diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/apiv2/10-images.at | 15 | ||||
| -rw-r--r-- | test/apiv2/20-containers.at | 3 | ||||
| -rw-r--r-- | test/e2e/build_test.go | 13 | ||||
| -rw-r--r-- | test/e2e/containers_conf_test.go | 18 | ||||
| -rw-r--r-- | test/e2e/login_logout_test.go | 2 | ||||
| -rw-r--r-- | test/e2e/network_test.go | 8 | ||||
| -rw-r--r-- | test/e2e/play_kube_test.go | 147 | ||||
| -rw-r--r-- | test/e2e/run_networking_test.go | 2 | ||||
| -rw-r--r-- | test/e2e/run_test.go | 8 | ||||
| -rw-r--r-- | test/e2e/save_test.go | 5 | ||||
| -rw-r--r-- | test/e2e/system_df_test.go | 2 | ||||
| -rw-r--r-- | test/e2e/volume_create_test.go | 6 | ||||
| -rw-r--r-- | test/system/170-run-userns.bats | 13 | ||||
| -rw-r--r-- | test/system/200-pod.bats | 13 | ||||
| -rw-r--r-- | test/system/250-systemd.bats | 76 | ||||
| -rw-r--r-- | test/system/255-auto-update.bats | 12 | ||||
| -rw-r--r-- | test/system/260-sdnotify.bats | 48 | ||||
| -rw-r--r-- | test/system/700-play.bats | 59 | ||||
| -rw-r--r-- | test/system/helpers.bash | 26 |
19 files changed, 432 insertions, 44 deletions
diff --git a/test/apiv2/10-images.at b/test/apiv2/10-images.at index 9526183e3..fd04e3f1b 100644 --- a/test/apiv2/10-images.at +++ b/test/apiv2/10-images.at @@ -156,6 +156,17 @@ t GET images/json?filters='{"reference":["test1"]}' 200 length=1 t DELETE libpod/images/test1:latest 200 +# to be used in prune until filter tests +podman image build -t docker.io/library/test1:latest -<<EOF +from alpine +RUN >file4 +EOF +podman create --name test1 test1 echo hi + +t DELETE images/test1:latest 409 +podman rm test1 +t DELETE images/test1:latest 200 + t GET "images/get?names=alpine" 200 '[POSIX tar archive]' podman pull busybox @@ -190,6 +201,10 @@ t POST "libpod/build?dockerfile=containerfile" $CONTAINERFILE_TAR application/js t POST "build?dockerfile=containerfile" $CONTAINERFILE_TAR application/json 200 \ .stream~"STEP 1/1: FROM $IMAGE" +# Libpod: allow building from url: https://github.com/alpinelinux/docker-alpine.git and must ignore any provided tar +t POST "libpod/build?remote=https%3A%2F%2Fgithub.com%2Falpinelinux%2Fdocker-alpine.git" $CONTAINERFILE_TAR 200 \ + .stream~"STEP 1/5: FROM alpine:3.14" + # Build api response header must contain Content-type: application/json t POST "build?dockerfile=containerfile" $CONTAINERFILE_TAR application/json 200 response_headers=$(cat "$WORKDIR/curl.headers.out") diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index 7a38dfea0..4d32a1031 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -477,8 +477,7 @@ for endpoint in containers/create libpod/containers/create; do t POST libpod/containers/$cid/init 204 - t GET libpod/containers/$cid/json 200 \ - .HostsPath="" + t GET libpod/containers/$cid/json 200 t DELETE containers/$cid 204 done diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go index b5cec5fff..dcdd17143 100644 --- a/test/e2e/build_test.go +++ b/test/e2e/build_test.go @@ -786,17 +786,18 @@ RUN ls /dev/test1`, ALPINE) It("podman build use absolute path even if given relative", func() { containerFile := fmt.Sprintf(`FROM %s`, ALPINE) - err = os.Mkdir("relative", 0755) + relativeDir := filepath.Join(podmanTest.TempDir, "relativeDir") + containerFilePath := filepath.Join(relativeDir, "Containerfile") + buildRoot := filepath.Join(relativeDir, "build-root") + + err = os.Mkdir(relativeDir, 0755) Expect(err).To(BeNil()) - containerFilePath := filepath.Join("relative", "Containerfile") - err = os.Mkdir("relative/build-root", 0755) + err = os.Mkdir(buildRoot, 0755) Expect(err).To(BeNil()) err = ioutil.WriteFile(containerFilePath, []byte(containerFile), 0755) Expect(err).To(BeNil()) - build := podmanTest.Podman([]string{"build", "-f", "./relative/Containerfile", "./relative/build-root"}) + build := podmanTest.Podman([]string{"build", "-f", containerFilePath, buildRoot}) build.WaitWithDefaultTimeout() Expect(build).To(Exit(0)) - err = os.RemoveAll("relative") - Expect(err).To(BeNil()) }) }) diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go index