summaryrefslogtreecommitdiff
path: root/test/system
Commit message (Collapse)AuthorAge
* fix slirp4netns port forwarding with rangesPaul Holzinger2022-03-29
| | | | | | | | | | | | | | The slirp4netns port forwarder was not updated to make use of the new port format. This results in a problem when port ranges are used since it does not read the range field from the port. Update the logic to iterate through all ports with the range and protocols. Also added a system test for port ranges with slirp4netns, rootlesskit and the bridge network mode. Fixes #13643 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Run codespell to cleanup typosDaniel J Walsh2022-03-25
| | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* When running systemd in a container set container_uuidDaniel J Walsh2022-03-23
| | | | | | | | | systemd expects the container_uuid environment variable be set when it is running in a container. Fixes: https://github.com/containers/podman/issues/13187 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* pod system tests: clean up stray imageEd Santiago2022-03-21
| | | | | | | | | | One of the pod tests was leaving a stray image behind, causing scary red warnings in CI logs. Clean that up. Also, now that #13541 has merged, use 'rmi --ignore' instead of ignoring exit status from rmi Signed-off-by: Ed Santiago <santiago@redhat.com>
* podman rmi --ignoreValentin Rothberg2022-03-19
| | | | | | | | | | | Add an `--ignore` flag to `podman image rm` to instruct ignoring image if a specified image does not exist and to not throw an error. Other commands (e.g., `podman container rm`) already support this flag. Such an `--ignore` flag can come in handy in clean-up scripcts such as the teardown phases in the Podman tests. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* podman create: building local pause image: do not read ignore filesValentin Rothberg2022-03-17
| | | | | | | | | Make sure to ignore local {container,docker}ignore files when building a local pause image. Otherwise, we may mistakenly not be able to copy catatonit into the build container. Fixes: #13529 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Add podman play kube --annotationDaniel J Walsh2022-03-09
| | | | | | | | | | Allow users to add annotions in the podman play kube command. This PR Also fixes the fact that annotations in the pod spec were not being passed down to containers. Fixes: https://github.com/containers/podman/issues/12968 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #12913 from rhatdan/kubeOpenShift Merge Robot2022-03-09
|\ | | | | Add --context-dir option to podman play kube
| * Add --context-dir option to podman play kubeDaniel J Walsh2022-03-01
| | | | | | | | | | | | | | | | | | | | This option was requested so that users could specify alternate locations to find context directories for each image build. It requites the --build option to be set. Partion Fix: https://github.com/containers/podman/issues/12485 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | test: add a test to verify race free concurrent/parallel buildsAditya R2022-03-03
|/ | | | | | | | | | | | | | Invoking parallel/concurrent builds from podman race against each other following behviour was fixed in https://github.com/containers/storage/pull/1153 and https://github.com/containers/image/pull/1480 Test verifies if following bug is fixed in new race-free API or not. Read more about this issue, see bz 2055487 for more details. More details here: https://github.com/containers/buildah/pull/3794 and https://github.com/containers/podman/pull/13339 Co-authored-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Aditya R <arajan@redhat.com>
* Add podman volume mount supportDaniel J Walsh2022-02-28
| | | | | | Fixes: https://github.com/containers/podman/issues/12768 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13232 from rhatdan/volumesOpenShift Merge Robot2022-02-23
|\ | | | | Don't log errors on removing volumes inuse, if container --volumes-from
| * Don't log errors on removing volumes inuse, if container --volumes-fromDaniel J Walsh2022-02-21
| | | | | | | | | | | | | | | | | | | | | | When removing a container created with a --volumes-from a container created with a built in volume, we complain if the original container still exists. Since this is an expected state, we should not complain about it. Fixes: https://github.com/containers/podman/issues/12808 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Cleanup display of trust with transportsDaniel J Walsh2022-02-22
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | system tests: cleanup networks on teardownPaul Holzinger2022-02-21
|/ | | | | | | | When a test which creates a network fail it will not remove the network. The teardown logic should remove the networks. Since there is no --all option for network rm we use network prune --force. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #13296 from ↵OpenShift Merge Robot2022-02-21
|\ | | | | | | | | Romain-Geissler-1A/url-and-connection-implies-remote Option --url and --connection should imply --remote.
