| Commit message (Collapse) | Author | Age |
|
|
|
| |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
$(CURDIR) is mounted in podman as is which causes issues on systems with SELinux
as then the container cannot read or write anything inside /src/. This has been
worked around with the --privileged flag, but that's a rather brutal
solution. Adding :Z is also suboptimal, as that requires a full relabeling after
every run. Instead, we disable security labeling via `--security-opt
label=disable` for this development container allowing us to run `make
vendor-in-container` unprivileged.
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
| |
`systemd-tmpfiles` reads "user" configurations in
`/usr/share/user-tmpfiles.d` when `--user` mode is set.
User unit `systemd-tmpfiles-setup.service` can be enabled to alias
rootless socket through systemd-tmpfiles.
Signed-off-by: SeongChan Lee <foriequal@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman-create and -run have many options in common. To date,
these are copy-pasted and haphazardly maintained.
Solution: add an include mechanism, '@@option foo', such
that multiple md source files can fetch from one common file.
This is a Phase One commit, a very small subset of what's
possible. Purpose of this commit is ease of review. If this
passes review, much more (trickier stuff) will be forthcoming.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
Cirrus: Use pre-installed bats
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While convenient, it can be problematic to rely on a Makefile to install
software. This was found to be the case across multiple environments
WRT `bats`. Fix this by removing the install script and target. A
future commit will ensure the correct version of `bats` is present in
all CI environments where it's required.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|/
|
|
|
|
|
| |
If a PR says "Fixes #123", make sure it removes skips and/or
FIXME comments that reference issue 123.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
Makefile: use order-only prereq for podman-remote
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman-remote has a dependency on $(SRCBINDIR), because on
Mac and Windows that's a special dir that may not exist.
But depending on a directory means depending on its mtime,
which changes every time a file in it is updated, which
means running 'make' twice in a row will rebuild podman-remote
for no good reason.
Solution: GNU Make has the concept of "order-only" prerequisites,
precisely for this situation. Use it. Since it's an obscure
feature, document it.
UPDATE: This exposed some nasty duplication wrt podman-remote rules.
Clean those up, and add comments to some confusing sections.
Fixes: #14756
(Also, drive-by edit to remove a stray misdocumented non-option)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
|/
|
|
|
|
|
|
|
| |
Since no pkg now containers this path
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The podman-machine integration tests are designed to execute on
bare-metal, since they perform significant work with virtual-machines.
This test is costly to run at scale, so it is limited to being manually
triggered by developers (for now). A 'trigger' button will appear in the
task status page of the Github WebUI once all test dependencies are met.
In the Cirrus-CI WebUI, there is also a 'pre-trigger' button that may be
pressed if a developer doesn't wish to wait. Also:
* Add a `localmachine` target in the `Makefile` on the off-chance
developers wish to execute locally. Update the `ginkgo-run` target
to accommodate re-use by the new `localmachine` target.
* Exclude `podman_machine` task from `success` dependency verification.
This also involves adding an exception to `cirrus_yaml_test.py`
otherwise it will complain loudly.
* ***NOTE*** Inclusion of `ec2_instance` in *any* task will cause
`hack/get_ci_vm.sh` to barf and be non-functional. Future updates will
be made to restore functionality. Before then, simply comment out
the `ec2_instance` section as a temporarily workaround.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
|
|
|
|
| |
With the upcoming plans of introducing a podman-kube command with
various subcommands, rename the podman-play-kube systemd template
to podman-kube before releasing it.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Rootless containers are not possible on FreeBSD. While I would like to
close that gap, getting the necessary changes into the FreeBSD kernel
is a long term project so until then, this removes the rootlessport
helper from the build on FreeBSD.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This option doesn't exist on freebsd or macos' install utility. In this
case, we can use the 'install file1 file2 ... dir' pattern which is
supported by all implementations of install that I'm aware of. The
makefile rule already creates the target directory so there is no
ambiguity.
No new tests are needed here since the same files are being installed
in the same places.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sed implementation on FreeBSD has a strict interpretation of posix
'basic' regular expressions. It would be better to re-implement this
using 'extended' regular expressions but for now, just use GNU sed.
