aboutsummaryrefslogtreecommitdiff
path: root/test/e2e
Commit message (Collapse)AuthorAge
* Pass on securityOpts from podInfraContainer to container added to pod.Daniel J Walsh2018-09-11
| | | | | | | | | | This is an incomplete fix, as it would be best for the libpod library to be in charge of coordinating the container's dependencies on the infra container. A TODO was left as such. UTS is a special case, because the docker library that namespace handling is based off of doesn't recognize a UTS based on another container as valid, despite the library being able to handle it correctly. Thus, it is left in the old way. Signed-off-by: haircommander <pehunt@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1347 Approved by: mheon
* Fix pod sharing for utsmodeDaniel J Walsh2018-09-07
| | | | | | | | | | | | | We should be sharing cgroups namespace by default in pods uts namespace sharing was broken in pods. Create a new libpod/pkg/namespaces for handling of namespace fields in containers Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1418 Approved by: mheon
* Change shm test to be less flaky.Daniel J Walsh2018-09-07
| | | | | | | | | | | This tests fails a lot, I think because of a race condition. Changing to just make sure the inode of the /dev/shm on the host is the same as inside the container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1420 Approved by: mheon
* Update WaitForTimeOut to output OutputString to help with debugging.Daniel J Walsh2018-09-06
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1416 Approved by: baude
* rmi remove all not error when no images are presentbaude2018-09-05
| | | | | | | | | | When running podman rm -a on a storage where no images exist, the exit code should NOT be non-zero. Signed-off-by: baude <bbaude@redhat.com> Closes: #1402 Approved by: rhatdan
* rootless: check uid with Geteuid() instead of Getuid()Giuseppe Scrivano2018-09-04
| | | | | | | | | | | | change the tests to use chroot to set a numeric UID/GID. Go syscall.Credential doesn't change the effective UID/GID of the process. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* rootless, tests: add tests for the pod commandGiuseppe Scrivano2018-09-04
| | | | | | | | | | also refactor the rootless_test.go to facilitate running a test in a rootless context. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* rootless: fix topGiuseppe Scrivano2018-08-29
| | | | | | | | | | join the user namespace used to create the container so that psgo can work in the same way as with root containers. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1371 Approved by: rhatdan
* allow specification of entrypoint in the form of a sliceDaniel J Walsh2018-08-28
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1352 Approved by: mheon
* rootless, search: do not create a new usernsGiuseppe Scrivano2018-08-28
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1360 Approved by: vrothberg
* rootless, kill: do not create a new usernsGiuseppe Scrivano2018-08-28
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1360 Approved by: vrothberg
* rootless, stop: do not create a new usernsGiuseppe Scrivano2018-08-28
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1360 Approved by: vrothberg
* Fix handling of multiple filters in podman psMatthew Heon2018-08-27
| | | | | | | | | | | | | Docker expects multiple filters to be passed with multiple uses of the --filter flag (e.g. --filter=label=a=b --filter=label=c=d) and not a single comma-separated list of filters as we expected. Convert to the Docker format, and make some small cleanups to our handling of filters along the way. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1345 Approved by: umohnani8
* Fix Mount PropagationGiuseppe Scrivano2018-08-27
| | | | | | | | | Default mount propagation inside of containes should be private Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1305 Approved by: mheon
* rootless: fix --ipc=hostGiuseppe Scrivano2018-08-27
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1349 Approved by: rhatdan
* rootless, tests: add test for --uts=hostGiuseppe Scrivano2018-08-27
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1349 Approved by: rhatdan
* rootless: don't use kill --allGiuseppe Scrivano2018-08-26
| | | | | | | | | | | | | The OCI runtime might use the cgroups to see what PIDs are inside the container, but that doesn't work with rootless containers. Closes: https://github.com/containers/libpod/issues/1337 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1331 Approved by: rhatdan
* rootless: exec handle processes that create an user namespaceGiuseppe Scrivano2018-08-26
