summaryrefslogtreecommitdiff
path: root/test/system
Commit message (Collapse)AuthorAge
* system tests: cleanup networks on teardownPaul Holzinger2022-02-21
| | | | | | | | When a test which creates a network fail it will not remove the network. The teardown logic should remove the networks. Since there is no --all option for network rm we use network prune --force. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #13296 from ↵OpenShift Merge Robot2022-02-21
|\ | | | | | | | | Romain-Geissler-1A/url-and-connection-implies-remote Option --url and --connection should imply --remote.
| * Option --url and --connection should imply --remote.Romain Geissler2022-02-19
| | | | | | | | | | | | Closes #13242 Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
* | Merge pull request #13306 from Luap99/flag-errorOpenShift Merge Robot2022-02-21
|\ \ | | | | | | provide better error on invalid flag
| * | provide better error on invalid flagPaul Holzinger2022-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a extra `See 'podman command --help'` to the error output. With this patch you now get: ``` $ podman run -h Error: flag needs an argument: 'h' in -h See 'podman run --help' ``` Fixes #13082 Fixes #13002 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | System tests: show one-line config overviewEd Santiago2022-02-21
|/ / | | | | | | | | | | | | | | | | | | | | | | | | We're running into problems that are impossible to diagnose because we have no idea if the SUT is using netavark or CNI. We've previously run into similar problems with runc/crun, or cgroups 1/2. This adds a one-line 'echo' with important system info. Now, when viewing a full test log, it will be possible to view system settings in one glance. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Propagate $CONTAINERS_CONF to conmonDavid Gibson2022-02-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CONTAINERS_CONF environment variable can be used to override the configuration file, which is useful for testing. However, at the moment this variable is not propagated to conmon. That means in particular, that conmon can't propagate it back to podman when invoking its --exit-command. The mismatch in configuration between the starting and cleaning up podman instances can cause a variety of errors. This patch also adds two related test cases. One checks explicitly that the correct CONTAINERS_CONF value appears in conmon's environment. The other checks for a possible specific impact of this bug: if we use a nonstandard name for the runtime (even if its path is just a regular crun), then the podman container cleanup invoked at container exit will fail. That has the effect of meaning that a container started with -d --rm won't be correctly removed once complete. Fixes #12917 Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | tests: Remove inaccurate commentDavid Gibson2022-02-18
|/ | | | | | | | This comment refers to overiding $PODMAN although the code below does nothing of the sort. Presumbly the comment has been outdated by altering the containers.conf / $CONTAINERS_CONF instead. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* Make sure building with relative paths work correctly.Daniel J Walsh2022-02-10
| | | | | | Fixes: https://github.com/containers/podman/issues/12763 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13159 from Luap99/slirp4-scopeOpenShift Merge Robot2022-02-08
|\ | | | | move rootless netns slirp4netns process to systemd user.slice
| * move rootless netns slirp4netns process to systemd user.slicePaul Holzinger2022-02-07
| | | | | | | | | | | | | | | | | | | | | | | | | | When running podman inside systemd user units, it is possible that systemd kills the rootless netns slirp4netns process because it was started in the default unit cgroup. When the unit is stopped all processes in that cgroup are killed. Since the slirp4netns process is run once for all containers it should not be killed. To make sure systemd will not kill the process we move it to the user.slice. Fixes #13153 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Cleanup: remove obsolete/misleading bug workaroundEd Santiago2022-02-07
| | | | | | | | | | | | | | Followup to #13129: remove a no-longer-necessary workaround for a healthcheck bug. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #13129 from flouthoc/healthcheck-session-read-from-pipeOpenShift Merge Robot2022-02-07
|\ \ | |/ |/| healthcheck, libpod: Read healthcheck event output from os pipe
| * tests: retrofit healthcheck system testsAditya R2022-02-04
| | | | | | | | | | | | | | | | | | All the healthcheck return output now but systems tests is written to expect empty output which seems wrong. Modify jq output to contain newline character rather than actual newline Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #13143 from Luap99/dnsOpenShift Merge Robot2022-02-04
|\ \ | | | | | | append podman dns search domain
| * | append podman dns search domainPaul Holzinger2022-02-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Append the podman dns seach domain to the host search domains when we use the dnsname/aardvark server. Previously it would only use podman seach domains and discard the host domains. Fixes #13103 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #12930 from cdoern/podCgroupOpenShift Merge Robot2022-02-04
|\ \ \ | | | | | | | | Podman pod create --share-parent vs --share=cgroup
| * | | Podman pod create --share-parent vs --share=cgroupcdoern2022-02-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | separated cgroupNS sharing from setting the pod as the cgroup parent, made a new flag --share-parent which sets the pod as the cgroup parent for all containers entering the pod remove cgroup from the default kernel namespaces since we want the same default behavior as before which is just the cgroup parent. resolves #12765 Signed-off-by: cdoern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* | | | System tests: revert emergency skip of checkpoint testsEd Santiago2022-02-03