This should have no functional difference on currently supported
platforms.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The makefile uses the pattern $(shell command -v path1 path2 ...) to
deduce pathnames for various executables. On FreeBSD, the default shell
does have a 'command' builtin which supports the '-v' option but only
allows a single path as argument. Rather than work around this limitation
with alternatives like for, just set bash as the default shell. We
already require bash to be installed for various helper scripts.
This change only affects FreeBSD so no new tests are needed.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add 4 new subcommands to the testvol binary, instead of just serving the
volume api it now also can create/list/remove plugins. This is required
to test new functionality where volumes are create outside of podman in
the plugin. Podman should then be able to pick up the new volumes.
The new testvol commands are:
- serve: serve the podman api like the the testvol command before
- create: create a volume with the given name
- list: list all volume names
- remove: remove the volume with the given name
Also make a small update to the testvol Containerfile so that it can
build correctly.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Update the golang verion for the testvol image to the latest version
1.18. This requires us to build with GO111MODULE=off.
Use the FQDN to prevent the shortnames prompt.
Also add --network none to the podman build command to make sure we are
only using the copied deps and nothing else.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
I think it is confusion to have this Containerfile in the repo root. It
is used for the tests only so we should move it into the same dir.
Also adapt the Makefile target to use the new path and add the current
date as tag instead of using latest which can break CI easily when we
have to update the image.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to the latest golangci-lint version. v1.46 added new linters.
I disabled nonamedreturns and exhaustruct since they enforce a certain
code style and using them would require big changes to the code base.
The nosprintfhostport is new and I fixed one problem in the tests. While
the test itself is fine because it uses ipv4 only the linter still looks
good because the sprintf use will fail for ipv6 addresses.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes #14021
Substitution values built from `$(shell ...)` output can easily be empty
due to the shell's default `pipefail` behavior. This can also hide
non-zero exit codes, similarly resulting in empty values being set.
While not a perfect fix, the situation is improved by using the
`err_if_empty` function in all cases where empty values would be
unexpected. Remove the definitions for `GIT_BRANCH` and
`GIT_BRANCH_CLEAN` which don't seem to actually be used anywhere
(including in code).
Add a simple release-test to verify `podman info` outputs a non-empty
value for "GitCommit".
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Some of the targets overwrite $GOOS. Since podman-remote-static should
always build for linux we can force linux GOOS here.
Fixes #14201
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
Makefile: simplify for modern Go
|
| |
| |
| |
| |
| |
| | |
Using it is no longer needed.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
It is superceded by golangci-lint, which has gofmt as one of the
linters.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Those are not used since commit 0d1ba0a58fdb15af7e.
Fixes: 0d1ba0a58fdb15af7
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
"go build" no longer requires explicit "-mod=vendor", as this is the
default since go 1.14.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
GOPROXY's default value is "https://proxy.golang.org,direct"
since go 1.13, so it is redundant to set it explicitly.
For some reason though, GOPROXY in Cirrus CI is set to direct,
which makes things such as go mod tidy very slow. So, set the
proper (default) value for in in .cirrus.yml. Do the same for GOSUMDB.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remove GOPATH setting as since Go 1.9 it defaults to $HOME/go (for
earlier versions it had to be specified explicitly).
Remove GOPATH-related code from the spec, using relative paths when
compiling packages, and enable Go modules, simplifying the spec.
Remove support for multiple paths in GOPATH (which is rarely used and
doesn't really work with modules).
Remove setting GOBIN, rely on $GOPATH/bin instead. In case GOBIN is
explicitly set (which is highly unlikely), forcefully ignore by
unsetting it.
Remove GOBIN from tools invocation since we added GOPATH/bin to PATH.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Recent commit 3b9177995e0124beb064ef8615ba9a2ae7ca4f4b removes
this target, but some artifacts remain. Remove those.
Fixes: 3b9177995e0124beb064ef8615ba9a2ae7ca4f4b
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since about Go 1.10 (or whereabouts) the specific package structure
is no longer required.
This also removes GOPKGDIR and GOPKGBASEDIR as they were only used by
gopathok.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This was originally added in commit a824186ac9803ef to be used from
Travis CI. Travis was removed in commit 8771a03af1f17f and there is
no need to have this target ever since (October 2018).
Also, remove the comment about BUILD_TAGS, which originally belonged to
varlink target (removed by commit f62a356515e387b0) but got misplaced
later.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support running `podman play kube` in systemd by exploiting the
previously added "service containers". During `play kube`, a service
container is started before all the pods and containers, and is stopped
last. The service container communicates its conmon PID via sdnotify.
