summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/e2e/checkpoint_test.go95
-rw-r--r--test/e2e/config/containers-netns2.conf3
-rw-r--r--test/e2e/image_scp_test.go4
-rw-r--r--test/e2e/play_kube_test.go28
-rw-r--r--test/e2e/run_memory_test.go19
-rw-r--r--test/e2e/run_test.go48
-rw-r--r--test/python/docker/compat/test_containers.py14
-rw-r--r--test/system/011-image.bats54
-rw-r--r--test/system/035-logs.bats21
-rw-r--r--test/system/090-events.bats11
-rw-r--r--test/system/250-systemd.bats59
-rw-r--r--test/system/500-networking.bats2
-rw-r--r--test/system/700-play.bats6
13 files changed, 352 insertions, 12 deletions
diff --git a/test/e2e/checkpoint_test.go b/test/e2e/checkpoint_test.go
index be6b782b5..6b294802d 100644
--- a/test/e2e/checkpoint_test.go
+++ b/test/e2e/checkpoint_test.go
@@ -1,6 +1,7 @@
package integration
import (
+ "encoding/json"
"fmt"
"net"
"os"
@@ -12,6 +13,7 @@ import (
"github.com/checkpoint-restore/go-criu/v5/stats"
"github.com/containers/podman/v3/pkg/checkpoint/crutils"
"github.com/containers/podman/v3/pkg/criu"
+ "github.com/containers/podman/v3/pkg/domain/entities"
. "github.com/containers/podman/v3/test/utils"
"github.com/containers/podman/v3/utils"
. "github.com/onsi/ginkgo"
@@ -1244,4 +1246,97 @@ var _ = Describe("Podman checkpoint", func() {
// Remove exported checkpoint
os.Remove(fileName)
})
+
+ It("podman checkpoint and restore containers with --print-stats", func() {
+ session1 := podmanTest.Podman(getRunString([]string{redis}))
+ session1.WaitWithDefaultTimeout()
+ Expect(session1).Should(Exit(0))
+
+ session2 := podmanTest.Podman(getRunString([]string{redis, "top"}))
+ session2.WaitWithDefaultTimeout()
+ Expect(session2).Should(Exit(0))
+
+ result := podmanTest.Podman([]string{
+ "container",
+ "checkpoint",
+ "-a",
+ "--print-stats",
+ })
+ result.WaitWithDefaultTimeout()
+
+ Expect(result).Should(Exit(0))
+ Expect(podmanTest.NumberOfContainersRunning()).To(Equal(0))
+
+ type checkpointStatistics struct {
+ PodmanDuration int64 `json:"podman_checkpoint_duration"`
+ ContainerStatistics []*entities.CheckpointReport `json:"container_statistics"`
+ }
+
+ cS := new(checkpointStatistics)
+ err := json.Unmarshal([]byte(result.OutputToString()), cS)
+ Expect(err).ShouldNot(HaveOccurred())
+
+ Expect(len(cS.ContainerStatistics)).To(Equal(2))
+ Expect(cS.PodmanDuration).To(BeNumerically(">", cS.ContainerStatistics[0].RuntimeDuration))
+ Expect(cS.PodmanDuration).To(BeNumerically(">", cS.ContainerStatistics[1].RuntimeDuration))
+ Expect(cS.ContainerStatistics[0].RuntimeDuration).To(
+ BeNumerically(">", cS.ContainerStatistics[0].CRIUStatistics.FrozenTime),
+ )
+ Expect(cS.ContainerStatistics[1].RuntimeDuration).To(
+ BeNumerically(">", cS.ContainerStatistics[1].CRIUStatistics.FrozenTime),
+ )
+
+ ps := podmanTest.Podman([]string{
+ "ps",
+ "-q",
+ "--no-trunc",
+ })
+ ps.WaitWithDefaultTimeout()
+ Expect(ps).Should(Exit(0))
+ Expect(ps.LineInOutputContains(session1.OutputToString())).To(BeFalse())
+ Expect(ps.LineInOutputContains(session2.OutputToString())).To(BeFalse())
+
+ result = podmanTest.Podman([]string{
+ "container",
+ "restore",
+ "-a",
+ "--print-stats",
+ })
+ result.WaitWithDefaultTimeout()
