aboutsummaryrefslogtreecommitdiff
path: root/test/apiv2
Commit message (Collapse)AuthorAge
* Events for containers in pods now include the pod's IDMatthew Heon2022-09-22
| | | | | | | | | | This allows tools like Cockpit to know that the pod in question has also been updated, so they can refresh the list of containers in the pod. Fixes #15408 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #15842 from ashley-cui/seclabelsOpenShift Merge Robot2022-09-21
|\ | | | | Add labels to secrets
| * Add labels to secretsAshley Cui2022-09-20
| | | | | | | | | | | | | | Add --label/-l label flag to secret create, and show labels when inspecting secrets. Also allow labeling secrets via libpod/compat API. Signed-off-by: Ashley Cui <acui@redhat.com>
* | Cleanup: fix problems reported by shell lintEd Santiago2022-09-15
| | | | | | | | | | | | | | | | Followup to #15616, which is not usable as it is (way, way, way too much noise) but actually found a few real nits that should be fixed. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | stats: cap memory limit to the available memoryGiuseppe Scrivano2022-09-15
| | | | | | | | | | | | | | | | | | Docker compatibility: cap the memory limit reported by the cgroup to the maximum available memory. Closes: https://github.com/containers/podman/issues/15765 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | stats: map MaxUsage to the correct valueGiuseppe Scrivano2022-09-15
| | | | | | | | | | | | and make sure it is not set for cgroup v2 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Ensure that the DF endpoint updated volume refcountMatthew Heon2022-09-12
|/ | | | | | | | | | | | | | | | The field was already exposed already in the `system df` output so this just required a bit of plumbing and testing. As part of this, fix `podman systemd df` volume in-use logic. Previously, volumes were only considered to be in use if the container using them was running. This does not match Docker's behavior, where a volume is considered in use as long as a container exists that uses the volume, even if said container is not running. Fixes #15720 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Update test per comment in #15555tomsweeneyredhat2022-09-01
| | | | | | | | | | While backporting a test from main, @edsantiago asked that the test be adjusted as noted here: https://github.com/containers/podman/pull/15555#issuecomment-1232791752. This PR brings those same changes to main for posterity sake. Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* implement podman updateCharlie Doern2022-09-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman update allows users to change the cgroup configuration of an existing container using the already defined resource limits flags from podman create/run. The supported flags in crun are: this command is also now supported in the libpod api via the /libpod/containers/<CID>/update endpoint where the resource limits are passed inthe request body and follow the OCI resource spec format –memory –cpus –cpuset-cpus –cpuset-mems –memory-swap –memory-reservation –cpu-shares –cpu-quota –cpu-period –blkio-weight –cpu-rt-period –cpu-rt-runtime -device-read-bps -device-write-bps -device-read-iops -device-write-iops -memory-swappiness -blkio-weight-device resolves #15067 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Merge remote-tracking branch 'upstream/main' into api_compat_containersJosh Patterson2022-08-29
|\
| * Merge pull request #15481 from edsantiago/test_cleanup_apiv2OpenShift Merge Robot2022-08-29
| |\ | | | | | | APIv2 test cleanup, part 2 of 2
| | * APIv2 test cleanup, part 2 of 2Ed Santiago2022-08-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This finishes the removal of curls and exits. Please please please, everyone, if you see a 'curl' or 'exit' in any new PR, reject the PR and tell me immediately so I can help the developer do it the proper way. Also, removed some very-very-wrong USER/UID code. Both are reserved variables in bash. You cannot override them. Also, added a cleanup to a system-connection test. I wasted a lot of time because my podman-remote stopped working, all because I had run this test as part of something unrelated. Also, found and fixed dangerously-broken timeout code. Implemented a new mechanism for requiring a timeout. Signed-off-by: Ed Santiago <santiago@redhat.com>
| * | Compat API image remove events now have 'delete' statusMatthew Heon2022-08-25
| |/ | | | | | | | | | | | | | | | | Change only the compat API, so we don't force a breaking change on Libpod API users. Partial fix for #15485 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * APIv2 test cleanupEd Santiago2022-08-24