| * Option --url and --connection should imply --remote.Romain Geissler2022-02-19
| | | | | | | | | | | | Closes #13242 Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
* | Merge pull request #13306 from Luap99/flag-errorOpenShift Merge Robot2022-02-21
|\ \ | | | | | | provide better error on invalid flag
| * | provide better error on invalid flagPaul Holzinger2022-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a extra `See 'podman command --help'` to the error output. With this patch you now get: ``` $ podman run -h Error: flag needs an argument: 'h' in -h See 'podman run --help' ``` Fixes #13082 Fixes #13002 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | System tests: show one-line config overviewEd Santiago2022-02-21
|/ / | | | | | | | | | | | | | | | | | | | | | | | | We're running into problems that are impossible to diagnose because we have no idea if the SUT is using netavark or CNI. We've previously run into similar problems with runc/crun, or cgroups 1/2. This adds a one-line 'echo' with important system info. Now, when viewing a full test log, it will be possible to view system settings in one glance. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Propagate $CONTAINERS_CONF to conmonDavid Gibson2022-02-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CONTAINERS_CONF environment variable can be used to override the configuration file, which is useful for testing. However, at the moment this variable is not propagated to conmon. That means in particular, that conmon can't propagate it back to podman when invoking its --exit-command. The mismatch in configuration between the starting and cleaning up podman instances can cause a variety of errors. This patch also adds two related test cases. One checks explicitly that the correct CONTAINERS_CONF value appears in conmon's environment. The other checks for a possible specific impact of this bug: if we use a nonstandard name for the runtime (even if its path is just a regular crun), then the podman container cleanup invoked at container exit will fail. That has the effect of meaning that a container started with -d --rm won't be correctly removed once complete. Fixes #12917 Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | tests: Remove inaccurate commentDavid Gibson2022-02-18
|/ | | | | | | | This comment refers to overiding $PODMAN although the code below does nothing of the sort. Presumbly the comment has been outdated by altering the containers.conf / $CONTAINERS_CONF instead. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* Make sure building with relative paths work correctly.Daniel J Walsh2022-02-10
| | | | | | Fixes: https://github.com/containers/podman/issues/12763 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13159 from Luap99/slirp4-scopeOpenShift Merge Robot2022-02-08
|\ | | | | move rootless netns slirp4netns process to systemd user.slice
| * move rootless netns slirp4netns process to systemd user.slicePaul Holzinger2022-02-07
| | | | | | | | | | | | | | | | | | | | | | | | | | When running podman inside systemd user units, it is possible that systemd kills the rootless netns slirp4netns process because it was started in the default unit cgroup. When the unit is stopped all processes in that cgroup are killed. Since the slirp4netns process is run once for all containers it should not be killed. To make sure systemd will not kill the process we move it to the user.slice. Fixes #13153 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Cleanup: remove obsolete/misleading bug workaroundEd Santiago2022-02-07
| | | | | | | | | | | | | | Followup to #13129: remove a no-longer-necessary workaround for a healthcheck bug. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #13129 from flouthoc/healthcheck-session-read-from-pipeOpenShift Merge Robot2022-02-07
|\ \ | |/ |/| healthcheck, libpod: Read healthcheck event output from os pipe
| * tests: retrofit healthcheck system testsAditya R2022-02-04
| | | | | | | | | | | | | | | | | | All the healthcheck return output now but systems tests is written to expect empty output which seems wrong. Modify jq output to contain newline character rather than actual newline Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #13143 from Luap99/dnsOpenShift Merge Robot2022-02-04
|\ \ | | | | | | append podman dns search domain
| * | append podman dns search domainPaul Holzinger2022-02-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Append the podman dns seach domain to the host search domains when we use the dnsname/aardvark server. Previously it would only use podman seach domains and discard the host domains. Fixes #13103 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #12930 from cdoern/podCgroupOpenShift Merge Robot2022-02-04
|\ \ \ | | | | | | | | Podman pod create --share-parent vs --share=cgroup
| * | | Podman pod create --share-parent vs --share=cgroupcdoern2022-02-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | separated cgroupNS sharing from setting the pod as the cgroup parent, made a new flag --share-parent which sets the pod as the cgroup parent for all containers entering the pod remove cgroup from the default kernel namespaces since we want the same default behavior as before which is just the cgroup parent. resolves #12765 Signed-off-by: cdoern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* | | | System tests: revert emergency skip of checkpoint testsEd Santiago2022-02-03
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Revert #13049. criu-3.16.1-6.fc36 fixes the problem and is now in fc36 stable: https://bodhi.fedoraproject.org/updates/FEDORA-2022-183b337712 (Yes, I confirmed that tests pass on a rawhide vm) Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Cirrus: Add netavark/aardvark system test taskChris Evich2022-02-03
| | | | | | | | | | | | | | | | | | | | | Also add a system-test that verifies netavark driver is in use when magic env. var. is set. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Revert "Move each search dns to its own line"Paul Holzinger2022-02-02
| |/ |/| | | | | | | | | | | | | | | | | This reverts commit a1bc8cb52cefd49e8cc54ae14d1864b8a1ec216e. Please see resolv.conf(5) search domains must be on the same line. If you use multiple seach key words only the last one is used. I tested this with alpine and it works correctly when they are on the same line so I am not sure what issues Dan had with it but this is not correct. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Move each search dns to its own lineDaniel J Walsh2022-02-02