+
+ Expect(result).Should(Exit(0))
+ Expect(podmanTest.NumberOfContainersRunning()).To(Equal(2))
+ Expect(podmanTest.GetContainerStatus()).To(ContainSubstring("Up"))
+ Expect(podmanTest.GetContainerStatus()).To(Not(ContainSubstring("Exited")))
+
+ type restoreStatistics struct {
+ PodmanDuration int64 `json:"podman_restore_duration"`
+ ContainerStatistics []*entities.RestoreReport `json:"container_statistics"`
+ }
+
+ rS := new(restoreStatistics)
+ err = json.Unmarshal([]byte(result.OutputToString()), rS)
+ Expect(err).ShouldNot(HaveOccurred())
+
+ Expect(len(cS.ContainerStatistics)).To(Equal(2))
+ Expect(cS.PodmanDuration).To(BeNumerically(">", cS.ContainerStatistics[0].RuntimeDuration))
+ Expect(cS.PodmanDuration).To(BeNumerically(">", cS.ContainerStatistics[1].RuntimeDuration))
+ Expect(cS.ContainerStatistics[0].RuntimeDuration).To(
+ BeNumerically(">", cS.ContainerStatistics[0].CRIUStatistics.RestoreTime),
+ )
+ Expect(cS.ContainerStatistics[1].RuntimeDuration).To(
+ BeNumerically(">", cS.ContainerStatistics[1].CRIUStatistics.RestoreTime),
+ )
+
+ result = podmanTest.Podman([]string{
+ "rm",
+ "-t",
+ "0",
+ "-fa",
+ })
+ result.WaitWithDefaultTimeout()
+ Expect(result).Should(Exit(0))
+ Expect(podmanTest.NumberOfContainersRunning()).To(Equal(0))
+ })
+
})
diff --git a/test/e2e/config/containers-netns2.conf b/test/e2e/config/containers-netns2.conf
new file mode 100644
index 000000000..1ffd100f5
--- /dev/null
+++ b/test/e2e/config/containers-netns2.conf
@@ -0,0 +1,3 @@
+[containers]
+
+netns = "bridge"
diff --git a/test/e2e/image_scp_test.go b/test/e2e/image_scp_test.go
index acea2993d..3e7e8da48 100644
--- a/test/e2e/image_scp_test.go
+++ b/test/e2e/image_scp_test.go
@@ -78,6 +78,10 @@ var _ = Describe("podman image scp", func() {
list.WaitWithDefaultTimeout()
Expect(list).To(Exit(0))
Expect(list.LineInOutputStartsWith("quay.io/libpod/alpine")).To(BeTrue())
+
+ scp = podmanTest.PodmanAsUser([]string{"image", "scp", "root@localhost::" + ALPINE}, 0, 0, "", env) //transfer from root to rootless (us)
+ scp.WaitWithDefaultTimeout()
+ Expect(scp).To(Exit(0))
})
It("podman image scp bogus image", func() {
diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
index b0b927445..64b46756f 100644
--- a/test/e2e/play_kube_test.go
+++ b/test/e2e/play_kube_test.go
@@ -2786,6 +2786,34 @@ invalid kube kind
Expect(exists).To(Exit(0))
})
+ It("podman play kube use network mode from config", func() {
+ confPath, err := filepath.Abs("config/containers-netns2.conf")
+ Expect(err).ToNot(HaveOccurred())
+ os.Setenv("CONTAINERS_CONF", confPath)
+ defer os.Unsetenv("CONTAINERS_CONF")
+ if IsRemote() {
+ podmanTest.RestartRemoteService()
+ }
+
+ pod := getPod()
+ err = generateKubeYaml("pod", pod, kubeYaml)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube).Should(Exit(0))
+
+ podInspect := podmanTest.Podman([]string{"pod", "inspect", pod.Name, "--format", "{{.InfraContainerID}}"})
+ podInspect.WaitWithDefaultTimeout()
+ Expect(podInspect).To(Exit(0))
+ infraID := podInspect.OutputToString()
+
+ inspect := podmanTest.Podman([]string{"inspect", "--format", "{{.HostConfig.NetworkMode}}", infraID})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect).To(Exit(0))
