summaryrefslogtreecommitdiff
path: root/test/system/070-build.bats
Commit message (Collapse)AuthorAge
* migrate Podman to containers/common/libimageValentin Rothberg2021-05-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Migrate the Podman code base over to `common/libimage` which replaces `libpod/image` and a lot of glue code entirely. Note that I tried to leave bread crumbs for changed tests. Miscellaneous changes: * Some errors yield different messages which required to alter some tests. * I fixed some pre-existing issues in the code. Others were marked as `//TODO`s to prevent the PR from exploding. * The `NamesHistory` of an image is returned as is from the storage. Previously, we did some filtering which I think is undesirable. Instead we should return the data as stored in the storage. * Touched handlers use the ABI interfaces where possible. * Local image resolution: previously Podman would match "foo" on "myfoo". This behaviour has been changed and Podman will now only match on repository boundaries such that "foo" would match "my/foo" but not "myfoo". I consider the old behaviour to be a bug, at the very least an exotic corner case. * Futhermore, "foo:none" does *not* resolve to a local image "foo" without tag anymore. It's a hill I am (almost) willing to die on. * `image prune` prints the IDs of pruned images. Previously, in some cases, the names were printed instead. The API clearly states ID, so we should stick to it. * Compat endpoint image removal with _force_ deletes the entire not only the specified tag. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Fixes from make codespellDaniel J Walsh2021-04-21
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* system tests: build --pull-never: deal with flakesEd Santiago2021-04-15
| | | | | | | | This test continues to flake on podman-remote (especially Ubuntu) even after #10030 and #10034. I give up. Stop checking the error message in podman-remote tests. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Verify existence of auth file if specifiedDaniel J Walsh2021-04-05
| | | | | | Fixes: https://github.com/containers/podman/issues/9572 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fix missing podman-remote build optionsDaniel J Walsh2021-04-02
| | | | | | | | | | | | | Fix handling of SecurityOpts LabelOpts SeccompProfilePath ApparmorProfile Fix Ulimits Fixes: https://github.com/containers/podman/issues/9869 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fix podman build --pull-neverDaniel J Walsh2021-03-27
| | | | | | | | | | | Currently pull policy is set incorrectly when users set --pull-never. Also pull-policy is not being translated correctly when using podman-remote. Fixes: #9573 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* System test cleanupEd Santiago2021-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | - cp test: clean up stray image - build test: add workaround for #9567 (ultra-slow ubuntu). We're seeing CI flakes (timeouts) due to ubuntu 2004 being absurdly slow. Workaround: double our timeout on one specific test when ubuntu + remote. - build test: clean up new copy-from test (from #9275). The test was copy-pasted from buildah system tests, without really adapting for podman environment (e.g. it was using images that we don't use here, and would cause pulls, which will cause flakes). Rewrite test so it references only $IMAGE, remove some confusing/unnecessary stuff, selectively run parts of it even when rootless or remote, and add a test to confirm that copy-from succeeded. - load test: add error-message test to new load-invalid (#9672). Basically, make sure the command fails for the right reason. - play test (kube): use $IMAGE, not alpine; and add pause-image cleanup to teardown() - apiv2 mounts test: add a maintainability comment in a tricky section of code; and tighten up the mount point test. Signed-off-by: Ed Santiago <santiago@redhat.com>
* build-argDaniel J Walsh2021-03-07
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Handle podman build --dns-searchDaniel J Walsh2021-03-07
| | | | | | Fixes: https://github.com/containers/podman/issues/9574 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add support for podman build --ignorefileDaniel J Walsh2021-03-07
| | | | | | Fixes: https://github.com/containers/podman/issues/9570 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* system test image: build it multiarchEd Santiago2021-02-24
| | | | | | | | | | | | | | buildah now supports running under emulation[1] as well as creating manifests. Use those features to create a multiarch testimage that can be used to test podman on other arches. [1] on Fedora 33, this requires the qemu-user-static package We also build a new :00000001 image, replacing :00000000, because (sigh) some tests try to run 'true' in the container. Include instructions on building said image. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #9275 from rhatdan/buildOpenShift Merge Robot2021-02-22
|\ | | | | Add missing params for podman-remote build
| * Add missing params for podman-remote buildDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/9290 Currently we still have hard coded --isolation=chroot for podman-remote build. Implement missing arguments for podman build Implements --jobs, --disable-compression, --excludes Fixes: MaxPullPushRetries RetryDuration Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | podman build: pass runtime to buildahValentin Rothberg2021-02-16
