diff options
Diffstat (limited to 'test')
23 files changed, 287 insertions, 43 deletions
diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index cc5eda88e..49f8fb3fc 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -394,7 +394,8 @@ t GET containers/$cid/json 200 \ .Config.Healthcheck.Retries=3 # compat api: Test for mount options support -payload='{"Mounts":[{"Type":"tmpfs","Target":"/mnt/scratch","TmpfsOptions":{"SizeBytes":1024,"Mode":755}}]}' +# Sigh, JSON can't handle octal. 0755(octal) = 493(decimal) +payload='{"Mounts":[{"Type":"tmpfs","Target":"/mnt/scratch","TmpfsOptions":{"SizeBytes":1024,"Mode":493}}]}' t POST containers/create Image=$IMAGE HostConfig="$payload" 201 .Id~[0-9a-f]\\{64\\} cid=$(jq -r '.Id' <<<"$output") t GET containers/$cid/json 200 \ diff --git a/test/compose/slirp4netns_opts/tests.sh b/test/compose/slirp4netns_opts/tests.sh index 1efce45c4..2d41311ad 100644 --- a/test/compose/slirp4netns_opts/tests.sh +++ b/test/compose/slirp4netns_opts/tests.sh @@ -1,6 +1,19 @@ # -*- bash -*- -output="$(cat $OUTFILE)" expected="teststring" +# Reading from the nc socket is flaky because docker-compose only starts +# the containers. We cannot know at this point if the container did already +# send the message. Give the container 5 seconds time to send the message +# to prevent flakes. +container_timeout=5 +while [ $container_timeout -gt 0 ]; do + output="$(< $OUTFILE)" + if [ -n "$output" ]; then + break + fi + sleep 1 + container_timeout=$(($container_timeout - 1)) +done + is "$output" "$expected" "$testname : nc received teststring" diff --git a/test/e2e/build/Dockerfile.with-multiple-secret b/test/e2e/build/Containerfile.with-multiple-secret index f3478914f..f3478914f 100644 --- a/test/e2e/build/Dockerfile.with-multiple-secret +++ b/test/e2e/build/Containerfile.with-multiple-secret diff --git a/test/e2e/build/Dockerfile.with-secret b/test/e2e/build/Containerfile.with-secret index 920663a92..920663a92 100644 --- a/test/e2e/build/Dockerfile.with-secret +++ b/test/e2e/build/Containerfile.with-secret diff --git a/test/e2e/build/Dockerfile.test-cp-root-dir b/test/e2e/build/Dockerfile.test-cp-root-dir deleted file mode 100644 index 9f7de7c32..000000000 --- a/test/e2e/build/Dockerfile.test-cp-root-dir +++ /dev/null @@ -1,2 +0,0 @@ -FROM scratch -COPY Dockerfile.test-cp-root-dir / diff --git a/test/e2e/build/Dockerfile.with-secret-verify-leak b/test/e2e/build/secret-verify-leak/Containerfile.with-secret-verify-leak index 0957ac6a6..0957ac6a6 100644 --- a/test/e2e/build/Dockerfile.with-secret-verify-leak +++ b/test/e2e/build/secret-verify-leak/Containerfile.with-secret-verify-leak diff --git a/test/e2e/build/workdir-symlink/Dockerfile b/test/e2e/build/workdir-symlink/Dockerfile new file mode 100644 index 000000000..abc9b47ee --- /dev/null +++ b/test/e2e/build/workdir-symlink/Dockerfile @@ -0,0 +1,5 @@ +FROM alpine +RUN mkdir /tmp/destination +RUN ln -s /tmp/destination /tmp/link +WORKDIR /tmp/link +CMD ["echo", "hello"] diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go index a1c2f5e54..096c98727 100644 --- a/test/e2e/build_test.go +++ b/test/e2e/build_test.go @@ -60,7 +60,7 @@ var _ = Describe("Podman build", func() { }) It("podman build with a secret from file", func() { - session := podmanTest.Podman([]string{"build", "-f", "build/Dockerfile.with-secret", "-t", "secret-test", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) + session := podmanTest.Podman([]string{"build", "-f", "build/Containerfile.with-secret", "-t", "secret-test", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("somesecret")) @@ -71,7 +71,7 @@ var _ = Describe("Podman build", func() { }) It("podman build with multiple secrets from files", func() { - session := podmanTest.Podman([]string{"build", "-f", "build/Dockerfile.with-multiple-secret", "-t", "multiple-secret-test", "--secret", "id=mysecret,src=build/secret.txt", "--secret", "id=mysecret2,src=build/anothersecret.txt", "build/"}) + session := podmanTest.Podman([]string{"build", "-f", "build/Containerfile.with-multiple-secret", "-t", "multiple-secret-test", "--secret", "id=mysecret,src=build/secret.txt", "--secret", "id=mysecret2,src=build/anothersecret.txt", "build/"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("somesecret")) @@ -83,7 +83,7 @@ var _ = Describe("Podman build", func() { }) It("podman build with a secret from file and verify if secret file is not leaked into image", func() { - session := podmanTest.Podman([]string{"build", "-f", "build/Dockerfile.with-secret-verify-leak", "-t", "secret-test-leak", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) + session := podmanTest.Podman([]string{"build", "-f", "build/secret-verify-leak/Containerfile.with-secret-verify-leak", "-t", "secret-test-leak", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("somesecret")) @@ -259,6 +259,19 @@ var _ = Describe("Podman build", func() { Expect(session.OutputToString()).NotTo(ContainSubstring("io.podman.annotations.seccomp")) }) + It("podman build where workdir is a symlink and run without creating new workdir", func() { + session := podmanTest.Podman([]string{ + "build", "-f", "build/workdir-symlink/Dockerfile", "-t", "test-symlink", + }) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"run", "--workdir", "/tmp/link", "test-symlink"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("hello")) + }) + It("podman build --http_proxy flag", func() { os.Setenv("http_proxy", "1.2.3.4") if IsRemote() { @@ -721,10 +734,11 @@ RUN ls /dev/test1`, ALPINE) err = os.Mkdir("relative", 0755) Expect(err).To(BeNil()) containerFilePath := filepath.Join("relative", "Containerfile") - fmt.Println(containerFilePath) + err = os.Mkdir("relative/build-root", 0755) + Expect(err).To(BeNil()) err = ioutil.WriteFile(containerFilePath, []byte(containerFile), 0755) Expect(err).To(BeNil()) - build := podmanTest.Podman([]string{"build", "-f", "./relative/Containerfile"}) + build := podmanTest.Podman([]string{"build", "-f", "./relative/Containerfile", "./relative/build-root"}) build.WaitWithDefaultTimeout() Expect(build).To(Exit(0)) err = os.RemoveAll("relative") diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go index bfed01854..09cd68042 100644 --- a/test/e2e/containers_conf_test.go +++ b/test/e2e/containers_conf_test.go @@ -562,6 +562,11 @@ var _ = Describe("Verify podman containers.conf usage", func() { inspect = podmanTest.Podman([]string{"inspect", "--format", "{{ .HostConfig.Cgroups }}", result.OutputToString()}) inspect.WaitWithDefaultTimeout() Expect(inspect.OutputToString()).To(Equal("disabled")) + + // Check we can also create a pod when cgroups=disabled + result = podmanTest.Podman([]string{"pod", "create"}) + result.WaitWithDefaultTimeout() + Expect(result).Should(Exit(0)) }) It("podman containers.conf runtime", func() { diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go index 55b9a8037..e4b854332 100644 --- a/test/e2e/generate_systemd_test.go +++ b/test/e2e/generate_systemd_test.go @@ -423,6 +423,20 @@ var _ = Describe("Podman generate systemd", func() { }) + It("podman generate systemd --container-prefix ''", func() { + n := podmanTest.Podman([]string{"create", "--name", "foo", "alpine", "top"}) + n.WaitWithDefaultTimeout() + Expect(n).Should(Exit(0)) + + session := podmanTest.Podman([]string{"generate", "systemd", "--name", "--container-prefix", "", "foo"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + // Grepping the output (in addition to unit tests) + Expect(session.OutputToString()).To(ContainSubstring("# foo.service")) + + }) + It("podman generate systemd --separator _", func() { n := podmanTest.Podman([]string{"create", "--name", "foo", "alpine", "top"}) n.WaitWithDefaultTimeout() @@ -485,6 +499,44 @@ var _ = Describe("Podman generate