+ Expect(inspect.OutputToString()).To(Equal("bridge"))
+ })
+
It("podman play kube replace", func() {
pod := getPod()
err := generateKubeYaml("pod", pod, kubeYaml)
diff --git a/test/e2e/run_memory_test.go b/test/e2e/run_memory_test.go
index e2f2937ba..04952bb03 100644
--- a/test/e2e/run_memory_test.go
+++ b/test/e2e/run_memory_test.go
@@ -1,6 +1,7 @@
package integration
import (
+ "fmt"
"os"
"strconv"
@@ -67,13 +68,17 @@ var _ = Describe("Podman run memory", func() {
Expect(session.OutputToString()).To(Equal("41943040"))
})
- It("podman run memory-swappiness test", func() {
- SkipIfCgroupV2("memory-swappiness not supported on cgroupV2")
- session := podmanTest.Podman([]string{"run", "--memory-swappiness=15", ALPINE, "cat", "/sys/fs/cgroup/memory/memory.swappiness"})
- session.WaitWithDefaultTimeout()
- Expect(session).Should(Exit(0))
- Expect(session.OutputToString()).To(Equal("15"))
- })
+ for _, limit := range []string{"0", "15", "100"} {
+ limit := limit // Keep this value in a proper scope
+ testName := fmt.Sprintf("podman run memory-swappiness test(%s)", limit)
+ It(testName, func() {
+ SkipIfCgroupV2("memory-swappiness not supported on cgroupV2")
+ session := podmanTest.Podman([]string{"run", fmt.Sprintf("--memory-swappiness=%s", limit), ALPINE, "cat", "/sys/fs/cgroup/memory/memory.swappiness"})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).To(Equal(limit))
+ })
+ }
It("podman run kernel-memory test", func() {
if podmanTest.Host.Distribution == "ubuntu" {
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index ed2d8938d..d6d729d3a 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -1723,6 +1723,50 @@ WORKDIR /madethis`, BB)
})
+ It("podman run --secret source=mysecret,type=mount with target", func() {
+ secretsString := "somesecretdata"
+ secretFilePath := filepath.Join(podmanTest.TempDir, "secret")
+ err := ioutil.WriteFile(secretFilePath, []byte(secretsString), 0755)
+ Expect(err).To(BeNil())
+
+ session := podmanTest.Podman([]string{"secret", "create", "mysecret_target", secretFilePath})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+
+ session = podmanTest.Podman([]string{"run", "--secret", "source=mysecret_target,type=mount,target=hello", "--name", "secr_target", ALPINE, "cat", "/run/secrets/hello"})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).To(Equal(secretsString))
+
+ session = podmanTest.Podman([]string{"inspect", "secr_target", "--format", " {{(index .Config.Secrets 0).Name}}"})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).To(ContainSubstring("mysecret_target"))
+
+ })
+
+ It("podman run --secret source=mysecret,type=mount with target at /tmp", func() {
+ secretsString := "somesecretdata"
+ secretFilePath := filepath.Join(podmanTest.TempDir, "secret")
+ err := ioutil.WriteFile(secretFilePath, []byte(secretsString), 0755)
+ Expect(err).To(BeNil())
+
+ session := podmanTest.Podman([]string{"secret", "create", "mysecret_target2", secretFilePath})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+