| | | | | | | | | | | | | | Manage the case where the main process of the container creates and joins a new user namespace. In this case we want to join only the first child in the new hierarchy, which is the user namespace that was used to create the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1331 Approved by: rhatdan
* rootless: fix execGiuseppe Scrivano2018-08-26
| | | | | | | | | | | | | | | | | | | | | We cannot re-exec into a new user namespace to gain privileges and access an existing as the new namespace is not the owner of the existing container. "unshare" is used to join the user namespace of the target container. The current implementation assumes that the main process of the container didn't create a new user namespace. Since in the setup phase we are not running with euid=0, we must skip the setup for containers/storage. Closes: https://github.com/containers/libpod/issues/1329 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1331 Approved by: rhatdan
* exposes tcp port only if no proto specified.Kunal Kushwaha2018-08-24
| | | | | | | | | | Also it fix the issue of exposing both tc/udp port even if only one proto specified. Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp> Closes: #1325 Approved by: mheon
* Fixing network ns segfaulthaircommander2018-08-23
| | | | | | | | | As well as small style corrections, update pod_top_test to use CreatePod, and move handling of adding a container to the pod's namespace from container_internal_linux to libpod/option. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1187 Approved by: mheon
* Change pause container to infra containerhaircommander2018-08-23
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1187 Approved by: mheon
* Added option to share kernel namespaces in libpod and podmanhaircommander2018-08-23
| | | | | | | | | A pause container is added to the pod if the user opts in. The default pause image and command can be overridden. Pause containers are ignored in ps unless the -a option is present. Pod inspect and pod ps show shared namespaces and pause container. A pause container can't be removed with podman rm, and a pod can be removed if it only has a pause container. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1187 Approved by: mheon
* Add podman pod tophaircommander2018-08-23
| | | | | | | | | Using the vendored changes from psgo, incorporate JoinNamespaceAndProcessInfoByPids to get process information for each pid namespace of running containers in the pod. Also added a man page, and tests. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1298 Approved by: mheon
* Swap test image in exec test to fedora for useraddMatthew Heon2018-08-23
| | | | | | | | | | We need a useradd binary in the container for this test, so swap from Alpine to fedora-minimal. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1315 Approved by: vrothberg
* Add tests for exec --userMatthew Heon2018-08-23
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1315 Approved by: vrothberg
* test: ad more tests for rootless containersGiuseppe Scrivano2018-08-22
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1323 Approved by: umohnani8
* Fixed segfault in stats where container had netNS none or from containerhaircommander2018-08-21
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1306 Approved by: rhatdan
* Enable pod stats with short ID and namehaircommander2018-08-21
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1307 Approved by: rhatdan
* Fix handling of devicesDaniel J Walsh2018-08-20
| | | | | | | | | | | | | | Devices are supposed to be able to be passed in via the form of --device /dev/foo --device /dev/foo:/dev/bar --device /dev/foo:rwm --device /dev/foo:/dev/bar:rwm Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1299 Approved by: umohnani8
* podman: fix --uts=hostGiuseppe Scrivano2018-08-17
| | | | | | | | | | | | | | | Do not set any hostname value in the OCI configuration when --uts=host is used and the user didn't specify any value. This prevents an error from the OCI runtime as it cannot set the hostname without a new UTS namespace. Differently, the HOSTNAME environment variable is always set. When --uts=host is used, HOSTNAME gets the value from the host. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1280 Approved by: baude
* podman pod statsbaude2018-08-17
| | | | | | | | | add the ability to monitor container statistics in a pod. Signed-off-by: baude <bbaude@redhat.com> Closes: #1265 Approved by: rhatdan
* switch projectatomic to containersDaniel J Walsh2018-08-16
