summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #14845 from edsantiago/registry_sanitizeopenshift-ci[bot]2022-07-08
|\ | | | | manifest_test: safer registry setup and teardown
| * manifest_test: safer registry setup and teardownEd Santiago2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | manifest_test:authenticated_push() is the final test left to fix before merging #14397. The reason it's failing _seems_ to be that podman is running with a mix of netavark and CNI, and that _seems_ to be because this test invokes hack/podman-registry which invokes plain podman without whatever options used in e2e. Starting a registry directly from the test is insane: there is no reusable code for doing that (see login_logout_test.go and push_test.go. Yeesh.) Solution: set $PODMAN, by inspecting the podmanTest object which includes both a path and a list of options. podman-registry will invoke that. (It will also override --root and --runroot. This is the desired behavior). Also: add cleanup. If auth-push test fails, stop the registry. Also: add a sanity check to podman-registry script, have it wait for the registry port to activate. Die if it doesn't. That could've saved us a nice bit of debugging time. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #14850 from Luap99/e2e-machineopenshift-ci[bot]2022-07-08
|\ \ | | | | | | pkg/machine/e2e: do not import from cmd/podman
| * | pkg/machine/qemu: start VM check if qemu is alivePaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When trying to connect to the qemu ready socket we should check if the qemu process is still running, if it is not we can just error out. There is no point in retrying. To do so we have to directly call wait with WNOHANG. Also change StartProcess to os/exec package which is higher level and allows us to use a buffer as qemu stderr fd. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | machine: qemu fix chardev id starting with letterPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu need the id to start with a letter for some reason. If this is not the case qemu will fail: ``` qemu-system-x86_64: -device virtserialport,chardev=ad053e0bb519f_ready,name=org.fedoraproject.port.0: Property 'virtserialport.chardev' can't find value 'ad053e0bb519f_ready' er Identifiers consist of letters, digits, '-', '.', '_', starting with a letter. ``` To fix this we just add an "a" in front of it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | pkg/machine/e2e: do not import from cmd/podmanPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It should be avoided to import cmd/podman/... packages from outside of cmd/podman. This can lead in weird hard to debug import paths but also can have negative consequences when imported in unit tests. In this case it will set XDG_CONFIG_HOME and thus the machine tests this dir over the tmp HOME env variable which is set at a later point. This caused machine files to be leaked into the actual users home dir. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | machine test: fix endless loop in testPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The problem is that this could loop forever as long as podman start doe snot exit (which could happen due bugs). Also since there no timeout between the machine list calls the test is using the full cpu and this causes the system to slow down making the machine start command even slower. IMO it is enough to only check the status every three seconds. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14569 from cevich/podman_machine_pocopenshift-ci[bot]2022-07-08
|\ \ \ | |_|/ |/| | Cirrus: Add podman-machine integration test
| * | Cirrus: Add podman-machine integration testChris Evich2022-07-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The podman-machine integration tests are designed to execute on bare-metal, since they perform significant work with virtual-machines. This test is costly to run at scale, so it is limited to being manually triggered by developers (for now). A 'trigger' button will appear in the task status page of the Github WebUI once all test dependencies are met. In the Cirrus-CI WebUI, there is also a 'pre-trigger' button that may be pressed if a developer doesn't wish to wait. Also: * Add a `localmachine` target in the `Makefile` on the off-chance developers wish to execute locally. Update the `ginkgo-run` target to accommodate re-use by the new `localmachine` target. * Exclude `podman_machine` task from `success` dependency verification. This also involves adding an exception to `cirrus_yaml_test.py` otherwise it will complain loudly. * ***NOTE*** Inclusion of `ec2_instance` in *any* task will cause `hack/get_ci_vm.sh` to barf and be non-functional. Future updates will be made to restore functionality. Before then, simply comment out the `ec2_instance` section as a temporarily workaround. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | Cirrus: Fix elevator workaround multi-cloud supportChris Evich2022-07-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to support execution on various non-GCP cloud environments, the BFQ scheduler workaround needs updating. Previously it assumed the root disk was always `/dev/sda`. With the addition of new clouds (AWS) and different environment types, the assumption is not always valid. Update the workaround to take care in looking up the block device where '/' comes from. Also update the scheduler to 'none', as all modern clouds already have highly optimized underlying storage configurations. There's no reason to complicate I/O paths further by hard-coding specific scheduler(s) for all environment types. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #14857 from edsantiago/dedup_uts_testnameopenshift-ci[bot]2022-07-07