+ session = podmanTest.Podman([]string{"run", "--secret", "source=mysecret_target2,type=mount,target=/tmp/hello", "--name", "secr_target2", ALPINE, "cat", "/tmp/hello"})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).To(Equal(secretsString))
+
+ session = podmanTest.Podman([]string{"inspect", "secr_target2", "--format", " {{(index .Config.Secrets 0).Name}}"})
+ session.WaitWithDefaultTimeout()
+ Expect(session).Should(Exit(0))
+ Expect(session.OutputToString()).To(ContainSubstring("mysecret_target2"))
+
+ })
+
It("podman run --secret source=mysecret,type=env", func() {
secretsString := "somesecretdata"
secretFilePath := filepath.Join(podmanTest.TempDir, "secret")
@@ -1748,10 +1792,6 @@ WORKDIR /madethis`, BB)
session := podmanTest.Podman([]string{"secret", "create", "mysecret", secretFilePath})
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
- // target with mount type should fail
- session = podmanTest.Podman([]string{"run", "--secret", "source=mysecret,type=mount,target=anotherplace", "--name", "secr", ALPINE, "cat", "/run/secrets/mysecret"})
- session.WaitWithDefaultTimeout()
- Expect(session).To(ExitWithError())
session = podmanTest.Podman([]string{"run", "--secret", "source=mysecret,type=env,target=anotherplace", "--name", "secr", ALPINE, "printenv", "anotherplace"})
session.WaitWithDefaultTimeout()
diff --git a/test/python/docker/compat/test_containers.py b/test/python/docker/compat/test_containers.py
index 1ad1e7f15..e6f7d992d 100644
--- a/test/python/docker/compat/test_containers.py
+++ b/test/python/docker/compat/test_containers.py
@@ -251,3 +251,17 @@ class TestContainers(unittest.TestCase):
ctr.start()
ret, out = ctr.exec_run(["stat", "-c", "%u:%g", "/workspace"])
self.assertEqual(out.rstrip(), b'1042:1043', "UID/GID set in dockerfile")
+
+
+ def test_non_existant_workdir(self):
+ dockerfile = (B'FROM quay.io/libpod/alpine:latest\n'
+ B'USER root\n'
+ B'WORKDIR /workspace/scratch\n'
+ B'RUN touch test')
+ img: Image
+ img, out = self.client.images.build(fileobj=io.BytesIO(dockerfile))
+ ctr: Container = self.client.containers.create(image=img.id, detach=True, command="top",
+ volumes=["test_non_existant_workdir:/workspace"])
+ ctr.start()
+ ret, out = ctr.exec_run(["stat", "/workspace/scratch/test"])
+ self.assertEqual(ret, 0, "Working directory created if it doesn't exist")
diff --git a/test/system/011-image.bats b/test/system/011-image.bats
new file mode 100644
index 000000000..5150e875e
--- /dev/null
+++ b/test/system/011-image.bats
@@ -0,0 +1,54 @@
+#!/usr/bin/env bats
+
+load helpers
+
+function setup() {
+ skip_if_remote "--sign-by does not work with podman-remote"
+
+ basic_setup
+
+ export _GNUPGHOME_TMP=$PODMAN_TMPDIR/.gnupg
+ mkdir --mode=0700 $_GNUPGHOME_TMP $PODMAN_TMPDIR/signatures
+
+ cat >$PODMAN_TMPDIR/keydetails <<EOF
+ %echo Generating a basic OpenPGP key
+ Key-Type: RSA
+ Key-Length: 2048
+ Subkey-Type: RSA
+ Subkey-Length: 2048
+ Name-Real: Foo
+ Name-Comment: Foo
+ Name-Email: foo@bar.com
+ Expire-Date: 0
+ %no-ask-passphrase
+ %no-protection
+ # Do a commit here, so that we can later print "done" :-)
+ %commit
+ %echo done
+EOF
+ GNUPGHOME=$_GNUPGHOME_TMP gpg --verbose --batch --gen-key $PODMAN_TMPDIR/keydetails
+}
+
+function check_signature() {
+ local sigfile=$1
+ ls -laR $PODMAN_TMPDIR/signatures