| | | | | | | | | | | | | | | | | | | | | | Whole slew of bugs that got introduced while I wasn't paying attention. Most of them are of the form "let's use hand-crafted curl commands and do our own error checking and exit uncleanly on error and leave the system in an unstable state". To be fair, those were done because there was no existing mechanism for uploading JSON files or somesuch. So, add one. Signed-off-by: Ed Santiago <santiago@redhat.com>
| * Fix documentation of use of tcp connectionsDaniel J Walsh2022-08-23
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/15430 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * fix CI: remove hardcodeded alpine versionValentin Rothberg2022-08-22
| | | | | | | | | | | | | | | | The apiv2 test hardcoded the tag of the alpine image. Remove it to unblock CI. Fixes: #15388 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | updated apiv2 tests to reflect hash compat fixJason Ertel2022-08-29
|/ | | | Signed-off-by: Jason Ertel <jason.ertel@securityonionsolutions.com>
* podman generate specCharlie Doern2022-08-04
| | | | | | | | | | | | | | implement a new command `podman generate spec` which can formulate a json specgen to be consumed by both the pod and container creation API. supported flags are --verbose (default true) print output to the terminal --compact print the json output in a single line format to be piped to the API --filename put the output in a file --clone rename the pod/ctr in the spec so it won't conflict w/ an existing entity Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Set TLSVerify=true by default for API endpointsVladimir Kochnev2022-07-26
| | | | | | | | | | | | | | | | | | | | | Option defaults in API must be the same as in CLI. ``` % podman image push --help % podman image pull --help % podman manifest push --help % podman image search --help ``` All of these CLI commands them have --tls-verify=true by default: ``` --tls-verify require HTTPS and verify certificates when accessing the registry (default true) ``` As for `podman image build`, it doesn't have any means to control `tlsVerify` parameter but it must be true by default. Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
* Merge pull request #15040 from Luap99/api-umaskOpenShift Merge Robot2022-07-22
|\ | | | | API: libpod/create use correct default umask
| * API: libpod/create use correct default umaskPaul Holzinger2022-07-22
| | | | | | | | | | | | | | | | | | Make sure containers created via API have the correct umask from containers.conf set. Fixes #15036 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | compat api: allow default bridge name for networksPaul Holzinger2022-07-21
|/ | | | | | | | | | Docker uses "bridge" as default network name so some tools expect this to work with network list or inspect. To fix this we change "bridge" to the podman default ("podman") name. Fixes #14983 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Run codespellDaniel J Walsh2022-07-18
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* fix tests for "podman kube play"Niall Crowe2022-07-14
| | | | | | | | This is a follow up to fix some of the apiv2 tests related to "podman kube play" while also removing reduntant system tests. Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* Add "podman kube play" cmdNiall Crowe2022-07-13
| | | | | | | | | | | The "podman kube play" command is designed to be a replacement for the "podman play kube" command. It performs the same function as "play kube" while also still working with the same flags and options. The "podman play kube" command is still functional as an alias of "kube play". Closes #12475 Signed-off-by: Niall Crowe <nicrowe@redhat.com> Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #14219 from mheon/bump_versionopenshift-ci[bot]2022-07-08
|\ | | | | Bump Compat API maximum version to v1.41
| * Bump Compat API maximum version to v1.41Matthew Heon2022-05-23
| | | | | | | | | | | | | | | | Docker bumped their API, so we should do the same. Fixes #14204 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #14825 from jmguzik/fix_streaming_pod_statsopenshift-ci[bot]2022-07-07
|\ \ | | | | | | Fix streaming for libpod/pods/stats endpoint
| * | test-apiv2: streamed response testing based on response durationJakub Guzik2022-07-06
| | | | | | | | | | | | Signed-off-by: Jakub Guzik <jguzik@redhat.com>
* | | Merge pull request #14673 from idleroamer/fix-network-inspect-mainopenshift-ci[bot]2022-07-07
|\ \ \ | |/ / |/| | Fix network inspect compat API discrepancy
| * | Fix network inspect compat API discrepancy🤓 Mostafa Emami2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | - containerInspect compat API expects field value PrefixLen instead of PrefixLength for type Address for SecondaryIPAddresses - Add tests for network part of containerInspect compat api Closes: containers#14674 Signed-off-by: 🤓 Mostafa Emami <mustafaemami@gmail.com>
