summaryrefslogtreecommitdiff
path: root/test/e2e
Commit message (Collapse)AuthorAge
* Merge pull request #8979 from haircommander/full-attach-pathOpenShift Merge Robot2021-04-21
|\ | | | | Use full attach path, rather than a symlink
| * WIP: drop test requirementPeter Hunt2021-04-16
| | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | Merge pull request #10041 from chenk008/add_pidfile_flagOpenShift Merge Robot2021-04-19
|\ \ | | | | | | Add flag "--pidfile" for podman create/run
| * | add it for inspect pidfilechenkang2021-04-18
| | | | | | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
| * | fix start itchenkang2021-04-17
| | | | | | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
| * | skip pidfile test on remotechenkang2021-04-17
| | | | | | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
| * | add pidfile it for container startchenkang2021-04-17
| | | | | | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
| * | skip pidfile it on remotechenkang2021-04-17
| | | | | | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
| * | add utchenkang2021-04-16
| | | | | | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
* | | Merge pull request #10025 from zhangguanzhang/remote-save-dirOpenShift Merge Robot2021-04-19
|\ \ \ | | | | | | | | Fixes podman-remote save to directories does not work
| * | | Fixes podman-remote save to directories does not workzhangguanzhang2021-04-15
| | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | Ensure mount destination is clean, no trailing slashEduardo Vega2021-04-18
| | | | | | | | | | | | | | | | Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* | | | Merge pull request #10043 from Luap99/play-kube-ipOpenShift Merge Robot2021-04-17
|\ \ \ \ | |_|_|/ |/| | | add --ip to podman play kube
| * | | add --ip to podman play kubePaul Holzinger2021-04-16
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new --ip flag to podman play kube. This is used to specify a static IP address which should be used for the pod. This option can be specified several times because play kube can create more than one pod. Fixes #8442 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #10021 from zhangguanzhang/invalid-save-expressionOpenShift Merge Robot2021-04-16
|\ \ \ | |_|/ |/| | Fix invalid expression in save command
| * | Fixes invalid expression in save commandzhangguanzhang2021-04-14
| |/ | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* / podman play kube apply correct log driverPaul Holzinger2021-04-15
|/ | | | | | | | | | The --log-driver flag was silently ignored by podman play kube. This regression got introduced during the play kube rework. Unfortunately the test for this was skipped for no good reason. Fixes #10015 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #9935 from EduardoVega/5788-kube-volumeOpenShift Merge Robot2021-04-12
|\ | | | | Add support for play/generate kube PersistentVolumeClaims and Podman volumes
| * Add support for play/generate kube volumesEduardo Vega2021-04-09
| | | | | | | | Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* | Merge pull request #9950 from Luap99/unshare-rootless-cniOpenShift Merge Robot2021-04-12
|\ \ | | | | | | podman unshare: add --rootless-cni to join the ns
| * | podman unshare: add --rootless-cni to join the nsPaul Holzinger2021-04-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new --rootless-cni option to podman unshare to also join the rootless-cni network namespace. This is useful if you want to connect to a rootless container via IP address. This is only possible from the rootless-cni namespace and not from the host namespace. This option also helps to debug problems in the rootless-cni namespace. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | speed up CI handling of imagesbaude2021-04-07
| | | | | | | | | | | | | | | | | | | | | now that ci uses cached images, putting the large toolbox image into cache should help speed up tests. Signed-off-by: baude <bbaude@redhat.com>
* | | Handle podman-remote --arch, --platform, --osDaniel J Walsh2021-04-07
|/ / | | | | | | | | | | | | | | | | Podman remote should be able to handle remote specification of arches. Requires: https://github.com/containers/buildah/pull/3116 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9754 from mheon/add_depOpenShift Merge Robot2021-04-06
|\ \ | | | | | | Add --requires flag to podman run/create
