summaryrefslogtreecommitdiff
path: root/test/e2e/run_test.go
Commit message (Collapse)AuthorAge
* libpod: enforce noexec,nosuid,nodev for /dev/shmGiuseppe Scrivano2022-02-02
| | | | | | | these mount flags are already used for the /dev/shm mount on the host, but they are not set for the bind mount itself. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* bump go module to version 4Valentin Rothberg2022-01-18
| | | | | | | | | | | | | Automated for .go files via gomove [1]: `gomove github.com/containers/podman/v3 github.com/containers/podman/v4` Remaining files via vgrep [2]: `vgrep github.com/containers/podman/v3` [1] https://github.com/KSubedi/gomove [2] https://github.com/vrothberg/vgrep Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Standardize on capatalized CgroupsDaniel J Walsh2022-01-14
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* test/e2e/run: don't use date +%N on AlpineKir Kolyshkin2022-01-04
| | | | | | | | | | | | Commit e1443fe05d146def6 added a test case that ran "date +%N" inside a Fedora container (without actually using its output). Commit ccc5bc167fa2c140 changed that test case to use Alpine. Problem is, %N is not supported by date in Alpine (it only prints a newline). To eliminate the ambiguity, replace date with touch. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* Update vendor or containers/common moving pkg/cgroups thereDaniel J Walsh2021-12-07
| | | | | | | [NO NEW TESTS NEEDED] This is just moving pkg/cgroups out so existing tests should be fine. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Use HaveLen(x) instead of Expect(len(y)).To(Equal(x))Ed Santiago2021-12-02
| | | | | | sed -i -e 's/Expect(len(\(.*\)))\.To(Equal(\(.*\)))/Expect(\1).To(HaveLen(\2))/' test/e2e/*.go Signed-off-by: Ed Santiago <santiago@redhat.com>
* e2e tests: a little more minor cleanupEd Santiago2021-12-02
| | | | | | | | | | | | | | | sed -i -e 's/Expect(\(.*\)\[\(\".*\"\)\])\.To(Equal(/Expect(\1).To(HaveKeyWithValue(\2, /' test/e2e/*_test.go ...with two manual tweaks, because this converted: Expect(foo["bar"]).To(Equal("")) -> Expect(foo).To(HaveKeyWithValue("bar","")) It looks like the intention of the test was, instead: ...To(Not(HaveKey("bar"))) Signed-off-by: Ed Santiago <santiago@redhat.com>
* e2e: yet more cleanup of BeTrue/BeFalseEd Santiago2021-11-30
| | | | | | Thanks to Paul for teaching me about HaveKey() Signed-off-by: Ed Santiago <santiago@redhat.com>
* Convert strings.Contains() to Expect(ContainSubstring)Ed Santiago2021-11-30
| | | | | | | ...done manually, not via sed, because some of the inner expressions include nested commas. Signed-off-by: Ed Santiago <santiago@redhat.com>
* e2e tests: enable golintEd Santiago2021-11-29
| | | | | | ...and fix problems found therewith. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #12361 from rhatdan/remoteDaniel J Walsh2021-11-23
|\ | | | | podman-remote does not support signature-policy
| * podman-remote does not support signature-policyDaniel J Walsh2021-11-19
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/12357 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | e2e tests: clean up antihelpful BeTrue()sEd Santiago2021-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Many ginkgo tests have been written to use this evil form: GrepString("foo") Expect(that to BeTrue()) ...which yields horrible useless messages on failure: false is not true Identify those (automatically, via script) and convert to: Expect(output to ContainSubstring("foo")) ...which yields: "this output" does not contain substring "foo" There are still many BeTrue()s left. This is just a start. This is commit 1 of 2. It includes the script I used, and all changes to *.go are those computed by the script. Commit 2 will apply some manual fixes. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Semiperiodic cleanup of obsolete Skip()sEd Santiago2021-11-19
|/ | | | | | | | | | | | | | Found by my find-obsolete-skips script. Let's see which, if any, of these skipped tests can be reenabled. Some Skips are "this will never work", not "this is expected to work one day". Update the message on those to reflect that. Some were real bugs in the test framework. Fix those. And, joy of joys, some work today. Remove those skips. Signed-off-by: Ed Santiago <santiago@redhat.com>
* fix CIValentin Rothberg2021-11-18
| | | | | | | | | | | | Our fedora-minimal image on Quay bases on fedora-minimal:latest which starting with F35 removed a number of binaries that our CI depends on. Fix that by pulling `fedora-minimal:34` from the Fedora registry directly. Once the build bot on Quay has been disabled, we move the image over there to make sure that it will not change over time. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* secret: honor custom target for secrets with runAditya Rajan2021-11-15