|\ \ \ | |_|/ |/| | [minor] fix duplicate test name
| * | [minor] fix duplicate test nameEd Santiago2022-07-07
| | | | | | | | | | | | | | | | | | copy/paste error in #14501. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #14803 from bugfood/volumesopenshift-ci[bot]2022-07-07
|\ \ \ | | | | | | | | make 9p security model configurable; document
| * | | podman machine: make 9p security model configurable; adjust docsCorey Hickey2022-07-06
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This addresses: Symlinks don't work on podman machine on macOS Monterey when using volumes feature #13784 This change does NOT exactly fix the bug, but it does allow the user to work around it via 'podman init' option, e.g.: podman machine init -v "$HOME/git:$HOME/git:ro:security_model=none" If the default security model were to be changed to 'none', then that would fix the bug, at the possible cost of breaking any use cases that depend on 'mapped-xattr'. The documentation of the purpose and behavior of the different security models seems to be rather light: https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly From testing, it appears that the mapped-xattr security model intends to manage symlinks such that the guest can see the symlinks but the host only sees regular files (with extended attributes). As far as I can tell, this behavior only makes sense when the guest is the only thing that ever needs to create and read symlinks. Otherwise, symlinks created on the host are unusable on the guest, and vice versa. As per the original commit: 8e7eeaa4dd14621bda15e396fcd7b9187bc500c5 [NO NEW TESTS NEEDED] Also document existing ro and rw options. Also remove misleading statement about /mnt. By my observation, this line is incorrect. If the intended meaning is different, then I don't understand. The default volume is mounted read/write and is not within /mnt. [core@localhost ~]$ mount | grep 9p vol0 on /Users/chickey type 9p (rw,relatime,sync,dirsync,access=client,trans=virtio) Signed-off-by: Corey Hickey <chickey@tagged.com>
* | | Merge pull request #14855 from edsantiago/port_forward_duhopenshift-ci[bot]2022-07-07
|\ \ \ | |_|/ |/| | port forward range test: fix an oops
| * | port forward range test: fix many oopsesEd Santiago2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Wrong variable. And, wrong index range. And, wrong bash syntax for extracting end_port. And, add explicit check for valid range, because die() inside 'foo=$(...)' will not actually die. And, refactor some confusing code. And, reformat/clean up a confusing and too-wide comment. Fixes: #14854 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #14852 from cdoern/podUTSEd Santiago2022-07-07
|\ \ \ | |/ / |/| | fix namespace reporting
| * | fix namespace reportingCharlie Doern2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | somehow, #14501 got through CI even though the remote tests fail. The testa are failing due to the PodSpecGenerator not containing the UTSNs entitiy and infra's spec is not yet allowed to be accessed remotely [NO NEW TESTS NEEDED] resolves #14847 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #14762 from ashley-cui/machinfoopenshift-ci[bot]2022-07-07
|\ \ \ | | | | | | | | Podman machine info
| * | | Podman machine infoAshley Cui2022-07-05
| | |/ | |/| | | | | | | | | | | | | | | | Add podman machine info command, which displays infor about the machine host as well as version info. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #14842 from umohnani8/play-kubeopenshift-ci[bot]2022-07-07
|\ \ \ | | | | | | | | Update play kube docs
| * | | Update play kube docsUrvashi Mohnani2022-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Update play kube docs with supported fields for configMap and deployment kinds. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | | Merge pull request #14825 from jmguzik/fix_streaming_pod_statsopenshift-ci[bot]2022-07-07
|\ \ \ \ | |_|_|/ |/| | | Fix streaming for libpod/pods/stats endpoint
| * | | test-apiv2: streamed response testing based on response durationJakub Guzik2022-07-06
| | | | | | | | | | | | | | | | Signed-off-by: Jakub Guzik <jguzik@redhat.com>
| * | | Fix streaming for libpod/pods/stats endpointJakub Guzik2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit fixes libpod/pods/stats endpoint which should stream the data. Additional option param is added to disable streaming and the delay value to choose the desired delay between streamed messages (default 5s). Signed-off-by: Jakub Guzik <jguzik@redhat.com>
* | | | Merge pull request #14673 from idleroamer/fix-network-inspect-mainopenshift-ci[bot]2022-07-07
|\ \ \ \ | | | | | | | | | | Fix network inspect compat API discrepancy
| * | | | Fix network inspect compat API discrepancy🤓 Mostafa Emami2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - containerInspect compat API expects field value PrefixLen instead of PrefixLength for type Address for SecondaryIPAddresses - Add tests for network part of containerInspect compat api Closes: containers#14674 Signed-off-by: 🤓 Mostafa Emami <mustafaemami@gmail.com>
* | | | | Merge pull request #14841 from Luap99/common-codeopenshift-ci[bot]2022-07-07
|\ \ \ \ \ | | | | | | | | | | | | use c/common code for resize and CopyDetachable
| * | | | | use c/common code for resize and CopyDetachablePaul Holzinger2022-07-06
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since conmon-rs also uses this code we moved it to c/common. Now podman should has this also to prevent duplication. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #14844 from shanesmith/fix-qemu-machine-gvproxy-always-failsopenshift-ci[bot]2022-07-06