| | | | | | | | | | | | | | | | | | | | Alpine does not seem to use search correctly when there are multiple search domains on the same line. It only uses the first with the advent. When podman runs within a separate network we are appending on dns.podman as a search, if you add a search domain, then this causes the local search on network to fail. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Only change network fields if they were actually changed by the userDaniel J Walsh2022-02-02
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/13065 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Fix use of infra image to clarify defaultDaniel J Walsh2022-01-31
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | System tests: emergency skip of checkpoint testsEd Santiago2022-01-27
| | | | | | | | | | | | ...on kernel 5.17, because it's broken Signed-off-by: Ed Santiago <santiago@redhat.com>
* | switch podman image scp from depending on machinectl to just os/execcdoern2022-01-26
| | | | | | | | | | | | | | | | | | machinectl does not propogate error messages and adds extra lines in the output, exec.Cmd is able to clear the env besides PATH and TERM, and use the given UID and GID to execute the command properly. machinectl is still used to create a user session. Ubuntu support is limited by this. Signed-off-by: cdoern <cdoern@redhat.com>
* | CI: enable rootless-remote system testsEd Santiago2022-01-24
| | | | | | | | | | | | | | | | | | | | | | | | Minimal: only test Fedora.Latest. Reason: podman 4.0.0-0.2.rc2 broke bodhi gating tests: https://github.com/containers/podman/issues/12989 Requires skipping two recently-added tests that use 'podman unshare', which doesn't work on remote. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Run codespell on codeDaniel J Walsh2022-01-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Make error message matching in 030-run.bats less fragileDavid Gibson2022-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Amongst other things 030-run.bats checks for sensible error messages when attempting a "podman run" with a non-existent or inaccessible path. It checks for these messages, which come from the low-level runtime, in a lot of detail, including separate versions for runc and crun. This is fragile in several ways: * It's likely to fail if using a runtime other than crun or runc * It relies on detecting whether the runtime is crun vs. runc using the path, which could fail if the binary has been named something unusual * It will break if crun or runc ever alter their error message (even if it's just changing case) This replaces the checked versions with a much more accepting regex which will work for both the runc and crun messages, while still looking for the essential pieces. This isn't guaranteed to work with other runtimes, but it's much more likely to. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | Don't explicitly check for crun|runc in package informationDavid Gibson2022-01-21
| | | | | | | | | | | | | | | | | | | | | | | | Amongst other things 005-info.bats tests that the host.ociRuntime.package field in the output from "podman info" reports something containing "crun" or "runc". While those are obviously the dominant runtimes in practice, it seems undesirable to explicitly exclude them in testing. So, remove this specific test. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | System tests: fix for new systemd on rawhideEd Santiago2022-01-20
| | | | | | | | | | | | | | | | systemd 250 on f36 has changed the output format of a message our tests rely on. This breaks bodhi gating tests. Fix test so it accepts a continually-growing set of systemd outputs. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #12797 from edsantiago/test_image_scp_sudoOpenShift Merge Robot2022-01-18
|\ \ | |/ |/| Tests for podman image scp (the sudo form)
| * CI: rootless user: also create in some root testsEd Santiago2022-01-17
| | | | | | | | | | | | | | | | | | | | | | | | viz, rootful system tests. The rootless account will be used by image-scp tests. Unfortunately, having ssh available means the system-connection tests will start running, which is very bad because they will fail, because system connection doesn't actually work (long story). Add a few more checks to prevent this test from running. Signed-off-by: Ed Santiago <santiago@redhat.com>
| * [WIP] Tests for podman image scp (the sudo form)Ed Santiago2022-01-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Start inching our way back to having tests for the sudo form of podman image scp. Basically, copy an image to another user and then back, using a pseudorandom name. Confirm that the image makes it to the remote end, and that when we copy it back, the original image digest is preserved. When scp'ing as root, we identify the destination rootless user account via the $PODMAN_ROOTLESS_USER envariable. Setting this and creating the account is left as an exercise for the CI framework (be it github, or Fedora/CentOS/RHEL gating, or other). Also: amend hack/bats to set and relay $PODMAN_ROOTLESS_USER, so developers can test locally. Also: remove what I'm 99% sure is a debugging printf. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Revamp Libpod state strings for Docker compatMatthew Heon2022-01-17
|/ | | | | | | | | | | | | | | | | | | | | | | | Improve our compatibility with Docker by better handling the state strings that we print in `podman ps`. Docker capitalizes all states in `ps` (we do not) - fix this in our PS code. Also, stop normalizing ContainerStateConfigured to the "Created" state, and instead make it always be Created, with the existing Created state becoming Initialized. I didn't rename the actual states because I'm somewhat reticent to make such a large change a day before we leave for break. It's somewhat confusing that ContainerStateConfigured now returns Created, but internally and externally we're still consistent. [NO NEW TESTS NEEDED] existing tests should catch anything that broke. I also consider this a breaking change. I will flag appropriately on Github. Fixes RHBZ#2010432 and RHBZ#2032561 Signed-off-by: Matthew Heon <mheon@redhat.com>
* fix default branch linksErik Sjölund2022-01-15
| | | | | | | | | | | | | * Replace https://github.com/containers/podman/blob/master with https://github.com/containers/podman/blob/main to match the new default branch "main". Previously the default branch was "master". This is the only occurence found in the code. * Replace https://raw.githubusercontent.com/containers/libpod/master with https://raw.githubusercontent.com/containers/podman/main Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>