| | | | | | | | | | | Honor custom `target` if specified while running or creating containers with secret `type=mount`. Example: `podman run -it --secret token,type=mount,target=TOKEN ubi8/ubi:latest bash` Signed-off-by: Aditya Rajan <arajan@redhat.com>
* test: run --cgroups=split in new cgroupGiuseppe Scrivano2021-11-04
| | | | | | | | | | the --cgroups=split test changes the current cgroup as it creates a sub-cgroup. This can cause a race condition in tests that are reading the current cgroup. Closes: https://github.com/containers/podman/issues/11191 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* volumes: allow more options for devptsGiuseppe Scrivano2021-10-28
| | | | | | | | allow to pass down more options that are supported by the kernel. Discussion here: https://github.com/containers/toolbox/issues/568 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* container create: fix --tls-verify parsingValentin Rothberg2021-10-27
| | | | | | | | | Make sure that the value is only set if specified on the CLI. c/image already defaults to true but if set in the system context, we'd skip settings in the registries.conf. Fixes: #11933 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* libpod: change mountpoint ownership c.Root when using overlay on top of ↵Aditya Rajan2021-10-19
| | | | | | | | | | external rootfs Allow chainging ownership of mountpoint created on top external overlay rootfs to support use-cases when custom --uidmap and --gidmap are specified. Signed-off-by: Aditya Rajan <arajan@redhat.com>
* rootfs-overlay: fix overlaybase path for cleanupsAditya Rajan2021-10-18
| | | | | | | | Following commit ensures not dandling mounts are left behind when we are creating an overlay on top of external rootfs. Co-authored-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Aditya Rajan <arajan@redhat.com>
* Eighty-six eighty-eightyEd Santiago2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (Sorry, couldn't resist). CI flakes have been coming down - thank you to everyone who has been making them a priority. This leaves a noisy subset that I've just been ignoring for months: Running: podman ... -p 8080:something ...cannot listen on the TCP port: listen tcp4 :8080: bind: address already in use Sometimes these are one-time errors resolved on 2nd try; sometimes they fail three times, forcing CI user to hit Rerun. In all cases they make noise in my flake logs, which costs me time. My assumption is that this has to do with ginkgo running random tests in parallel. Since many e2e tests simplemindedly use 8080, collisions are inevitable. Solution: simplemindedly replace 8080 with other (also arbitrarily picked) numbers. This is imperfect -- it requires human developers to pick a number NNNN and 'grep NNNN test/e2e/*' before adding new tests, which I am 100% confident ain't gonna happen -- but it's better than what we have now. Side note: I considered writing and using a RandomAvailablePort() helper, but that would still be racy. Plus, it would be a pain to interpolate strings into so many places. Finally, with this hand-tooled approach, if/when we _do_ get conflicts on port NNNN, it should be very easy to grep for NNNN, find the offending tests that reuse that port, and fix one of them. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #11567 from giuseppe/cgroups-split-with-podsOpenShift Merge Robot2021-09-15
|\ | | | | libpod: honor --cgroups=split also with pods
| * libpod: honor --cgroups=split also with podsGiuseppe Scrivano2021-09-14
| | | | | | | | | | | | Honor --cgroups=split also when the container is running in a pod. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | tests: enable --cgroups=disabled test for rootlessGiuseppe Scrivano2021-09-14
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | tests: simplify --cgroups=disabled testGiuseppe Scrivano2021-09-14
|/ | | | | | read the cgroup directly from the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Fix file descriptor leaks and add testJhon Honce2021-08-24
| | | | | | | | | | * Add response.Body.Close() where needed to release HTTP connections to API server. * Add tests to ensure no general leaks occur. 100% coverage would be required to ensure no leaks on any call. * Update code comments to be godoc correct Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #11205 from Shivkumar13/shivkumar-tls-fixOpenShift Merge Robot2021-08-23
|\ | | | | Support for --tls-verify flag in podman-run & podman-create
| * Support for --tls-verify flag in podman run & podman createShivkumar132021-08-21
| | | | | | | | Signed-off-by: Shivkumar13 <sople@redhat.com>
* | Fix AVC denials in tests of volume mountsChris Evich2021-08-18
|/ | | | | | | | | This becomes a problem on hosts with upgraded policies. Ref: https://github.com/containers/podman/issues/10522 Also, made a small change to compose-test setup to reduce runtime. Signed-off-by: Chris Evich <cevich@redhat.com>
* personality: Add support for setting execution domain.flouthoc2021-08-06