b48e1ed62..819efa628 100644 --- a/test/e2e/containers_conf_test.go +++ b/test/e2e/containers_conf_test.go @@ -425,6 +425,7 @@ var _ = Describe("Verify podman containers.conf usage", func() { Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Equal("/var/tmp")) + storagePath := filepath.Join(podmanTest.TempDir, "storage") configPath := filepath.Join(podmanTest.TempDir, "containers.conf") os.Setenv("CONTAINERS_CONF", configPath) @@ -441,7 +442,7 @@ var _ = Describe("Verify podman containers.conf usage", func() { Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Equal("/foobar")) - containersConf = []byte("[engine]\nimage_copy_tmp_dir=\"storage\"") + containersConf = []byte(fmt.Sprintf("[engine]\nimage_copy_tmp_dir=%q", storagePath)) err = ioutil.WriteFile(configPath, containersConf, os.ModePerm) Expect(err).ToNot(HaveOccurred()) if IsRemote() { @@ -451,19 +452,18 @@ var _ = Describe("Verify podman containers.conf usage", func() { session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - Expect(session.Out.Contents()).To(ContainSubstring("containers/storage/tmp")) + Expect(session.Out.Contents()).To(ContainSubstring(storagePath)) containersConf = []byte("[engine]\nimage_copy_tmp_dir=\"storage1\"") err = ioutil.WriteFile(configPath, containersConf, os.ModePerm) Expect(err).ToNot(HaveOccurred()) - if IsRemote() { - podmanTest.RestartRemoteService() - } - session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"}) - session.WaitWithDefaultTimeout() - Expect(session).Should(Exit(0)) - Expect(session.Err.Contents()).To(ContainSubstring("invalid image_copy_tmp_dir")) + if !IsRemote() { + session = podmanTest.Podman([]string{"info", "--format", "{{.Store.ImageCopyTmpDir}}"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(125)) + Expect(session.Err.Contents()).To(ContainSubstring("invalid image_copy_tmp_dir value \"storage1\" (relative paths are not accepted)")) + } }) // FIXME not sure why this is here diff --git a/test/e2e/login_logout_test.go b/test/e2e/login_logout_test.go index bce8b78c6..3ae130c6d 100644 --- a/test/e2e/login_logout_test.go +++ b/test/e2e/login_logout_test.go @@ -142,7 +142,7 @@ var _ = Describe("Podman login and logout", func() { defer registriesConf.Close() defer os.Remove(registriesConf.Name()) - err = ioutil.WriteFile(registriesConf.Name(), []byte(registriesConfWithSearch), os.ModePerm) + err = ioutil.WriteFile(registriesConf.Name(), registriesConfWithSearch, os.ModePerm) Expect(err).To(BeNil()) // Environment is per-process, so this looks very unsafe; actually it seems fine because tests are not diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go index c67a4baed..715455521 100644 --- a/test/e2e/network_test.go +++ b/test/e2e/network_test.go @@ -475,7 +475,7 @@ var _ = Describe("Podman network", func() { defer podmanTest.removeNetwork(netName) Expect(session).Should(Exit(0)) - interval := time.Duration(250 * time.Millisecond) + interval := 250 * time.Millisecond for i := 0; i < 6; i++ { n := podmanTest.Podman([]string{"network", "exists", netName}) n.WaitWithDefaultTimeout() @@ -490,7 +490,7 @@ var _ = Describe("Podman network", func() { top := podmanTest.Podman([]string{"run", "-dt", "--name=web", "--network=" + netName, "--network-alias=web1", "--network-alias=web2", nginx}) top.WaitWithDefaultTimeout() Expect(top).Should(Exit(0)) - interval = time.Duration(250 * time.Millisecond) + interval = 250 * time.Millisecond // Wait for the nginx service to be running for i := 0; i < 6; i++ { // Test curl against the container's name @@ -526,7 +526,7 @@ var _ = Describe("Podman network", func() { defer podmanTest.removeNetwork(netName) Expect(session).Should(Exit(0)) - interval := time.Duration(250 * time.Millisecond) + interval := 250 * time.Millisecond for i := 0; i < 6; i++ { n := podmanTest.Podman([]string{"network", "exists", netName}) n.WaitWithDefaultTimeout() @@ -541,7 +541,7 @@ var _ = Describe("Podman network", func() { top := podmanTest.Podman([]string{"run", "-dt", "--name=web", "--network=" + netName, "--network-alias=web1", "--network-alias=web2", nginx}) top.WaitWithDefaultTimeout() Expect(top).Should(Exit(0)) - interval = time.Duration(250 * time.Millisecond) + interval = 250 * time.Millisecond // Wait for the nginx service to be running for i := 0; i < 6; i++ { // Test curl against the container's name diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index 216c3357c..31044f68b 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -21,6 +21,7 @@ import ( "github.com/containers/podman/v4/pkg/util" . "github.com/containers/podman/v4/test/utils" "github.com/containers/storage/pkg/stringid" + "github.com/google/uuid" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/onsi/gomega/format" @@ -3685,4 +3686,150 @@ ENV OPENJ9_JAVA_OPTIONS=%q Expect(usernsInCtr).Should(Exit(0)) Expect(string(usernsInCtr.Out.Contents())).To(Not(Equal(string(initialUsernsConfig)))) }) + + // Check the block devices are exposed inside container + It("ddpodman play kube expose block device inside container", func() { + SkipIfRootless("It needs root access to create devices") + + // randomize the folder name to avoid error when running tests with multiple nodes + uuid, err := uuid.NewUUID() + Expect(err).To(BeNil()) + devFolder := fmt.Sprintf("/dev/foodev%x", uuid[:6]) + Expect(os.MkdirAll(devFolder, os.ModePerm)).To(BeNil()) + defer os.RemoveAll(devFolder) + + devicePath := fmt.Sprintf("%s/blockdevice", devFolder) + mknod := SystemExec("mknod", []string{devicePath, "b", "7", "0"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + blockVolume := getHostPathVolume("BlockDevice", devicePath) + + pod := getPod(withVolume(blockVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + // Container should be in running state + inspect := podmanTest.Podman([]string{"inspect", "--format", "{{.State.Status}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring("running")) + + // Container should have a block device /dev/loop1 + inspect = podmanTest.Podman([]string{"inspect", "--format", "{{.HostConfig.Devices}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring(devicePath)) + }) + + // Check the char devices are exposed inside container + It("ddpodman play kube expose character device inside container", func() { + SkipIfRootless("It needs root access to create devices") + + // randomize the folder name to avoid error when running tests with multiple nodes + uuid, err := uuid.NewUUID() + Expect(err).To(BeNil()) + devFolder := fmt.Sprintf("/dev/foodev%x", uuid[:6]) + Expect(os.MkdirAll(devFolder, os.ModePerm)).To(BeNil()) + defer os.RemoveAll(devFolder) + + devicePath := fmt.Sprintf("%s/chardevice", devFolder) + mknod := SystemExec("mknod", []string{devicePath, "c", "3", "1"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + charVolume := getHostPathVolume("CharDevice", devicePath) + + pod := getPod(withVolume(charVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + // Container should be in running state + inspect := podmanTest.Podman([]string{"inspect", "--format", "{{.State.Status}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring("running")) + + // Container should have a block device /dev/loop1 + inspect = podmanTest.Podman([]string{"inspect", "--format", "{{.HostConfig.Devices}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring(devicePath)) + }) + + It("podman play kube reports error when the device does not exists", func() { + SkipIfRootless("It needs root access to create devices") + + devicePath := "/dev/foodevdir/baddevice" + + blockVolume := getHostPathVolume("BlockDevice", devicePath) + + pod := getPod(withVolume(blockVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(125)) + }) + + It("ddpodman play kube reports error when we try to expose char device as block device", func() { + SkipIfRootless("It needs root access to create devices") + + // randomize the folder name to avoid error when running tests with multiple nodes + uuid, err := uuid.NewUUID() + Expect(err).To(BeNil()) + devFolder := fmt.Sprintf("/dev/foodev%x", uuid[:6]) + Expect(os.MkdirAll(devFolder, os.ModePerm)).To(BeNil()) + defer