summaryrefslogtreecommitdiff
path: root/test/e2e
Commit message (Collapse)AuthorAge
* podman cp: support copying on tmpfs mountsValentin Rothberg2021-03-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Traditionally, the path resolution for containers has been resolved on the *host*; relative to the container's mount point or relative to specified bind mounts or volumes. While this works nicely for non-running containers, it poses a problem for running ones. In that case, certain kinds of mounts (e.g., tmpfs) will not resolve correctly. A tmpfs is held in memory and hence cannot be resolved relatively to the container's mount point. A copy operation will succeed but the data will not show up inside the container. To support these kinds of mounts, we need to join the *running* container's mount namespace (and PID namespace) when copying. Note that this change implies moving the copy and stat logic into `libpod` since we need to keep the container locked to avoid race conditions. The immediate benefit is that all logic is now inside `libpod`; the code isn't scattered anymore. Further note that Docker does not support copying to tmpfs mounts. Tests have been extended to cover *both* path resolutions for running and created containers. New tests have been added to exercise the tmpfs-mount case. For the record: Some tests could be improved by using `start -a` instead of a start-exec sequence. Unfortunately, `start -a` is flaky in the CI which forced me to use the more expensive start-exec option. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #9536 from jmguzik/enable-cgroupsv2-sec-optsOpenShift Merge Robot2021-03-03
|\ | | | | Enable cgroupsv2 rw mount via security-opt unmask
| * Enable cgroupsv2 rw mount via security-opt unmaskJakub Guzik2021-02-28
| | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | Merge pull request #9575 from mheon/rewrite_renameOpenShift Merge Robot2021-03-03
|\ \ | | | | | | Rewrite Rename backend in a more atomic fashion
| * | Rewrite Rename backend in a more atomic fashionMatthew Heon2021-03-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move the core of renaming logic into the DB. This guarantees a lot more atomicity than we have right now (our current solution, removing the container from the DB and re-creating it, is *VERY* not atomic and prone to leaving a corrupted state behind if things go wrong. Moving things into the DB allows us to remove most, but not all, of this - there's still a potential scenario where the c/storage rename fails but the Podman rename succeeds, and we end up with a mismatched state. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #9580 from rhatdan/timestampDaniel J Walsh2021-03-03
|\ \ \ | | | | | | | | Fix support for podman build --timestamp
| * | | Fix support for podman build --timestampDaniel J Walsh2021-03-02
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | Currently podman is ignoreing the build --timestamp flag. This PR fixes this for local and remote clients. Fixes: https://github.com/containers/podman/issues/9569 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / / Tidy duplicate log testsAshley Cui2021-03-02
|/ / | | | | | | | | | | | | Some log tests were duplicated, and some didn't need to be repeated for every driver. Also, added some comments Signed-off-by: Ashley Cui <acui@redhat.com>
* / Enable no_hosts from containers.confDaniel J Walsh2021-02-26
|/ | | | | | | | | | Since we have no good way to enable this on the server side, we will just allow it to be set on the client side. This should solve almost all cases. Partially fixes: https://github.com/containers/podman/issues/9500 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #9487 from giuseppe/split-test-named-hierarchiesOpenShift Merge Robot2021-02-25
|\ | | | | test: ignore named hierarchies for cgroups=split
| * test: ignore named hierarchies for cgroups=splitGiuseppe Scrivano2021-02-23
| | | | | | | | | | | | | | | | | | ignore named hierarchies for the --cgroups=split test as crun does not set it. Closes: https://github.com/containers/podman/pull/9302#issuecomment-784157272 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Updated based on Jhonce commentsParker Van Roy2021-02-24
| | | | | | | | | | | | | | | | | | Added ID to default removed outdated imports slight refactor Test Network Headers added to network_test.go Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* | Merge pull request #9494 from mheon/sort_capsOpenShift Merge Robot2021-02-24
|\ \ | | | | | | Sort CapDrop in inspect to guarantee order
| * | Sort CapDrop in inspect to guarantee orderMatthew Heon2021-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The order of CapAdd when inspecting containers is deterministic. However, the order of CapDrop is not (for unclear reasons). Add a quick sort on the final array to guarantee a consistent order. Fixes #9490 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Add dns search domains from cni response to resolv.confPaul Holzinger2021-02-24
| | | | | | | | | | | | | | | | | | | | | This fixes slow local host name lookups. see containers/dnsname#57 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Network connect error if net mode is not bridgePaul Holzinger2021-02-23
