summaryrefslogtreecommitdiff
path: root/test/system
Commit message (Collapse)AuthorAge
* Merge pull request #7820 from giuseppe/fix-capabilities-not-rootOpenShift Merge Robot2020-09-30
|\ | | | | capabilities: always set ambient and inheritable
| * capabilities: always set ambient and inheritableGiuseppe Scrivano2020-09-30
| | | | | | | | | | | | | | | | | | | | | | | | change capabilities handling to reflect what docker does. Bounding: set to caplist Inheritable: set to caplist Effective: if uid != 0 then clear; else set to caplist Permitted: if uid != 0 then clear; else set to caplist Ambient: clear Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #7825 from rhatdan/exitcodeOpenShift Merge Robot2020-09-30
|\ \ | | | | | | Fix handling of remove of bogus volumes, networks and Pods
| * | Fix handling of remove of bogus volumes, networks and PodsDaniel J Walsh2020-09-29
| |/ | | | | | | | | | | | | | | | | | | | | | | In podman containers rm and podman images rm, the commands exit with error code 1 if the object does not exists. This PR implements similar functionality to volumes, networks, and Pods. Similarly if volumes or Networks are in use by other containers, and return exit code 2. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7832 from edsantiago/bats_run_tzOpenShift Merge Robot2020-09-30
|\ \ | | | | | | System tests: add podman run --tz
| * | System tests: add podman run --tzEd Santiago2020-09-29
| |/ | | | | | | | | | | | | | | New tests for podman run --tz=EXPLICIT and =local. Requires updating our testimage by adding a fixed reference timestamp to a known file path. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / System tests: corner case for run --pullEd Santiago2020-09-29
|/ | | | | | | | | | | | | | | | Obscure corner case in which 'podman run --pull=never alpine' will actually pass *with no alpine image* if there's an image named "myalpine". (i.e. a substring match, not full string match). Fixed in #7770 but the tests that were added there do not actually test that. This adds a double-duty test for that as well as making sure that 'run --pull=never SHORTNAME' (implicit :latest) does not match our existing :YYYYMMDD image; then one more quick test to make sure that if we tag as :latest, the same --pull=never succeeds. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Gating-test fix: deal with new crun error msgEd Santiago2020-09-29
| | | | | | | | | | | | | | crun changed an error message: https://github.com/containers/crun/pull/439 It's a good change, absolutely the right thing to do, but it broke gating tests. Fix tests so they handle both old and new format. Fixes: #7814 Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7803 from edsantiago/batsOpenShift Merge Robot2020-09-29
|\ | | | | System tests: reenable some skipped tests
| * System tests: reenable some skipped testsEd Santiago2020-09-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - pause test: enable when rootless + cgroups v2 (was previously disabled for all rootless) - run --pull: now works with podman-remote (in #7647, thank you @jwhonce) - various other run/volumes tests: try reenabling It looks like #7195 was fixed (by #7451? I'm not sure if I'm reading the conversation correctly). Anyway, remove all the skip()s on 7195. Only time will tell if it's really fixed) Also: - new test for podman image tree --whatrequires (because TIL). Doesn't work with podman-remote. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Journald log driver testPaul Holzinger2020-09-28
|/ | | | | | | Test that the journald log driver writes to journald and that we can read it with journalctl. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #7687 from edsantiago/batsOpenShift Merge Robot2020-09-25
|\ | | | | system tests: new tests
| * system tests: new testsEd Santiago2020-09-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - podman network create: new test - podman pull by-sha + podman images -a (#7651) - podman image mount: new test - podman pod: --infra-image and --infra-command (#7167) For convenience and robustness, build a new testimage containing a custom file /home/podman/testimage-id with contents YYYYMMDD (same as image tag). The image-mount test checks that this file exists and has the desired content. New testimage also includes a dummy 'pause' executable, for testing pod infra. Updates from testimage:20200902 to :20200917 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #7758 from edsantiago/test_log_driverOpenShift Merge Robot2020-09-24
|\ \ | | | | | | system tests: new test for run --log-driver
