aboutsummaryrefslogtreecommitdiff
path: root/test/system/helpers.bash
Commit message (Collapse)AuthorAge
* Docs rootfull -> rootfulAshley Cui2022-04-25
| | | | | | | | Some docs say roofull. Change to rootful. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* Revert "Switch all rootful to rootfull"Ashley Cui2022-04-25
| | | | | | | | | | This reverts commit cc3790f332d989440eb1720e24e3619fc97c74ee. We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* Merge pull request #13964 from rhatdan/rootfullOpenShift Merge Robot2022-04-22
|\ | | | | Switch all rootful to rootfull
| * Switch all rootful to rootfullDaniel J Walsh2022-04-21
| | | | | | | | | | | | | | | | | | We are inconsistent on the name, we should stick with rootfull. [NO NEW TESTS NEEDED] Existing tests should handle this and no tests for machines exists yet. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | system tests: add assert(), and start using itEd Santiago2022-04-20
|/ | | | | | | | | | | | | | | | | | | | | Problem: the system test 'is()' checker was poorly thought out. For example, there is no way to check for inequality or for absence of a substring. Solution, step 1: introduce new assert(), copied almost verbatim from buildah, where it has been successful in addressing the gaps in is(). The logical next step is to search the tests for 'die' and for 'run', looking for negative assertions which we can replace with assert(). There were a lot, and in the process I found a number of ugly bugs in the tests themselves. I've taken the liberty of fixing these. Important note: at this time we have both assert() and is(). Replacing all instances of is() would be impossible to review. Signed-off-by: Ed Santiago <santiago@redhat.com>
* podman create: building local pause image: do not read ignore filesValentin Rothberg2022-03-17
| | | | | | | | | Make sure to ignore local {container,docker}ignore files when building a local pause image. Otherwise, we may mistakenly not be able to copy catatonit into the build container. Fixes: #13529 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* system tests: cleanup networks on teardownPaul Holzinger2022-02-21
| | | | | | | | When a test which creates a network fail it will not remove the network. The teardown logic should remove the networks. Since there is no --all option for network rm we use network prune --force. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* tests: Remove inaccurate commentDavid Gibson2022-02-18
| | | | | | | | This comment refers to overiding $PODMAN although the code below does nothing of the sort. Presumbly the comment has been outdated by altering the containers.conf / $CONTAINERS_CONF instead. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* Cirrus: Add netavark/aardvark system test taskChris Evich2022-02-03
| | | | | | | Also add a system-test that verifies netavark driver is in use when magic env. var. is set. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #12687 from rhatdan/volumeOpenShift Merge Robot2022-01-06
|\ | | | | Support volume bind mounts for rootless containers
| * Support all volume mounts for rootless containersDaniel J Walsh2022-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | Fix handling of "bind" and "tmpfs" olumes to actually work. Allow bind, tmpfs local volumes to work in rootless mode. Also removed the string "error" from all error messages that begine with it. All Podman commands are printed with Error:, so this causes an ugly stutter. Fixes: https://github.com/containers/podman/issues/12013 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #12750 from rhatdan/errorOpenShift Merge Robot2022-01-05
|\ \ | | | | | | Change Tests to ignore missing containers when removing --all
| * | Change Tests to ignore missing containers when removing --allDaniel J Walsh2022-01-05
| |/ | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/12740 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #12429 from cdoern/scpOpenShift Merge Robot2022-01-05
|\ \ | |/ |/| podman image scp never enter podman user NS
| * podman image scp never enter podman user NScdoern2021-12-23
| | | | | | | | | | | | | | | | | | | | | | Podman image scp should never enter the Podman UserNS unless it needs to. This allows for a sudo exec.Command to transfer images to and from rootful storage. If this command is run using sudo, the simple sudo podman save/load does not work, machinectl/su is necessary here. This modification allows for both rootful and rootless transfers, and an overall change of scp to be more of a wrapper function for different load and save calls as well as the ssh component Signed-off-by: cdoern <cdoern@redhat.com>