|/ / | | | | | | | | | | | | | | | | | | Only the the network mode bridge supports cni networks. Other network modes cannot use network connect/disconnect so we should throw a error. Fixes #9496 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* / Add U volume flag to chown source volumesEduardo Vega2021-02-22
|/ | | | Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* Merge pull request #9455 from Luap99/fix-network-idsOpenShift Merge Robot2021-02-22
|\ | | | | Fix podman network IDs handling
| * Fix podman network IDs handlingPaul Holzinger2021-02-22
| | | | | | | | | | | | | | | | | | | | | | | | | | The libpod network logic knows about networks IDs but OCICNI does not. We cannot pass the network ID to OCICNI. Instead we need to make sure we only use network names internally. This is also important for libpod since we also only store the network names in the state. If we would add a ID there the same networks could accidentally be added twice. Fixes #9451 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #9445 from jmguzik/no-header-info-for-systemd-generationOpenShift Merge Robot2021-02-22
|\ \ | |/ |/| No header info for systemd generation
| * --no-header flag implementation for generate systemdJakub Guzik2021-02-22
| | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | Merge pull request #9420 from rhatdan/kubeOpenShift Merge Robot2021-02-22
|\ \ | | | | | | [NO TESTS NEEDED] Allow podman play kube to read yaml file from stdin
| * | Allow podman play kube to read yaml file from stdinDaniel J Walsh2021-02-19
| |/ | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/8996 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9275 from rhatdan/buildOpenShift Merge Robot2021-02-22
|\ \ | | | | | | Add missing params for podman-remote build
| * | Add missing params for podman-remote buildDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/9290 Currently we still have hard coded --isolation=chroot for podman-remote build. Implement missing arguments for podman build Implements --jobs, --disable-compression, --excludes Fixes: MaxPullPushRetries RetryDuration Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9448 from vrothberg/bump-module-versionOpenShift Merge Robot2021-02-22
|\ \ \ | | | | | | | | bump go module to v3
| * | | bump go module to v3Valentin Rothberg2021-02-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We missed bumping the go module, so let's do it now :) * Automated go code with github.com/sirkon/go-imports-rename * Manually via `vgrep podman/v2` the rest Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Two variations of --new flag added to e2eJakub Guzik2021-02-22
|/ / / | | | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | Merge pull request #9417 from ashley-cui/journaldOpenShift Merge Robot2021-02-21
|\ \ \ | |_|/ |/| | Fix journald logs
| * | Turn on journald and k8s file logging testsDaniel J Walsh2021-02-19
| | | | | | | | | | | | Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Fix segfault in run with memory-swapbaude2021-02-19
|/ / | | | | | | | | | | | | | | | | when unlimited (-1) was being passed to memory-swap, podman threw a segfault. Fixes #9429 Signed-off-by: baude <bbaude@redhat.com>
* | Change source path resolution for volume copy-upMatthew Heon2021-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of using the container's mountpoint as the base of the chroot and indexing from there by the volume directory, instead use the full path of what we want to copy as the base of the chroot and copy everything in it. This resolves the bug, ends up being a bit simpler code-wise (no string concatenation, as we already have the full path calculated for other checks), and seems more understandable than trying to resolve things on the destination side of the copy-up. Fixes #9354 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #9383 from mheon/fix_copyup_emptyOpenShift Merge Robot2021-02-17
|\ \ | | | | | | Fix an issue where copyup could fail with ENOENT
| * | Fix an issue where copyup could fail with ENOENTMatthew Heon2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This one is rather bizarre because it triggers only on some systems. I've included a CI test, for example, but I'm 99% sure we use images in CI that have volumes over empty directories, and the earlier patch to change copy-up implementation passed CI without complaint. I can reproduce this on a stock F33 VM, but that's the only place I have been able to see it. Regardless, the issue: under certain as-yet-unidentified environmental conditions, the copier.Get method will return an ENOENT attempting to stream a directory that is empty. Work around this by avoiding the copy altogether in this case. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #9409 from rhatdan/sizeOpenShift Merge Robot2021-02-17
|\ \ \ | | | | | | | | podman ps --format '{{ .Size }}' requires --size option
| * | | podman ps --format '{{ .Size }}' requires --size optionDaniel J Walsh2021-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman -s crashes when the user specifies the '{{ .Size }}` format on the podman ps command, without specifying the --size option. This PR will stop the crash and print out a logrus.Error stating that the caller should add the --size option. Fixes: https://github.com/containers/podman/issues/9408 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Ignore entrypoint=[\"\"]Daniel J Walsh2021-02-17