| | | | | | | | | | Need to get some small changes into libpod to pull back into buildah to complete buildah transition. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1270 Approved by: mheon
* Fix handling of hostname in --net=hostDaniel J Walsh2018-08-15
| | | | | | | | | Hostname should be set to the hosts hostname when network is none. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1274 Approved by: giuseppe
* rootless: not require userns for help/versionGiuseppe Scrivano2018-08-14
| | | | | | | | | | | these commands do not require to be root in an userns Closes: https://github.com/containers/libpod/issues/1263 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1268 Approved by: vrothberg
* Further fix testsMatthew Heon2018-08-11
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Fix typo breaking testsMatthew Heon2018-08-10
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Only use cgroupfs for containerized testsMatthew Heon2018-08-10
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Temporarily force all tests to use cgroupfs driverMatthew Heon2018-08-10
| | | | | | | TODO: Change this to only force cgroupfs if if we are in a container. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* add podman pod inspectbaude2018-08-09
| | | | | | | | | first pass of podman pod inspect Signed-off-by: baude <bbaude@redhat.com> Closes: #1236 Approved by: rhatdan
* Fix ambiguity in adding localhost to podman savehaircommander2018-08-08
| | | | | | | | | | | ...and some naming decisions. This change ensures podman save doesn't incorrectly prepend localhost when saving an image. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1140 Approved by: rhatdan
* Added ps --pod optionhaircommander2018-08-02
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1205 Approved by: rhatdan
* Use REGISTRIES_CONFIG_PATH for all testsbaude2018-08-02
| | | | | | | | | | | | | | | We should not be using the test systems registries.conf file for integration tests. We should always use a constructed file created specifically for the integration tests or we stand to have unpredictable results. The beforeTest function now sets an environment variable pointing to a registries.conf file in the test's tempdir. That file will container docker.io as a default. The afterTest function then clears the environment variable. Signed-off-by: baude <bbaude@redhat.com> Closes: #1197 Approved by: rhatdan
* Integration Test Improvements #3baude2018-08-01
| | | | | | | | | Third round of speed improvements to the integration tests. Signed-off-by: baude <bbaude@redhat.com> Closes: #1193 Approved by: rhatdan
* Integration Test Improvements #2baude2018-07-30
| | | | | | | | | | This is the second round of performance improvements for out integration tests. Signed-off-by: baude <bbaude@redhat.com> Closes: #1190 Approved by: rhatdan
* avoid spewing fds do to restore of cached imagesbaude2018-07-30
| | | | | | | | | | | due to how cstorage is designed, we were spewing thousands of fds when we restored cached images causing unwieldy rlimits. we now use podman load to restore the images thereby not tripping the issue. Signed-off-by: baude <bbaude@redhat.com> Closes: #1188 Approved by: baude
* Add load test for xz compressed imagesumohnani82018-07-30
| | | | | | | | | | The auto decompression functionality was already vendored in with containers/image. Adding a test for it. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #1137 Approved by: rhatdan
* Speed up test resultsbaude2018-07-30
| | | | | | | | | | | | Stop all containers with a zero timeout prior to trying to rm -fa. This results in quicker teardown times by not waiting for timeouts. Also, with wait tests, no need to wait the full 10 second sleep. 1 will do. Signed-off-by: baude <bbaude@redhat.com> Closes: #1181 Approved by: rhatdan
* Show duration for each ginkgo test and test speed improvementsbaude2018-07-28
| | | | | | | | | | | | | | Because our tests are getting so long, we want to be able to audit which tests are taking the longest to complete. This may indicate a bad test, bad CI, bad code, etc and therefore should be auditable. Also, make speed improvements to tests by making sure we only unpack caches images that actually get used. Signed-off-by: baude <bbaude@redhat.com> Closes: #1178 Approved by: mheon
* podman rmi shouldn't delete named referenced imagesumohnani82018-07-28
| | | | | | | | | | | If an image is created from another and it is deleted, only delete the actual image and not the parent images if the parent images have names/references. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #1174 Approved by: mheon