summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* execuser: look at the source for /etc/{passwd,group} overridesGiuseppe Scrivano2019-09-21
| | | | | | | | | look if there are bind mounts that can shadow the /etc/passwd and /etc/group files. In that case, look at the bind mount source. Closes: https://github.com/containers/libpod/pull/4068#issuecomment-533782941 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* container: make sure $HOME is always setGiuseppe Scrivano2019-09-20
| | | | | | | | | | | | | If the HOME environment variable is not set, make sure it is set to the configuration found in the container /etc/passwd file. It was previously depending on a runc behavior that always set HOME when it is not set. The OCI runtime specifications do not require HOME to be set so move the logic to libpod. Closes: https://github.com/debarshiray/toolbox/issues/266 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* System-test: Temporarily disable 030-runChris Evich2019-09-17
| | | | | | | | | | While investigating issue https://github.com/containers/libpod/issues/4044 there is no sense subjecting forward progress elsewhere. Skip the test with a note temporarily, until a resolution to 4044 and any other related issues is found and fix implemented. Signed-off-by: Chris Evich <cevich@redhat.com>
* Fix exit code failureDaniel J Walsh2019-09-17
| | | | | | Be less precise on the exit code and lot the exit code to the journal when it fails. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #4043 from haircommander/preserve-fd-fixOpenShift Merge Robot2019-09-16
|\ | | | | exec: fix --preserve-fds
| * exec: fix --preserve-fdsPeter Hunt2019-09-16
| | | | | | | | | | | | | | | | | | | | | | | | There were two problems with preserve fds. libpod didn't open the fds before passing _OCI*PIPE to conmon. This caused libpod to talk on the preserved fds, rather than the pipes, with conmon talking on the pipes. This caused a hang. Libpod also didn't convert an int to string correctly, so it would further fail. Fix these and add a unit test to make sure we don't regress in the future Note: this test will not pass on crun until crun supports --preserve-fds Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | Merge pull request #3941 from gabibeyer/fix_unit_testOpenShift Merge Robot2019-09-16
|\ \ | |/ |/| fix unit test using strings.Contains
| * fix unit test to use Expectgabi beyer2019-09-12
| | | | | | | | | | | | | | | | The Expect function does not return a result of True or False depending on the value of the first instance, but instead requires a comparison using ".To(", so change to use ".To(ContainSubstring(" Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>
* | Merge pull request #3934 from rhatdan/waitOpenShift Merge Robot2019-09-13
|\ \ | | | | | | Podman-remote run should wait for exit code
| * | Podman-remote run should wait for exit codeDaniel J Walsh2019-09-12
| | | | | | | | | | | | | | | | | | | | | | | | This change matches what is happening on the podman local side and should eliminate a race condition. Also exit commands on the server side should start to return to client. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Use exit code constantsDaniel J Walsh2019-09-12
| |/ | | | | | | | | | | | | We have leaked the exit number codess all over the code, this patch removes the numbers to constants. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Do not support wildcards on cpJhon Honce2019-09-12
| | | | | | | | | | | | | | * symlink processing and wildcarding led to unexpected files being copied Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Test that PTYs created by 'podman exec --tty' have the ONLCR flagDebarshi Ray2019-09-12
|/ | | | Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
* Merge pull request #3927 from openSUSE/manager-annotationsOpenShift Merge Robot2019-09-11
|\ | | | | Add `ContainerManager` annotation to created containers
| * Add `ContainerManager` annotation to created containersSascha Grunert2019-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change adds the following annotation to every container created by podman: ```json "Annotations": { "io.containers.manager": "libpod" } ``` Target of this annotaions is to indicate which project in the containers ecosystem is the major manager of a container when applications share the same storage paths. This way projects can decide if they want to manipulate the container or not. For example, since CRI-O and podman are not using the same container library (libpod), CRI-O can skip podman containers and provide the end user more useful information. A corresponding end-to-end test has been adapted as well. Relates to: https://github.com/cri-o/cri-o/pull/2761 Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #3581 from mheon/no_cgroupsOpenShift Merge Robot2019-09-11
|\ \ | | | | | | Support running containers without CGroups
| * | Add support for launching containers without CGroupsMatthew Heon2019-09-10
| | | | | | | | | | | | | | | | | | | | | This is mostly used with Systemd, which really wants to manage CGroups itself when managing containers via unit file. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #3961 from mheon/copy_volume_contentsOpenShift Merge Robot2019-09-10
|\ \ \ | |_|/ |/| | When first mounting any named volume, copy up
| * | When first mounting any named volume, copy upMatthew Heon2019-09-09