+ run_podman inspect --format '{{.Digest}}' $PODMAN_TEST_IMAGE_FQN
+ local repodigest=${output/:/=}
+
+ local dir="$PODMAN_TMPDIR/signatures/libpod/${PODMAN_TEST_IMAGE_NAME}@${repodigest}"
+ test -d $dir || die "Missing signature directory $dir"
+ test -e "$dir/$sigfile" || die "Missing signature file '$sigfile'"
+
+ # Confirm good signature
+ run env GNUPGHOME=$_GNUPGHOME_TMP gpg --verify "$dir/$sigfile"
+ is "$output" ".*Good signature from .Foo.*<foo@bar.com>" \
+ "gpg --verify $sigfile"
+}
+
+
+@test "podman image - sign with no sigfile" {
+ GNUPGHOME=$_GNUPGHOME_TMP run_podman image sign --sign-by foo@bar.com --directory $PODMAN_TMPDIR/signatures "docker://$PODMAN_TEST_IMAGE_FQN"
+ check_signature "signature-1"
+}
+
+# vim: filetype=sh
diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats
index 7fb3e62e4..44984eaad 100644
--- a/test/system/035-logs.bats
+++ b/test/system/035-logs.bats
@@ -89,6 +89,27 @@ ${cid[0]} d" "Sequential output from logs"
_log_test_multi journald
}
+function _log_test_restarted() {
+ run_podman run --log-driver=$1 --name logtest $IMAGE sh -c 'start=0; if test -s log; then start=`tail -n 1 log`; fi; seq `expr $start + 1` `expr $start + 10` | tee -a log'
+ run_podman start -a logtest
+ logfile=$(mktemp -p ${PODMAN_TMPDIR} logfileXXXXXXXX)
+ $PODMAN $_PODMAN_TEST_OPTS logs -f logtest > $logfile
+ expected=$(mktemp -p ${PODMAN_TMPDIR} expectedXXXXXXXX)
+ seq 1 20 > $expected
+ diff -u ${expected} ${logfile}
+}
+
+@test "podman logs restarted - k8s-file" {
+ _log_test_restarted k8s-file
+}
+
+@test "podman logs restarted journald" {
+ # We can't use journald on RHEL as rootless: rhbz#1895105
+ skip_if_journald_unavailable
+
+ _log_test_restarted journald
+}
+
@test "podman logs - journald log driver requires journald events backend" {
skip_if_remote "remote does not support --events-backend"
# We can't use journald on RHEL as rootless: rhbz#1895105
diff --git a/test/system/090-events.bats b/test/system/090-events.bats
index 1fb542ccd..5af6a3793 100644
--- a/test/system/090-events.bats
+++ b/test/system/090-events.bats
@@ -102,6 +102,17 @@ function _events_disjunctive_filters() {
_events_disjunctive_filters --events-backend=journald
}
+@test "events with file backend and journald logdriver with --follow failure" {
+ skip_if_remote "remote does not support --events-backend"
+ skip_if_journald_unavailable "system does not support journald events"
+ run_podman --events-backend=file run --log-driver=journald --name=test $IMAGE echo hi
+ is "$output" "hi" "Should support events-backend=file"
+
+ run_podman 125 --events-backend=file logs --follow test
+ is "$output" "Error: using --follow with the journald --log-driver but without the journald --events-backend (file) is not supported" "Should fail with reasonable error message when events-backend and events-logger do not match"
+
+}
+
@test "events with disjunctive filters - default" {
_events_disjunctive_filters ""
}
diff --git a/test/system/250-systemd.bats b/test/system/250-systemd.bats
index 98241c309..1c778a5e3 100644
--- a/test/system/250-systemd.bats
+++ b/test/system/250-systemd.bats
@@ -9,6 +9,7 @@ load helpers.systemd