|\ \ \ \ \ | | | | | | | | | | | | Fix qemu machine startHostNetworking always failing
| * | | | | Fix qemu machine startHostNetworking always failingShane Smith2022-07-06
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Issue introduced in #14828 [NO NEW TESTS NEEDED] Signed-off-by: Shane Smith <shane.smith@shopify.com>
* | | | | Merge pull request #14501 from cdoern/podUTSopenshift-ci[bot]2022-07-06
|\ \ \ \ \ | |/ / / / |/| | | | podman pod create --uts support
| * | | | podman pod create --uts supportcdoern2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for the --uts flag in pod create, allowing users to avoid issues with default values in containers.conf. uts follows the same format as other namespace flags: --uts=private (default), --uts=host, --uts=ns:PATH resolves #13714 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | | Merge pull request #14835 from edsantiago/fix_golangci_installopenshift-ci[bot]2022-07-06
|\ \ \ \ \ | | | | | | | | | | | | golangci install: explicitly set BINDIR
| * | | | | golangci install: explicitly set BINDIREd Santiago2022-07-05
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The golangci installer (which is curl pipe sh, ewww) installs into $BINDIR, which it gets from the caller's environment. Make sure we set it explicitly. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #14834 from edsantiago/capitalize_constantsopenshift-ci[bot]2022-07-06
|\ \ \ \ \ | |/ / / / |/| | | | e2e tests: cleanup: capitalize CONSTANTS
| * | | | e2e tests: cleanup: capitalize CONSTANTSEd Santiago2022-07-05
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A number of standard image names were lower-case, leading to confusion in code such as: registry := podman(... , "-n", "registry", registry, ...) ^--- variable ^---- constant Fix a number of those to be capitalized and with _IMAGE suffix: registry := podman(..., REGISTRY_IMAGE Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #14370 from umohnani8/todoopenshift-ci[bot]2022-07-05
|\ \ \ \ | | | | | | | | | | Fix podman pod unpause TODO
| * | | | Fix podman pod unpaue TODOUrvashi Mohnani2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update the podman pod unpause to only show the paused containers with autocomplete. Fix a typo in the help command. Update the unpause function to only attempt an unpause on pasued pods instead of all the pods. Update the tests accordingly. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | | | Merge pull request #14828 from saschagrunert/errors-libpodopenshift-ci[bot]2022-07-05
|\ \ \ \ \ | |/ / / / |/| | | | libpod: switch to golang native error wrapping
| * | | | libpod: switch to golang native error wrappingSascha Grunert2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | | | Merge pull request #14831 from giuseppe/fix-leak-connections-testopenshift-ci[bot]2022-07-05
|\ \ \ \ \ | | | | | | | | | | | | two minor tweaks to common_test.go
| * | | | | test: reduce sleep intervalGiuseppe Scrivano2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | there is no need to use such long sleep intervals for such cheap operations like opening a connection or stat'ing a file. Also make WaitForService() honor defaultWaitTimeout. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | test: return immediately on connectGiuseppe Scrivano2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if the connection is successfull then return immediately instead of doing all the iterations. It also solves a problem where connections are leaked since there are multiple Dial but only one Close. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #14806 from n1hility/win-proxyopenshift-ci[bot]2022-07-05
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Implement proxy support for Windows
| * | | | | Implement proxy support for WindowsJason T. Greene2022-07-01
| | |_|_|/ | |/| | | | | | | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | | | | Merge pull request #14626 from jakecorrenti/disable-docker-compose-health-checkopenshift-ci[bot]2022-07-05
|\ \ \ \ \ | | | | | | | | | | | | Docker-compose disable healthcheck properly handled
| * | | | | Docker-compose disable healthcheck properly handledJake Correnti2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, if a container had healthchecks disabled in the docker-compose.yml file and the user did a `podman inspect <container>`, they would have an incorrect output: ``` "Healthcheck":{ "Test":[ "CMD-SHELL", "NONE" ], "Interval":30000000000, "Timeout":30000000000, "Retries":3 } ``` After a quick change, the correct output is now the result: ``` "Healthcheck":{ "Test":[ "NONE" ] } ``` Additionally, I extracted the hard-coded strings that were used for comparisons into constants in `libpod/define` to prevent a similar issue from recurring. Closes: #14493 Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* | | | | | Merge pull request #14534 from jakecorrenti/docker-compose-update-network-mtuopenshift-ci[bot]2022-07-05
|\ \ \ \ \ \ | | | | | | | | | | | | | | (rootful) docker-compose now updates network MTU
| * | | | | | (rootful) docker-compose now updates network MTUJake Correnti2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the following network block did not update using docker-compose: ``` networks: default: driver: bridge driver_opts: mtu: 9000 ``` In the API, the network options were previously not being handled when the network was being created. I translated the docker options into podman options, and added the options to the network. When doing `podman network inspect <network>`, the results now contain `"mtu": "9000"` Fixes: #14482 Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>