diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/e2e/checkpoint_test.go | 43 | ||||
| -rw-r--r-- | test/e2e/common_test.go | 9 | ||||
| -rw-r--r-- | test/e2e/play_kube_test.go | 71 | ||||
| -rw-r--r-- | test/e2e/pod_prune_test.go | 23 | ||||
| -rw-r--r-- | test/e2e/pod_rm_test.go | 51 | ||||
| -rw-r--r-- | test/e2e/pod_stop_test.go | 40 | ||||
| -rw-r--r-- | test/e2e/prune_test.go | 15 | ||||
| -rw-r--r-- | test/e2e/rm_test.go | 16 | ||||
| -rw-r--r-- | test/e2e/run_networking_test.go | 14 | ||||
| -rw-r--r-- | test/e2e/run_test.go | 4 | ||||
| -rw-r--r-- | test/e2e/stop_test.go | 15 | ||||
| -rw-r--r-- | test/system/010-images.bats | 15 |
12 files changed, 298 insertions, 18 deletions
diff --git a/test/e2e/checkpoint_test.go b/test/e2e/checkpoint_test.go index 2d3efcbef..f208a4cf0 100644 --- a/test/e2e/checkpoint_test.go +++ b/test/e2e/checkpoint_test.go @@ -588,4 +588,47 @@ var _ = Describe("Podman checkpoint", func() { // Remove exported checkpoint os.Remove(fileName) }) + + It("podman checkpoint a container started with --rm", func() { + // Start the container + localRunString := getRunString([]string{"--rm", ALPINE, "top"}) + session := podmanTest.Podman(localRunString) + session.WaitWithDefaultTimeout() + cid := session.OutputToString() + Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1)) + + // Checkpoint the container - this should fail as it was started with --rm + result := podmanTest.Podman([]string{"container", "checkpoint", "-l"}) + result.WaitWithDefaultTimeout() + Expect(result).To(ExitWithError()) + Expect(result.ErrorToString()).To(ContainSubstring("Cannot checkpoint containers that have been started with '--rm'")) + + // Checkpointing with --export should still work + fileName := "/tmp/checkpoint-" + cid + ".tar.gz" + + result = podmanTest.Podman([]string{"container", "checkpoint", "-l", "-e", fileName}) + result.WaitWithDefaultTimeout() + + // As the container has been started with '--rm' it will be completely + // cleaned up after checkpointing. + Expect(result.ExitCode()).To(Equal(0)) + Expect(podmanTest.NumberOfContainersRunning()).To(Equal(0)) + Expect(podmanTest.NumberOfContainers()).To(Equal(0)) + + result = podmanTest.Podman([]string{"container", "restore", "-i", fileName}) + result.WaitWithDefaultTimeout() + + Expect(result.ExitCode()).To(Equal(0)) + Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1)) + Expect(podmanTest.GetContainerStatus()).To(ContainSubstring("Up")) + + result = podmanTest.Podman([]string{"rm", "-fa"}) + result.WaitWithDefaultTimeout() + Expect(result.ExitCode()).To(Equal(0)) + Expect(podmanTest.NumberOfContainersRunning()).To(Equal(0)) + Expect(podmanTest.NumberOfContainers()).To(Equal(0)) + + // Remove exported checkpoint + os.Remove(fileName) + }) }) diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go index b390df8b2..16b971e65 100644 --- a/test/e2e/common_test.go +++ b/test/e2e/common_test.go @@ -559,3 +559,12 @@ func (p *PodmanTestIntegration) RunHealthCheck(cid string) error { } return errors.Errorf("unable to detect %s as running", cid) } + +func (p *PodmanTestIntegration) CreateSeccompJson(in []byte) (string, error) { + jsonFile := filepath.Join(p.TempDir, "seccomp.json") + err := WriteJsonFile(in, jsonFile) + if err != nil { + return "", err + } + return jsonFile, nil +} diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index 416c64b5a..29c60d7ac 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -3,6 +3,7 @@ package integration import ( + "fmt" "os" "path/filepath" "text/template" @@ -20,6 +21,13 @@ metadata: labels: app: {{ .Name }} name: {{ .Name }} +{{ with .Annotations }} + annotations: + {{ range $key, $value := . }} + {{ $key }}: {{ $value }} + {{ end }} +{{ end }} + spec: hostname: {{ .Hostname }} containers: @@ -72,6 +80,7 @@ var ( defaultCtrCmd = []string{"top"} defaultCtrImage = ALPINE defaultPodName = "testPod" + seccompPwdEPERM = []byte(`{"defaultAction":"SCMP_ACT_ALLOW","syscalls":[{"name":"getcwd","action":"SCMP_ACT_ERRNO"}]}`) ) func generateKubeYaml(pod *Pod, fileName string) error { @@ -95,16 +104,17 @@ func generateKubeYaml(pod *Pod, fileName string) error { // Pod describes the options a kube yaml can be configured at pod level type Pod struct { - Name string - Hostname string - Ctrs []*Ctr + Name string + Hostname string + Ctrs []*Ctr + Annotations map[string]string } // getPod takes a list of podOptions and returns a pod with sane defaults // and the configured options // if no containers are added, it will add the default container func getPod(options ...podOption) *Pod { - p := Pod{defaultPodName, "", make([]*Ctr, 0)} + p := Pod{defaultPodName, "", make([]*Ctr, 0), make(map[string]string)} for _, option := range options { option(&p) } @@ -128,6 +138,12 @@ func withCtr(c *Ctr) podOption { } } +func withAnnotation(k, v string) podOption { + return func(pod *Pod) { + pod.Annotations[k] = v + } +} + // Ctr describes the options a kube yaml can be configured at container level type Ctr struct { Name string @@ -330,4 +346,51 @@ var _ = Describe("Podman generate kube", func() { inspect.WaitWithDefaultTimeout() Expect(inspect.ExitCode()).To(Equal(0)) }) + + It("podman play kube seccomp container level", func() { + // expect play kube is expected to set a seccomp label if it's applied as an annotation + jsonFile, err := podmanTest.CreateSeccompJson(seccompPwdEPERM) + if err != nil { + fmt.Println(err) + Skip("Failed to prepare seccomp.json for test.") + } + + ctrAnnotation := "container.seccomp.security.alpha.kubernetes.io/" + defaultCtrName + ctr := getCtr(withCmd([]string{"pwd"})) + + err = generateKubeYaml(getPod(withCtr(ctr), withAnnotation(ctrAnnotation, "localhost:"+jsonFile)), kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + logs := podmanTest.Podman([]string{"logs", defaultCtrName}) + logs.WaitWithDefaultTimeout() + Expect(logs.ExitCode()).To(Equal(0)) + Expect(logs.OutputToString()).To(ContainSubstring("Operation not permitted")) + }) + + It("podman play kube seccomp pod level", func() { + // expect play kube is expected to set a seccomp label if it's applied as an annotation + jsonFile, err := podmanTest.CreateSeccompJson(seccompPwdEPERM) + if err != nil { + fmt.Println(err) + Skip("Failed to prepare seccomp.json for test.") + } + + ctr := getCtr(withCmd([]string{"pwd"})) + + err = generateKubeYaml(getPod(withCtr(ctr), withAnnotation("seccomp.security.alpha.kubernetes.io/pod", "localhost:"+jsonFile)), kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + logs := podmanTest.Podman([]string{"logs", defaultCtrName}) + logs.WaitWithDefaultTimeout() + Expect(logs.ExitCode()).To(Equal(0)) + Expect(logs.OutputToString()).To(ContainSubstring("Operation not permitted")) + }) }) diff --git a/test/e2e/pod_prune_test.go b/test/e2e/pod_prune_test.go index da0d425cb..389d3cb27 100644 --- a/test/e2e/pod_prune_test.go +++ b/test/e2e/pod_prune_test.go @@ -41,7 +41,24 @@ var _ = Describe("Podman pod prune", func() { Expect(result.ExitCode()).To(Equal(0)) }) - It("podman pod prune doesn't remove a pod with a container", func() { + It("podman