diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/e2e/play_kube_test.go | 26 | ||||
| -rw-r--r-- | test/e2e/run_test.go | 5 | ||||
| -rw-r--r-- | test/e2e/unshare_test.go | 14 | ||||
| -rw-r--r-- | test/e2e/version_test.go | 8 | ||||
| -rw-r--r-- | test/system/500-networking.bats | 21 | ||||
| -rw-r--r-- | test/upgrade/test-upgrade.bats | 51 |
6 files changed, 113 insertions, 12 deletions
diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index 6a4083565..f16180854 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -1679,6 +1679,32 @@ var _ = Describe("Podman play kube", func() { Expect(inspect.OutputToString()).To(ContainSubstring(`FOO=foo`)) }) + It("podman play kube test env value from configmap and --replace should reuse the configmap volume", func() { + SkipIfRemote("configmap list is not supported as a param") + cmYamlPathname := filepath.Join(podmanTest.TempDir, "foo-cm.yaml") + cm := getConfigMap(withConfigMapName("foo"), withConfigMapData("FOO", "foo")) + err := generateKubeYaml("configmap", cm, cmYamlPathname) + Expect(err).To(BeNil()) + + pod := getPod(withCtr(getCtr(withEnv("FOO", "", "configmap", "foo", "FOO", false)))) + err = generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml, "--configmap", cmYamlPathname}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + // create pod again with --replace + kube = podmanTest.Podman([]string{"play", "kube", "--replace", kubeYaml, "--configmap", cmYamlPathname}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod), "--format", "'{{ .Config.Env }}'"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring(`FOO=foo`)) + }) + It("podman play kube test required env value from configmap with missing key", func() { SkipIfRemote("configmap list is not supported as a param") cmYamlPathname := filepath.Join(podmanTest.TempDir, "foo-cm.yaml") diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 1a93296b7..a1d04ddee 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -535,6 +535,11 @@ var _ = Describe("Podman run", func() { Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("0000000000000000")) + session = podmanTest.Podman([]string{"run", "--user=1:1", "--cap-add=DAC_OVERRIDE", "--rm", ALPINE, "grep", "CapEff", "/proc/self/status"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("0000000000000002")) + if os.Geteuid() > 0 { if os.Getenv("SKIP_USERNS") != "" { Skip("Skip userns tests.") diff --git a/test/e2e/unshare_test.go b/test/e2e/unshare_test.go index ac4fa46bf..8b06dd4f5 100644 --- a/test/e2e/unshare_test.go +++ b/test/e2e/unshare_test.go @@ -16,7 +16,6 @@ var _ = Describe("Podman unshare", func() { podmanTest *PodmanTestIntegration ) BeforeEach(func() { - SkipIfRemote("podman-remote unshare is not supported") if _, err := os.Stat("/proc/self/uid_map"); err != nil { Skip("User namespaces not supported.") } @@ -43,6 +42,7 @@ var _ = Describe("Podman unshare", func() { }) It("podman unshare", func() { + SkipIfRemote("podman-remote unshare is not supported") userNS, _ := os.Readlink("/proc/self/ns/user") session := podmanTest.Podman([]string{"unshare", "readlink", "/proc/self/ns/user"}) session.WaitWithDefaultTimeout() @@ -50,7 +50,8 @@ var _ = Describe("Podman unshare", func() { Expect(session.OutputToString()).ToNot(ContainSubstring(userNS)) }) - It("podman unshare --rootles-cni", func() { + It("podman unshare --rootless-cni", func() { + SkipIfRemote("podman-remote unshare is not supported") session := podmanTest.Podman([]string{"unshare", "--rootless-netns", "ip", "addr"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) @@ -58,6 +59,7 @@ var _ = Describe("Podman unshare", func() { }) It("podman unshare exit codes", func() { + SkipIfRemote("podman-remote unshare is not supported") session := podmanTest.Podman([]string{"unshare", "false"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(1)) @@ -88,4 +90,12 @@ var _ = Describe("Podman unshare", func() { Expect(session.OutputToString()).Should(Equal("")) Expect(session.ErrorToString()).Should(ContainSubstring("unknown flag: --bogus")) }) + + It("podman unshare check remote error", func() { + SkipIfNotRemote("check for podman-remote unshare error") + session := podmanTest.Podman([]string{"unshare"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(Equal(`Error: cannot use command "podman-remote unshare" with the remote podman client`)) + }) }) diff --git a/test/e2e/version_test.go b/test/e2e/version_test.go index 6f93beff6..a30db80eb 100644 --- a/test/e2e/version_test.go +++ b/test/e2e/version_test.go @@ -87,10 +87,18 @@ var _ = Describe("Podman version", func() { session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) + session = podmanTest.Podman([]string{"version", "--format", "{{ .Client.Os }}"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + session = podmanTest.Podman([]string{"version", "--format", "{{ .Server.Version }}"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) + session = podmanTest.Podman([]string{"version", "--format", "{{ .Server.Os }}"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + session = podmanTest.Podman([]string{"version", "--format", "{{ .Version }}"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index a95561635..78ad3fe04 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -632,4 +632,25 @@ EOF is "$output" ".