* | Allow users to add host user accounts to /etc/passwdDaniel J Walsh2021-12-23
|/ | | | | | | | | | | Some containers require certain user account(s) to exist within the container when they are run. This option will allow callers to add a bunch of passwd entries from the host to the container even if the entries are not in the local /etc/passwd file on the host. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1935831 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add --time out for podman * rm -f commandsDaniel J Walsh2021-10-04
| | | | | | | | | Add --time flag to podman container rm Add --time flag to podman pod rm Add --time flag to podman volume rm Add --time flag to podman network rm Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* System tests: tighten 'is' operatorEd Santiago2021-09-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix day-one sloppiness: when I first wrote this framework it compared strings using 'expr', not '=', to be more forgiving of extra cruft in output. This was a bad decision. It means that warnings or additional text are ignored: is "all is ok, NOT!" "all is ok" <-- this would pass Solution: tighten up the 'is' check. Use '=' (direct compare) first. If it fails, look for wild cards ('*') or character classes ('[') in the expect string. If so, and only then, use 'expr'. And, thanks to a clever suggestion from Luap99, include '(using expr)' in the error message when we do so; this could make it easier for a developer to understand a string mismatch. This change exposes a lot of instances in which we weren't doing proper comparisons. Fix those. Thankfully, there weren't as many as I'd feared. Also, and completely unrelated, add '-T' flag to bats helper, for showing timing results. (I will open this as a separate PR if requested. I too find it offensive to jumble together unrelated commits.) Signed-off-by: Ed Santiago <santiago@redhat.com>
* test: skip test on rootless cgroupsv1Giuseppe Scrivano2021-09-30
| | | | | | | | | | | | | | | skip the test "podman selinux: shared context in (some) namespaces" on cgroupsv1 when running as rootless since the tests requires --pid=container:. If the container runtime cannot use cgroupsv1 and the container has no pid namespace. then it is not possible to correctly terminate the container. Without a cgroup or a pid namespace, the runtime has no control on what processes are in the container. Closes: https://github.com/containers/podman/issues/11785 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* system tests: new random_free_port helperEd Santiago2021-09-08
| | | | | | | Picks a pseudorandom open port within a range. Refactor existing instances of such code. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Networking test: fix silent breakageEd Santiago2021-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Wow did I screw up. #10982 introduced (at my suggestion) a new wait_for_port() helper, with the goal of eliminating a race condition. It didn't work. First: wait_for_port() tests by connecting to the port, which is a Bad Idea when you have a one-shot server that exits upon the first connection closing. We should've caught that, but: Second: I wrote wait_for_port() for a non-BATS test framework, and used the conventional file descriptor 3. BATS uses fd3 for internal control. Overriding that made the test silently just disappear, no "not ok" message, no warnings, nothing except vanishing into the ether. Third: this was caught by my log-colorizer script, which loudly yelled "WARNING: expected 234" (tests) at the bottom of the log. Unfortunately, since this wasn't my PR, I didn't actually look at the test logs. Solution: we can't use wait_for_port() in the network port test. Use wait_for_output() instead, triggering on the 'listening' message emitted by netcat in the container. Also: fix wait_for_port() to use fd5 instead of 3. Although no code currently uses wait_for_port() as of this PR, it's a useful helper that we may want to keep. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Flake Fix: Wait before connecting container portChris Evich2021-07-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was observed during periodic testing, this test can fail due to the container process being not fully running and listening on the expected port: ``` [+1069s] not ok 220 podman networking: port with --userns=keep-id [+1069s] # (in test file test/system/500-networking.bats, line 144) [+1069s] # `echo "$teststring" | nc 127.0.0.1 $myport' failed [+1069s] # # /var/tmp/go/src/github.com/containers/podman/bin/podman rm --all --force [+1069s] # # /var/tmp/go/src/github.com/containers/podman/bin/podman ps --all --external --format {{.ID}} {{.Names}} [+1069s] # # /var/tmp/go/src/github.com/containers/podman/bin/podman images --all --format {{.Repository}}:{{.Tag}} {{.ID}} [+1069s] # quay.io/libpod/testimage:20210610 9f9ec7f2fdef [+1069s] # # /var/tmp/go/src/github.com/containers/podman/bin/podman run -d --userns=keep-id -p 127.0.0.1:54322:54322 quay.io/libpod/testimage:20210610 nc -l -n -v -p 54322 [+1069s] # 252c562c9a3c96892d867d1d72fb52b2efdfe62855ebedbccd2d281c472c2988 [+1069s] # Ncat: No route to host. ``` Fix this by using a new `wait_for_port()` function (thanks @edsantiago) before attempting to communicate with the service. Signed-off-by: Chris Evich <cevich@redhat.com>
* System tests: the continuing multiarch sagaEd Santiago2021-06-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TL;DR podman needs "arm64" as arch, not "arm64v8". Unexpurgated version: docker.io publishes ${ARCH}/alpine for several values of ARCH. Unfortunately, the arm64 one is called "arm64v8", which is sensible, but podman needs the --arch value of the manifest to be exactly "arm64". So we need to special-case this value in our loop. Do so, and build/publish a new 20210610 testimage. Use that in tests moving forward. And, since we need to jump through the same hoops to build the nonlocal image, include it in the build loop instead of as a tacked-on comment. Try to be helpful by determining the next-available numeric tag. And: don't push anything by default. Instead, just tell the user what buildah-push commands to run. And: refactor $PODMAN_NONLOCAL_IMAGE_TAG, to make it easier for the RHEL-arch-testing folx to override using envariables instead of inplace-sed. (Not that they should ever need to override again, because this is the final multiarch commit that should be forevermore perfect and need no further commits ever again). And, finally, bump up to latest alpine/busybox images. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #10199 from edsantiago/system_tests_with_runc_overrideOpenShift Merge Robot2021-05-04
|\ | | | | System tests: honor $OCI_RUNTIME (for CI)
| * System tests: honor $OCI_RUNTIME (for CI)Ed Santiago2021-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some CI systems set $OCI_RUNTIME as a way to override the default crun. Integration (e2e) tests honor this, but system tests were not aware of the convention; this means we haven't been testing system tests with runc, which means RHEL gating tests are now failing. The proper solution would be to edit containers.conf on CI systems. Sorry, that would involve too much CI-VM work. Instead, this PR detects $OCI_RUNTIME and creates a dummy containers.conf file using that runtime. Add: various skips for tests that don't work with runc. Refactor: add a helper function so we don't need to do the complicated 'podman info blah blah .OCIRuntime.blah' thing in many places. BUG: we leave a tmp file behind on exit. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | system test image: add arm64v8 imageEd Santiago2021-05-03
|/ | | | | | | | | | | The RHEL multi-arch team informed me that we were missing aarch64; add it, using the new name (arm64v8). (This is from last week, so the image date tag does not match today's date. I was waiting for confirmation that things were working). Signed-off-by: Ed Santiago <santiago@redhat.com>
* System tests: setup: better cleanup of stray imagesEd Santiago2021-04-13
| | | | | | | | | | | | | | | | Fix a corner case in basic_setup(), where we rmi stray images. If a test tags $IMAGE and fails to rmi by tag name, cleanup could rmi both tag name and IID, wiping out the desired image: podman tag $IMAGE foo ... cleanup: rmi foo $FOO_IID [this removes $IMAGE!] Solution: rmi by name, but only rmi by IID if != $IMAGE. TOTH to ypu for bringing this to my attention. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: friendier messages for 2-arg is()Ed Santiago2021-03-29
| | | | | | | | | | | | | | | | | The 'is' check was intended to be called with three arguments, the last one being a nice helpful test name. There's a fallback for two-argument calls, but it was a horrible FIXME. New fallback: the most recently run podman command. We keep track of it in each run_podman() invocation. This is not ideal, because it's theoretically possible to invoke 'is' on something other than the output of run_podman, but this at least fixes the by-far-most-common case. [NO TESTS NEEDED] Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #8749 from edsantiago/upgrade_testOpenShift Merge Robot2021-02-26