pod prune doesn't remove a pod with a running container", func() { + _, ec, podid := podmanTest.CreatePod("") + Expect(ec).To(Equal(0)) + + ec2 := podmanTest.RunTopContainerInPod("", podid) + ec2.WaitWithDefaultTimeout() + Expect(ec2.ExitCode()).To(Equal(0)) + + result := podmanTest.Podman([]string{"pod", "prune"}) + result.WaitWithDefaultTimeout() + Expect(result.ExitCode()).To((Equal(0))) + + result = podmanTest.Podman([]string{"ps", "-qa"}) + result.WaitWithDefaultTimeout() + Expect(len(result.OutputToStringArray())).To(Equal(1)) + }) + + It("podman pod prune removes a pod with a stopped container", func() { _, ec, podid := podmanTest.CreatePod("") Expect(ec).To(Equal(0)) @@ -50,11 +67,11 @@ var _ = Describe("Podman pod prune", func() { result := podmanTest.Podman([]string{"pod", "prune"}) result.WaitWithDefaultTimeout() - Expect(result.ExitCode()).To(Equal(125)) + Expect(result.ExitCode()).To(Equal(0)) result = podmanTest.Podman([]string{"ps", "-qa"}) result.WaitWithDefaultTimeout() - Expect(len(result.OutputToStringArray())).To(Equal(1)) + Expect(len(result.OutputToStringArray())).To(Equal(0)) }) It("podman pod prune -f does remove a running container", func() { diff --git a/test/e2e/pod_rm_test.go b/test/e2e/pod_rm_test.go index de68e885a..90f178be6 100644 --- a/test/e2e/pod_rm_test.go +++ b/test/e2e/pod_rm_test.go @@ -77,7 +77,7 @@ var _ = Describe("Podman pod rm", func() { Expect(result.OutputToString()).To(Not(ContainSubstring(podid2))) }) - It("podman pod rm doesn't remove a pod with a container", func() { + It("podman pod rm removes a pod with a container", func() { _, ec, podid := podmanTest.CreatePod("") Expect(ec).To(Equal(0)) @@ -86,11 +86,11 @@ var _ = Describe("Podman pod rm", func() { result := podmanTest.Podman([]string{"pod", "rm", podid}) result.WaitWithDefaultTimeout() - Expect(result.ExitCode()).To(Equal(125)) + Expect(result.ExitCode()).To(Equal(0)) result = podmanTest.Podman([]string{"ps", "-qa"}) result.WaitWithDefaultTimeout() - Expect(len(result.OutputToStringArray())).To(Equal(1)) + Expect(len(result.OutputToStringArray())).To(Equal(0)) }) It("podman pod rm -f does remove a running container", func() { @@ -136,7 +136,7 @@ var _ = Describe("Podman pod rm", func() { result := podmanTest.Podman([]string{"pod", "rm", "-a"}) result.WaitWithDefaultTimeout() Expect(result).To(ExitWithError()) - foundExpectedError, _ := result.ErrorGrepString("contains containers and cannot be removed") + foundExpectedError, _ := result.ErrorGrepString("cannot be removed") Expect(foundExpectedError).To(Equal(true)) num_pods = podmanTest.NumberOfPods() @@ -186,4 +186,47 @@ var _ = Describe("Podman pod rm", func() { result.WaitWithDefaultTimeout() Expect(result.OutputToString()).To(BeEmpty()) }) + + It("podman rm bogus pod", func() { + session := podmanTest.Podman([]string{"pod", "rm", "bogus"}) + session.WaitWithDefaultTimeout() + // TODO: `podman rm` returns 1 for a bogus container. Should the RC be consistent? + Expect(session.ExitCode()).To(Equal(125)) + }) + + It("podman rm bogus pod and a running pod", func() { + _, ec, podid1 := podmanTest.CreatePod("") + Expect(ec).To(Equal(0)) + + session := podmanTest.RunTopContainerInPod("test1", podid1) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"pod", "rm", "bogus", "test1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) + + session = podmanTest.Podman([]string{"pod", "rm", "test1", "bogus"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) + }) + + It("podman rm --ignore bogus pod and a running