| * | Add --requires flag to podman run/createMatthew Heon2021-04-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman has, for a long time, had an internal concept of dependency management, used mainly to ensure that pod infra containers are started before any other container in the pod. We also have the ability to recursively start these dependencies, which we use to ensure that `podman start` on a container in a pod will not fail because the infra container is stopped. We have not, however, exposed these via the command line until now. Add a `--requires` flag to `podman run` and `podman create` to allow users to manually specify dependency containers. These containers must be running before the container will start. Also, make recursive starting with `podman start` default so we can start these containers and their dependencies easily. Fixes #9250 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Ensure that `--userns=keep-id` sets user in configMatthew Heon2021-04-06
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | One of the side-effects of the `--userns=keep-id` command is switching the default user of the container to the UID of the user running Podman (though this can still be overridden by the `--user` flag). However, it did this by setting the UID and GID in the OCI spec, and not by informing Libpod of its intention to switch users via the `WithUser()` option. Because of this, a lot of the code that should have triggered when the container ran with a non-root user was not triggering. In the case of the issue that this fixed, the code to remove capabilities from non-root users was not triggering. Adjust the keep-id code to properly inform Libpod of our intention to use a non-root user to fix this. Also, fix an annoying race around short-running exec sessions where Podman would always print a warning that the exec session had already stopped. Fixes #9919 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Fix dnsname testPaul Holzinger2021-04-01
| | | | | | | | Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Enable rootless network connect/disconnectPaul Holzinger2021-04-01
| | | | | | | | | | | | | | With the new rootless cni supporting network connect/disconnect is easy. Combine common setps into extra functions to prevent code duplication. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Add rootless support for cni and --uidmapPaul Holzinger2021-04-01
| | | | | | | | | | | | This is supported with the new rootless cni logic. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Fix handling of remove --log-rusage paramDaniel J Walsh2021-03-31
|/ | | | | | Fixes: https://github.com/containers/podman/issues/9889 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #9842 from AlbanBedel/play-kube-env-from-secretsOpenShift Merge Robot2021-03-29
|\ | | | | Add support for env from secrets in play kube
| * play kube: add support for env vars defined from secretsAlban Bedel2021-03-28
| | | | | | | | | | | | | | | | | | | | Add support for secretRef and secretKeyRef to allow env vars to be set from a secret. As K8S secrets are dictionaries the secret value must be a JSON dictionary compatible with the data field of a K8S secret object. The keys must consist of alphanumeric characters, '-', '_' or '.', and the values must be base64 encoded strings. Signed-off-by: Alban Bedel <albeu@free.fr>
| * play kube: support optional/mandatory env var from config mapAlban Bedel2021-03-28
| | | | | | | | | | | | | | | | | | | | | | | | | | In K8S the pod creation fails if an env var reference a non existing config map key. It can be marked as optional, but per default it is mandatory. Podman on the other hand always treat such references as optional. Rework envVarsFrom() and envVarValue() to additionaly return an error and add support for the optional attribute in configMapRef and configMapKeyRef. Signed-off-by: Alban Bedel <albeu@free.fr>
* | Merge pull request #9631 from rhatdan/pullOpenShift Merge Robot2021-03-29
|\ \ | | | | | | Fix podman build --pull-never
| * | Fix podman build --pull-neverDaniel J Walsh2021-03-27
| |/ | | | | | | | | | | | | | | | | | | | | Currently pull policy is set incorrectly when users set --pull-never. Also pull-policy is not being translated correctly when using podman-remote. Fixes: #9573 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / Add problematic volume name to kube play error messagesJordan Christiansen2021-03-27
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When kube play fails to create a volume, it should say which volume had the problem so the user doesn't have to guess. For the following pod spec: apiVersion: v1 kind: Pod metadata: name: mypod spec: containers: - name: myfrontend image: nginx volumeMounts: - mountPath: "/var/www/html" name: mypd volumes: - name: mypd hostPath: path: /var/blah podman will now report: Error: failed to create volume "mypd": error in parsing HostPath in YAML: error checking path "/var/blah": stat /var/blah: no such file or directory Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* Support multi doc yaml for generate/play kubeEduardo Vega2021-03-25
| | | | Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* Merge pull request #9768 from mheon/fix_9608OpenShift Merge Robot2021-03-25
|\ | | | | Ensure manually-created volumes have correct ownership
| * Ensure manually-created volumes have correct ownershipMatthew Heon2021-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of a fix for an earlier bug (#5698) we added the ability for Podman to chown volumes to correctly match the user running in the container, even in adverse circumstances (where we don't know the right UID/GID until very late in the process). However, we only did this for volumes created automatically by a `podman run` or `podman create`. Volumes made by `podman volume create` do not get this chown, so their permissions may not be correct. I've looked, and I don't think there's a good reason not to do this chwon for all volumes the first time the container is started. I would prefer to do this as part of volume copy-up, but I don't think that's really possible (copy-up happens earlier in the process and we don't have a spec). There is a small chance, as things stand, that a copy-up happens for one container and then a chown for a second, unrelated container, but the odds of this are astronomically small (we'd need a very close race between two starting containers). Fixes #9608 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #9749 from jwillikers/generate-kube-persistent-volume-claimOpenShift Merge Robot2021-03-23
|\ \ | | | | | | Generate Kubernetes PersistentVolumeClaims from named volumes
| * | Generate Kubernetes PersistentVolumeClaims from named volumesJordan Williams2021-03-19
| |/ | | | | | | | | | | | | | | | | | | | | | | Fixes #5788 This commit adds support for named volumes in podman-generate-kube. Named volumes are output in the YAML as PersistentVolumeClaims. To avoid naming conflicts, the volume name is suffixed with "-pvc". This commit adds a corresponding suffix for host path mounts. Host path volumes are suffixed with "-host". Signed-off-by: Jordan Williams <jordan@jwillikers.com>
* / Validate passed in timezone from tz optionTomSweeneyRedHat2021-03-21
|/ | | | | | | | | | | | | | | | | | | | | | | | Erik Sjolund reported an issue where a badly formated file could be passed into the `--tz` option and then the date in the container would be badly messed up: ``` erik@laptop:~$ echo Hello > file.txt erik@laptop:~$ podman run --tz=../../../home/erik/file.txt --rm -ti docker.io/library/alpine cat /etc/localtime Hello erik@laptop:~$ podman --version podman version 3.0.0-rc1 erik@laptop:~$ ``` This fix checks to make sure the TZ passed in is a valid value and then proceeds with the rest of the processing. This was first reported as a potential security issue, but it was thought not to be. However, I thought closing the hole sooner rather than later would be good. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* test: check for io.stat existence on cgroup v2Giuseppe Scrivano2021-03-17
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* test: fix test for last crun/runcGiuseppe Scrivano2021-03-17
| | | | | | | | | there was a documentation issue for the kernel that reported the range to be different than on cgroup v1. The issue has been fixed in crun/runc. Adapt the test. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* test: simplify cgroup pathGiuseppe Scrivano2021-03-17
| | | | | | with cgroup v2, the cgroupns is enabled by default. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Latest crun/runc should handle blkio-weight testDaniel J Walsh2021-03-17
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Switch all builds to pull-neverDaniel J Walsh2021-03-16
| | | | | | Fixes: https://github.com/containers/buildah/issues/2779 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fix remote client timezone testPaul Holzinger2021-03-15
| | | | | | | The New York timezone changes between summer and winter time. Make sure the test allows both timezones. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variablesDaniel J Walsh2021-03-10
| | | | | | | Also Switch to using CONTAINERS_REGISTRIES_CONF for registries.conf overrides. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman cp: ignore EPERMs in rootless modeValentin Rothberg2021-03-09
| | | | | | | | | | | | Ignore permission errors when copying from a rootless container. TTY devices inside rootless containers are owned by the host's root user which is "nobody" inside the container's user namespace rendering us unable to even read them. Enable the integration test which was temporarily disabled for rootless users. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>