|/ | | | | | | | | | Make sure that Podman's default OCI runtime is passed to Buildah in `podman build`. In theory, Podman and Buildah should use the same defaults but the projects move at different speeds and it turns out we caused a regression in v3.0. Fixes: #9365 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Revert "podman build --pull: use correct policy"Valentin Rothberg2021-01-28
| | | | | | | | | | | This reverts commit 15caebfe561952eaadd4896b7efb56f26724cce5. The previous behaviour of `--pull` to *always* attempt to pull the image and error out if the pull failed aligns with Docker. Since Podman aims at feature parity with Docker, the `--pull` behaviour must match. Fixes: #9134 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podman build --pull: use correct policyValentin Rothberg2021-01-27
| | | | | | | | | | | The `--pull` flag should be using the "pull if newer" pull policy rather than "pull always". This aligns with what the help message states, what Buildah does and, according to #9111, what was done before, Also add a test to prevent future regressions. Fixes: #9111 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #9054 from vrothberg/fix-9040OpenShift Merge Robot2021-01-26
|\ | | | | make sure the workdir exists on container mount
| * workdir presence checksValentin Rothberg2021-01-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A container's workdir can be specified via the CLI via `--workdir` and via an image config with the CLI having precedence. Since images have a tendency to specify workdirs without necessarily shipping the paths with the root FS, make sure that Podman creates the workdir. When specified via the CLI, do not create the path, but check for its existence and return a human-friendly error. NOTE: `crun` is performing a similar check that would yield exit code 127. With this change, however, Podman performs the check and yields exit code 126. Since this is specific to `crun`, I do not consider it to be a breaking change of Podman. Fixes: #9040 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Pass DefaultMountsFile to podman buildDaniel J Walsh2021-01-25
|/ | | | | | | The --default-mounts-file path was not being handled in podman build. This will enable it to use for testing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* System tests: cover gaps from the last monthEd Santiago2021-01-25
| | | | | | | | | | | | | | | | | | | - stop: test --all and --ignore (#9051) - build: test /run/secrets (#8679, but see below) - sensitive mount points: deal with 'stat' failures - selinux: confirm useful diagnostics on unknown labels (#8946) The 'build' test is intended as a fix for #8679, in which 'podman build' does not mount secrets from mounts.conf. Unfortunately, as of this writing, 'podman build' does not pass the --default-mounts-file option to buildah, so there's no reasonable way to test this path. Still, we can at least confirm /run/secrets on 'podman run'. The /sys thing is related to #8949: RHEL8, rootless, cgroups v1. It's just a workaround to get gating tests to pass on RHEL. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #8787 from jsoref/spellingOpenShift Merge Robot2020-12-23
|\ | | | | Spelling
| * SpellingJosh Soref2020-12-22
| | | | | | | | Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* | Fix podman build --logfileHironori Shiina2020-12-22
|/ | | | | | | | A opened file object of a logfile gets lost because the variable `logfile` is redefined in a `if` block. This fix stops redefining the variable. Signed-off-by: Hironori Shiina <Hironori.Shiina@fujitsu.com>
* Honor the --layers flagDaniel J Walsh2020-12-09
| | | | | | | | | Currently the --layers flag set by the user is ignored, and only the BUILDAH_LAYERS environment variable being set is observed. Fixes: https://github.com/containers/podman/issues/8643 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* BATS: add ping testEd Santiago2020-12-01
| | | | | | | | | | | | | | | | | | | - run test : tweaks to recently-added network-conflict test: * remove "-d" in run * confirm exact warning text, and also that container runs successfully * test multiple --net options (regression #8057) - images, run, build, exec tests: add multiple-flag testing for various flags, confirming as appropriate whether options are overridden or accumulated. - ps test : add --filter and --sort tests - pod test: run 'ping' inside container (confirms that container gets PING capability) Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: variousEd Santiago2020-11-14
| | | | | | | | | | | | | | | - images: confirm that 'podman images' emits headings even if there are no images present. Intended to replace e2e test which is difficult to get working under podman-remote. - build: add test for #8092, podman-build gobbling stdin. Workaround needed for issues #8342 and #8343, in which podman-remote output differs from podman local. - volumes: add test for #8307, double-lock on same volume. Signed-off-by: Ed Santiago <santiago@redhat.com>
* test for buildah version in container images.Daniel J Walsh2020-11-13