* | | Merge pull request #14400 from cdoern/scpopenshift-ci[bot]2022-06-28
|\ \ \ | | | | | | | | podman image scp remote support & podman image scp tagging
| * | | podman image scp remote support & podman image scp taggingcdoern2022-06-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for podman-remote image scp as well as direct access via the API. This entailed a full rework of the layering of image scp functions as well as the usual API plugging and type creation also, implemented podman image scp tagging. which makes the syntax much more readable and allows users t tag the new image they are loading to the local/remote machine: allow users to pass a "new name" for the image they are transferring `podman tag` as implemented creates a new image im `image list` when tagging, so this does the same meaning that when transferring images with tags, podman on the remote machine/user will load two images ex: `podman image scp computer1::alpine computer2::foobar` creates alpine:latest and localhost/foobar on the remote host implementing tags means removal of the flexible syntax. In the currently released podman image scp, the user can either specify `podman image scp source::img dest::` or `podman image scp dest:: source::img`. However, with tags this task becomes really hard to check which is the image (src) and which is the new tag (dst). Removal of that streamlines the arg parsing process Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | Merge pull request #14700 from shuttle-hq/bug/docker-compat-initializedopenshift-ci[bot]2022-06-28
|\ \ \ \ | |/ / / |/| | | Docker compat returning unknown "initialized" for `status.status`
| * | | Docker compat returning unknown "initialized" for `status.status`chesedo2022-06-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some background for this PR is in discussion #14641. In short, ever so often a container inspect will return a `status.status` of `initialized` from the Docker compat socket. From the discussion I found these lines which tries to fix a "configured" status to "created". https://github.com/containers/podman/blob/c936d1e61154b6826e9d8df46e9660aba6c86cfe/pkg/api/handlers/compat/containers.go#L291-L294 However, commit 141de8686289 (Revamp Libpod state strings for Docker compat) removed the "configured" return value from the `String()` method called on line 291 above. Thus, making the `if` check redundant as it will never hit. But the same commit also introduces a return for "initialized" which this `if` should probably have been adapted for. Signed-off-by: Pieter Engelbrecht <pieter@shuttle.rs>
* | | | Merge pull request #14705 from jakecorrenti/show-health-status-eventopenshift-ci[bot]2022-06-27
|\ \ \ \ | |/ / / |/| | | Show Health Status events
| * | | Show Health Status eventsJake Correnti2022-06-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, health status events were not being generated at all. Both the API and `podman events` will generate health_status events. ``` {"status":"health_status","id":"ae498ac3aa6c63db8b69a37583a6eae1a9cefbdbdbeeadcf8e1d66d745f0df63","from":"localhost/healthcheck-demo:latest","Type":"container","Action":"health_status","Actor":{"ID":"ae498ac3aa6c63db8b69a37583a6eae1a9cefbdbdbeeadcf8e1d66d745f0df63","Attributes":{"containerExitCode":"0","image":"localhost/healthcheck-demo:latest","io.buildah.version":"1.26.1","maintainer":"NGINX Docker Maintainers \u003cdocker-maint@nginx.com\u003e","name":"healthcheck-demo"}},"scope":"local","time":1656082205,"timeNano":1656082205882271276,"HealthStatus":"healthy"} ``` ``` 2022-06-24 11:06:04.886238493 -0400 EDT container health_status ae498ac3aa6c63db8b69a37583a6eae1a9cefbdbdbeeadcf8e1d66d745f0df63 (image=localhost/healthcheck-demo:latest, name=healthcheck-demo, health_status=healthy, io.buildah.version=1.26.1, maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>) ``` Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* | | | Merge pull request #14643 from clobrano/feature/network/list/dangling/devopenshift-ci[bot]2022-06-21
|\ \ \ \ | | | | | | | | | | allow filter networks by dangling status
| * | | | allow filter networks by dangling statusCarlo Lobrano2022-06-21
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to filter networks by their dangling status via: `network ls --filter dangling=true/false` Fixes: #14595 Signed-off-by: Carlo Lobrano <c.lobrano@gmail.com>
* | | | Merge pull request #14662 from Luap99/api-jsonopenshift-ci[bot]2022-06-21
|\ \ \ \ | | | | | | | | | | API: containers/json always set application/json content type
| * | | | API: containers/json always set application/json content typePaul Holzinger2022-06-20