os.RemoveAll(devFolder) + + devicePath := fmt.Sprintf("%s/chardevice", devFolder) + mknod := SystemExec("mknod", []string{devicePath, "c", "3", "1"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + charVolume := getHostPathVolume("BlockDevice", devicePath) + + pod := getPod(withVolume(charVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(125)) + }) + + It("ddpodman play kube reports error when we try to expose block device as char device", func() { + SkipIfRootless("It needs root access to create devices") + + // randomize the folder name to avoid error when running tests with multiple nodes + uuid, err := uuid.NewUUID() + Expect(err).To(BeNil()) + devFolder := fmt.Sprintf("/dev/foodev%x", uuid[:6]) + Expect(os.MkdirAll(devFolder, os.ModePerm)).To(BeNil()) + + devicePath := fmt.Sprintf("%s/blockdevice", devFolder) + mknod := SystemExec("mknod", []string{devicePath, "b", "7", "0"}) + mknod.WaitWithDefaultTimeout() + Expect(mknod).Should(Exit(0)) + + charVolume := getHostPathVolume("CharDevice", devicePath) + + pod := getPod(withVolume(charVolume), withCtr(getCtr(withImage(registry), withCmd(nil), withArg(nil), withVolumeMount(devicePath, false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(125)) + }) + }) diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index c9990b70f..3b32b4b82 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -731,7 +731,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) linkAttr.Name = name m, err := net.ParseMAC(mac) Expect(err).To(BeNil()) - linkAttr.HardwareAddr = net.HardwareAddr(m) + linkAttr.HardwareAddr = m eth := &netlink.Dummy{LinkAttrs: linkAttr} err = netlink.LinkAdd(eth) Expect(err).To(BeNil()) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 182ae1888..828e92170 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -13,6 +13,7 @@ import ( "time" "github.com/containers/common/pkg/cgroups" + "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/rootless" . "github.com/containers/podman/v4/test/utils" "github.com/containers/storage/pkg/stringid" @@ -286,19 +287,20 @@ var _ = Describe("Podman run", func() { result.WaitWithDefaultTimeout() Expect(result).Should(Exit(0)) conData := result.InspectContainerToJSON() - Expect(conData[0]).To(HaveField("Path", "/dev/init")) + Expect(conData[0]).To(HaveField("Path", define.ContainerInitPath)) Expect(conData[0].Config.Annotations).To(HaveKeyWithValue("io.podman.annotations.init", "TRUE")) }) It("podman run a container with --init and --init-path", func() { - session := podmanTest.Podman([]string{"run", "--name", "test", "--init", "--init-path", "/usr/libexec/podman/catatonit", ALPINE, "ls"}) + // Also bind-mount /dev (#14251). + session := podmanTest.Podman([]string{"run", "-v", "/dev:/dev", "--name", "test", "--init", "--init-path", "/usr/libexec/podman/catatonit", ALPINE, "ls"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) result := podmanTest.Podman([]string{"inspect", "test"}) result.WaitWithDefaultTimeout() Expect(result).Should(Exit(0)) conData := result.InspectContainerToJSON() - Expect(conData[0]).To(HaveField("Path", "/dev/init")) + Expect(conData[0]).To(HaveField("Path", define.ContainerInitPath)) Expect(conData[0].Config.Annotations).To(HaveKeyWithValue("io.podman.annotations.init", "TRUE")) }) diff --git a/test/e2e/save_test.go b/test/e2e/save_test.go index 536eefda7..897e49ef7 100644 --- a/test/e2e/save_test.go +++ b/test/e2e/save_test.go @@ -164,12 +164,13 @@ var _ = Describe("Podman save", func() { err = cmd.Run() Expect(err).To(BeNil()) - cmd = exec.Command("cp", "/etc/containers/registries.d/default.yaml", "default.yaml") + defaultYaml := filepath.Join(podmanTest.TempDir, "default.yaml") + cmd = exec.Command("cp", "/etc/containers/registries.d/default.yaml", defaultYaml) if err = cmd.Run(); err != nil { Skip("no signature store to verify") } defer func() { - cmd = exec.Command("cp", "default.yaml", "/etc/containers/registries.d/default.yaml") + cmd = exec.Command("cp", defaultYaml, "/etc/containers/registries.d/default.yaml") err := cmd.Run() Expect(err).ToNot(HaveOccurred()) }() diff --git a/test/e2e/system_df_test.go b/test/e2e/system_df_test.go index ba4a40ab4..5a23fc0bb 100644 --- a/test/e2e/system_df_test.go +++ b/test/e2e/system_df_test.go @@ -66,7 +66,7 @@ var _ = Describe("podman system df", func() { images := strings.Fields(session.OutputToStringArray()[1]) containers := strings.Fields(session.OutputToStringArray()[2]) volumes := strings.Fields(session.OutputToStringArray()[3]) - Expect(images[1]).To(Equal(string(totImages)), "total images expected") + Expect(images[1]).To(Equal(totImages), "total images expected") Expect(containers[1]).To(Equal("2"), "total containers expected") Expect(volumes[2]).To(Equal("2"), "total volumes expected") Expect(volumes[6]).To(Equal("(50%)"), "percentage usage expected") diff --git a/test/e2e/volume_create_test.go b/test/e2e/volume_create_test.go index 09e5da8a0..0bf5acbf1 100644 --- a/test/e2e/volume_create_test.go +++ b/test/e2e/volume_create_test.go @@ -3,6 +3,7 @@ package integration import ( "fmt" "os" + "path/filepath" . "github.com/containers/podman/v4/test/utils" . "github.com/onsi/ginkgo" @@ -90,7 +91,8 @@ var _ = Describe("Podman volume create", func() { session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - session = podmanTest.Podman([]string{"volume", "export", volName, "--output=hello.tar"}) + helloTar := filepath.Join(podmanTest.TempDir, "hello.tar") + session = podmanTest.Podman([]string{"volume", "export", volName, "--output", helloTar}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) @@ -98,7 +100,7 @@ var _ = Describe("Podman volume create", func() { session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - session = podmanTest.Podman([]string{"volume", "import", "my_vol2", "hello.tar"}) + session = podmanTest.Podman([]string{"volume", "import", "my_vol2", helloTar}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Equal(""), "output of volume import") diff --git a/test/system/170-run-userns.bats b/test/system/170-run-userns.bats index d754306b2..b80351902 100644 --- a/test/system/170-run-userns.bats +++ b/test/system/170-run-userns.bats @@ -36,6 +36,19 @@ function _require_crun() { is "$output" ".*457" "Check group leaked into container" } +@test "rootful pod with custom ID mapping" { + skip_if_rootless "does not work rootless - rootful feature" + skip_if_remote "remote --uidmap is broken (see #14233)" + random_pod_name=$(random_string 30) + run_podman pod create --uidmap 0:200000:5000 --name=$random_pod_name + run_podman pod start $random_pod_name + + # Remove the pod and the pause image + run_podman pod rm $random_pod_name + run_podman version --format "{{.Server.Version}}-{{.Server.Built}}" + run_podman rmi -f localhost/podman-pause:$output +} + @test "podman --remote --group-add keep-groups " { if is_remote; then run_podman 125 run --rm --group-add keep-groups $IMAGE id diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats index 39982848f..4250f2680 100644 --- a/test/system/200-pod.bats +++ b/test/system/200-pod.bats @@ -408,19 +408,6 @@ EOF run_podman pod rm test } -# Wait for the pod (1st arg) to transition into the state (2nd arg) -function _ensure_pod_state() { - for i in {0..5}; do - run_podman pod inspect $1 --format "{{.State}}" - if [[ $output == "$2" ]]; then - break - fi - sleep 0.5 - done - - is "$output" "$2" "unexpected pod state" -} - @test "pod exit policies" { # Test setting exit policies run_podman pod create diff --git a/test/system/250-systemd.bats b/test/system/250-systemd.bats index d0da654ad..567fa89c1 100644 --- a/test/system/250-systemd.bats +++ b/test/system/250-systemd.bats @@ -292,4 +292,80 @@ LISTEN_FDNAMES=listen_fdnames" | sort) run_podman network rm -f $netname } +@test "podman-play-kube@.service template" { + skip_if_remote "systemd units do not work with remote clients" + + # If running from a podman source directory, build and use the source + # version of the play-kube-@ unit file + unit_name="podman-play-kube@.service" + unit_file="contrib/systemd/system/${unit_name}" + if [[ -e ${unit_file}.in ]]; then + echo "# [Building & using $unit_name from source]" >&3 + BINDIR=$(dirname $PODMAN) make $unit_file + cp $unit_file $UNIT_DIR/$unit_name + fi + + # Create the YAMl file + yaml_source="$PODMAN_TMPDIR/test.yaml" + cat >$yaml_source <<EOF +apiVersion: v1 +kind: Pod +metadata: + labels: + app: test + name: test_pod +spec: + containers: + - command: + - top + image: $IMAGE + name: test + resources: {} +EOF + + # Dispatch the YAML file + service_name="podman-play-kube@$(systemd-escape $yaml_source).service" + systemctl start $service_name + systemctl is-active $service_name + + # The name of the service container is predictable: the first 12 characters + # of the hash of the YAML file followed by the "-service" suffix + yaml_sha=$(sha256sum $yaml_source) + service_container="${yaml_sha:0:12}-service" + + # Make sure that the service container exists and runs. + run_podman container inspect $service_container --format "{{.State.Running}}" + is "$output" "true" + + # Check for an error when trying to remove the service container + run_podman 125 container rm $service_container + is "$output" "Error: container .* is the service container of pod(s) .* and cannot be removed without removing the pod(s)" + + # Kill the pod and make sure the service is not running. + # The restart policy is set to "never" since there is no + # design yet for propagating exit codes up to the service + # container. + run_podman pod kill test_pod + for i in {0..5}; do + run systemctl is-failed $service_name + if [[ $output == "failed" ]]; then + break + fi + sleep 0.5 + done + is "$output" "failed" "systemd service transitioned to 'failed' state" + + # Now stop and start the service again. + systemctl stop $service_name + systemctl start $service_name + systemctl is-active $service_name + run_podman container inspect $service_container --format "{{.State.Running}}" + is "$output" "true" + + # Clean up + systemctl stop $service_name + run_podman 1 container exists $service_container + run_podman 1 pod exists test_pod +} + # vim: filetype=sh diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index 6cdae2ada..6cee939fb 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -135,15 +135,27 @@ function _confirm_update() { # This test can fail in dev. environment because of SELinux. # quick fix: chcon -t container_runtime_exec_t ./bin/podman @test "podman auto-update - label io.containers.autoupdate=image" { + since=$(date --iso-8601=seconds) + run_podman auto-update + is "$output" "" + run_podman events --filter type=system --since $since --stream=false + is "$output" "" + generate_service alpine image _wait_service_ready container-$cname.service + since=$(date --iso-8601=seconds) run_podman auto-update --dry-run --format "{{.Unit}},{{.Image}},{{.Updated}},{{.Policy}}" is "$output" ".*container-$cname.service,quay.io/libpod/alpine:latest,pending,registry.*" "Image update is pending." + run_podman events --filter type=system --since $since --stream=false + is "$output" ".* system auto-update" + since=$(date --iso-8601=seconds) run_podman auto-update --format "{{.Unit}},{{.Image}},{{.Updated}},{{.Policy}}" is "$output" "Trying to pull.*" "Image is updated." is "$output" ".*container-$cname.service,quay.io/libpod/alpine:latest,true,registry.*" "Image is updated." + run_podman events --filter type=system --since $since --stream=false + is "$output" ".* system auto-update" _confirm_update $cname $ori_image } diff --git a/test/system/260-sdnotify.bats b/test/system/260-sdnotify.bats index 88d84c86f..59456de24 100644 --- a/test/system/260-sdnotify.bats +++ b/test/system/260-sdnotify.bats @@ -172,4 +172,52 @@ READY=1" "sdnotify sent MAINPID and READY" _stop_socat } +@test "sdnotify : play kube" { + # Create the YAMl file + yaml_source="$PODMAN_TMPDIR/test.yaml" + cat >$yaml_source <<EOF +apiVersion: v1 +kind: Pod +metadata: + labels: + app: test + name: test_pod +spec: + containers: + - command: + - top + image: $IMAGE + name: test + resources: {} +EOF + + # The name of the service container is predictable: the first 12 characters + # of