| |/ | | | | | | | | | | | | | | | | | | | | Previously, we only did this for volumes created at the same time as the container. However, this is not correct behavior - Docker does so for all named volumes, even those made with 'podman volume create' and mounted into a container later. Fixes #3945 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3896 from mheon/volume_lookupOpenShift Merge Robot2019-09-09
|\ \ | | | | | | Add ability to look up volumes by unambiguous partial name
| * | Add function for looking up volumes by partial nameMatthew Heon2019-09-09
| |/ | | | | | | | | | | | | | | | | | | This isn't included in Docker, but seems handy enough. Use the new API for 'volume rm' and 'volume inspect'. Fixes #3891 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / podman network createbaude2019-09-09
|/ | | | | | | initial implementation of network create. we only support bridging networks with this first pass. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #3958 from haircommander/play-kube-secOpenShift Merge Robot2019-09-06
|\ | | | | play kube: fix segfault
| * play kube: fix segfaultPeter Hunt2019-09-06
| | | | | | | | | | | | | | when securityContext wasn't specified in yaml. add a test as well Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | Add ability for volumes with options to mount/umountMatthew Heon2019-09-05
|/ | | | | | | | | | | | | When volume options and the local volume driver are specified, the volume is intended to be mounted using the 'mount' command. Supported options will be used to volume the volume before the first container using it starts, and unmount the volume after the last container using it dies. This should work for any local filesystem, though at present I've only tested with tmpfs and btrfs. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #3943 from gabibeyer/fix_testsOpenShift Merge Robot2019-09-05
|\ | | | | Fix unit tests missing comparative for 'Expect'
| * Fix unit tests missing comparative for 'Expect'gabi beyer2019-09-04
| | | | | | | | | | | | | | | | Add '.To(BeTrue())' to 'Expect(' statements in unit tests that are missing them. These tests weren't being compared to anything, thus reporting false positives. Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>
* | Merge pull request #3940 from edsantiago/batsOpenShift Merge Robot2019-09-04
|\ \ | | | | | | System tests: support for crun on f31/rawhide
| * | System tests: support for crun on f31/rawhideEd Santiago2019-09-04
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | crun emits wildly different error messages than runc in two cases: podman run ... /no/such/path (enoent) podman run ... /etc (trying to exec a directory) Deal with it by getting the runtime from 'podman info' and, if crun, changing what we expect. There may be more tweaks needed to get system tests working with crun, but right now podman rawhide is too broken to have any hope of finding them all. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #3876 from mheon/fix_mount_flagsOpenShift Merge Robot2019-09-04
|\ \ | |/ |/| Allow suid, exec, dev mount options to cancel nosuid/noexec/nodev
| * Add test to verify noexec works with volume mountsMatthew Heon2019-09-04
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add a test for the new suid/exec/dev optionsMatthew Heon2019-08-28
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | rootless: bind mount devices instead of creating themGiuseppe Scrivano2019-09-02
| | | | | | | | | | | | | | | | | | | | | | when running in rootless mode, --device creates a bind mount from the host instead of specifying the device in the OCI configuration. This is required as an unprivileged user cannot use mknod, even when root in a user namespace. Closes: https://github.com/containers/libpod/issues/3905 Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
* | Merge pull request #3907 from baude/commitcapsOpenShift Merge Robot2019-08-29
|\ \ | |/ |/| dont panic when using varlink commit and uppercase image names
| * dont panic when using varlink commit and uppercase image namesbaude2019-08-29
| | | | | | | | | | | | | | | | | | when using an upper case image name for container commit, we observed panics due to a channel closing early. Fixes: #3897 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #3893 from mheon/readd_volume_locksOpenShift Merge Robot2019-08-28
|\ \ | | | | | | Re-add volume locks
| * | Re-add locks to volumes.Matthew Heon2019-08-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will require a 'podman system renumber' after being applied to get lock numbers for existing volumes. Add the DB backend code for rewriting volume configs and use it for updating lock numbers as part of 'system renumber'. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #3728 from mheon/systemd_container_testOpenShift Merge Robot2019-08-28
|\ \ \ | |_|/ |/| | Add an integration test for systemd in a container
| * | Temporarily disable systemd test for CGroups V2Matthew Heon2019-08-28
| | | | | | | | | | | | | | | | | | | | | Revert this one CGroups V2 support for systemd containers is added. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | Add an integration test for systemd in a containerMatthew Heon2019-08-28
| |/ | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / podman cp: big set of system testsEd Santiago2019-08-26
|/ | | | | | | | | | | | podman cp has had some unexpected bugs, and still has some surprising behavior. It looks like this part of the code is fragile. Add tests to try to prevent future breakages. Note that two of the new tests are disabled (skipped) until #3829 gets fixed. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #3824 from baude/varlinkendpointtestOpenShift Merge Robot2019-08-26
|\ | | | | