summaryrefslogtreecommitdiff
path: root/contrib
Commit message (Collapse)AuthorAge
* Use /tmp/podman-run-* for backup XDG_RUNTIME_DIRDaniel J Walsh2020-11-04
| | | | | | | We need to block systemd from cleaning up this directory by dropping a /usr/lib/tmpfiles.d/podman.conf file in place. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Cirrus: Workaround F32 BFQ Kernel bugChris Evich2020-10-30
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #8046 from cevich/simplify_environmentOpenShift Merge Robot2020-10-29
|\ | | | | Cirrus: Simplify setting/passing env. vars.
| * Cirrus: Simplify setting/passing env. vars.Chris Evich2020-10-29
| | | | | | | | | | | | | | | | | | | | | | | | Test VMs by design are to be single-purpose, single-use, and readily disposable. Therefore it's unnecessary to overcomplicate storage of runtime environment variables. This commit makes these points clear, and reorganizes all CI-related env. vars on the system into a single location, `/etc/ci_environment`. This file is then automatically loaded, and variables exported, (by `lib.sh`) from `runner.sh` prior to executing all forms of testing. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Use google mirror for docker.ioChris Evich2020-10-28
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Always record runc/crun versionsChris Evich2020-10-28
|/ | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Add a system test to verify --runtime is preservedMatthew Heon2020-10-20
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Use runtime names instead of paths in E2E testsMatthew Heon2020-10-20
| | | | | | | | | | | | | | | | | | My patches to fix `--runtime /usr/bin/crun` being allowed to use a different version of the crun runtime revealed a problem: we were actually relying on that exact behavior in our E2E tests. We specified the runtime path as `/usr/bin/runc` for the Ubuntu tests, but that didn't exist, so Podman was actively looking for a different, usable runc binary and using that, instead of the path we explicitly hardcoded. Fixing the bug broke this, and thus broke the tests. Instead of hard-coding OCI runtime paths, swap to just using the runtime name, `runc` or `crun`, and letting Podman figure out where the runtime lives - it's quite good at that. This should un-break the tests and make them more durable. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Cirrus: Restore APIv2 TestingChris Evich2020-10-13
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Fix obtaining a CI VMChris Evich2020-10-07
| | | | | | | | | Also removed automatic exection of setup_environment.sh since most people using this script are podman developers (not automation/CI folks). If executing the automation scripts is necessary, manual attendance to required variables like `$TEST_FLAVOR` is mandatory. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Fix running shellcheck locallyChris Evich2020-10-06
| | | | | | Also, check the contents of hack/get_ci_vm.sh Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus CI runner: refactorEd Santiago2020-10-06
| | | | | | | | | | | | | | | While reviewing #6784 I found myself having a lot of trouble with this script: it was a complicated mix of case statement and helper functions, requiring a reader to jump back and forth between the two. This PR defines a convention such that a given TEST_FLAVOR=foo must have a corresponding _run_foo() handler function. The goal is to have all TEST_FLAVOR-related code in one place, or at least less scattered (integration and system tests still rely on other helper functions). Signed-off-by: Ed Santiago <santiago@redhat.com>
* logformatter: run on system tests & bindingsEd Santiago2020-10-05
| | | | | | | | | | | | (that got accidentally dropped in the new Cirrus makeover). Note that 'dotest' does not actually 'do tests', it's only used for a small subset of tests. Also, make logformatter work better in the new Cirrus setup. Remove duplicate test/subtest, remove no-longer-used SPECIALMODE, and make the Cirrus build/task display a little cleaner. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Fix branch-validation failureChris Evich2020-10-05
| | | | | | | | | | | When validating code on a branch, determining a starting commit to check from isn't as straightforward as it would seem. Default to using the SHA from last time CI was green. If for some reason that isn't available, use an obviously wrong value to cause an intentional failure. Entirely skip this check on tag-push, since determining a starting point is incredibly difficult to do automatically. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Implement podman automation 2.0Chris Evich2020-10-02
| | | | | | | | | | | | | | | | | | Reimplement CI-automation to remove accumulated technical-debt and optimize workflow. The task-dependency graph designed goal was to shorten it's depth and increase width (i.e. more parallelism). A reduction in redundant building (and 3rd party module download) was also realized by caching `$GOPATH` and `$GOCACHE` early on. This cache is then reused in favor of a fresh clone of the repository (when possible). Note: The system tests typically execute MUCH faster than the integration tests. However, contrary to a fail-fast/fail-early principal, they are executed last. This was implemented due to debug-ability related concerns/preferences of the primary (golang-centric) project developers. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #7873 from edsantiago/logformatter_envOpenShift Merge Robot2020-10-02
|\ | | | | logformatter: add Synopsis at top of each page
| * logformatter: add Synopsis at top of each pageEd Santiago2020-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At the top of each generated page, add a Synopsis table with: PR number/name, and link to github Author name(s) Test name (fedora/ubuntu, rootless, etc) Cirrus build ID (usually uninteresting) Cirrus task ID (usu. important), with link to Cirrus The value of $SPECIALMODE This is all we can get from the Cirrus environment in which logformatter runs; we can't get things like cgroup manager or username that the test runs under. Note that the table is at the top, which is usually unseen because we autoscroll to the bottom on page load. I tentatively think that top is a more natural place for this info than bottom, but am willing to listen to arguments against. Also, one minor tweak: highlight podman commands in the BATS output. The idea is to make it easier for the eye to spot those, then copy/paste them to find a reproducer. And, sigh, disable the new 'podman network create' system test. It is flaking much too much. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Migrate container images to automation_imagesChris Evich2020-10-01
|/ | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* rootless-cni-infra v3: fix cleaning up DNS entriesAkihiro Suda2020-09-30
| | | | | | | | Fix "Old DNS entries are not cleaned up" by passing CNI_ARGS to `cnitool del`. Fix #7789 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* Bump to v2.2.0-devMatthew Heon2020-09-22
| | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* rootless-cni-infra: fix flakiness during bringing up lo interfaceAkihiro Suda2020-09-20
| | | | | | | | Fix #7618 This bumps up ROOTLESS_CNI_INFRA_VERSION to 2 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* dependabot-dance: new tool for managing revendor PRsEd Santiago2020-09-17
| | | | | | | | | | | | | | | dependabot seems to submit PRs without running 'make vendor'. This script automates (with some safety checks) the manual process for pulling the PR, running 'make vendor-in-container', and force-pushing the PR. Usage: ./contrib/dependabot-dance It should take care of identifying your github repo, finding all active dependabot branches, running the make, git-add, and commit, then git-pushing. Signed-off-by: Ed Santiago <santiago@redhat.com>
* move `rootless-cni-infra` image to quay.ioValentin Rothberg2020-09-15
| | | | | | | | | | | | | Move the `rootless-cni-infra` image to `quay.io/libpod/rootless-cni-image:$tag` where $tag has the format `$version-$architecture`. Whenever we upload a new image (e.g., after changing the Containerfile), we need to make sure to increase the version number (an ordinary integer for simplicity) so we have a notion of support. Thanks to @AkihiroSuda for working on rootless CNI! Fixes: #7617 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Fix up errors found by codespellDaniel J Walsh2020-09-11
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7460 from AkihiroSuda/allow-rootless-cniOpenShift Merge Robot2020-09-10
|\ | | | | rootless: support `podman network create` (CNI-in-slirp4netns)
| * add contrib/rootless-cni-infraAkihiro Suda2020-09-09
| | | | | | | | Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* | Cirrus: Obsolete CI:IMG process & related filesChris Evich2020-09-09
|/ | | | | | | | | | | All VM-building functionality has been migrated to https://github.com/containers/automation_images Some container-build functions are still maintained here but are on a very-short list to also be migrated to the repository linked above. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #7538 from edsantiago/cap_test_robustOpenShift Merge Robot2020-09-08
|\ | | | | Update VM images for new crun; adapt Cap tests to work with new kernel
| * WIP: update VM imagesEd Santiago2020-09-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (This is an adoption of #7533 because Brent is on PTO). Pick up new crun and crio-runc. Also: renames from useful fedora-32 and -31 to less-useful names; presumably this is needed by something-something in the new VM setup. Also: tweak two e2e tests to more properly handle a kernel (5.8.4) with a greater set of capabilities than what we or crun can yet handle. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | [CI:DOCS] Add note on run image fuse problem - try 2TomSweeneyRedHat2020-09-04
|/ | | | | | | | | | | | | | | | | | We've recently had a number of issues reported against our pre-fabricated images on quay.io and a couple of rhel repositories throwing a fuse error when run: ``` fuse: device not found, try 'modprobe fuse' first ``` The tip on modprobe fuse is not always seen by or displayed to the end user. Adding a couple of doc pointers to hopefully help. Arises from this BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1867892 and several others. Replaces: 7453 where I was going crazy with whitespace and merge issues. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* use crio runc on CICID ubuntuBrent Baude2020-08-31
| | | | | | | when running CICD on Ubuntu where no cgroups v2, we need to use a newer runc for things like seccomp and the default ubuntu runc is not new enough. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Use `bash` binary from env instead of /bin/bash for scriptsSascha Grunert2020-08-17
| | | | | | | | It's not possible to run any of the scripts on distributions which do have `bash` not in `/bin`. This is being fixed by using `/usr/bin/env bash` instead. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* Merge pull request #7237 from TomSweeneyRedHat/dev/tsweeney/imagedocOpenShift Merge Robot2020-08-15
|\ | | | | [CI:DOCS] Update podmanimages README.md
| * [CI:DOCS] Update podmanimages README.mdTomSweeneyRedHat2020-08-05
| | | | | | | | | | | | | | | | | | Updates to the README.md for the contrib/podmanimages directory. This completes the changes to answer this Buildah issue: https://github.com/containers/buildah/issues/1693 and then also adds the quay.io/conatiners/podman images to the list of images. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | podman.service: use sdnotiyValentin Rothberg2020-08-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 2b6dd3fb4384 set the killmode of the podman.service to the systemd default which ultimately lead to the problem that systemd will kill *all* processes inside the unit's cgroup and hence kill all containers whenever the service is stopped. Fix it by setting the type to sdnotify and the killmode to process. `podman system service` will send the necessary notify messages when the NOTIFY_SOCKET is set and unset it right after to prevent the backend and container runtimes from jumping in between and send messages as well. Fixes: #7294 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7299 from jobcespedes/patch-1OpenShift Merge Robot2020-08-12
|\ \ | | | | | | add xz as a recommended pkg
| * | add xz as a recommended pkgJob Cespedes2020-08-11
| | | | | | | | | | | | | | | | | | | | | | | | xz package is required by buildah and podman when building a image and ADD a tar.xz file archive is used See https://github.com/containers/buildah/issues/2525 Signed-off-by: Job Cespedes Ortiz <jobcespedes@gmail.com>
* | | podman-remote fixes for msi and clientBrent Baude2020-08-12
|/ / | | | | | | | | | | | | | | correct small typo that sets the path on windows via the msi xml. in the remote client, prompt for SSH password when no identity or alternate means of authentication are provided. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #7270 from Fodoj/masterOpenShift Merge Robot2020-08-10
|\ \ | | | | | | Allign container image storage configuration with Buildah
| * | Align images with BuildahKirill Shirinkin2020-08-10
| | | | | | | | | | | | Signed-off-by: Kirill Shirinkin <kirill@hey.com>
* | | Remove TEST_REMOTE_CLIENT from RCLIDaniel J Walsh2020-08-10
|/ / | | | | | | | | | | | | | | We know these are TEST_, hoping this makes the display in cirrus easier for users to see true|false, since this is the valuable information is. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7138 from cevich/add_python_packagesOpenShift Merge Robot2020-08-10
|\ \ | |/ |/| Cirrus: Add python packages to images
| * Cirrus: Install golang 1.14 on UbuntuChris Evich2020-07-31
| | | | | | | | | | | | | | This more/less reverts efd142214 + updates to 1.13 on all Ubuntus for all `containers` projects. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Add python packages to imagesChris Evich2020-07-31
| | | | | | | | | | | | | | | | | | They are needed in support of future testing additions. Also reduce unnecessary output by not printing the downloaded package list. The set can be examined using other tooling if/when necessary. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #7193 from vrothberg/fix-7190OpenShift Merge Robot2020-08-03
|\ \ | | | | | | podman.service: drop install section
| * | podman.service: drop install sectionValentin Rothberg2020-08-03
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman.service is socket activated through podman.socket. It should not have its own [Install] section, it does not make sense to systemctl enable podman.service. This leads to podman.service always running on a Debian system, as Debian's policy is to enable/start running services by default. We don't want a daemon :^) Fixes: #7190 Reported-by: @martinpitt Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Install auto-update services for usersValentin Rothberg2020-08-03
| | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Fix test failure regarding unpackaged files.Peter Oliver2020-08-03
|/ | | | Signed-off-by: Peter Oliver <git@mavit.org.uk>
* System tests: new system-df and passwd testsEd Santiago2020-07-30
| | | | | | | | | | | | | | | | | | | | | | - New test for #6991 - passwd file is writable even when run with --userns=keep-id - Enable another keep-id test, commented out due to #6593 - New test for podman system df Also, independently, removed this line: apt-get -y upgrade conmon ...because it's causing CI failures, probably because of the boothole CVE, probably because the Ubuntu grub update was rushed out. I believe it is safe to remove this, because both Ubuntu 19 and 20 report: conmon is already the newest version (2.0.18~1). Signed-off-by: Ed Santiago <santiago@redhat.com>
* logformatter: more libpod-podman falloutEd Santiago2020-07-29
| | | | | | | | | | | Problem: formatted logs no longer have live links to sources in error-report lines. Cause: script was searching for '/libpod'. Solution: make it more flexible. Signed-off-by: Ed Santiago <santiago@redhat.com>