pod", func() { + SkipIfRemote() + + _, ec, podid1 := podmanTest.CreatePod("") + Expect(ec).To(Equal(0)) + + session := podmanTest.RunTopContainerInPod("test1", podid1) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"pod", "rm", "--force", "--ignore", "bogus", "test1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"pod", "rm", "--ignore", "test1", "bogus"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) }) diff --git a/test/e2e/pod_stop_test.go b/test/e2e/pod_stop_test.go index 361a63a7f..a61917adb 100644 --- a/test/e2e/pod_stop_test.go +++ b/test/e2e/pod_stop_test.go @@ -38,6 +38,46 @@ var _ = Describe("Podman pod stop", func() { Expect(session.ExitCode()).To(Equal(125)) }) + It("podman pod stop --ignore bogus pod", func() { + SkipIfRemote() + + session := podmanTest.Podman([]string{"pod", "stop", "--ignore", "123"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + + It("podman stop bogus pod and a running pod", func() { + _, ec, podid1 := podmanTest.CreatePod("") + Expect(ec).To(Equal(0)) + + session := podmanTest.RunTopContainerInPod("test1", podid1) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"pod", "stop", "bogus", "test1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) + }) + + It("podman stop --ignore bogus pod and a running pod", func() { + SkipIfRemote() + + _, ec, podid1 := podmanTest.CreatePod("") + Expect(ec).To(Equal(0)) + + session := podmanTest.RunTopContainerInPod("test1", podid1) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"pod", "stop", "--ignore", "bogus", "test1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"pod", "stop", "--ignore", "test1", "bogus"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + It("podman pod stop single empty pod", func() { _, ec, podid := podmanTest.CreatePod("") Expect(ec).To(Equal(0)) diff --git a/test/e2e/prune_test.go b/test/e2e/prune_test.go index df0525a79..16522785b 100644 --- a/test/e2e/prune_test.go +++ b/test/e2e/prune_test.go @@ -43,9 +43,14 @@ var _ = Describe("Podman prune", func() { top.WaitWithDefaultTimeout() Expect(top.ExitCode()).To(Equal(0)) - session := podmanTest.Podman([]string{"run", ALPINE, "ls"}) - session.WaitWithDefaultTimeout() - Expect(session.ExitCode()).To(Equal(0)) + top = podmanTest.RunTopContainer("") + top.WaitWithDefaultTimeout() + Expect(top.ExitCode()).To(Equal(0)) + cid := top.OutputToString() + + stop := podmanTest.Podman([]string{"stop", cid}) + stop.WaitWithDefaultTimeout() + Expect(stop.ExitCode()).To(Equal(0)) prune := podmanTest.Podman([]string{"container", "prune"}) prune.WaitWithDefaultTimeout() @@ -64,7 +69,7 @@ var _ = Describe("Podman prune", func() { hasNone, _ := none.GrepString("<none>") Expect(hasNone).To(BeTrue()) - prune := podmanTest.Podman([]string{"image", "prune"}) + prune := podmanTest.Podman([]string{"image", "prune", "-f"}) prune.WaitWithDefaultTimeout() Expect(prune.ExitCode()).To(Equal(0)) @@ -78,7 +83,7 @@ var _ = Describe("Podman prune", func() { It("podman image prune unused images", func() { podmanTest.RestoreAllArtifacts() - prune := podmanTest.PodmanNoCache([]string{"image", "prune", "-a"}) + prune := podmanTest.PodmanNoCache([]string{"image", "prune", "-af"}) prune.WaitWithDefaultTimeout() Expect(prune.ExitCode()).To(Equal(0)) diff --git a/test/e2e/rm_test.go b/test/e2e/rm_test.go index 531f14feb..4eb568879 100644 --- a/test/e2e/rm_test.go +++ b/test/e2e/rm_test.go @@ -232,4 +232,20 @@ var _ = Describe("Podman rm", func() { session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(125)) }) + + It("podman rm --ignore bogus container and a running container", func() { + SkipIfRemote() + + session := podmanTest.RunTopContainer("test1") + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"rm", "--force", "--ignore", "bogus", "test1"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"rm", "--ignore", "test1", "bogus"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) }) diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index ec12f709a..5e587b198 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -232,4 +232,18 @@ var _ = Describe("Podman run networking", func() { Expect(session).To(ExitWithError()) Expect(session.ErrorToString()).To(ContainSubstring("stat /run/netns/xxy: no such file or directory")) }) + + It("podman run in custom CNI network with --static-ip", func() { + SkipIfRootless() + netName := "podmantestnetwork" + ipAddr := "10.20.30.128" + create := podmanTest.Podman([]string{"network", "create", "--subnet", "10.20.30.0/24", netName}) + create.WaitWithDefaultTimeout() + Expect(create.ExitCode()).To(BeZero()) + + run := podmanTest.Podman([]string{"run", "-t", "-i", "--rm", "--net", netName, "--ip", ipAddr, ALPINE, "ip", "addr"}) + run.WaitWithDefaultTimeout() + Expect(run.ExitCode()).To(BeZero()) + Expect(run.OutputToString()).To(ContainSubstring(ipAddr)) + }) }) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 7fc85c9ce..72547ea00 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -160,9 +160,9 @@ var _ = Describe("Podman run", func() { }) It("podman run seccomp test", func() { - jsonFile := filepath.Join(podmanTest.TempDir, "seccomp.json") + in := []byte(`{"defaultAction":"SCMP_ACT_ALLOW","syscalls":[{"name":"getcwd","action":"SCMP_ACT_ERRNO"}]}`) - err := WriteJsonFile(in, jsonFile) + jsonFile, err := podmanTest.CreateSeccompJson(in) if err != nil { fmt.Println(err) Skip("Failed to prepare seccomp.json for test.") diff --git a/test/e2e/stop_test.go b/test/e2e/stop_test.go index c76cccfef..54c64d66b 100644 --- a/test/e2e/stop_test.go +++ b/test/e2e/stop_test.go @@ -40,6 +40,21 @@ var _ = Describe("Podman stop", func() { Expect(session.ExitCode()).To(Equal(125)) }) + It("podman stop --ignore bogus container", func() { + SkipIfRemote() + + session := podmanTest.RunTopContainer("") + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + cid := session.OutputToString() + + session = podmanTest.Podman([]string{"stop", "--ignore", "foobar", cid}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + output := session.OutputToString() + Expect(output).To(ContainSubstring(cid)) + }) + It("podman stop container by id", func() { session := podmanTest.RunTopContainer("") session.WaitWithDefaultTimeout() diff --git a/test/system/010-images.bats b/test/system/010-images.bats index 380623078..543876509 100644 --- a/test/system/010-images.bats +++ b/test/system/010-images.bats @@ -44,4 +44,19 @@ size | [0-9]\\\+ } +@test "podman images - history output" { + run_podman images --format json + actual=$(echo $output | jq -r '.[0].history | length') + is "$actual" "0" + + run_podman tag $PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$PODMAN_TEST_IMAGE_NAME:$PODMAN_TEST_IMAGE_TAG test-image + run_podman images --format json + actual=$(echo $output | jq -r '.[1].history | length') + is "$actual" "0" + actual=$(echo $output | jq -r '.[0].history | length') + is "$actual" "1" + actual=$(echo $output | jq -r '.[0].history[0]') + is "$actual" "$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$PODMAN_TEST_IMAGE_NAME:$PODMAN_TEST_IMAGE_TAG" +} + # vim: filetype=sh |