SERVICE_NAME="podman_test_$(random_string)"
UNIT_FILE="$UNIT_DIR/$SERVICE_NAME.service"
+TEMPLATE_FILE_PREFIX="$UNIT_DIR/$SERVICE_NAME"
function setup() {
skip_if_remote "systemd tests are meaningless over remote"
@@ -201,4 +202,62 @@ LISTEN_FDNAMES=listen_fdnames" "LISTEN Environment passed: $context"
check_listen_env "$stdenv" "podman start"
}
+@test "podman generate - systemd template" {
+ cname=$(random_string)
+ run_podman create --name $cname $IMAGE top
+
+ run_podman generate systemd --template -n $cname
+ echo "$output" > "$TEMPLATE_FILE_PREFIX@.service"
+ run_podman rm -f $cname
+
+ systemctl daemon-reload
+
+ INSTANCE="$SERVICE_NAME@1.service"
+ run systemctl start "$INSTANCE"
+ if [ $status -ne 0 ]; then
+ die "Error starting systemd unit $INSTANCE, output: $output"
+ fi
+
+ run systemctl status "$INSTANCE"
+ if [ $status -ne 0 ]; then
+ die "Non-zero status of systemd unit $INSTANCE, output: $output"
+ fi
+
+ run systemctl stop "$INSTANCE"
+ if [ $status -ne 0 ]; then
+ die "Error stopping systemd unit $INSTANCE, output: $output"
+ fi
+
+ if [[ -z "$status" ]]; then
+ run systemctl is-active "$INSTANCE"
+ if [ $status -ne 0 ]; then
+ die "Error checking stauts of systemd unit $INSTANCE, output: $output"
+ fi
+ is "$output" "$status" "$INSTANCE not in expected state"
+ fi
+
+ rm -f "$TEMPLATE_FILE_PREFIX@.service"
+ systemctl daemon-reload
+}
+
+@test "podman generate - systemd template no support for pod" {
+ cname=$(random_string)
+ podname=$(random_string)
+ run_podman pod create --name $podname
+ run_podman run --pod $podname -dt --name $cname $IMAGE top
+
+ run_podman 125 generate systemd --new --template -n $podname
+ is "$output" ".*--template is not supported for pods.*" "Error message contains 'not supported'"
+
+ run_podman rm -f $cname
+ run_podman pod rm -f $podname
+}
+
+@test "podman generate - systemd template only used on --new" {
+ cname=$(random_string)
+ run_podman create --name $cname $IMAGE top
+ run_podman 125 generate systemd --new=false --template -n $cname
+ is "$output" ".*--template cannot be set" "Error message should be '--template requires --new'"
+}
+
# vim: filetype=sh
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
index 21350ed36..deadfa90a 100644
--- a/test/system/500-networking.bats
+++ b/test/system/500-networking.bats
@@ -172,7 +172,7 @@ load helpers
# FIXME: debugging for #11871
run_podman exec $cid cat /etc/resolv.conf
- if is_rootless; then
+ if is_rootless && ! is_remote; then
run_podman unshare --rootless-cni cat /etc/resolv.conf
fi
ps uxww
diff --git a/test/system/700-play.bats b/test/system/700-play.bats
index 8cf279ada..c3e5e9354 100644
--- a/test/system/700-play.bats
+++ b/test/system/700-play.bats
@@ -76,6 +76,12 @@ RELABEL="system_u:object_r:container_file_t:s0"
is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened"
fi
+ # Make sure that the K8s pause image isn't pulled but the local podman-pause is built.
+ run_podman images
+ run_podman 1 image exists k8s.gcr.io/pause
+ run_podman version --format "{{.Server.Version}}-{{.Server.Built}}"
+ run_podman image exists localhost/podman-pause:$output
+
run_podman stop -a -t 0
run_podman pod rm -t 0 -f test_pod
}