systemd", func() { Expect(session.OutputToString()).To(ContainSubstring("BindsTo=p_foo.service")) }) + It("podman generate systemd pod --pod-prefix '' --container-prefix '' --separator _ change all prefixes/separator", func() { + n := podmanTest.Podman([]string{"pod", "create", "--name", "foo"}) + n.WaitWithDefaultTimeout() + Expect(n).Should(Exit(0)) + + n = podmanTest.Podman([]string{"create", "--pod", "foo", "--name", "foo-1", "alpine", "top"}) + n.WaitWithDefaultTimeout() + Expect(n).Should(Exit(0)) + + n = podmanTest.Podman([]string{"create", "--pod", "foo", "--name", "foo-2", "alpine", "top"}) + n.WaitWithDefaultTimeout() + Expect(n).Should(Exit(0)) + + // test systemd generate with empty pod prefix + session1 := podmanTest.Podman([]string{"generate", "systemd", "--pod-prefix", "", "--name", "foo"}) + session1.WaitWithDefaultTimeout() + Expect(session1).Should(Exit(0)) + + // Grepping the output (in addition to unit tests) + Expect(session1.OutputToString()).To(ContainSubstring("# foo.service")) + Expect(session1.OutputToString()).To(ContainSubstring("Requires=container-foo-1.service container-foo-2.service")) + Expect(session1.OutputToString()).To(ContainSubstring("# container-foo-1.service")) + Expect(session1.OutputToString()).To(ContainSubstring("BindsTo=foo.service")) + + // test systemd generate with empty container and pod prefix + session2 := podmanTest.Podman([]string{"generate", "systemd", "--container-prefix", "", "--pod-prefix", "", "--separator", "_", "--name", "foo"}) + session2.WaitWithDefaultTimeout() + Expect(session2).Should(Exit(0)) + + // Grepping the output (in addition to unit tests) + Expect(session2.OutputToString()).To(ContainSubstring("# foo.service")) + Expect(session2.OutputToString()).To(ContainSubstring("Requires=foo-1.service foo-2.service")) + Expect(session2.OutputToString()).To(ContainSubstring("# foo-1.service")) + Expect(session2.OutputToString()).To(ContainSubstring("# foo-2.service")) + Expect(session2.OutputToString()).To(ContainSubstring("BindsTo=foo.service")) + + }) + It("podman generate systemd pod with containers --new", func() { tmpDir, err := ioutil.TempDir("", "") Expect(err).To(BeNil()) diff --git a/test/e2e/healthcheck_run_test.go b/test/e2e/healthcheck_run_test.go index 866edbf0e..757eaed20 100644 --- a/test/e2e/healthcheck_run_test.go +++ b/test/e2e/healthcheck_run_test.go @@ -54,6 +54,16 @@ var _ = Describe("Podman healthcheck run", func() { Expect(hc).Should(Exit(125)) }) + It("podman disable healthcheck with --no-healthcheck must not show starting on status", func() { + session := podmanTest.Podman([]string{"run", "-dt", "--no-healthcheck", "--name", "hc", healthcheck}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + hc := podmanTest.Podman([]string{"container", "inspect", "--format", "{{.State.Health.Status}}", "hc"}) + hc.WaitWithDefaultTimeout() + Expect(hc).Should(Exit(0)) + Expect(hc.OutputToString()).To(Not(ContainSubstring("starting"))) + }) + It("podman run healthcheck and logs should contain healthcheck output", func() { session := podmanTest.Podman([]string{"run", "--name", "test-logs", "-dt", "--health-interval", "1s", "--health-cmd", "echo working", "busybox", "sleep", "3600"}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/network_create_test.go b/test/e2e/network_create_test.go index 395759ee6..82b99bd68 100644 --- a/test/e2e/network_create_test.go +++ b/test/e2e/network_create_test.go @@ -416,8 +416,8 @@ var _ = Describe("Podman network create", func() { subnet1 := "10.10.3.0/24" gw1 := "10.10.3.10" range1 := "10.10.3.0/26" - subnet2 := "fd52:2a5a:747e:3acd::/64" - gw2 := "fd52:2a5a:747e:3acd::10" + subnet2 := "fd52:2a5a:747e:3ace::/64" + gw2 := "fd52:2a5a:747e:3ace::10" nc := podmanTest.Podman([]string{"network", "create", "--subnet", subnet1, "--gateway", gw1, "--ip-range", range1, "--subnet", subnet2, "--gateway", gw2, name}) nc.WaitWithDefaultTimeout() defer