summaryrefslogtreecommitdiff
path: root/test/e2e
Commit message (Collapse)AuthorAge
* Two variations of --new flag added to e2eJakub Guzik2021-02-22
| | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* Merge pull request #9417 from ashley-cui/journaldOpenShift Merge Robot2021-02-21
|\ | | | | Fix journald logs
| * Turn on journald and k8s file logging testsDaniel J Walsh2021-02-19
| | | | | | | | Signed-off-by: Ashley Cui <acui@redhat.com>
* | Fix segfault in run with memory-swapbaude2021-02-19
|/ | | | | | | | | when unlimited (-1) was being passed to memory-swap, podman threw a segfault. Fixes #9429 Signed-off-by: baude <bbaude@redhat.com>
* Change source path resolution for volume copy-upMatthew Heon2021-02-17
| | | | | | | | | | | | | | | Instead of using the container's mountpoint as the base of the chroot and indexing from there by the volume directory, instead use the full path of what we want to copy as the base of the chroot and copy everything in it. This resolves the bug, ends up being a bit simpler code-wise (no string concatenation, as we already have the full path calculated for other checks), and seems more understandable than trying to resolve things on the destination side of the copy-up. Fixes #9354 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #9383 from mheon/fix_copyup_emptyOpenShift Merge Robot2021-02-17
|\ | | | | Fix an issue where copyup could fail with ENOENT
| * Fix an issue where copyup could fail with ENOENTMatthew Heon2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This one is rather bizarre because it triggers only on some systems. I've included a CI test, for example, but I'm 99% sure we use images in CI that have volumes over empty directories, and the earlier patch to change copy-up implementation passed CI without complaint. I can reproduce this on a stock F33 VM, but that's the only place I have been able to see it. Regardless, the issue: under certain as-yet-unidentified environmental conditions, the copier.Get method will return an ENOENT attempting to stream a directory that is empty. Work around this by avoiding the copy altogether in this case. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #9409 from rhatdan/sizeOpenShift Merge Robot2021-02-17
|\ \ | | | | | | podman ps --format '{{ .Size }}' requires --size option
| * | podman ps --format '{{ .Size }}' requires --size optionDaniel J Walsh2021-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman -s crashes when the user specifies the '{{ .Size }}` format on the podman ps command, without specifying the --size option. This PR will stop the crash and print out a logrus.Error stating that the caller should add the --size option. Fixes: https://github.com/containers/podman/issues/9408 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Ignore entrypoint=[\"\"]Daniel J Walsh2021-02-17
|/ / | | | | | | | | | | | | | | | | | | | | | | | | We recieved an issue with an image that was built with entrypoint=[""] This blows up on Podman, but works on Docker. When we setup the OCI Runtime, we should drop entrypoint if it is == [""] https://github.com/containers/podman/issues/9377 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9240 from rhatdan/resetOpenShift Merge Robot2021-02-16
|\ \ | | | | | | Do not reset storage when running inside of a container
| * | Do not reset storage when running inside of a containerDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if the host shares container storage with a container running podman, the podman inside of the container resets the storage on the host. This can cause issues on the host, as well as causes the podman command running the container, to fail to unmount /dev/shm. podman run -ti --rm --privileged -v /var/lib/containers:/var/lib/containers quay.io/podman/stable podman run alpine echo hello * unlinkat /var/lib/containers/storage/overlay-containers/a7f3c9deb0656f8de1d107e7ddff2d3c3c279c11c1635f233a0bffb16051fb2c/userdata/shm: device or resource busy * unlinkat /var/lib/containers/storage/overlay-containers/a7f3c9deb0656f8de1d107e7ddff2d3c3c279c11c1635f233a0bffb16051fb2c/userdata/shm: device or resource busy Since podman is volume mounting in the graphroot, it will add a flag to /run/.containerenv to tell podman inside of container whether to reset storage or not. Since the inner podman is running inside of the container, no reason to assume this is a fresh reboot, so if "container" environment variable is set then skip reset of storage. Also added tests to make sure /run/.containerenv is runnig correctly. Fixes: https://github.com/containers/podman/issues/9191 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | podman kill should report rawInput not container idDaniel J Walsh2021-02-16
|/ / | | | | | | | | | | | | Docker always reports back the users input, not the full id, we should do the same. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9396 from rhatdan/stopOpenShift Merge Robot2021-02-16