| | | | | | | | | | Check to see if we are recording the version of buildah used to build the image as a label in the image. Also we should make sure the filter "since" works. We are only testing "after", which we don't document. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* System test additionsEd Santiago2020-10-14
| | | | | | | | | | | | | | | | | | | | | | | | - run --userns=keep-id: confirm that $HOME gets set (#8013) - inspect: confirm that JSON output is a sane number of lines (10 or more), not an unreadable one-liner (#8011 and #8021). Do so with image, pod, network, volume because the code paths might be different. - cgroups: confirm that 'run' preserves cgroup manager (#7970) - sdnotify: reenable tests, and hope CI doesn't hang. This test was disabled on August 18 because CI jobs were hanging and timing out. My suspicion was that it was #7316, which in turn seems to have hinged on conmon #182. The latter was merged on Sep 16, so let's cross our fingers and see what happens. Also: remove inaccurate warning from a networking test. And, wow, fix is_cgroupsv2(), it has never actually worked. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Attempt to turn on some more remote testsDaniel J Walsh2020-10-07
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* System tests: reenable some skipped testsEd Santiago2020-09-28
| | | | | | | | | | | | | | | | | | | | | - pause test: enable when rootless + cgroups v2 (was previously disabled for all rootless) - run --pull: now works with podman-remote (in #7647, thank you @jwhonce) - various other run/volumes tests: try reenabling It looks like #7195 was fixed (by #7451? I'm not sure if I'm reading the conversation correctly). Anyway, remove all the skip()s on 7195. Only time will tell if it's really fixed) Also: - new test for podman image tree --whatrequires (because TIL). Doesn't work with podman-remote. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Refactor API build endpoint to be more compliantJhon Honce2020-09-14
| | | | | | | | | | | | | | | | | * Refactor/Rename channel.WriteCloser() to encapsulate the channel * Refactor build endpoint to "live" stream buildah output channels over API rather then buffering output * Refactor bindings/tunnel build because endpoint changes * building tar file now in bindings rather then depending on caller * Cleanup initiating extra image engine * Remove setting fields to zero values (less noise in code) * Update tests to support remote builds Fixes #7136 Fixes #7137 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7600 from rhatdan/codespellOpenShift Merge Robot2020-09-11
|\ | | | | Fix up errors found by codespell
| * Fix up errors found by codespellDaniel J Walsh2020-09-11
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add global options --runtime-flagsQi Wang2020-09-04
|/ | | | | | Add global options --runtime-flags for setting options to container runtime. Signed-off-by: Qi Wang <qiwan@redhat.com>
* BATS: fix corner case in --userns=keep-id testEd Santiago2020-08-27
| | | | | | | | | | | | | | | | | The test that does 'adduser' in a keep-id container had a really dumb bug: if the user running the test has UID 1000, then podman itself (via keep-id) will add the "1000" passwd entry, and the in-container "adduser" will allocate 1001, making our test fail. This triggered in f31/f32 podman gating tests, but (?!?) never in rawhide gating tests. Solution: explicitly feed a UID to adduser. Make sure that it's not the same as the UID of the current user. Also (unrelated): fix a ridiculous "run mkdir || die". At the time I wrote that I probably had no idea how BATS works. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: podman-remote, image treeEd Santiago2020-08-10
| | | | | | | | | | | | | | | | | | | | | - new sanity checks for podman-remote: - first, confirm that when PODMAN is "-remote", we actually talk to a server (validated by presence of "Server:" string in "podman version"). - second, add test for #7212, in which we run "podman --remote" (podman with --remote flag, not podman-remote command) and make sure --remote is allowed both as the first option and also with other flag options preceding. - new test for "podman image tree" (piggybacking on top of a "podman build" test, because that gives us lots of layers). - skip "podman exec - basic test" when remote. It is consistently causing CI failures, breaking all of CI, due to #7241. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Handle podman-remote run --rmDaniel J Walsh2020-08-04
| | | | | | | | We need to remove the container after it has exited for podman-remote run --rm commands. If we don't remove this container at this step, we open ourselves up to race conditions. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Reenable remote system testsEd Santiago2020-08-03
| | | | | | | | | | | | | | | | | | | podman-remote is in better shape now. Let's see what needs to be done to reenable remote system tests. - logs test: skip multilog, it doesn't work remote - diff test: use -l only when local, not with remote - many other tests: skip_if_remote, with 'FIXME: pending #xxxx' where xxxx is a filed issue. Unrelated: added new helper to skip_if_remote and _if_rootless, where we check if the source message includes "remote"/"rootless" and insert it if missing. This is a minor usability enhancement to make it easier to understand at-a-glance why a skip triggers. Signed-off-by: Ed Santiago <santiago@redhat.com>
