summaryrefslogtreecommitdiff
path: root/test/e2e
Commit message (Collapse)AuthorAge
* Merge pull request #5157 from QiWang19/rootless-test-loginOpenShift Merge Robot2020-04-07
|\ | | | | fix rootless login/logout tests
| * fix rootless login/logout testsQi Wang2020-04-06
| | | | | | | | | | | | fix rootless login/logout tests. Since c/image can support peruser certs directory, this path uses $HOME dir as certs.d to avoid permission deny failures. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #5478 from giuseppe/auto-usernsOpenShift Merge Robot2020-04-06
|\ \ | | | | | | userns: support --userns=auto
| * | userns: support --userns=autoGiuseppe Scrivano2020-04-06
| |/ | | | | | | | | | | | | automatically pick an empty range and create an user namespace for the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / refactor infoBrent Baude2020-04-06
|/ | | | | | the current implementation of info, while typed, is very loosely done so. we need stronger types for our apiv2 implmentation and bindings. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5707 from adrianreber/crun-checkpoint-1OpenShift Merge Robot2020-04-03
|\ | | | | Prepare for crun checkpoint support
| * checkpoint: change runtime checkpoint support testAdrian Reber2020-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman was checking if the runtime support checkpointing by running 'runtime checkpoint -h'. That works for runc. crun, however, does not use '-h, --help' for help output but, '-?, --help'. This commit switches both checkpoint support detection from 'runtime checkpoint -h' to 'runtime checkpoint --help'. Podman can now correctly detect if 'crun' also support checkpointing. Signed-off-by: Adrian Reber <areber@redhat.com>
* | Merge pull request #5702 from kolyshkin/test-nitpicksOpenShift Merge Robot2020-04-03
|\ \ | |/ |/| test/e2e/run_volume_test nitpicks
| * test/e2e/run_volume_test: use unique mount pointKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | For volume and bind mount tests, use the in-container mount point path that has no common ancestor with any host path (except for root). This might help to uncover bugs like [1]. Even if not, it seems lile a good cleanup regardless. [1] https://github.com/containers/libpod/pull/5676 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
| * test/e2e/run_volume_test.go: mv dockerfile declKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | Move declaration of a dockerfile closer to its use. Since it is used only once, there's no sense in having it declared globally. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
| * test/e2e/run_volume_test: only create dir onceKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | Remove repeated mountPath directory creation. * For the first two hunks it is the same dir ("secrets") that was already created before. * For the last hunk ("scratchpad") it is not used at all. Add an empty line after Mkdir for cases where dir is used more than once. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | Fix environment handling from containers.confDaniel J Walsh2020-04-02
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* attach: fix hang if control path is deletedGiuseppe Scrivano2020-04-02
| | | | | | | | if the control path file is deleted, libpod hangs waiting for a reader to open it. Attempt to open it as non blocking until it returns an error different than EINTR or EAGAIN. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Switch to using --time as opposed to --timeout to better match Docker.Daniel J Walsh2020-03-31
| | | | | | | We need to consistently use --time rather then --timeout throughout the code. Fix locations where timeout defaults are not set correctly as well. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add support for containers.confDaniel J Walsh2020-03-27
| | | | | | | vendor in c/common config pkg for containers.conf Signed-off-by: Qi Wang qiwan@redhat.com Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #5595 from stefano-pogliani/pod-ps-filter-labelOpenShift Merge Robot2020-03-27
|\ | | | | Support label filters for podman pod ps
| * Support label filters for podman pod ps.Stefano Pogliani2020-03-26
| | | | | | | | | | | | | | | | Update the podman pod ps command to support filtering by labels. This brings the command in line with the documentation as well as the functionality by the containers equivalent podman ps. Signed-off-by: Stefano Pogliani <stefano@spogliani.net>
* | use `pause:3.2` image for infra containersValentin Rothberg2020-03-27
| | | | | | | | | | | | | | | | | | | | The `pause:3.1` has wrong configs for non-amd64 images as they all claim to be for amd64. The issue has now been fixed in the latest `pause:3.2`. [1] https://github.com/kubernetes/kubernetes/issues/87325 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | podmanv2 container inspectBrent Baude2020-03-26
|/ | | | | | add ability to inspect a container Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5436 from QiWang19/rm_created_ctrOpenShift Merge Robot2020-03-23
|\ | | | | container prune remove state created, configured
| * container prune remove state created, configuredQi Wang2020-03-10
| | | | | | | | | | | | podman container prune should remove containers with state Created, Configured to be compatible with docker Signed-off-by: Qi Wang <qiwan@redhat.com>