|\ \ | | | | | | When stopping a container, print rawInput
| * | When stopping a container, print rawInputDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we stop a container we are printing the full id, this does not match Docker behaviour or the start behavior. We should be printing the users rawInput when we successfully stop the container. Fixes: https://github.com/containers/podman/issues/9386 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9380 from baude/podinfraOpenShift Merge Robot2021-02-16
|\ \ \ | |_|/ |/| | Fix panic in pod creation
| * | Fix panic in pod creationbaude2021-02-16
| |/ | | | | | | | | | | | | | | | | | | when creating a pod with --infra-image and using a untagged image for the infra-image (none/none), the lookup for the image's name was creating a panic. Fixes: #9374 Signed-off-by: baude <bbaude@redhat.com>
* / Don't chown workdir if it already existsDaniel J Walsh2021-02-16
|/ | | | | | | | | Currently podman is always chowning the WORKDIR to root:root This PR will return if the WORKDIR already exists. Fixes: https://github.com/containers/podman/issues/9387 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* fix dns resolution on ubuntubaude2021-02-15
| | | | | | ubuntu's dns seems a little odd and requires a fq name in its tests. Signed-off-by: baude <bbaude@redhat.com>
* e2e: fix network alias testValentin Rothberg2021-02-15
| | | | | | | | | | | The logic in the e2e test for multiple network aliases is indicating the test should wait for the containerized nginx to be ready. As this may take some time, the test does an exponential backoff starting at 2050ms. Fix the logic by removing the `Expect(...)` call during the exponential backoff. Otherwise, the test errors immediately. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* fix failing image e2e testValentin Rothberg2021-02-15
| | | | | | | | The timestamps of some images must have changed changing the number of expected filtered images. The test conditions seem fragile but for now it's more important to get CI back. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #9302 from giuseppe/cgroup-split-v1OpenShift Merge Robot2021-02-11
|\ | | | | utils: takes the longest path on cgroup v1
| * utils: takes the longest path on cgroup v1Giuseppe Scrivano2021-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | now getCgroupProcess takes the longest path on cgroup v1, instead of complaining if the paths are different. This should help when --cgroups=split is used on cgroup v1 and the process cgroups look like: $ cat /proc/self/cgroup 11:pids:/user.slice/user-0.slice/session-4.scope 10:blkio:/ 9:cpuset:/ 8:devices:/user.slice 7:freezer:/ 6:memory:/user.slice/user-0.slice/session-4.scope 5:net_cls,net_prio:/ 4:hugetlb:/ 3:cpu,cpuacct:/ 2:perf_event:/ Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | container ps json format miscuebaude2021-02-11
| | | | | | | | | | | | | | | | | | | | when printing out json format, we mistakenly changed the Created field output to be a time.time in a different commit. This allows for override of the Created field to be a unix ts as type int64. Fixes: #9315 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #9308 from mheon/fix_6003OpenShift Merge Robot2021-02-11
|\ \ | | | | | | Rewrite copy-up to use buildah Copier
| * | Rewrite copy-up to use buildah CopierMatthew Heon2021-02-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The old copy-up implementation was very unhappy with symlinks, which could cause containers to fail to start for unclear reasons when a directory we wanted to copy-up contained one. Rewrite to use the Buildah Copier, which is more recent and should be both safer and less likely to blow up over links. At the same time, fix a deadlock in copy-up for volumes requiring mounting - the Mountpoint() function tried to take the already-acquired volume lock. Fixes #6003 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Display correct value for unlimited ulimitbaude2021-02-10
| |/ |/| | | | | | | | | | | | | | | | | | | When doing a container inspect on a container with unlimited ulimits, the value should be -1. But because the OCI spec requires the ulimit value to be uint64, we were displaying the inspect values as a uint64 as well. Simple change to display as an int64. Fixes: #9303 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #9284 from rhatdan/annotationsOpenShift Merge Robot2021-02-09
|\ \ | | | | | | Support annotations from containers.conf
| * | Restart service when CONTAINERS_CONF changesDaniel J Walsh2021-02-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Service needs to be restarted in order to read the CONTAINERS_CONF file. Not resetting this can lead to lots of flakes, since the test will use whatever the host system has to be set in it's containers.conf. Fixes: https://github.com/containers/podman/issues/9286 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Support annotations from containers.confDaniel J Walsh2021-02-09