* volumes: do not recurse when chowningGiuseppe Scrivano2020-07-31
| | | | | | | | | keep the file ownership when chowning and honor the user namespace mappings. Closes: https://github.com/containers/podman/issues/7130 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #7121 from rhatdan/buildOpenShift Merge Robot2020-07-29
|\ | | | | Fix building from http or '-' options
| * Fix building from http or '-' optionsDaniel J Walsh2020-07-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | When copying from a URL, podman will download and create a context directory in a temporary file. The problem was that this directory was being removed as soon as the function that created it was returned. Later the build code would look for content in the temporary directory and fail to find it, blowing up the build. By pulling the extraction code back into the build function, we keep the temporary directory around until the build completes. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | System tests: add environment, volume testsEd Santiago2020-07-28
|/ | | | | | | | | | | | | | | | | | Tests for #7094, in which symlinks in a volume would cause chown errors and nonrunnable containers. Tests for environment variable precedence, now include --env-host and proxy settings Fix a bug caught by covscan in helpers.t ('source' path would fail if path included spaces). Fix podman-run man page: it was incorrect in stating precedence between in-image environment and --env-host. Fixes: #7099 Signed-off-by: Ed Santiago <santiago@redhat.com>
* Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* system tests: new rm, build testsEd Santiago2020-06-22
| | | | | | | | | | | | - rm: confirm 'rm' and 'rm -f' on running container - build: shotgun test of workdir, cmd, env, labels The new build test cd's to a temporary directory, which broke test invocations using a relative path (./bin/podman). Added code to detect relative paths and convert them to absolute. Signed-off-by: Ed Santiago <santiago@redhat.com>
* more BATS testsEd Santiago2020-01-13
| | | | | | | | | | | | | | | | | - run: --name (includes 'podman container exists' tests) - run: --pull (always, never, missing) - build: new test for ADD URL (#4420) - exec: new test for issue #4785 (pipe getting lost) - diff: new test - selinux (mostly copied from docker-autotest) Plus a bug fix: the wait_for_output() helper would continue checking, eventually timing out, even if the container had already exited (probably because of an error). Fix: as part of the loop, run 'podman inspect' and bail out if container is not running. Include exit code and logs. Signed-off-by: Ed Santiago <santiago@redhat.com>
* test for #3920 (improper caching of tarballs in build)Ed Santiago2019-12-05
| | | | | | | | | See https://github.com/containers/buildah/pull/1955 I've confirmed that this test fails under podman-1.6.2-2.fc30 and passes under current master. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Flake fix: build test timeoutEd Santiago2019-08-19
| | | | | | | | | | | | | | | | The priv test added to the build test in June runs an 'apk' command which, unavoidably, has to fetch stuff from the net. This is slow and unreliable, and periodically leads to timeout failures. Worse, when this happens, some sort of invisible buildah-only container gets left behind that leads to failures in subsequent tests when trying to reset to known state. Imperfect workaround: try a 240-second timeout (up from 60) when running apk. As backup, add a custom teardown() which attempts to force-remove all containers and any new images. Signed-off-by: Ed Santiago <santiago@redhat.com>
* implement 'make remotesystem'Ed Santiago2019-08-08
| | | | | | | | | | | | | | | | | | | | | podman-remote rm now works; that's the only thing we were waiting for to enable podman-remote (varlink) system tests. Add a (too-complicated, sorry) Makefile target that will define a random socket path, start the podman varlink server, and run the test suite using podman-remote. Also: add two convenience functions, is_rootless and is_remote, and use those in skip_if_rootless/if_remote and elsewhere Also: workarounds for broken tests: - basic version test: podman-remote emits an empty 'Client' line. Just ignore it. - looks like 'podman-remote pod' doesn't work; skip test. Also: minor documentation update Signed-off-by: Ed Santiago <santiago@redhat.com>
* Add RUN priv'd test for buildTomSweeneyRedHat2019-06-28
| | | | | | | | | Podman 1.4.1 had problems with builds with a RUN command that tried to to a privliged command. This adds a gating test for that situation. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* bats - various small updatesEd Santiago2019-04-18
| | | | | | | | | | | | | | - podman-remote: - enable log, run and build tests, they're working now - well, except build + rootless. Skip that one. - add explanation of why info test is skipped - Giuseppe's permission test: - validate GraphRoot and RunRoot values - add verbose logging, to enable seeing full directory tree permissions on error Signed-off-by: Ed Santiago <santiago@redhat.com>