* | when removing networks for tests, force should be usedBrent Baude2020-03-20
| | | | | | | | | | | | when removing networks in integration tests, we should should force; otherwise if the network has containers associated with it, it will fail to remove. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5539 from sujil02/issue-5461OpenShift Merge Robot2020-03-20
|\ \ | | | | | | Implemented --iidfile for podman commit
| * | Implemented --iidfile for podman commitSujil022020-03-19
| | | | | | | | | | | | | | | | | | | | | Added flag to Write the image ID to the file with podman commit command. Fix to issue #5461 Signed-off-by: Sujil02 <sushah@redhat.com>
* | | Reduce CPU usage when --timeout=0Jhon Honce2020-03-18
|/ / | | | | | | | | | | | | | | | | * Add second go routine for when a Timer is not needed. * goimports updated some project files Fixes #5531 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #5439 from ttys3/fixup-systemdgen-with-new-paramOpenShift Merge Robot2020-03-16
|\ \ | | | | | | systemd generator: force run container detached if CreateCommand has no detach param
| * | force run container detached if container CreateCommand missing the detach param荒野無燈2020-03-14
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the podman generated systemd service file has `Type=forking` service, so the command after `ExecStart=` should not run in front. if someone created a container and has the detach(`-d`) param missing like this ``` podman create --name ngxdemo -P nginxdemos/hello ``` and generate the file with `--new` param: ``` podman generate systemd --name --new ngxdemo ``` because `podman run xxx` has no `-d` param, so the container is not run in background and nerver exit. and systemd will fail to start the service: ``` sudo systemctl start container-ngxdemo.service Job for container-ngxdemo.service failed because a timeout was exceeded. See "systemctl status container-ngxdemo.service" and "journalctl -xe" for details. ``` Signed-off-by: 荒野無燈 <ttys3@outlook.com>
* | add os|arch attributes when buildingBrent Baude2020-03-15
| | | | | | | | | | | | | | | | when building images, we can now add the os and arch of the image using overrides from the commandline. the commandline options set sane defaults so we use those as well. Fixes: #5503 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5307 from QiWang19/security-opt-genkubeOpenShift Merge Robot2020-03-09
|\ \ | |/ |/| fix security-opt generate kube
| * fix security-opt generate kubeQi Wang2020-03-03
| | | | | | | | | | | | | | fix #4950 add selinux options from --security-opt of the container to generate kube result Signed-off-by: Qi Wang <qiwan@redhat.com>
* | generate systemd: remove leading slashesValentin Rothberg2020-03-05
| | | | | | | | | | | | | | | | | | Remove leading slashes from the run-dir paths. It was meant to make it explicit that we're dealing with an absolute path but user feedback has shown that most are aware. It also cleans up the path in the systemctl status output. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #5344 from edsantiago/log_formatOpenShift Merge Robot2020-03-04
|\ \ | | | | | | CI: format cirrus logs
| * | CI: format cirrus logsEd Santiago2020-03-02
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This introduces a new cirrus helper script, logformatter. Usage is: [commands...] | logformatter TEST-NAME It reformats its input into a readable, highlighed, linkable form. Some features: - boring stuff (timestamps, standard podman options) is deemphasized - important stuff (warnings, errors) is emphasized - in-page links to the actual failures - active links to source files - jumps to bottom of page on load, because that's where the errors are. (All errors are linked) Add it to select test commands (integration, system) and add a new artifacts_html, run in the 'always' block, which uploads generated *.log.html into Cirrus; from there we generate a live URL that can be viewed in browser. Unfortunately, due to security concerns in Cirrus, it is not currently possible to make the link a live one. Kludge: add a line of dashes after Restoring images; without this, the first test ("systemd PID 1") has no dashes before it, so logformatter doesn't see it. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / Allow devs to set labels in container images for default capabilities.Daniel J Walsh2020-03-02
|/ | | | | | | | | | | | | | | | This patch allows users to specify the list of capabilities required to run their container image. Setting a image/container label "io.containers.capabilities=setuid,setgid" tells podman that the contained image should work fine with just these two capabilties, instead of running with the default capabilities, podman will launch the container with just these capabilties. If the user or image specified capabilities that are not in the default set, the container will print an error message and will continue to run with the default capabilities. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Ensure that exec sessions inherit supplemental groupsMatthew Heon2020-02-28
| | | | | | | | This corrects a regression from Podman 1.4.x where container exec sessions inherited supplemental groups from the container, iff the exec session did not specify a user. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #5295 from mheon/advanced_network_inspectOpenShift Merge Robot2020-02-27
