diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/apiv2/20-containers.at | 3 | ||||
| -rwxr-xr-x | test/buildah-bud/apply-podman-deltas | 12 | ||||
| -rw-r--r-- | test/buildah-bud/buildah-tests.diff | 21 | ||||
| -rw-r--r-- | test/e2e/create_test.go | 30 | ||||
| -rw-r--r-- | test/e2e/run_device_test.go | 5 | ||||
| -rw-r--r-- | test/e2e/system_service_test.go | 2 | ||||
| -rw-r--r-- | test/system/700-play.bats | 65 |
7 files changed, 128 insertions, 10 deletions
diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index cc5eda88e..49f8fb3fc 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -394,7 +394,8 @@ t GET containers/$cid/json 200 \ .Config.Healthcheck.Retries=3 # compat api: Test for mount options support -payload='{"Mounts":[{"Type":"tmpfs","Target":"/mnt/scratch","TmpfsOptions":{"SizeBytes":1024,"Mode":755}}]}' +# Sigh, JSON can't handle octal. 0755(octal) = 493(decimal) +payload='{"Mounts":[{"Type":"tmpfs","Target":"/mnt/scratch","TmpfsOptions":{"SizeBytes":1024,"Mode":493}}]}' t POST containers/create Image=$IMAGE HostConfig="$payload" 201 .Id~[0-9a-f]\\{64\\} cid=$(jq -r '.Id' <<<"$output") t GET containers/$cid/json 200 \ diff --git a/test/buildah-bud/apply-podman-deltas b/test/buildah-bud/apply-podman-deltas index dd5331091..26d7fc075 100755 --- a/test/buildah-bud/apply-podman-deltas +++ b/test/buildah-bud/apply-podman-deltas @@ -140,6 +140,18 @@ errmsg "no such file or directory" \ skip "N/A under podman" \ "bud-flags-order-verification" +# TODO +# Some of the podman tests in CI expects exit code 125, which might not be true +# since exit code from runtime is relayed as it is without any modification both +# in `buildah` and `podman`. Following behviour is seen when PR https://github.com/containers/buildah/pull/3809 +# added a test here https://github.com/containers/buildah/blob/main/tests/bud.bats#L3183 +# which relays exit code from runtime as it is, in case of both `podman` and `buildah`. +# However apart from this test case no other test case was able to trigger this behavior +# hence marking this test as an anomaly. Since its debatable if we should override this +# returned error number or not hence adding a note here. +skip "podman CI expects all exit code to be 125 this test has anomaly behaviour" \ + "bud with --add-host" + skip "does not work under podman" \ "bud without any arguments should succeed" diff --git a/test/buildah-bud/buildah-tests.diff b/test/buildah-bud/buildah-tests.diff index b1a19a522..ca38b5a10 100644 --- a/test/buildah-bud/buildah-tests.diff +++ b/test/buildah-bud/buildah-tests.diff @@ -1,15 +1,15 @@ -From c18638abfbc1066442cf6ff0b3f012a5c25a918e Mon Sep 17 00:00:00 2001 +From 1a5562929a85074a7498165191558f434bb30bf1 Mon Sep 17 00:00:00 2001 From: Ed Santiago <santiago@redhat.com> Date: Tue, 9 Feb 2021 17:28:05 -0700 Subject: [PATCH] tweaks for running buildah tests under podman Signed-off-by: Ed Santiago <santiago@redhat.com> --- - tests/helpers.bash | 72 +++++++++++++++++++++++++++++++++++++++++++--- - 1 file changed, 68 insertions(+), 4 deletions(-) + tests/helpers.bash | 73 +++++++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 69 insertions(+), 4 deletions(-) diff --git a/tests/helpers.bash b/tests/helpers.bash -index bd2794c9..ecf6ed7d 100644 +index 2bb6b429..0dc98a85 100644 --- a/tests/helpers.bash +++ b/tests/helpers.bash @@ -43,6 +43,23 @@ EOF @@ -63,8 +63,8 @@ index bd2794c9..ecf6ed7d 100644 + ${PODMAN_BINARY} ${ROOTDIR_OPTS} "$@" } - ################# -@@ -192,15 +221,41 @@ function run_buildah() { + # There are various scenarios where we would like to execute `tests` as rootless user, however certain commands like `buildah mount` +@@ -221,8 +250,35 @@ function run_buildah() { --retry) retry=3; shift;; # retry network flakes esac @@ -94,11 +94,14 @@ index bd2794c9..ecf6ed7d 100644 + fi + local cmd_basename=$(basename ${podman_or_buildah}) + ++ # Remember command args, for possible use in later diagnostic messages - MOST_RECENT_BUILDAH_COMMAND="buildah $*" + MOST_RECENT_BUILDAH_COMMAND="$cmd_basename $*" - while [ $retry -gt 0 ]; do + # If session is rootless and `buildah mount` is invoked, perform unshare, + # since normal user cannot mount a filesystem unless they're in a user namespace along with its own mount namespace. +@@ -236,8 +292,8 @@ function run_buildah() { retry=$(( retry - 1 )) # stdout is only emitted upon error; this echo is to help a debugger @@ -109,7 +112,7 @@ index bd2794c9..ecf6ed7d 100644 # without "quotes", multiple lines are glommed together into one if [ -n "$output" ]; then echo "$output" -@@ -499,6 +554,15 @@ function skip_if_no_docker() { +@@ -545,6 +601,15 @@ function skip_if_no_docker() { fi } @@ -126,5 +129,5 @@ index bd2794c9..ecf6ed7d 100644 daemondir=${TESTDIR}/git-daemon mkdir -p ${daemondir}/repo -- -2.34.1 +2.31.1 diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index 6a4a394ef..339fa66d8 