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we return no containers we just return `[]` but we still have to keep the content type header `application/json` so external tools can correctly parse the output. Fixes #14647 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / | | api: show the memory limit specified for the containerGiuseppe Scrivano2022-06-21
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use the memory limit specified for the container instead of reading it from the cgroup. It is not reliable to read it from the cgroup since the container could have been moved to a different cgroup and in general the OCI runtime might create a sub-cgroup (like crun does). Closes: https://github.com/containers/podman/issues/14676 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / / CI: APIv2 tests: add rootlessEd Santiago2022-06-14
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This would've caught a regression that #14549 had to fix. Let's try to prevent the next regression. This requires some hackery to get namespaces initialized before the service is started; otherwise the service itself initializes namespaces, which basically ends up with a server process that runs forever. Also: in stop_service(), reset service_pid, because that's the correct thing to do. Also: add some debug statements to try to figure out a CI failure. (And leave them in place, because they might be useful for future problems). Signed-off-by: Ed Santiago <santiago@redhat.com>
* | APIv2 tests: (try to) fix flaky registry panicEd Santiago2022-06-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | APIv2 tests are flaky after this morning's merge of #14543. Symptom: test-apiv2: Timed out (10s) waiting for service (/dev/tcp/localhost/5564) journal shows: registry[7421]: panic: unable to configure authorization (htpasswd): no access controller registered with name: none Possible cause: Mix of REGISTRY_AUTH=none with REGISTRY_AUTH_HTPASSWD_* vars. https://github.com/distribution/distribution/issues/1168 Solution: only set _HTPASSWD_* vars when AUTH=htpasswd Signed-off-by: Ed Santiago <santiago@redhat.com>
* | compat api: fix regressions from "Swagger refactor/cleanup"Paul Holzinger2022-06-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For some reason commit 5b79cf15a022 moved the container create options parsing from cmd/podman/common to pkg/api/handlers. However it did not remove the old code. Unfortunately it moved the code from an outdated version and did not update it before this commit was merged. Therefore a couple of regressions were introduced. I manually compared both versions and found three missing bugfixes. I fixed the network test again that was changed in bce97a3b5dd1. We want bridge as default even as rootless. Sine the test is not run as rootless in CI the regression was not caught. Also the no hosts test never worked since it was missing the import check if the hosts file exists. I don't think we can check for the volume parsing change since this only works on windows/wsl. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | apiv2 tests: clean upEd Santiago2022-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | Mostly fix a bad design decision I made early on, re: registry. old: registry starts once, runs to the end new: registry is brought up on demand, then stopped Reason: there are times when we need a password-controlled registry, and times when we need it open. As long as I'm in here, I've also cleaned up some confusing code and fixed things so tests can run rootless again. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Add missing tests for manifests APIVladimir Kochnev2022-06-07
| | | | | | | | | | | | | | | | | | | | Also: - It fixes a regression in parsing "images" parameter in ManifestAddV3 handler. - Refactors 12-imagesMore.at to use start_registry helper. - Removes some unsafe "exit 1" statements which skip clean up. Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
* | Merge pull request #14319 from flouthoc/suppress-aux-on-quietOpenShift Merge Robot2022-05-24
|\ \ | | | | | | compat, build: suppress `step` errors when `quiet=1` is set
| * | compat, build: suppress step errors when quiet is setAditya R2022-05-24
| |/ | | | | | | | | | | | | | | Match with docker API and suppress step errors when field quiet is set. Closes: https://github.com/containers/podman/issues/14315 Signed-off-by: Aditya R <arajan@redhat.com>
* / fix compat image resolutionValentin Rothberg2022-05-23
|/ | | | | | | | | | | | Fix a bug in the resolution of images in the Docker compat API. When looking up an image by a short name, the name may match an image that does not live on Docker Hub. The resolved name should be used for normalization instead of the input name to make sure that `busybox` can resolve to `registry.com/busybox` if present in the local storage. Fixes: #14291 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>