| | | | | | | | | | Execution domains tell Linux how to map signal numbers into signal actions. The execution domain system allows Linux to provide limited support for binaries compiled under other UNIX-like operating systems. Reference: https://man7.org/linux/man-pages/man2/personality.2.html Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* Merge pull request #11048 from cdoern/heatlhCheckCompatOpenShift Merge Robot2021-07-29
|\ | | | | Fixed Healthcheck formatting, string to []string
| * Fixed Healthcheck formatting, string to []stringcdoern2021-07-28
| | | | | | | | | | | | | | | | | | | | Compat healthcheck tests are of the format []string but podman's were of the format string. Converted podman's to []string at the specgen level since it has the same effect and removed the incorrect parsing of compat healthchecks. fixes #10617 Signed-off-by: cdoern <cdoern@redhat.com>
| * Fixed Healthcheck formatting, string to []stringcdoern2021-07-26
| | | | | | | | | | | | | | | | | | | | Compat healthcheck tests are of the format []string but podman's were of the format string. Converted podman's to []string at the specgen level since it has the same effect and removed the incorrect parsing of compat healthchecks. fixes #10617 Signed-off-by: cdoern <cdoern@redhat.com>
* | e2e tests: use Should(Exit()) and ExitWithError()Ed Santiago2021-07-15
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e2e test failures are rife with messages like: Expected 1 to equal 0 These make me cry. They're anti-helpful, requiring the reader to dive into the source code to figure out what those numbers mean. Solution: Go tests have a '.Should(Exit(NNN))' mechanism. I don't know if it spits out a better diagnostic (I have no way to run e2e tests on my laptop), but I have to fantasize that it will, and given the state of our flakes I assume that at least one test will fail and give me the opportunity to see what the error message looks like. THIS IS NOT REVIEWABLE CODE. There is no way for a human to review it. Don't bother. Maybe look at a few random ones for sanity. If you want to really review, here is a reproducer of what I did: cd test/e2e ! positive assertions. The second is the same as the first, ! with the addition of (unnecessary) parentheses because ! some invocations were written that way. The third is BeZero(). perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(Equal\((\d+)\)\)/Expect($1).Should(Exit($2))/' *_test.go perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(\(Equal\((\d+)\)\)\)/Expect($1).Should(Exit($2))/' *_test.go perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(BeZero\(\)\)/Expect($1).Should(Exit(0))/' *_test.go ! Same as above, but handles three non-numeric exit codes ! in run_exit_test.go perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(Equal\((\S+)\)\)/Expect($1).Should(Exit($2))/' *_test.go ! negative assertions. Difference is the spelling of 'To(Not)', ! 'ToNot', and 'NotTo'. I assume those are all the same. perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.To\(Not\(Equal\((0)\)\)\)/Expect($1).To(ExitWithError())/' *_test.go perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.ToNot\(Equal\((0)\)\)/Expect($1).To(ExitWithError())/' *_test.go perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.NotTo\(Equal\((0)\)\)/Expect($1).To(ExitWithError())/' *_test.go ! negative, old use of BeZero() perl -pi -e 's/Expect\((\S+)\.ExitCode\(\)\)\.ToNot\(BeZero\(\)\)/Expect($1).Should(ExitWithError())/' *_test.go Run those on a clean copy of main branch (at the same branch point as my PR, of course), then diff against a checked-out copy of my PR. There should be no differences. Then all you have to review is that my replacements above are sane. UPDATE: nope, that's not enough, you also need to add gomega/gexec to the files that don't have it: perl -pi -e '$_ .= "$1/gexec\"\n" if m!^(.*/onsi/gomega)"!' $(grep -L gomega/gexec $(git log -1 --stat | awk '$1 ~ /test\/e2e\// { print $1}')) UPDATE 2: hand-edit run_volume_test.go UPDATE 3: sigh, add WaitWithDefaultTimeout() to a couple of places UPDATE 4: skip a test due to bug #10935 (race condition) Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #10451 from giuseppe/test-ENOSYSOpenShift Merge Robot2021-06-16
|\ | | | | tests: update CI images
| * test: drop invalid testGiuseppe Scrivano2021-06-16
| | | | | | | | | | | | | | | | | | runc-1.0-rc95 refuses destination paths that are not absolute. The test was causing a mount with a destination "[/etc/foo]" causing the OCI runtime to fail. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Fix permissions on initially created named volumesDaniel J Walsh2021-06-14
|/ | | | | | | | Permission of volume should match the directory it is being mounted on. Fixes: https://github.com/containers/podman/issues/10188 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Support uid,gid,mode options for secretsAshley Cui2021-05-17