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Revert #13049. criu-3.16.1-6.fc36 fixes the problem and is now in fc36 stable: https://bodhi.fedoraproject.org/updates/FEDORA-2022-183b337712 (Yes, I confirmed that tests pass on a rawhide vm) Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Cirrus: Add netavark/aardvark system test taskChris Evich2022-02-03
| | | | | | | | | | | | | | | | | | | | | Also add a system-test that verifies netavark driver is in use when magic env. var. is set. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Revert "Move each search dns to its own line"Paul Holzinger2022-02-02
| |/ |/| | | | | | | | | | | | | | | | | This reverts commit a1bc8cb52cefd49e8cc54ae14d1864b8a1ec216e. Please see resolv.conf(5) search domains must be on the same line. If you use multiple seach key words only the last one is used. I tested this with alpine and it works correctly when they are on the same line so I am not sure what issues Dan had with it but this is not correct. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Move each search dns to its own lineDaniel J Walsh2022-02-02
| | | | | | | | | | | | | | | | | | | | Alpine does not seem to use search correctly when there are multiple search domains on the same line. It only uses the first with the advent. When podman runs within a separate network we are appending on dns.podman as a search, if you add a search domain, then this causes the local search on network to fail. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Only change network fields if they were actually changed by the userDaniel J Walsh2022-02-02
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/13065 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Fix use of infra image to clarify defaultDaniel J Walsh2022-01-31
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | System tests: emergency skip of checkpoint testsEd Santiago2022-01-27
| | | | | | | | | | | | ...on kernel 5.17, because it's broken Signed-off-by: Ed Santiago <santiago@redhat.com>
* | switch podman image scp from depending on machinectl to just os/execcdoern2022-01-26
| | | | | | | | | | | | | | | | | | machinectl does not propogate error messages and adds extra lines in the output, exec.Cmd is able to clear the env besides PATH and TERM, and use the given UID and GID to execute the command properly. machinectl is still used to create a user session. Ubuntu support is limited by this. Signed-off-by: cdoern <cdoern@redhat.com>
* | CI: enable rootless-remote system testsEd Santiago2022-01-24
| | | | | | | | | | | | | | | | | | | | | | | | Minimal: only test Fedora.Latest. Reason: podman 4.0.0-0.2.rc2 broke bodhi gating tests: https://github.com/containers/podman/issues/12989 Requires skipping two recently-added tests that use 'podman unshare', which doesn't work on remote. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Run codespell on codeDaniel J Walsh2022-01-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Make error message matching in 030-run.bats less fragileDavid Gibson2022-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Amongst other things 030-run.bats checks for sensible error messages when attempting a "podman run" with a non-existent or inaccessible path. It checks for these messages, which come from the low-level runtime, in a lot of detail, including separate versions for runc and crun. This is fragile in several ways: * It's likely to fail if using a runtime other than crun or runc * It relies on detecting whether the runtime is crun vs. runc using the path, which could fail if the binary has been named something unusual * It will break if crun or runc ever alter their error message (even if it's just changing case) This replaces the checked versions with a much more accepting regex which will work for both the runc and crun messages, while still looking for the essential pieces. This isn't guaranteed to work with other runtimes, but it's much more likely to. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | Don't explicitly check for crun|runc in package informationDavid Gibson2022-01-21
| | | | | | | | | | | | | | | | | | | | | | | | Amongst other things 005-info.bats tests that the host.ociRuntime.package field in the output from "podman info" reports something containing "crun" or "runc". While those are obviously the dominant runtimes in practice, it seems undesirable to explicitly exclude them in testing. So, remove this specific test. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | System tests: fix for new systemd on rawhideEd Santiago2022-01-20
| | | | | | | | | | | | | | | | systemd 250 on f36 has changed the output format of a message our tests rely on. This breaks bodhi gating tests. Fix test so it accepts a continually-growing set of systemd outputs. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #12797 from edsantiago/test_image_scp_sudoOpenShift Merge Robot2022-01-18
|\ \ | |/ |/| Tests for podman image scp (the sudo form)
| * CI: rootless user: also create in some root testsEd Santiago2022-01-17
| | | | | | | | | | | | | | | | | | | | | | | | viz, rootful system tests. The rootless account will be used by image-scp tests. Unfortunately, having ssh available means the system-connection tests will start running, which is very bad because they will fail, because system connection doesn't actually work (long story). Add a few more checks to prevent this test from running. Signed-off-by: Ed Santiago <santiago@redhat.com>