podmanTest.removeNetwork(name) @@ -440,7 +440,7 @@ var _ = Describe("Podman network create", func() { name := "subnets-" + stringid.GenerateNonCryptoID() subnet1 := "10.10.3.0/24" gw1 := "10.10.3.10" - gw2 := "fd52:2a5a:747e:3acd::10" + gw2 := "fd52:2a5a:747e:3acf::10" nc := podmanTest.Podman([]string{"network", "create", "--subnet", subnet1, "--gateway", gw1, "--gateway", gw2, name}) nc.WaitWithDefaultTimeout() Expect(nc).To(Exit(125)) diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index 48bc2b9da..dbd5a044a 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -38,6 +38,21 @@ spec: hostname: unknown ` +var workdirSymlinkPodYaml = ` +apiVersion: v1 +kind: Pod +metadata: + labels: + app: test-symlink + name: test-symlink +spec: + containers: + - image: test-symlink + name: test-symlink + resources: {} + restartPolicy: Never +` + var podnameEqualsContainerNameYaml = ` apiVersion: v1 kind: Pod @@ -1332,6 +1347,26 @@ var _ = Describe("Podman play kube", func() { Expect(sharednamespaces).To(ContainSubstring("pid")) }) + It("podman play kube should be able to run image where workdir is a symlink", func() { + session := podmanTest.Podman([]string{ + "build", "-f", "build/workdir-symlink/Dockerfile", "-t", "test-symlink", + }) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + err := writeYaml(workdirSymlinkPodYaml, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + logs := podmanTest.Podman([]string{"pod", "logs", "-c", "test-symlink-test-symlink", "test-symlink"}) + logs.WaitWithDefaultTimeout() + Expect(logs).Should(Exit(0)) + Expect(logs.OutputToString()).To(ContainSubstring("hello")) + }) + It("podman play kube should not rename pod if container in pod has same name", func() { err := writeYaml(podnameEqualsContainerNameYaml, kubeYaml) Expect(err).To(BeNil()) @@ -1853,6 +1888,26 @@ var _ = Describe("Podman play kube", func() { Expect(kube).Should(Exit(0)) }) + It("podman play kube test duplicate container name", func() { + p := getPod(withCtr(getCtr(withName("testctr"), withCmd([]string{"echo", "hello"}))), withCtr(getCtr(withName("testctr"), withCmd([]string{"echo", "world"})))) + + err := generateKubeYaml("pod", p, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).To(ExitWithError()) + + p = getPod(withPodInitCtr(getCtr(withImage(ALPINE), withCmd([]string{"echo", "hello"}), withInitCtr(), withName("initctr"))), withCtr(getCtr(withImage(ALPINE), withName("initctr"), withCmd([]string{"top"})))) + + err = generateKubeYaml("pod", p, kubeYaml) + Expect(err).To(BeNil()) + + kube = podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).To(ExitWithError()) + }) + It("podman play kube test hostname", func() { pod := getPod() err := generateKubeYaml("pod", pod, kubeYaml) diff --git a/test/e2e/pod_rm_test.go b/test/e2e/pod_rm_test.go index 7a0d97d28..dbb2d6d13 100644 --- a/test/e2e/pod_rm_test.go +++ b/test/e2e/pod_rm_test.go @@ -2,6 +2,7 @@ package integration import ( "fmt" + "io/fs" "io/ioutil" "os" "path/filepath" @@ -46,14 +47,14 @@ var _ = Describe("Podman pod rm", func() { Expect(result).Should(Exit(0)) // Also check that we don't leak cgroups - err := filepath.Walk("/sys/fs/cgroup", func(path string, info os.FileInfo, err error) error { + err := filepath.WalkDir("/sys/fs/cgroup", func(path string, d fs.DirEntry, err error) error { if err != nil { return err } - if !info.IsDir() { + if !d.IsDir() { Expect(err).To(BeNil()) } - if strings.Contains(info.Name(), podid) { + if strings.Contains(d.Name(), podid) { return fmt.Errorf("leaking cgroup path %s", path) } return nil diff --git a/test/e2e/system_df_test.go b/test/e2e/system_df_test.go index 2d75316ad..a9fa5f4ac 100644 --- a/test/e2e/system_df_test.go +++ b/test/e2e/system_df_test.go @@ -41,11 +41,17 @@ var _ = Describe("podman system df", func() { session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - session = podmanTest.Podman([]string{"volume", "create", "data"}) + // run two containers with volumes to create something in the volume + session = podmanTest.Podman([]string{"run", "-v", "data1:/data", "--name", "container1", BB, "sh", "-c", "echo test > /data/1"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - session = podmanTest.Podman([]string{"create", "-v", "data:/data", "--name", "container1", BB}) + session = podmanTest.Podman([]string{"run", "-v", "data2:/data", "--name", "container2", BB, "sh", "-c", "echo test > /data/1"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + // remove one container, we keep the volume + session = podmanTest.Podman([]string{"rm", "container2"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) @@ -61,9 +67,10 @@ var _ = Describe("podman system df", func() { images := strings.Fields(session.OutputToStringArray()[1]) containers := strings.Fields(session.OutputToStringArray()[2]) volumes := strings.Fields(session.OutputToStringArray()[3]) - Expect(images[1]).To(Equal(string(totImages))) - Expect(containers[1]).To(Equal("2")) - Expect(volumes[2]).To(Equal("1")) + Expect(images[1]).To(Equal(string(totImages)), "total images expected") + Expect(containers[1]).To(Equal("2"), "total containers expected") + Expect(volumes[2]).To(Equal("2"), "total volumes expected") + Expect(volumes[6]).To(Equal("(50%)"), "percentage usage expected") }) It("podman system df image with no tag", func() { diff --git a/test/e2e/system_service_test.go b/test/e2e/system_service_test.go index dcf5e03b2..2bc7756d6 100644 --- a/test/e2e/system_service_test.go +++ b/test/e2e/system_service_test.go @@ -58,6 +58,7 @@ var _ = Describe("podman system service", func() { const magicComment = "pprof service listening on" It("are available", func() { + Skip("FIXME: Test is too flaky (#12624)") SkipIfRemote("service subcommand not supported remotely") address := url.URL{ @@ -97,6 +98,7 @@ var _ = Describe("podman system service", func() { }) It("are not available", func() { + Skip("FIXME: Test is too flaky (#12624)") SkipIfRemote("service subcommand not supported remotely") address := url.URL{ diff --git a/test/e2e/systemd_test.go b/test/e2e/systemd_test.go index f8d8db592..57fc323ce 100644 --- a/test/e2e/systemd_test.go +++ b/test/e2e/systemd_test.go @@ -1,8 +1,10 @@ package integration import ( + "fmt" "io/ioutil" "os" + "path/filepath" "strings" . "github.com/containers/podman/v4/test/utils" @@ -130,6 +132,31 @@ WantedBy=default.target Expect(conData[0].Config.SystemdMode).To(BeTrue()) }) + It("podman systemd in command triggers systemd mode", func() { + containerfile := fmt.Sprintf(`FROM %s +RUN mkdir -p /usr/lib/systemd/; touch /usr/lib/systemd/systemd +CMD /usr/lib/systemd/systemd`, ALPINE) + + containerfilePath := filepath.Join(podmanTest.TempDir, "Containerfile") + err := ioutil.WriteFile(containerfilePath, []byte(containerfile), 0755) + Expect(err).To(BeNil()) + session := podmanTest.Podman([]string{"build", "-t", "systemd", "--file", containerfilePath, podmanTest.TempDir}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + ctrName := "testCtr" + run := podmanTest.Podman([]string{"create", "--name", ctrName, "systemd"}) + run.WaitWithDefaultTimeout() + Expect(run).Should(Exit(0)) + + result := podmanTest.Podman([]string{"inspect", ctrName}) + result.WaitWithDefaultTimeout() + Expect(result).Should(Exit(0)) + conData := result.InspectContainerToJSON() + Expect(conData).To(HaveLen(1)) + Expect(conData[0].Config.SystemdMode).To(BeTrue()) + }) + It("podman create container with --uidmap and conmon PidFile accessible", func() { ctrName := "testCtrUidMap" run := podmanTest.Podman([]string{"run", "-d", "--uidmap=0:1:1000", "--name", ctrName, ALPINE, "top"}) diff --git a/test/system/010-images.bats b/test/system/010-images.bats index ebd71450f..dbf4b2828 100644 --- a/test/system/010-images.bats +++ b/test/system/010-images.bats @@ -248,8 +248,7 @@ Labels.created_at | 20[0-9-]\\\+T[0-9:]\\\+Z run_podman inspect --format '{{.ID}}' $IMAGE imageID=$output - run_podman version --format "{{.Server.Version}}-{{.Server.Built}}" - pauseImage=localhost/podman-pause:$output + pauseImage=$(pause_image) run_podman inspect --format '{{.ID}}' $pauseImage pauseID=$output diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 94256b215..e7c4b5b6f 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -607,7 +607,7 @@ EOF done } -# Regression test for #9867 +# Regression test for #9867 and #13529 # Make sure that if you exclude everything in context dir, that # the Containerfile/Dockerfile in the context dir are used @test "podman build with ignore '*'" { @@ -622,6 +622,15 @@ cat >$tmpdir/.dockerignore <<EOF * EOF + # Prior to the fix for #13529, pod-create would fail with 'error building + # at STEP COPY .../catatonit' because of the local .dockerignore file was + # used. + pushd "${tmpdir}" + run_podman pod create + run_podman pod rm $output + run_podman rmi $(pause_image) + popd + run_podman build -t build_test $tmpdir # Rename Containerfile to Dockerfile diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats index 34dfaa8f6..f5fe41924 100644 --- a/test/system/200-pod.bats +++ b/test/system/200-pod.bats @@ -6,13 +6,7 @@ load helpers function teardown() { run_podman pod rm -f -t 0 -a run_podman rm -f -t 0 -a - run_podman image list --format '{{.ID}} {{.Repository}}' - while read id name; do - if [[ "$name" =~ /podman-pause ]]; then - run_podman rmi $id - fi - done <<<"$output" - + run_podman rmi --ignore $(pause_image) basic_teardown } @@ -323,16 +317,17 @@ EOF @test "podman pod create should fail when infra-name is already in use" { local infra_name="infra_container_$(random_string 10 | tr A-Z a-z)" + local infra_image="k8s.gcr.io/pause:3.5" local pod_name="$(random_string 10 | tr A-Z a-z)" - run_podman --noout pod create --name $pod_name --infra-name "$infra_name" --infra-image "k8s.gcr.io/pause:3.5" - is "$output" "" "output should be empty" + run_podman --noout pod create --name $pod_name --infra-name "$infra_name" --infra-image "$infra_image" + is "$output" "" "output from pod create should be empty" run_podman '?' pod create --infra-name "$infra_name" if [ $status -eq 0 ]; then die "Podman should fail when user try to create two pods with the same infra-name value" fi run_podman pod rm -f $pod_name - run_podman images -a + run_podman rmi $infra_image } @test "podman pod create --share" { diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index 4b1a22981..ae830291f 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -632,4 +632,25 @@ EOF is "$output" ".*nameserver $subnet.1.*" "integrated dns nameserver is set" } +@test "podman run port forward range" { + for netmode in bridge slirp4netns:port_handler=slirp4netns slirp4netns:port_handler=rootlesskit; do + local port=$(random_free_port) + local end_port=$(( $port + 2 )) + local range="$port-$end_port:$port-$end_port" + local random=$(random_string) + + run_podman run --network $netmode -p "$range" -d $IMAGE sleep inf + cid="$output" + for port in $(seq $port $end_port); do + run_podman exec -d $cid nc -l -p $port -e /bin/cat + # -w 1 adds a 1 second timeout, for some reason ubuntus ncat doesn't close the connection on EOF, + # other options to change this are not portable across distros but -w seems to work + run nc -w 1 127.0.0.1 $port <<<$random + is "$output" "$random" "ncat got data back (netmode=$netmode port=$port)" + done + + run_podman rm -f -t0 $cid + done +} + # vim: filetype=sh diff --git a/test/system/helpers.bash b/test/system/helpers.bash index 221315b97..0d336592f 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -383,6 +383,15 @@ function journald_unavailable() { return 1 } +# Returns the name of the local pause image. +function pause_image() { + # This