| * | system tests: new test for run --log-driverEd Santiago2020-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Tests all (current) values for --log-driver=X, and one test for invalid value. For those drivers that write a local file (json-file, k8s-file), test that the file exists and contains results of the expected form (timestamp, stdout, 'F' for 'F'ull line, and the expected string output. For json-file, confirm that podman issues a "Choosing k8s-file" warning (only on local. On podman-remote, the warning goes only to the server's stderr). Written in response to #7754 in which driver=json-file was falling through to 'none' instead of 'k8s-file'. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | system tests: helpers: safer parse_tableEd Santiago2020-09-23
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The parse_table() helper has until now dumbly split lines on every single '|' character. This prevents us from running simple tests such as 'cgroupManager: (systemd|cgroupfs)'. We now use an ugly but robust sed expression to split on '|' but *only* when surrounded by spaces and/or beginning or end of line. This is safe because, for readability, all tables already keep the '|' symbols well separated from table content. Add tests. And, the whole reason behind this, add an actual real test for cgroupManager and cgroupVersion. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #7729 from mheon/info_cgroup_managerOpenShift Merge Robot2020-09-22
|\ \ | | | | | | Include cgroup manager in `podman info` output
| * | Include cgroup manager in `podman info` outputMatthew Heon2020-09-22
| |/ | | | | | | | | | | | | | | This is very useful for debugging cgroups v2, especially on rootless - we need to ensure people are correctly using systemd cgroups in these cases. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / podman save: fix redirect of multi-imagesValentin Rothberg2020-09-22
|/ | | | | | | | Fix a bug when saving multi-image archives where the progress bars from copying images was accidentally written to the archive and hence corrupted it. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #7636 from vrothberg/fix-7407OpenShift Merge Robot2020-09-16
|\ | | | | run/create: record raw image
| * run/create: record raw imageValentin Rothberg2020-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Record the user-specified "raw" image name in the SpecGenerator, so we can pass it along to the config when creating a container. We need a separate field as the image name in the generator may be set to the ID of the previously pulled image - ultimately the cause of #7404. Reverting the image name from the ID to the user input would not work since "alpine" for pulling iterates over the search registries in the registries.conf but looking up "alpine" normalizes to "localhost/alpine". Recording the raw-image name directly in the generator was the best of the options I considered as no hidden magic from search registries or normalizations (that may or may not change in the future) can interfere. The auto-update backend enforces that the raw-image name is a fully-qualified reference, so we need to worry about that in the front end. Fixes: #7407 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7633 from edsantiago/minus_l_with_other_argsOpenShift Merge Robot2020-09-15
|\ \ | | | | | | Usability: prevent "-l" with arguments
| * | Usability: prevent "-l" with argumentsEd Santiago2020-09-14
| |/ | | | | | | | | | | | | | | | | | | | | Add new system check confirming that "podman foo -l arg" throws an error; and fix lots of instances where code was not doing this check. I'll probably need to add something similar for --all but that can wait. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / Refactor API build endpoint to be more compliantJhon Honce2020-09-14
|/ | | | | | | | | | | | | | | | | * Refactor/Rename channel.WriteCloser() to encapsulate the channel * Refactor build endpoint to "live" stream buildah output channels over API rather then buffering output * Refactor bindings/tunnel build because endpoint changes * building tar file now in bindings rather then depending on caller * Cleanup initiating extra image engine * Remove setting fields to zero values (less noise in code) * Update tests to support remote builds Fixes #7136 Fixes #7137 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7600 from rhatdan/codespellOpenShift Merge Robot2020-09-11
|\ | | | | Fix up errors found by codespell
| * Fix up errors found by codespellDaniel J Walsh2020-09-11
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7403 from QiWang19/runtime-flagOpenShift Merge Robot2020-09-11
|\ \ | |/ |/| Add global options --runtime-flags
| * Add global options --runtime-flagsQi Wang2020-09-04
| | | | | | | | | | | | Add global options --runtime-flags for setting options to container runtime. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | system tests: cleanupEd Santiago2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - run tests: better "skip" message for docker-archive test; remove FIXME, document that podman-remote doesn't support it - run tests: instrument the --conmon-pidfile test in hopes of tracking down flake #7580: cross-check pidfile against output of 'podman inspect', and add some debug messages that will only be seen on test failure. - load tests: the pipe test: save and load a temporary tag, not $IMAGE. Primary reason is because of #7371, in which 'podman load' assigns a new image ID (instead of preserving the saved one). This messes with our image management, and it turns out to be nonfixable. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #7574 from vrothberg/fix-7117OpenShift Merge Robot2020-09-10
