diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/apiv2/12-imagesMore.at | 25 | ||||
| -rw-r--r-- | test/apiv2/23-containersArchive.at | 9 | ||||
| -rw-r--r-- | test/apiv2/35-networks.at | 3 | ||||
| -rwxr-xr-x | test/apiv2/test-apiv2 | 33 | ||||
| -rw-r--r-- | test/e2e/config/containers.conf | 2 | ||||
| -rw-r--r-- | test/e2e/containers_conf_test.go | 11 | ||||
| -rw-r--r-- | test/e2e/generate_kube_test.go | 35 | ||||
| -rw-r--r-- | test/e2e/inspect_test.go | 24 | ||||
| -rw-r--r-- | test/e2e/run_test.go | 6 | ||||
| -rw-r--r-- | test/system/600-completion.bats | 22 |
10 files changed, 152 insertions, 18 deletions
diff --git a/test/apiv2/12-imagesMore.at b/test/apiv2/12-imagesMore.at index 896e685cd..4f3ddf925 100644 --- a/test/apiv2/12-imagesMore.at +++ b/test/apiv2/12-imagesMore.at @@ -3,6 +3,9 @@ # Tests for more image-related endpoints # +red='\e[31m' +nc='\e[0m' + podman pull -q $IMAGE t GET libpod/images/json 200 \ @@ -24,13 +27,21 @@ t GET libpod/images/$IMAGE/json 200 \ # Run registry container podman run -d --name registry -p 5000:5000 quay.io/libpod/registry:2.6 /entrypoint.sh /etc/docker/registry/config.yml +wait_for_port localhost 5000 + +# Push to local registry and check output +while read -r LINE +do + if echo "${LINE}" | jq --exit-status 'select( .status != null) | select ( .status | contains("digest: sha256:"))' &>/dev/null; then + GOT_DIGEST="1" + fi +done < <(curl -sL "http://$HOST:$PORT/images/localhost:5000/myrepo/push?tlsVerify=false&tag=mytag" -XPOST) +if [ -z "${GOT_DIGEST}" ] ; then + echo -e "${red}not ok: did not found digest in output${nc}" 1>&2; +fi # Push to local registry -# FIXME: this is failing: -# "cause": "received unexpected HTTP status: 500 Internal Server Error", -# "message": "error pushing image \"localhost:5000/myrepo:mytag\": error copying image to the remote destination: Error writing blob: Error initiating layer upload to /v2/myrepo/blobs/uploads/ in localhost:5000: received unexpected HTTP status: 500 Internal Server Error", -# "response": 400 -#t POST libpod/images/localhost:5000/myrepo:mytag/push\?tlsVerify\=false '' 200 +t POST "images/localhost:5000/myrepo/push?tlsVerify=false&tag=mytag" '' 200 # Untag the image t POST "libpod/images/$iid/untag?repo=localhost:5000/myrepo&tag=mytag" '' 201 @@ -46,3 +57,7 @@ t DELETE libpod/images/$IMAGE 200 \ .ExitCode=0 t DELETE libpod/images/quay.io/libpod/registry:2.6 200 \ .ExitCode=0 + +if [ -z "${GOT_DIGEST}" ] ; then + exit 1; +fi diff --git a/test/apiv2/23-containersArchive.at b/test/apiv2/23-containersArchive.at index 459800196..688ca9f06 100644 --- a/test/apiv2/23-containersArchive.at +++ b/test/apiv2/23-containersArchive.at @@ -13,13 +13,10 @@ podman rm -a -f &>/dev/null CTR="ArchiveTestingCtr" -TMPD=$(mktemp -d) -pushd "${TMPD}" -echo "Hello" > "hello.txt" -tar --format=posix -cvf "hello.tar" "hello.txt" &> /dev/null -popd - +TMPD=$(mktemp -d podman-apiv2-test.archive.XXXXXXXX) HELLO_TAR="${TMPD}/hello.tar" +echo "Hello" > $TMPD/hello.txt +tar --format=posix -C $TMPD -cvf ${HELLO_TAR} hello.txt &> /dev/null podman run -d --name "${CTR}" "${IMAGE}" top diff --git a/test/apiv2/35-networks.at b/test/apiv2/35-networks.at index 5327bd076..7ce109913 100644 --- a/test/apiv2/35-networks.at +++ b/test/apiv2/35-networks.at @@ -46,6 +46,9 @@ length=1 \ # invalid filter filters={"dangling":["1"]} t GET networks?filters=%7B%22dangling%22%3A%5B%221%22%5D%7D 500 \ .cause='invalid filter "dangling"' +# (#9293 with no networks the endpoint should return empty array instead of null) +t GET networks?filters=%7B%22name%22%3A%5B%22doesnotexists%22%5D%7D 200 \ +"[]" # network inspect docker t GET networks/a7662f44d65029fd4635c91feea3d720a57cef52e2a9fcc7772b69072cc1ccd1 200 \ diff --git a/test/apiv2/test-apiv2 b/test/apiv2/test-apiv2 index c8ca9df3f..5b1e2ef80 100755 --- a/test/apiv2/test-apiv2 +++ b/test/apiv2/test-apiv2 @@ -84,7 +84,9 @@ function like() { if expr "$actual" : "$expect" &>/dev/null; then # On success, include expected value; this helps readers understand - _show_ok 1 "$testname ('$actual') ~ $expect" + # (but don't show enormous multi-line output like 'generate kube') + blurb=$(head -n1 <<<"$actual") + _show_ok 1 "$testname ('$blurb') ~ $expect" return fi _show_ok 0 "$testname" "~ $expect" "$actual" @@ -231,14 +233,17 @@ function t() { if [[ $content_type =~ /octet ]]; then output="[$(file --brief $WORKDIR/curl.result.out)]" echo "$output" >>$LOG - else + elif [[ -e $WORKDIR/curl.result.out ]]; then output=$(< $WORKDIR/curl.result.out) - if [[ $content_type =~ application/json ]]; then + if [[ $content_type =~ application/json ]] && [[ $method != "HEAD" ]]; then jq . <<<"$output" >>$LOG else echo "$output" >>$LOG fi + else + output= + echo "[no output]" >>$LOG fi # Test return code @@ -305,10 +310,20 @@ function start_service() { &> $WORKDIR/server.log & service_pid=$! + wait_for_port $HOST $PORT +} + +################### +# wait_for_port # Returns once port is available on host +################### +function wait_for_port() { + local host=$1 # Probably "localhost" + local port=$2 # Numeric port + local timeout=${3:-5} # Optional; default to 5 seconds + # Wait - local _timeout=5 - while [ $_timeout -gt 0 ]; do - { exec 3<> /dev/tcp/$HOST/$PORT; } &>/dev/null && return + while [ $timeout -gt 0 ]; do + { exec 3<> /dev/tcp/$host/$port; } &>/dev/null && return sleep 1 _timeout=$(( $_timeout - 1 )) done @@ -385,6 +400,12 @@ done # Clean up if [ -n "$service_pid" ]; then + # Remove any containers and images; this prevents the following warning: + # 'rm: cannot remove '/.../overlay': Device or resource busy + podman rm -a + podman rmi -af + + # Stop the server kill $service_pid wait $service_pid fi diff --git a/test/e2e/config/containers.conf b/test/e2e/config/containers.conf index 5a5e4b7a5..fdf679664 100644 --- a/test/e2e/config/containers.conf +++ b/test/e2e/config/containers.conf @@ -53,6 +53,8 @@ tz = "Pacific/Honolulu" umask = "0002" +annotations=["run.oci.keep_original_groups=1",] + [engine] network_cmd_options=["allow_host_loopback=true"] diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go index 719ac9fac..c78c93b8c 100644 --- a/test/e2e/containers_conf_test.go +++ b/test/e2e/containers_conf_test.go @@ -320,4 +320,15 @@ var _ = Describe("Podman run", func() { Expect(session.OutputToString()).To(Equal("0022")) }) + It("podman run containers.conf annotations test", func() { + //containers.conf is set to "run.oci.keep_original_groups=1" + session := podmanTest.Podman([]string{"create", "--rm", "--name", "test", fedoraMinimal}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"inspect", "--format", "{{ .Config.Annotations }}", "test"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.OutputToString()).To(ContainSubstring("run.oci.keep_original_groups:1")) + }) + }) diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index bcfab0f68..cd949c666 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -699,4 +699,39 @@ ENTRYPOINT /bin/sleep` Expect(containers[0].Command).To(Equal([]string{"/bin/sh", "-c", "/bin/sleep"})) Expect(containers[0].Args).To(Equal([]string{"10s"})) }) + + It("podman generate kube - --privileged container", func() { + session := podmanTest.Podman([]string{"create", "--pod", "new:testpod", "--privileged", ALPINE, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + kube := podmanTest.Podman([]string{"generate", "kube", "testpod"}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + // Now make sure that the capabilities aren't set. + pod := new(v1.Pod) + err := yaml.Unmarshal(kube.Out.Contents(), pod) + Expect(err).To(BeNil()) + + containers := pod.Spec.Containers + Expect(len(containers)).To(Equal(1)) + Expect(containers[0].SecurityContext.Capabilities).To(BeNil()) + + // Now make sure we can also `play` it. + kubeFile := filepath.Join(podmanTest.TempDir, "kube.yaml") + + kube = podmanTest.Podman([]string{"generate", "kube", "testpod", "-f", kubeFile}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + // Remove the pod so play can recreate it. + kube = podmanTest.Podman([]string{"pod", "rm", "-f", "testpod"}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + kube = podmanTest.Podman([]string{"play", "kube", kubeFile}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + }) }) diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index 8fc9721f9..12bc886a8 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -466,4 +466,28 @@ var _ = Describe("Podman inspect", func() { Expect(len(inspect)).To(Equal(1)) Expect(len(inspect[0].NetworkSettings.Networks)).To(Equal(1)) }) + + It("Container inspect with unlimited uilimits should be -1", func() { + ctrName := "testctr" + session := podmanTest.Podman([]string{"run", "-d", "--ulimit", "core=-1:-1", "--name", ctrName, ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + inspect := podmanTest.Podman([]string{"inspect", ctrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(BeZero()) + + data := inspect.InspectContainerToJSON() + ulimits := data[0].HostConfig.Ulimits + Expect(len(ulimits)).To(BeNumerically(">", 0)) + found := false + for _, ulimit := range ulimits { + if ulimit.Name == "RLIMIT_CORE" { + found = true + Expect(ulimit.Soft).To(BeNumerically("==", -1)) + Expect(ulimit.Hard).To(BeNumerically("==", -1)) + } + } + Expect(found).To(BeTrue()) + }) }) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 76d362288..934b78202 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -332,6 +332,9 @@ var _ = Describe("Podman run", func() { It("podman run user capabilities test", func() { // We need to ignore the containers.conf on the test distribution for this test os.Setenv("CONTAINERS_CONF", "/dev/null") + if IsRemote() { + podmanTest.RestartRemoteService() + } session := podmanTest.Podman([]string{"run", "--rm", "--user", "bin", ALPINE, "grep", "CapBnd", "/proc/self/status"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -424,6 +427,9 @@ var _ = Describe("Podman run", func() { It("podman run user capabilities test with image", func() { // We need to ignore the containers.conf on the test distribution for this test os.Setenv("CONTAINERS_CONF", "/dev/null") + if IsRemote() { + podmanTest.RestartRemoteService() + } dockerfile := `FROM busybox USER bin` podmanTest.BuildImage(dockerfile, "test", "false") diff --git a/test/system/600-completion.bats b/test/system/600-completion.bats index 8cac2c9aa..fbb0da231 100644 --- a/test/system/600-completion.bats +++ b/test/system/600-completion.bats @@ -157,7 +157,17 @@ function check_shell_completion() { # resume ;;& - *PATH* | *CONTEXT* | *KUBEFILE* | *COMMAND* | *ARG...* | *URI*) + *SECRET*) + run_completion "$@" $cmd "${extra_args[@]}" "" + is "$output" ".*$random_secret_name${nl}" \ + "$* $cmd: actual secret listed in suggestions" + _check_completion_end NoFileComp + + match=true + # resume + ;;& + + *PATH* | *CONTEXT* | *FILE* | *COMMAND* | *ARG...* | *URI*) # default shell completion should be done for everything which accepts a path run_completion "$@" $cmd "${extra_args[@]}" "" @@ -232,6 +242,11 @@ function _check_completion_end() { random_image_tag=$(random_string 5) random_network_name=$(random_string 30) random_volume_name=$(random_string 30) + random_secret_name=$(random_string 30) + random_secret_content=$(random_string 30) + secret_file=$PODMAN_TMPDIR/$(random_string 10) + + echo $random_secret_content > $secret_file # create a container for each state since some commands are only suggesting running container for example run_podman create --name created-$random_container_name $IMAGE @@ -263,6 +278,8 @@ function _check_completion_end() { # create volume run_podman volume create $random_volume_name + # create secret + run_podman secret create $random_secret_name $secret_file # $PODMAN may be a space-separated string, e.g. if we include a --url. local -a podman_as_array=($PODMAN) @@ -274,6 +291,9 @@ function _check_completion_end() { check_shell_completion # cleanup + run_podman secret rm $random_secret_name + rm -f $secret_file + run_podman volume rm $random_volume_name run_podman network rm $random_network_name |