function is intended to be used as '$(pause_image)', i.e. + # our caller wants our output. run_podman() messes with output because + # it emits the command invocation to stdout, hence the redirection. + run_podman version --format "{{.Server.Version}}-{{.Server.Built}}" >/dev/null + echo "localhost/podman-pause:$output" +} + ########################### # _add_label_if_missing # make sure skip messages include rootless/remote ########################### diff --git a/test/upgrade/test-upgrade.bats b/test/upgrade/test-upgrade.bats index 58e4fe0a3..063f4d624 100644 --- a/test/upgrade/test-upgrade.bats +++ b/test/upgrade/test-upgrade.bats @@ -105,7 +105,7 @@ podman \$opts run -d --name myrunningcontainer --label mylabel=$LABEL_RUNNING \ podman \$opts pod create --name mypod -podman \$opts network create mynetwork +podman \$opts network create --disable-dns mynetwork echo READY while :;do @@ -113,7 +113,10 @@ while :;do echo STOPPING podman \$opts stop -t 0 myrunningcontainer || true podman \$opts rm -f myrunningcontainer || true - podman \$opts network rm -f mynetwork + # sigh, network rm fails with exec: "ip": executable file not found in $PATH + # we cannot change the images afterwards so we remove it manually (#11403) + # hardcode /etc/cni/net.d dir for now + podman \$opts network rm -f mynetwork || rm -f /etc/cni/net.d/mynetwork.conflist exit 0 fi sleep 0.5 @@ -124,17 +127,14 @@ EOF # Clean up vestiges of previous run $PODMAN rm -f podman_parent || true - - local netname=testnet-$(random_string 10) - $PODMAN network create $netname - # Not entirely a NOP! This is just so we get the /run/... mount points created on a CI VM - # --mac-address is needed to create /run/cni, --network is needed to create /run/containers for dnsname - $PODMAN run --rm --mac-address 78:28:a6:8d:24:8a --network $netname $OLD_PODMAN true - $PODMAN network rm -f $netname + # Also use --network host to prevent any netavark/cni conflicts + $PODMAN run --rm --network host $OLD_PODMAN true # Podman 4.0 might no longer use cni so /run/cni and /run/containers will no be created in this case - mkdir -p /run/cni /run/containers + # Create directories manually to fix this. Also running with netavark can + # cause connectivity issues since cni and netavark should never be mixed. + mkdir -p /run/netns /run/cni /run/containers /var/lib/cni /etc/cni/net.d # @@ -242,6 +242,8 @@ failed | exited | 17 # if we can connect on an existing running container @test "network - connect" { skip_if_version_older 2.2.0 + touch $PODMAN_UPGRADE_WORKDIR/ran-network-connect-test + run_podman network connect mynetwork myrunningcontainer run_podman network disconnect podman myrunningcontainer run curl --max-time 3 -s 127.0.0.1:$HOST_PORT/index.txt @@ -250,7 +252,26 @@ failed | exited | 17 @test "network - restart" { # restart the container and check if we can still use the port + + # https://github.com/containers/podman/issues/13679 + # The upgrade to podman4 changes the network db format. + # While it is compatible from 3.X to 4.0 it will fail the other way around. + # This can be the case when the cleanup process runs before the stop process + # can do the cleanup. + + # Since there is no easy way to fix this and downgrading is not something + # we support, just fix this bug in the tests by manually calling + # network disconnect to teardown the netns. + if test -e $PODMAN_UPGRADE_WORKDIR/ran-network-connect-test; then + run_podman network disconnect mynetwork myrunningcontainer + fi + run_podman stop -t0 myrunningcontainer + + # now connect again, do this before starting the container + if test -e $PODMAN_UPGRADE_WORKDIR/ran-network-connect-test; then + run_podman network connect mynetwork myrunningcontainer + fi run_podman start myrunningcontainer run curl --max-time 3 -s 127.0.0.1:$HOST_PORT/index.txt is "$output" "$RANDOM_STRING_1" "curl on restarted container" |