|\ \ | | | | | | remote run: consult events for exit code
| * | remote run: consult events for exit codeValentin Rothberg2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After attaching to a container, we wait for the container to finish and return its exit code. Waiting for the container may not always succeed, for instance, when the container has been force removed by another process. In such case, we have to look at the *last* container-exit event. Also refactor the `ContainerRun` method a bit to return early on errors and de-spaghetti the code. Enable the remote-disabled system test. Fixes: #7117 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | remote kill: don't wait for the container to stopValentin Rothberg2020-09-09
|/ / | | | | | | | | | | | | | | | | | | Invert the branch logic to match the comment. Docker seems to wait for the container while Podman does not. Enable the remote-disabled system test as well. Fixes: #7135 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7564 from Luap99/remote-subcmds-usageOpenShift Merge Robot2020-09-08
|\ \ | | | | | | Don't setup the Image/ContainerEngine when calling a cmd with subcmds
| * | Don't setup the Image/ContainerEngine when calling a cmd with subcmdsPaul Holzinger2020-09-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is no need to setup the image and container engine when calling a command with subcommands since we only print a usage message. e.g `podman`,`podman container` This also allows the remote client to show the usage message on these commands without a running endpoint. I added a test for this. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Migrate away from docker.ioEd Santiago2020-09-08
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CI and system tests currently pull some images from docker.io. Eliminate that, by: - building a custom image containing much of what we need for testing; and - copying other needed images to quay.io (Reason: effective 2020-11-01 docker.io will limit the number of image pulls). The principal change is to create a new quay.io/libpod/testimage, using the new test/system/build-testimage script, instead of relying on quay.io/libpod/alpine_labels. We also switch to using a hardcoded :YYYYMMDD tag, instead of :latest, in an attempt to futureproof our CI. This image includes 'httpd' from busybox-extras, which we use in our networking test (previously we had to pull and run busybox from docker.io). The testimage can and should be extended as needed for future tests, e.g. adding test file content or other useful tools. For the '--pull' tests which require actually pulling from the registry, I've created an image with the same name but tagged :00000000 so it will never be pulled by default. Since this image is only used minimally, it's just busybox. Unfortunately there remain two cases we cannot solve in this tiny alpine-based image: 1) docker registry 2) systemd For those, I've (manually) run: podman pull [ docker.io/library/registry:2.7 | registry.fedoraproject.org/fedora:31 ] podman tag !$ quay.io/... podman push !$ ...and amended the calling tests accordingly. I've tried to make the the smallest reasonable diff, not the smallest possible one. I hope it's a reasonable tradeoff. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #7437 from openSUSE/rmOpenShift Merge Robot2020-09-06
|\ \ | |/ |/| Just use `rm` for helper command to remove storage
| * Just use `rm` for helper command to remove storageSascha Grunert2020-08-28
| | | | | | | | | | | | This allows to use any kind of `rm` in `$PATH` for the system tests. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | BATS: fix corner case in --userns=keep-id testEd Santiago2020-08-27
|/ | | | | | | | | | | | | | | | | The test that does 'adduser' in a keep-id container had a really dumb bug: if the user running the test has UID 1000, then podman itself (via keep-id) will add the "1000" passwd entry, and the in-container "adduser" will allocate 1001, making our test fail. This triggered in f31/f32 podman gating tests, but (?!?) never in rawhide gating tests. Solution: explicitly feed a UID to adduser. Make sure that it's not the same as the UID of the current user. Also (unrelated): fix a ridiculous "run mkdir || die". At the time I wrote that I probably had no idea how BATS works. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Remove test comment for now succeeding testsSascha Grunert2020-08-25