|\ | | | | Add support for multiple CNI networks in podman inspect
| * Add support for multiple CNI networks in podman inspectMatthew Heon2020-02-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When inspecting containers, info on CNI networks added to the container by name (e.g. --net=name1) should be displayed separately from the configuration of the default network, in a separate map called Networks. This patch adds this separation, improving our Docker compatibility and also adding the ability to see if a container has more than one IPv4 and IPv6 address and more than one MAC address. Fixes #4907 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #5332 from giuseppe/uts-lookup-containerOpenShift Merge Robot2020-02-26
|\ \ | | | | | | spec: allow container alias name in lookup
| * | spec: allow container alias name in lookupGiuseppe Scrivano2020-02-26
| | | | | | | | | | | | | | | | | | | | | | | | Previously --uts=container: expected the full container ID. Closes: https://github.com/containers/libpod/issues/5289 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #5330 from baude/flakefixesforedOpenShift Merge Robot2020-02-26
|\ \ \ | |/ / |/| | curb flakes in integration tests
| * | curb flakes in integration testsBrent Baude2020-02-26
| |/ | | | | | | | | | | | | | | instead of searching the fedora registry which is error prone, we instead search a local registry for the empty set search. when running two containers with the same IP, i suspect the first container has not fully gotten its ip information back from cni when the second container fires. rework this test such that we use nginx to make sure the container is up and running before continues which should pace the subsequent test. Signed-off-by: Brent Baude <bbaude@redhat.com>
* / Fix cgroupsv2 run test, unexpected outputChris Evich2020-02-25
|/ | | | | | | | | | | Sometime between 10th and 23rd of Feb. 2020, the behavior of crun changed. Upon consulting with Giuseppe, the podman run tests for `device-read-*` and `device-write-*` do not depend on the container output for success, only the exit code. Add a comment and conditional regarding this in case of cgroupsv2. Also noted that these tests will likely require future refactoring/simplification. Signed-off-by: Chris Evich <cevich@redhat.com>
* Add --no-healthcheck command to create/runBrent Baude2020-02-22
| | | | | | | | Now support --no-healthcheck option to disable defined healthchecks in a container image. --health-cmd=none remains supported as well. Fixes: #5299 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5286 from edsantiago/flake_fix_same_ipOpenShift Merge Robot2020-02-21
|\ | | | | Flake fix: race condition in same-IP test
| * Flake fix: race condition in same-IP testEd Santiago2020-02-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "create two containers with the same IP" test failed: https://api.cirrus-ci.com/v1/task/5992323062431744/logs/integration_test.log#t--Podman-create-two-containers-with-the-same-IP ... (basically, expected error exit code, got 0) Analysis: the sequence is 'start test1, start test2'. Perhaps it's possible that 'podman start' exits before the test1 container has an IP address assigned? There are no checks in the test, so it's impossible to know what happened. Solution: add a wait-loop invoking 'podman inspect', waiting for a nonempty IP address on test 1; then assert that it's what we expect it to be. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #5222 from mheon/fix_5219OpenShift Merge Robot2020-02-20
|\ \ | | | | | | Use cleaned destination path for indexing image volumes
| * | Use cleaned destination path for indexing image volumesMatthew Heon2020-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We use filepath.Clean() to remove trailing slashes to ensure that when we supercede image mounts with mounts from --volume and --mount, paths are consistent when we compare. Unfortunately, while we used the cleaned path for the destination in the mount, it was accidentally not used to index the maps that we use to identify what to supercede, so our comparisons might be thrown off by trailing slashes and similar. Fixes #5219 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | search test on fedora registry: retry 5 timesEd Santiago2020-02-20
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | ...to try to compensate for flaky host. registry.fedoraproject.org is just not reliable. It's flaking with 503 errors, causing massive amounts of wasted CI time and developer effort. There is exactly one instance of that registry in these tests. We can't replace it with quay.io, because "search quay.io/" (trailing slash) fails with some sort of authentication error. So let's just try a sleep/retry cycle instead. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #5241 from mheon/pod_network_opts_addOpenShift Merge Robot2020-02-20
|\ \ | | | | | | Add network opts to pods
| * | Add network options to podman pod createMatthew Heon2020-02-19
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enables most of the network-related functionality from `podman run` in `podman pod create`. Custom CNI networks can be specified, host networking is supported, DNS options can be configured. Also enables host networking in `podman play kube`. Fixes #2808 Fixes #3837 Fixes #4432 Fixes #4718 Fixes #4770 Signed-off-by: Matthew Heon <matthew.heon@pm.me>