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -706,4 +706,34 @@ var _ = Describe("Podman create", func() { Expect(create.ErrorToString()).To(ContainSubstring("cannot specify a new uid/gid map when entering a pod with an infra container")) }) + + It("podman create --chrootdirs inspection test", func() { + session := podmanTest.Podman([]string{"create", "--chrootdirs", "/var/local/qwerty", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + setup := podmanTest.Podman([]string{"container", "inspect", session.OutputToString()}) + setup.WaitWithDefaultTimeout() + Expect(setup).Should(Exit(0)) + + data := setup.InspectContainerToJSON() + Expect(data).To(HaveLen(1)) + Expect(data[0].Config.ChrootDirs).To(HaveLen(1)) + Expect(data[0].Config.ChrootDirs[0]).To(Equal("/var/local/qwerty")) + }) + + It("podman create --chrootdirs functionality test", func() { + session := podmanTest.Podman([]string{"create", "-t", "--chrootdirs", "/var/local/qwerty", ALPINE, "/bin/cat"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + ctrID := session.OutputToString() + + setup := podmanTest.Podman([]string{"start", ctrID}) + setup.WaitWithDefaultTimeout() + Expect(setup).Should(Exit(0)) + + setup = podmanTest.Podman([]string{"exec", ctrID, "cmp", "/etc/resolv.conf", "/var/local/qwerty/etc/resolv.conf"}) + setup.WaitWithDefaultTimeout() + Expect(setup).Should(Exit(0)) + }) }) diff --git a/test/e2e/run_device_test.go b/test/e2e/run_device_test.go index b8bdc84f8..479837dda 100644 --- a/test/e2e/run_device_test.go +++ b/test/e2e/run_device_test.go @@ -44,6 +44,11 @@ var _ = Describe("Podman run device", func() { session := podmanTest.Podman([]string{"run", "-q", "--security-opt", "label=disable", "--device", "/dev/kmsg", ALPINE, "test", "-c", "/dev/kmsg"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) + if !isRootless() { + session = podmanTest.Podman([]string{"run", "-q", "--security-opt", "label=disable", "--device", "/dev/kmsg", "--cap-add", "SYS_ADMIN", ALPINE, "head", "-n", "1", "/dev/kmsg"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + } }) It("podman run device rename test", func() { diff --git a/test/e2e/system_service_test.go b/test/e2e/system_service_test.go index dcf5e03b2..2bc7756d6 100644 --- a/test/e2e/system_service_test.go +++ b/test/e2e/system_service_test.go @@ -58,6 +58,7 @@ var _ = Describe("podman system service", func() { const magicComment = "pprof service listening on" It("are available", func() { + Skip("FIXME: Test is too flaky (#12624)") SkipIfRemote("service subcommand not supported remotely") address := url.URL{ @@ -97,6 +98,7 @@ var _ = Describe("podman system service", func() { }) It("are not available", func() { + Skip("FIXME: Test is too flaky (#12624)") SkipIfRemote("service subcommand not supported remotely") address := url.URL{ diff --git a/test/system/700-play.bats b/test/system/700-play.bats index 88c7cad87..8af4cd25b 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -168,3 +168,68 @@ _EOF run_podman pod rm -t 0 -f test_pod run_podman rmi -f userimage:latest } + +@test "podman play --build --context-dir" { + skip_if_remote "--build is not supported in context remote" + testUserYaml=" +apiVersion: v1 +kind: Pod +metadata: + labels: + app: test + name: test_pod +spec: + containers: + - command: + - id + env: + - name: PATH + value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + - name: TERM + value: xterm + - name: container + value: podman + image: quay.io/libpod/userimage + name: test + resources: {} +status: {} +" + +mkdir -p $PODMAN_TMPDIR/userimage +cat > $PODMAN_TMPDIR/userimage/Containerfile << _EOF +from $IMAGE +USER bin +_EOF + + echo "$testUserYaml" > $PODMAN_TMPDIR/test.yaml + run_podman 125 play kube --build --start=false $PODMAN_TMPDIR/test.yaml + run_podman play kube --replace --context-dir=$PODMAN_TMPDIR --build --start=false $PODMAN_TMPDIR/test.yaml + run_podman inspect --format "{{ .Config.User }}" test_pod-test + is "$output" bin "expect container within pod to run as the bin user" + + run_podman stop -a -t 0 + run_podman pod rm -t 0 -f test_pod + run_podman rmi -f userimage:latest + + cd $PODMAN_TMPDIR + run_podman play kube --replace --build --start=false $PODMAN_TMPDIR/test.yaml + run_podman inspect --format "{{ .Config.User }}" test_pod-test + is "$output" bin "expect container within pod to run as the bin user" + + run_podman stop -a -t 0 + run_podman pod rm -t 0 -f test_pod + run_podman rmi -f userimage:latest +} + +@test "podman play --annotation" { + TESTDIR=$PODMAN_TMPDIR/testdir + RANDOMSTRING=$(random_string 15) + mkdir -p $TESTDIR + echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml + run_podman play kube --annotation "name=$RANDOMSTRING" $PODMAN_TMPDIR/test.yaml + run_podman inspect --format "{{ .Config.Annotations }}" test_pod-test + is "$output" ".*name:$RANDOMSTRING" "Annotation should be added to pod" + + run_podman stop -a -t 0 + run_podman pod rm -t 0 -f test_pod +} |