| | | | | | | The related issue seems fixed so the test execution should work as intended. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* system tests: enable more remote tests; cleanupEd Santiago2020-08-19
| | | | | | | | | | | | | | | | | | | | | | | | info, images, run, networking tests: remove some skip_if_remote()s that were added in the varlink days. All of these tests now seem to work with APIv2. help test: check that first output line from 'podman --help' is the program description (regression check for #7273). load test: clean up stray images, rewrite test to make it conform to existing convention. In the process, discover and file #7337 exec test (and networking): file #7360, and add FIXME comment to skip()s suggesting evaluating those tests once that is fixed. pod test: now that #6328 is fixed, use 'podman pod inspect --format' instead of relying on jq Various other tests: add an explanation of why test is disabled so we can more easily distinguish "this will never be meaningful under remote" vs "hey, doesn't work for now, but maybe someday". Signed-off-by: Ed Santiago <santiago@redhat.com>
* fix podman version output to include git commit and builttimePaul Holzinger2020-08-18
| | | | | | Add the go module version v2 to the libpod path. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Re-disable sdnotify tests to try to fix CIEd Santiago2020-08-18
| | | | | | | | Some CI tests are hanging, timing out in 60 or 120 minutes. I wonder if it's #7316, the bug where all podman commands hang forever if NOTIFY_SOCKET is set? Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7333 from openSUSE/bashifyOpenShift Merge Robot2020-08-17
|\ | | | | Use `bash` binary from env instead of /bin/bash for scripts
| * Use `bash` binary from env instead of /bin/bash for scriptsSascha Grunert2020-08-17
| | | | | | | | | | | | | | | | It's not possible to run any of the scripts on distributions which do have `bash` not in `/bin`. This is being fixed by using `/usr/bin/env bash` instead. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | system tests: enable sdnotify testsEd Santiago2020-08-13
|/ | | | | | | | | | | | | | | | | | | | | | | | Oops. PR #6693 (sdnotify) added tests, but they were disabled due to broken crun on f31. I tried for three weeks to get a magic CI:IMG PR to update crun on the CI VMs ... but in that time I forgot to actually enable those new tests. This PR removes a 'skip', replacing it with a check that systemd is running plus one more to make sure our runtime is crun. It looks like sdnotify just doesn't work on Ubuntu (it hangs), and my guess is that it's a crun/runc issue. I also changed the test image from fedora:latest to :31, because, sigh, fedora:latest removed the systemd-notify tool. WARNING WARNING WARNING: the symptom of a missing systemd-notify is that podman will hang forever, not even stopped by the timeout command in podman_run! (Filed: #7316). This means that if the sdnotify-in-container test ever fails, the symptom will be that Cirrus itself will time out (2 hours?). This is horrible. I don't know what to do about it other than push for a fix for 7316. Signed-off-by: Ed Santiago <santiago@redhat.com>
* podman save use named pipeQi Wang2020-08-12
| | | | | | | podman save uses named pipe as output path, not directly using /dev/stdout. fix #7017 Signed-off-by: Qi Wang <qiwan@redhat.com>
* Replace deepcopy on history resultsBrent Baude2020-08-11
| | | | | | | | the deepcopy in the remote history code path was throwing an uncaught error on a type mismatch. we now manually do the conversion and fix the type mismatch on the fly. Fixes: #7122 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Default .Repository and .Tag values to <none>Jhon Honce2020-08-10
| | | | | | | | | | Refactor the processing of Repository and Tag fields to default to <none> when printing via --format flag. Previously, the default format would print <none> but --format {{.Tag}} would not in some cases. Fixes #7123 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* system tests: podman-remote, image treeEd Santiago2020-08-10
| | | | | | | | | | | | | | | | | | | | | - new sanity checks for podman-remote: - first, confirm that when PODMAN is "-remote", we actually talk to a server (validated by presence of "Server:" string in "podman version"). - second, add test for #7212, in which we run "podman --remote" (podman with --remote flag, not podman-remote command) and make sure --remote is allowed both as the first option and also with other flag options preceding. - new test for "podman image tree" (piggybacking on top of a "podman build" test, because that gives us lots of layers). - skip "podman exec - basic test" when remote. It is consistently causing CI failures, breaking all of CI, due to #7241. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7220 from baude/issue7124OpenShift Merge Robot2020-08-05
|\ | | | | podman-remote send name and tag