the hash of the YAML file followed by the "-service" suffix + yaml_sha=$(sha256sum $yaml_source) + service_container="${yaml_sha:0:12}-service" + + + export NOTIFY_SOCKET=$PODMAN_TMPDIR/conmon.sock + _start_socat + + run_podman play kube --service-container=true $yaml_source + run_podman container inspect $service_container --format "{{.State.ConmonPid}}" + mainPID="$output" + # The 'echo's help us debug failed runs + run cat $_SOCAT_LOG + echo "socat log:" + echo "$output" + + is "$output" "MAINPID=$mainPID +READY=1" "sdnotify sent MAINPID and READY" + + _stop_socat + + # Clean up pod and pause image + run_podman play kube --down $PODMAN_TMPDIR/test.yaml + run_podman version --format "{{.Server.Version}}-{{.Server.Built}}" + podman rmi -f localhost/podman-pause:$output +} + + # vim: filetype=sh diff --git a/test/system/700-play.bats b/test/system/700-play.bats index 7988b26a4..6c2a8c8b1 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -100,6 +100,65 @@ RELABEL="system_u:object_r:container_file_t:s0" run_podman pod rm -t 0 -f test_pod } +@test "podman play --service-container" { + skip_if_remote "service containers only work locally" + + # Create the YAMl file + yaml_source="$PODMAN_TMPDIR/test.yaml" + cat >$yaml_source <<EOF +apiVersion: v1 +kind: Pod +metadata: + labels: + app: test + name: test_pod +spec: + containers: + - command: + - top + image: $IMAGE + name: test + resources: {} +EOF + run_podman play kube --service-container=true $yaml_source + + # The name of the service container is predictable: the first 12 characters + # of the hash of the YAML file followed by the "-service" suffix + yaml_sha=$(sha256sum $yaml_source) + service_container="${yaml_sha:0:12}-service" + + # Make sure that the service container exists and runs. + run_podman container inspect $service_container --format "{{.State.Running}}" + is "$output" "true" + + # Stop the *main* container and make sure that + # 1) The pod transitions to Exited + # 2) The service container is stopped + # #) The service container is marked as an service container + run_podman stop test_pod-test + _ensure_pod_state test_pod Exited + _ensure_container_running $service_container false + run_podman container inspect $service_container --format "{{.IsService}}" + is "$output" "true" + + # Restart the pod, make sure the service is running again + run_podman pod restart test_pod + run_podman container inspect $service_container --format "{{.State.Running}}" + is "$output" "true" + + # Check for an error when trying to remove the service container + run_podman 125 container rm $service_container + is "$output" "Error: container .* is the service container of pod(s) .* and cannot be removed without removing the pod(s)" + + # Kill the pod and make sure the service is not running + run_podman pod kill test_pod + _ensure_container_running $service_container false + + # Remove the pod and make sure the service is removed along with it + run_podman pod rm test_pod + run_podman 1 container exists $service_container +} + @test "podman play --network" { TESTDIR=$PODMAN_TMPDIR/testdir mkdir -p $TESTDIR diff --git a/test/system/helpers.bash b/test/system/helpers.bash index 138d668f4..6868f2691 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -392,6 +392,32 @@ function pause_image() { echo "localhost/podman-pause:$output" } +# Wait for the pod (1st arg) to transition into the state (2nd arg) +function _ensure_pod_state() { + for i in {0..5}; do + run_podman pod inspect $1 --format "{{.State}}" + if [[ $output == "$2" ]]; then + break + fi + sleep 0.5 + done + + is "$output" "$2" "unexpected pod state" +} + +# Wait for the container's (1st arg) running state (2nd arg) +function _ensure_container_running() { + for i in {0..5}; do + run_podman container inspect $1 --format "{{.State.Running}}" + if [[ $output == "$2" ]]; then + break + fi + sleep 0.5 + done + + is "$output" "$2" "unexpected pod state" +} + ########################### # _add_label_if_missing # make sure skip messages include rootless/remote ########################### |