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We recieved an issue with an image that was built with entrypoint=[""] This blows up on Podman, but works on Docker. When we setup the OCI Runtime, we should drop entrypoint if it is == [""] https://github.com/containers/podman/issues/9377 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9240 from rhatdan/resetOpenShift Merge Robot2021-02-16
|\ \ \ | | | | | | | | Do not reset storage when running inside of a container
| * | | Do not reset storage when running inside of a containerDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if the host shares container storage with a container running podman, the podman inside of the container resets the storage on the host. This can cause issues on the host, as well as causes the podman command running the container, to fail to unmount /dev/shm. podman run -ti --rm --privileged -v /var/lib/containers:/var/lib/containers quay.io/podman/stable podman run alpine echo hello * unlinkat /var/lib/containers/storage/overlay-containers/a7f3c9deb0656f8de1d107e7ddff2d3c3c279c11c1635f233a0bffb16051fb2c/userdata/shm: device or resource busy * unlinkat /var/lib/containers/storage/overlay-containers/a7f3c9deb0656f8de1d107e7ddff2d3c3c279c11c1635f233a0bffb16051fb2c/userdata/shm: device or resource busy Since podman is volume mounting in the graphroot, it will add a flag to /run/.containerenv to tell podman inside of container whether to reset storage or not. Since the inner podman is running inside of the container, no reason to assume this is a fresh reboot, so if "container" environment variable is set then skip reset of storage. Also added tests to make sure /run/.containerenv is runnig correctly. Fixes: https://github.com/containers/podman/issues/9191 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | podman kill should report rawInput not container idDaniel J Walsh2021-02-16
|/ / / | | | | | | | | | | | | | | | | | | Docker always reports back the users input, not the full id, we should do the same. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9396 from rhatdan/stopOpenShift Merge Robot2021-02-16
|\ \ \ | | | | | | | | When stopping a container, print rawInput
| * | | When stopping a container, print rawInputDaniel J Walsh2021-02-16
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | When we stop a container we are printing the full id, this does not match Docker behaviour or the start behavior. We should be printing the users rawInput when we successfully stop the container. Fixes: https://github.com/containers/podman/issues/9386 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9380 from baude/podinfraOpenShift Merge Robot2021-02-16
|\ \ \ | |_|/ |/| | Fix panic in pod creation
| * | Fix panic in pod creationbaude2021-02-16
| |/ | | | | | | | | | | | | | | | | | | when creating a pod with --infra-image and using a untagged image for the infra-image (none/none), the lookup for the image's name was creating a panic. Fixes: #9374 Signed-off-by: baude <bbaude@redhat.com>
* / Don't chown workdir if it already existsDaniel J Walsh2021-02-16
|/ | | | | | | | | Currently podman is always chowning the WORKDIR to root:root This PR will return if the WORKDIR already exists. Fixes: https://github.com/containers/podman/issues/9387 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* fix dns resolution on ubuntubaude2021-02-15
| | | | | | ubuntu's dns seems a little odd and requires a fq name in its tests. Signed-off-by: baude <bbaude@redhat.com>
* e2e: fix network alias testValentin Rothberg2021-02-15
| | | | | | | | | | | The logic in the e2e test for multiple network aliases is indicating the test should wait for the containerized nginx to be ready. As this may take some time, the test does an exponential backoff starting at 2050ms. Fix the logic by removing the `Expect(...)` call during the exponential backoff. Otherwise, the test errors immediately. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* fix failing image e2e testValentin Rothberg2021-02-15
| | | | | | | | The timestamps of some images must have changed changing the number of expected filtered images. The test conditions seem fragile but for now it's more important to get CI back. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #9302 from giuseppe/cgroup-split-v1OpenShift Merge Robot2021-02-11
|\ | | | | utils: takes the longest path on cgroup v1
| * utils: takes the longest path on cgroup v1Giuseppe Scrivano2021-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | now getCgroupProcess takes the longest path on cgroup v1, instead of complaining if the paths are different. This should help when --cgroups=split is used on cgroup v1 and the process cgroups look like: $ cat /proc/self/cgroup 11:pids:/user.slice/user-0.slice/session-4.scope 10:blkio:/ 9:cpuset:/ 8:devices:/user.slice 7:freezer:/ 6:memory:/user.slice/user-0.slice/session-4.scope 5:net_cls,net_prio:/ 4:hugetlb:/ 3:cpu,cpuacct:/ 2:perf_event:/ Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>