*nameserver $subnet.1.*" "integrated dns nameserver is set" } +@test "podman run port forward range" { + for netmode in bridge slirp4netns:port_handler=slirp4netns slirp4netns:port_handler=rootlesskit; do + local port=$(random_free_port) + local end_port=$(( $port + 2 )) + local range="$port-$end_port:$port-$end_port" + local random=$(random_string) + + run_podman run --network $netmode -p "$range" -d $IMAGE sleep inf + cid="$output" + for port in $(seq $port $end_port); do + run_podman exec -d $cid nc -l -p $port -e /bin/cat + # -w 1 adds a 1 second timeout, for some reason ubuntus ncat doesn't close the connection on EOF, + # other options to change this are not portable across distros but -w seems to work + run nc -w 1 127.0.0.1 $port <<<$random + is "$output" "$random" "ncat got data back (netmode=$netmode port=$port)" + done + + run_podman rm -f -t0 $cid + done +} + # vim: filetype=sh diff --git a/test/upgrade/test-upgrade.bats b/test/upgrade/test-upgrade.bats index 58e4fe0a3..198d8a169 100644 --- a/test/upgrade/test-upgrade.bats +++ b/test/upgrade/test-upgrade.bats @@ -75,6 +75,16 @@ setup() { cat >| $pmscript <<EOF #!/bin/bash +# +# Argh! podman >= 3.4 something something namespace something, fails with +# Error: invalid config provided: cannot set hostname when running in the host UTS namespace: invalid configuration +# +# https://github.com/containers/podman/issues/11969#issuecomment-943386484 +# +if grep -q utsns /etc/containers/containers.conf; then + sed -i -e '/^\utsns=/d' /etc/containers/containers.conf +fi + # events-backend=journald does not work inside a container opts="--events-backend=file $_PODMAN_TEST_OPTS" @@ -105,7 +115,7 @@ podman \$opts run -d --name myrunningcontainer --label mylabel=$LABEL_RUNNING \ podman \$opts pod create --name mypod -podman \$opts network create mynetwork +podman \$opts network create --disable-dns mynetwork echo READY while :;do @@ -113,7 +123,10 @@ while :;do echo STOPPING podman \$opts stop -t 0 myrunningcontainer || true podman \$opts rm -f myrunningcontainer || true - podman \$opts network rm -f mynetwork + # sigh, network rm fails with exec: "ip": executable file not found in $PATH + # we cannot change the images afterwards so we remove it manually (#11403) + # hardcode /etc/cni/net.d dir for now + podman \$opts network rm -f mynetwork || rm -f /etc/cni/net.d/mynetwork.conflist exit 0 fi sleep 0.5 @@ -124,17 +137,14 @@ EOF # Clean up vestiges of previous run $PODMAN rm -f podman_parent || true - - local netname=testnet-$(random_string 10) - $PODMAN network create $netname - # Not entirely a NOP! This is just so we get the /run/... mount points created on a CI VM - # --mac-address is needed to create /run/cni, --network is needed to create /run/containers for dnsname - $PODMAN run --rm --mac-address 78:28:a6:8d:24:8a --network $netname $OLD_PODMAN true - $PODMAN network rm -f $netname + # Also use --network host to prevent any netavark/cni conflicts + $PODMAN run --rm --network host $OLD_PODMAN true # Podman 4.0 might no longer use cni so /run/cni and /run/containers will no be created in this case - mkdir -p /run/cni /run/containers + # Create directories manually to fix this. Also running with netavark can + # cause connectivity issues since cni and netavark should never be mixed. + mkdir -p /run/netns /run/cni /run/containers /var/lib/cni /etc/cni/net.d # @@ -242,6 +252,8 @@ failed | exited | 17 # if we can connect on an existing running container @test "network - connect" { skip_if_version_older 2.2.0 + touch $PODMAN_UPGRADE_WORKDIR/ran-network-connect-test + run_podman network connect mynetwork myrunningcontainer run_podman network disconnect podman myrunningcontainer run curl --max-time 3 -s 127.0.0.1:$HOST_PORT/index.txt @@ -250,7 +262,26 @@ failed | exited | 17 @test "network - restart" { # restart the container and check if we can still use the port + + # https://github.com/containers/podman/issues/13679 + # The upgrade to podman4 changes the network db format. + # While it is compatible from 3.X to 4.0 it will fail the other way around. + # This can be the case when the cleanup process runs before the stop process + # can do the cleanup. + + # Since there is no easy way to fix this and downgrading is not something + # we support, just fix this bug in the tests by manually calling + # network disconnect to teardown the netns. + if test -e $PODMAN_UPGRADE_WORKDIR/ran-network-connect-test; then + run_podman network disconnect mynetwork myrunningcontainer + fi + run_podman stop -t0 myrunningcontainer + + # now connect again, do this before starting the container + if test -e $PODMAN_UPGRADE_WORKDIR/ran-network-connect-test; then + run_podman network connect mynetwork myrunningcontainer + fi run_podman start myrunningcontainer run curl --max-time 3 -s 127.0.0.1:$HOST_PORT/index.txt is "$output" "$RANDOM_STRING_1" "curl on restarted container" |