successfully despite warning" } +@test "podman run - check workdir" { + # Workdirs specified via the CLI are not created on the root FS. + run_podman 126 run --rm --workdir /i/do/not/exist $IMAGE pwd + # Note: remote error prepends an attach error. + is "$output" "Error: .*workdir \"/i/do/not/exist\" does not exist on container.*" + + testdir=$PODMAN_TMPDIR/volume + mkdir -p $testdir + randomcontent=$(random_string 10) + echo "$randomcontent" > $testdir/content + + # Workdir does not exist on the image but is volume mounted. + run_podman run --rm --workdir /IamNotOnTheImage -v $testdir:/IamNotOnTheImage $IMAGE cat content + is "$output" "$randomcontent" "cat random content" + + # Workdir does not exist on the image but is created by the runtime as it's + # a subdir of a volume. + run_podman run --rm --workdir /IamNotOntheImage -v $testdir/content:/IamNotOntheImage/foo $IMAGE cat foo + is "$output" "$randomcontent" "cat random content" +} + # vim: filetype=sh diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 0e83a184b..bf9fa789c 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -145,10 +145,12 @@ EOF https_proxy=https-proxy-in-env-file EOF + # NOTE: it's important to not create the workdir. + # Podman will make sure to create a missing workdir + # if needed. See #9040. cat >$tmpdir/Containerfile <<EOF FROM $IMAGE LABEL $label_name=$label_value -RUN mkdir $workdir WORKDIR $workdir # Test for #7094 - chowning of invalid symlinks diff --git a/test/system/075-exec.bats b/test/system/075-exec.bats index c028e16c9..badf44c49 100644 --- a/test/system/075-exec.bats +++ b/test/system/075-exec.bats @@ -6,8 +6,6 @@ load helpers @test "podman exec - basic test" { - skip_if_remote "FIXME: pending #7241" - rand_filename=$(random_string 20) rand_content=$(random_string 50) diff --git a/test/system/400-unprivileged-access.bats b/test/system/400-unprivileged-access.bats index 6a89247e6..f26c97d1e 100644 --- a/test/system/400-unprivileged-access.bats +++ b/test/system/400-unprivileged-access.bats @@ -132,7 +132,11 @@ EOF # Run 'stat' on all the files, plus /dev/null. Get path, file type, # number of links, major, and minor (see below for why). Do it all # in one go, to avoid multiple podman-runs - run_podman run --rm $IMAGE stat -c'%n:%F:%h:%T:%t' /dev/null ${subset[@]} + run_podman '?' run --rm $IMAGE stat -c'%n:%F:%h:%T:%t' /dev/null ${subset[@]} + if [[ $status -gt 1 ]]; then + die "Unexpected exit status $status: expected 0 or 1" + fi + local devnull= for result in "${lines[@]}"; do # e.g. /proc/acpi:character special file:1:3:1 @@ -161,6 +165,11 @@ EOF # If you can think of a better way to do this check, # please feel free to fix it. is "$nlinks" "2" "$path: directory link count" + elif [[ $result =~ stat:.*No.such.file.or.directory ]]; then + # No matter what the path is, this is OK. It has to do with #8949 + # and RHEL8 and rootless and cgroups v1. Bottom line, what we care + # about is that the path not be available inside the container. + : else die "$path: Unknown file type '$type'" fi |