| * [WIP] Tests for podman image scp (the sudo form)Ed Santiago2022-01-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Start inching our way back to having tests for the sudo form of podman image scp. Basically, copy an image to another user and then back, using a pseudorandom name. Confirm that the image makes it to the remote end, and that when we copy it back, the original image digest is preserved. When scp'ing as root, we identify the destination rootless user account via the $PODMAN_ROOTLESS_USER envariable. Setting this and creating the account is left as an exercise for the CI framework (be it github, or Fedora/CentOS/RHEL gating, or other). Also: amend hack/bats to set and relay $PODMAN_ROOTLESS_USER, so developers can test locally. Also: remove what I'm 99% sure is a debugging printf. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Revamp Libpod state strings for Docker compatMatthew Heon2022-01-17
|/ | | | | | | | | | | | | | | | | | | | | | | | Improve our compatibility with Docker by better handling the state strings that we print in `podman ps`. Docker capitalizes all states in `ps` (we do not) - fix this in our PS code. Also, stop normalizing ContainerStateConfigured to the "Created" state, and instead make it always be Created, with the existing Created state becoming Initialized. I didn't rename the actual states because I'm somewhat reticent to make such a large change a day before we leave for break. It's somewhat confusing that ContainerStateConfigured now returns Created, but internally and externally we're still consistent. [NO NEW TESTS NEEDED] existing tests should catch anything that broke. I also consider this a breaking change. I will flag appropriately on Github. Fixes RHBZ#2010432 and RHBZ#2032561 Signed-off-by: Matthew Heon <mheon@redhat.com>
* fix default branch linksErik Sjölund2022-01-15
| | | | | | | | | | | | | * Replace https://github.com/containers/podman/blob/master with https://github.com/containers/podman/blob/main to match the new default branch "main". Previously the default branch was "master". This is the only occurence found in the code. * Replace https://raw.githubusercontent.com/containers/libpod/master with https://raw.githubusercontent.com/containers/podman/main Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* test/system: podman run update /etc/hostsDaniel J Walsh2022-01-14
| | | | | | | This test case is used for covering rhbz#1902979. Signed-off-by: Alex Jia <ajia@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman container rm: remove podValentin Rothberg2022-01-13
| | | | | | | | Support removing the entire pod when --depend is used on an infra container. --all now implies --depend to properly support removing all containers and not error out when hitting infra containers. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* use events_logfile_path from containers.conf for events log.Daniel J Walsh2022-01-13
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* libpod: fix check for systemd sessionGiuseppe Scrivano2022-01-12
| | | | | | | | | | move the check after the cgroup manager is set, so to correctly detect --cgroup-manager=cgroupfs and do not raise a warning about dbus not being present. Closes: https://github.com/containers/podman/issues/12802 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Add --noout option to prevent the output of idsDaniel J Walsh2022-01-12
| | | | | | Fixes: https://github.com/containers/podman/issues/11515 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fix permission on secrets directoryDaniel J Walsh2022-01-11
| | | | | | | | | This directory needs to be world searchable so users can access it from different user namespaces. Fixes: https://github.com/containers/podman/issues/12779 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add podman rm --dependDaniel J Walsh2022-01-11
| | | | | | | | | | | This option causes Podman to not only remove the specified containers but all of the containers that depend on the specified containers. Fixes: https://github.com/containers/podman/issues/10360 Also ran codespell on the code Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #12780 from rhatdan/podOpenShift Merge Robot2022-01-11
|\ | | | | Use the InfraImage defined in containers.conf
| * Use the InfraImage defined in containers.confDaniel J Walsh2022-01-10
| | | | | | | | | | | | | | | | | | Remove hard code use of the DefaultInfraImage and rely on getting this from containers.conf. Fixes: https://github.com/containers/podman/issues/12771 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | System tests: fix RHEL8 gating testsEd Santiago2022-01-10
|/ | | | | | | | | | Add a fix for RHEL8 gating tests. This resolves yet another journald/file events/logger mismatch bug. Also, while I'm at it, more log cleanup: a recently-added test was missing final rm/rmi, resulting in big red scary output in test logs. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #12733 from rhatdan/copyOpenShift Merge Robot2022-01-07
|\ | | | | Set volume NeedsCopyUp to false iff data was copied up
| * Set volume NeedsCopyUp to false iff data was copied upDaniel J Walsh2022-01-06
| | | | | | | | | | | | | | | | | | | | | | | | Currently Docker copies up the first volume on a mountpoint with data. Fixes: https://github.com/containers/podman/issues/12714 Also added NeedsCopyUP, NeedsChown and MountCount to the podman volume inspect code. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Emergency system-test fixesEd Santiago2022-01-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Emergency fix to image-scp tests. DO NOT CREATE A USER! These tests are run in all sorts of environments. We do not have the right to vandalize a production system. Also remove some misleading unneeded tests; and refactor a little; and add a bunch of FIXMEs which will need to be addressed later. Also, super-low priority, add 'crun: ' to expected error message in a run test (minor followup to #12758). Signed-off-by: Ed Santiago <santiago@redhat.com>
* | add OCI Runtime name to errorsDaniel J Walsh2022-01-06
|/ | | | | | | | | It would be easier to diagnose OCI runtime errors if the error actually had the name of the OCI runtime that produced the error. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>