Add a new systemd template to dispatch such k8s workloads. The argument
of the template is the path to the k8s file. Note that the path must be
escaped for systemd not to bark:
Let's assume we have a `top.yaml` file in the home directory:
```
$ escaped=$(systemd-escape ~/top.yaml)
$ systemctl --user start podman-play-kube@$escaped.service
```
Closes: https://issues.redhat.com/browse/RUN-1287
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
| |
Broken in #14191, merged unintentionally
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
|
|
|
|
|
| |
Since `./hack` has been removed from the Makefile's path, add it back
for `make localbenchmarks` to make `podman-registry` binary available
for running local registries.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
|
|
| |
This path should never, ever, ever be included in `$PATH` as it is
almost guaranteed to cause serious and non-obvious breakage in CI. Fix
it and include a warning comment.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
|
|
| |
We have no control over the code in the vendored files.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Instead of using the main module we should vendor the test tools in a
different directory. That way we do not add extra dependencies to the
main module which can be problemetic for packages or other users.
This is already done in buildah so this makes us more consitent.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We can vendor the test dependencies such as go-md2man, git-validation
and goimports. This allows us to always install the same version as
specified in go.mod. Also we do not rely on a network connection for
this.
The advantage with this method is that dependabot will also update the
dependencies for us and we do not have to hardcode versions in the
Makefile.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
go get is deprecated, we should use go install instead.
Also for some reason go get -u golang.org/x/tools/cmd/goimports is
broken at the moment, thus failing CI jobs where we have to install
this. Switching to go install seems to fix it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
| |
Add more benchmarks for the most common and performance-critical image
commands. Benchmarks for `podman build` should go into a separate
section.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This PR introduces a test suite for podman machine. It can currently be
run on developers' local machines and is not part of the official CI
testing; however, the expectation is that any work on machine should
come with an accompanying test.
At present, the test must be run on Linux. It is untested on Darwin.
There is no Makefile target for the test. It can be run like `ginkgo -v
pkg/machine/test/.`. It should be run as a unprivileged user.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The default verbosity level does not show the classes or function names.
This makes it difficult to debug problems like hangs. Also, separate
the bats and python-based tests into two sections. This allows for
easier debugging, since isolation can be done in `runner.sh` rather than
mucking with the `Makefile`. Lastly, update the logformatter script
to `autoflush stdout` (thanks @edsantiago).
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
|
|
|
| |
Fix many problems reported by the staticcheck linter, including many
real bugs!
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a proof of concept for benchmarking Podman. The benchmarks are
implemented by means of the end-to-end test suite but hidden behind
a `benchmarks` build tag. Running `make localbenchmarks` will run
`test/e2e` with the specific build tag and set ginkgo's "focus" to
the specific "Podman Benchmark Suite" to only run this spec and skip
all others.
ginkgo will print a report before terminating listing the CPU and memory
stats for each benchmark. New benchmarks can easily be added via the
`newBenchmark` function that also supports adding an `init()` function
to each benchmark which allows for performing certain setups for the
specific benchmark. For instance, benchmarking `podman start` requires
creating a container beforehand.
Podman may be called more than once in the main function of a benchmark
but note that the displayed memory consumption is then a sum of all
Podman invocations. The memory consumption is collected via
`/usr/bin/time`.
A benchmark's report is split into CPU and memory as displayed below:
```
[CPU] podman images:
Fastest Time: 0.146s
Slowest Time: 0.187s
Average Time: 0.180s ± 0.015s
[MEM] podman images:
Smallest: 41892.0KB
Largest: 42792.0KB
Average: 42380.7KB ± 286.4KB
```
Note that the benchmarks are not wired into the CI yet. They are meant
as a proof of concept. More benchmarks and the plumbing into CI will
happen in a later change.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\
| |
| | |
Binary growth check, part 2 of 2
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a CI check to prevent unwanted bloat in binary images,
by building a baseline (pre-PR) binary then comparing file
sizes post-PR.
Part 1 (#13518) added a new script that runs multiple 'make's,
comparing image sizes against an original, and failing loudly
if growth is too big. An override mechanism is defined.
This is part 2 of 2: adding the CI rule. We couldn't do that
in part 1, because the rule would call a script that didn't
exist in the pre-PR commit.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|