| | | | | | | Support UID, GID, Mode options for mount type secrets. Also, change default secret permissions to 444 so all users can read secret. Signed-off-by: Ashley Cui <acui@redhat.com>
* podman image tree: restore previous behaviorValentin Rothberg2021-05-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The initial version of libimage changed the order of layers which has now been restored to remain backwards compatible. Further changes: * Fix a bug in the journald logging which requires to strip trailing new lines from the message. The system tests did not pass due to empty new lines. Triggered by changing the default logger to journald in containers/common. * Fix another bug in the journald logging which embedded the container ID inside the message rather than the specifid field. That surfaced in a preceeding whitespace of each log line which broke the system tests. * Alter the system tests to make sure that the k8s-file and the journald logging drivers are executed. * A number of e2e tests have been changed to force the k8s-file driver to make them pass when running inside a root container. * Increase the timeout in a kill test which seems to take longer now. Reasons are unknown. Tests passed earlier and no signal-related changes happend. It may be CI VM flake since some system tests but other flaked. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #10221 from ashley-cui/envsecOpenShift Merge Robot2021-05-07
|\ | | | | Add support for environment variable secrets
| * Add support for environment variable secretsAshley Cui2021-05-06
| | | | | | | | | | | | | | | | Env var secrets are env vars that are set inside the container but not commited to and image. Also support reading from env var when creating a secret. Signed-off-by: Ashley Cui <acui@redhat.com>
* | Fix infinite loop in isPathOnVolumeSlava Bacherikov2021-05-06
| | | | | | | | | | | | | | | | | | | | filepath.Dir in some cases returns `.` symbol and calling this function again returns same result. In such cases this function never returns and causes some operations to stuck forever. Closes #10216 Signed-off-by: Slava Bacherikov <slava@bacher09.org>
* | Add filepath glob support to --security-opt unmaskDaniel J Walsh2021-05-04
| | | | | | | | | | | | | | | | Want to allow users to specify --security-opt unmask=/proc/*. This allows us to run podman within podman more securely, then specifing umask=all, also gives the user more flexibilty. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Skip blkio-weight test when no kernel BFQ supportChris Evich2021-04-27
|/ | | | | | | Namely the Ubuntu 21.04 Kernel does not support BFQ. Regardless of the distro. skip this test if the required cgroup node doesn't exist. Signed-off-by: Chris Evich <cevich@redhat.com>
* skip pidfile it on remotechenkang2021-04-17
| | | | Signed-off-by: chenkang <kongchen28@gmail.com>
* add utchenkang2021-04-16
| | | | Signed-off-by: chenkang <kongchen28@gmail.com>
* Add --requires flag to podman run/createMatthew Heon2021-04-06
| | | | | | | | | | | | | | | | | | | | Podman has, for a long time, had an internal concept of dependency management, used mainly to ensure that pod infra containers are started before any other container in the pod. We also have the ability to recursively start these dependencies, which we use to ensure that `podman start` on a container in a pod will not fail because the infra container is stopped. We have not, however, exposed these via the command line until now. Add a `--requires` flag to `podman run` and `podman create` to allow users to manually specify dependency containers. These containers must be running before the container will start. Also, make recursive starting with `podman start` default so we can start these containers and their dependencies easily. Fixes #9250 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Fix podman build --pull-neverDaniel J Walsh2021-03-27
| | | | | | | | | | | Currently pull policy is set incorrectly when users set --pull-never. Also pull-policy is not being translated correctly when using podman-remote. Fixes: #9573 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Validate passed in timezone from tz optionTomSweeneyRedHat2021-03-21
| | | | | | | | | | | | | | | | | | | | | | | | Erik Sjolund reported an issue where a badly formated file could be passed into the `--tz` option and then the date in the container would be badly messed up: ``` erik@laptop:~$ echo Hello > file.txt erik@laptop:~$ podman run --tz=../../../home/erik/file.txt --rm -ti docker.io/library/alpine cat /etc/localtime Hello erik@laptop:~$ podman --version podman version 3.0.0-rc1 erik@laptop:~$ ``` This fix checks to make sure the TZ passed in is a valid value and then proceeds with the rest of the processing. This was first reported as a potential security issue, but it was thought not to be. However, I thought closing the hole sooner rather than later would be good. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>