|\ | | | | podman upgrade tests
| * podman upgrade testsEd Santiago2021-02-23
| | | | | | | | | | | | | | | | Initial validation of using podman-in-podman to create an old-podman root, then use new-podman to play with the containers created therein. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | system test image: build it multiarchEd Santiago2021-02-24
|/ | | | | | | | | | | | | | buildah now supports running under emulation[1] as well as creating manifests. Use those features to create a multiarch testimage that can be used to test podman on other arches. [1] on Fedora 33, this requires the qemu-user-static package We also build a new :00000001 image, replacing :00000000, because (sigh) some tests try to run 'true' in the container. Include instructions on building said image. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: set PODMAN_TIMEOUT to 120Valentin Rothberg2020-12-18
| | | | | | | | | | The new Ubuntu 20.04 VMs seem very slow and fail reproducibly in a build test (i.e, "wordir, cmd, env, label"). Bumping up the time out to 120 seconds will help get the CI green. See github.com/containers/podman/pull/8747. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* system tests: the catch-up gameEd Santiago2020-12-14
| | | | | | | | | | | | | | | | | | | | | | | | | - run test: minor cleanup to .containerenv test. Basically, make it do only two podman-runs (they're expensive) and tighten up the results checks - ps test: add ps -a --storage. Requires small tweak to run_podman helper, so we can have "timeout" be an expected result - sdnotify test: workaround for #8718 (seeing MAINPID=xxx as last output line instead of READY=1). As found by the newly-added debugging echos, what we are seeing is: MAINPID=103530 READY=1 MAINPID=103530 It's not supposed to be that way; it's supposed to be just the first two. But when faced with reality, we must bend to accommodate it, so let's accept READY=1 anywhere in the output stream, not just as the last line. Signed-off-by: Ed Santiago <santiago@redhat.com>
* RHEL gating tests: more journald exceptionsEd Santiago2020-12-14
| | | | | | | | | | | | | | | | | | | | Followup to #8284, due to my not having noticed #8096. RHEL gating tests are failing again due to rhbz#1895105, the one where we can't run journalctl rootless on RHEL. #8284 fixed this for some RHEL builds of older podman, but I missed #8096 which added yet another logs test. This brings us to three journalctl exceptions, which means it gets complicated because I have to refactor it all. **THIS IS NOT SUSTAINABLE**. We need some way to have a similar setup in CI, with a permission-less rootless login, so we don't add yet another logs test some day and discover, months later, that it doesn't work on RHEL and then have to go into crisis mode. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Add system test for shell completionPaul Holzinger2020-12-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There exists a unit test to ensure that shell completion functions are defined. However there was no check about the quality of the provided shell completions. Lets change that. The idea is to create a general test that makes sure we are suggesting containers,pods,images... for the correct commands. This works by reading the command use line and checking for each arg if we provide the correct suggestions for this arg. It includes the following tests: - flag suggestions if [options] is set - container, pod, image, network, volume, registry completion - path completion for the appropriate arg KEYWORDS (`PATH`,`CONTEXT`,etc.) - no completion if there are no args - completion for more than one arg if it ends with `...]` The test does not cover completion values for flags and not every arg KEYWORD is supported. This is still a huge improvement and covers most use cases. This test spotted several inconsistencies between the completion and the command use line. All of them have been adjusted to make the test pass. The biggest advantage is that the completions always match the latest command changes. So if someone changes the arguments for a command this ensures that the completions must be adjusted. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Add a system test to verify --runtime is preservedMatthew Heon2020-10-20
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* System tests: remove some misleading 'run'sEd Santiago2020-10-19
| | | | | | | | | | | | | | | The BATS 'run' directive is really quite obnoxious; for the most part we really don't want to use it. Remove some uses that snuck in last week, and remove one test (exists) that can more naturally be piggybacked into an rm test. While we're at it: in setup(), look for and delete stray external (buildah) containers. This will be important if any of the external-container tests fails; this way we don't leave behind a state that causes subsequent tests to fail. Signed-off-by: Ed Santiago <santiago@redhat.com>
* System test additionsEd Santiago2020-10-14
| | | | | | | | | | | | | | | | | | | | | | | | - run --userns=keep-id: confirm that $HOME gets set (#8013) - inspect: confirm that JSON output is a sane number of lines (10 or more), not an unreadable one-liner (#8011 and #8021). Do so with image, pod, network, volume because the code paths might be different. - cgroups: confirm that 'run' preserves cgroup manager (#7970) - sdnotify: reenable tests, and hope CI doesn't hang. This test was disabled on August 18 because CI jobs were hanging and timing out. My suspicion was that it was #7316, which in turn seems to have hinged on conmon #182. The latter was merged on Sep 16, so let's cross our fingers and see what happens. Also: remove inaccurate warning from a networking test. And, wow, fix is_cgroupsv2(), it has never actually worked. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: cleanup, and add more testsEd Santiago2020-10-07
| | | | | | | | | | | | | | | | | | | | - images test: add test for 'table' and '\t' formatting - image mount test: check output from 'umount', test repeat umount (NOP), and test invalid-umount - kill test: remove kludgy workaround for crun signal bug ref: #5004 -- code is no longer needed (fingers crossed), and the workaround involved pulling an expensive image. - selinux test: add new tests for shared context in: * pods , w/ and w/o infra container (ref: #7902) * containers with namespace sharing: --ipc, --pid, --net - selinux test: new test for --pid=host (disabled pending propagation of container-selinux-2.146, ref: #7939) Signed-off-by: Ed Santiago <santiago@redhat.com>
* System tests: add podman run --tzEd Santiago2020-09-29
| | | | | | | | New tests for podman run --tz=EXPLICIT and =local. Requires updating our testimage by adding a fixed reference timestamp to a known file path. Signed-off-by: Ed Santiago <santiago@redhat.com>
* System tests: reenable some skipped testsEd Santiago2020-09-28
| | | | | | | | | | | | | | | | | | | | | - pause test: enable when rootless + cgroups v2 (was previously disabled for all rootless) - run --pull: now works with podman-remote (in #7647, thank you @jwhonce) - various other run/volumes tests: try reenabling It looks like #7195 was fixed (by #7451? I'm not sure if I'm reading the conversation correctly). Anyway, remove all the skip()s on 7195. Only time will tell if it's really fixed) Also: - new test for podman image tree --whatrequires (because TIL). Doesn't work with podman-remote. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7687 from edsantiago/batsOpenShift Merge Robot2020-09-25
|\ | | | | system tests: new tests
| * system tests: new testsEd Santiago2020-09-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - podman network create: new test - podman pull by-sha + podman images -a (#7651) - podman image mount: new test - podman pod: --infra-image and --infra-command (#7167) For convenience and robustness, build a new testimage containing a custom file /home/podman/testimage-id with contents YYYYMMDD (same as image tag). The image-mount test checks that this file exists and has the desired content. New testimage also includes a dummy 'pause' executable, for testing pod infra. Updates from testimage:20200902 to :20200917 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | system tests: helpers: safer parse_tableEd Santiago2020-09-23
|/ | | | | | | | | | | | | | | | | The parse_table() helper has until now dumbly split lines on every single '|' character. This prevents us from running simple tests such as 'cgroupManager: (systemd|cgroupfs)'. We now use an ugly but robust sed expression to split on '|' but *only* when surrounded by spaces and/or beginning or end of line. This is safe because, for readability, all tables already keep the '|' symbols well separated from table content. Add tests. And, the whole reason behind this, add an actual real test for cgroupManager and cgroupVersion. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Migrate away from docker.ioEd Santiago2020-09-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CI and system tests currently pull some images from docker.io. Eliminate that, by: - building a custom image containing much of what we need for testing; and - copying other needed images to quay.io (Reason: effective 2020-11-01 docker.io will limit the number of image pulls). The principal change is to create a new quay.io/libpod/testimage, using the new test/system/build-testimage script, instead of relying on quay.io/libpod/alpine_labels. We also switch to using a hardcoded :YYYYMMDD tag, instead of :latest, in an attempt to futureproof our CI. This image includes 'httpd' from busybox-extras, which we use in our networking test (previously we had to pull and run busybox from docker.io). The testimage can and should be extended as needed for future tests, e.g. adding test file content or other useful tools. For the '--pull' tests which require actually pulling from the registry, I've created an image with the same name but tagged :00000000 so it will never be pulled by default. Since this image is only used minimally, it's just busybox. Unfortunately there remain two cases we cannot solve in this tiny alpine-based image: 1) docker registry 2) systemd For those, I've (manually) run: podman pull [ docker.io/library/registry:2.7 | registry.fedoraproject.org/fedora:31 ] podman tag !$ quay.io/... podman push !$ ...and amended the calling tests accordingly. I've tried to make the the smallest reasonable diff, not the smallest possible one. I hope it's a reasonable tradeoff. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Just use `rm` for helper command to remove storageSascha Grunert2020-08-28
| | | | | | This allows to use any kind of `rm` in `$PATH` for the system tests. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* Reenable remote system testsEd Santiago2020-08-03
| | | | | | | | | | | | | | | | | | | podman-remote is in better shape now. Let's see what needs to be done to reenable remote system tests. - logs test: skip multilog, it doesn't work remote - diff test: use -l only when local, not with remote - many other tests: skip_if_remote, with 'FIXME: pending #xxxx' where xxxx is a filed issue. Unrelated: added new helper to skip_if_remote and _if_rootless, where we check if the source message includes "remote"/"rootless" and insert it if missing. This is a minor usability enhancement to make it easier to understand at-a-glance why a skip triggers. Signed-off-by: Ed Santiago <santiago@redhat.com>
* BATS tests: more resilient remove_same_dev_warningEd Santiago2020-07-20
| | | | | | | | | | | | | | | | Some CI tests are flaking in the SELinux test, possibly because there's a new variation of the "multiple devices" warning I hadn't seen before: WARNING: Creating device "/dev/null" with same type, major and minor as existing "/dev/foodevdir/null". Solution: in remove_same_dev_warning(), remove "multiple" from the match string. Also: fix a Go test that wasn't cleaning up after itself. And add an actual test to it, not just check-exit-status. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: new tests for run, execEd Santiago2020-07-14
| | | | | | | | | | | | | | | | | | | | | | - Issue #6735 : problem with multiple namespaces; confirms combinations of --userns=keep-id, --privileged, --user=XX - Issue #6829 : --userns=keep-id will add a /etc/passwd entry - Issue #6593 : podman exec, with --userns=keep-id, errors (test is currently skipped because issue remains live) ...and, addendum: add new helper function, remove_same_dev_warning. Some CI systems issue a warning on podman run --privileged: WARNING: The same type, major and minor should not be used for multiple devices. We already had special-case code to ignore than in the SELinux test, but now we're seeing it in the new run tests I added, so I've refactored the "ignore this warning" code and written tests for the removal code. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: invoke with abs path to podmanEd Santiago2020-06-23
| | | | | | | | | | | | | | | | | | | | | | Reversion of one part of #6679: my handling of 'realpath' would not work when $PODMAN is 'podman-remote --url etc'. Trying to handle that case got unmaintainable; so instead let's just force 'make {local,remote}system' to invoke with a full PODMAN path. This breaks down if someone runs the tests with a manual 'bats' invocation, but I think I'm the only one who ever does that. Since podman path will now be very long in the logs, add code to logformatter to abbreviate it like we do for the ginkgo logs. And, one thing that has bugged me for a long time: in the error logs, show a different prompt ('#' vs '$') to distinguish root vs rootless. This should make it much easier to see at-a-glance whether a log file is root or not. Add tests for it. Signed-off-by: Ed Santiago <santiago@redhat.com>