| |/ | | | | | | | | | | | | Currently podman does not use the annotations specified in the containers.conf. This PR fixes this. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9283 from vrothberg/fix-8897OpenShift Merge Robot2021-02-09
|\ \ | |/ |/| generate kube: do not set caps with --privileged
| * generate kube: support --privilegedValentin Rothberg2021-02-09
| | | | | | | | | | | | | | | | | | | | | | Do not play with capabilities for privileged containers where all capabilities will be set implicitly. Also, avoid the device check when running privileged since all of /dev/* will be mounted in any case. Fixes: #8897 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #9125 from ashley-cui/secretswiringOpenShift Merge Robot2021-02-09
|\ \ | |/ |/| Implement Secrets
| * Implement SecretsAshley Cui2021-02-09
| | | | | | | | | | | | | | | | | | | | | | Implement podman secret create, inspect, ls, rm Implement podman run/create --secret Secrets are blobs of data that are sensitive. Currently, the only secret driver supported is filedriver, which means creating a secret stores it in base64 unencrypted in a file. After creating a secret, a user can use the --secret flag to expose the secret inside the container at /run/secrets/[secretname] This secret will not be commited to an image on a podman commit Signed-off-by: Ashley Cui <acui@redhat.com>
* | Bump containers/buildah to v1.19.4Daniel J Walsh2021-02-08
| | | | | | | | | | | | Fix handling of --iidfile to happen on the client side. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9246 from rhatdan/buildOpenShift Merge Robot2021-02-08
|\ \ | | | | | | Implement missing arguments for podman build
| * | Implement missing arguments for podman buildDaniel J Walsh2021-02-08
| |/ | | | | | | | | | | | | | | Buildah bud passes a bunch more flags then podman build. We need to implement hook up all of these flags to get full functionality. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9266 from vrothberg/fix-6510OpenShift Merge Robot2021-02-08
|\ \ | | | | | | make `podman rmi` more robust
| * | make `podman rmi` more robustValentin Rothberg2021-02-08
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The c/storage library is subject to TOCTOUs as the central container and image storage may be shared by many instances of many tools. As shown in #6510, it's fairly easy to have multiple instances of Podman running in parallel and yield image-lookup errors when removing them. The underlying issue is the TOCTOU of removal being split into multiple stages of first reading the local images and then removing them. Some images may already have been removed in between the two stages. To make image removal more robust, handle errors at stage two when a given image is not present (anymore) in the storage. Fixes: #6510 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #9236 from baude/networkpruneOpenShift Merge Robot2021-02-08
|\ \ | |/ |/| add network prune
| * add network prunebaude2021-02-06
| | | | | | | | | | | | | | | | | | add the ability to prune unused cni networks. filters are not implemented but included both compat and podman api endpoints. Fixes :#8673 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #9205 from st1971/issue-8710OpenShift Merge Robot2021-02-05
|\ \ | |/ |/| play kube selinux label issue
| * play kube selinux test caseSteven Taylor2021-02-04
| | | | | | | | | | | | added skip to test case where selinux not enabled Signed-off-by: Steven Taylor <steven@taylormuff.co.uk>
| * play kube selinux test caseSteven Taylor2021-02-03
| | | | | | | | | | | | fixed typo in the label comparison Signed-off-by: Steven Taylor <steven@taylormuff.co.uk>
| * play kube selinux label test caseSteven Taylor2021-02-03
| | | | | | | | | | | | | | test case added to e2e test suite to validate process label being correctly set on play kube Signed-off-by: Steven Taylor <steven@taylormuff.co.uk>
* | Merge pull request #9048 from matejvasek/apiv2_waitOpenShift Merge Robot2021-02-05
|\ \ | | | | | | Fix Docker APIv2 container wait endpoint
| * | Increase timeouts in some testsMatej Vasek2021-02-03
| | | | | | | | | | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | Merge pull request #9235 from Luap99/fix-9234OpenShift Merge Robot2021-02-04
|\ \ \ | | | | | | | | Fix podman network disconnect wrong NetworkStatus number
| * | | Fix podman network disconnect wrong NetworkStatus numberPaul Holzinger2021-02-04
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The allocated `tmpNetworkStatus` must be allocated with the length 0. Otherwise append would add new elements to the end of the slice and not at the beginning of the allocated memory. This caused inspect to fail since the number of networks did not matched the number of network statuses. Fixes #9234 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #9220 from vrothberg/fix-9211OpenShift Merge Robot2021-02-04
|\ \ \ | |/ / |/| | generate kube: handle entrypoint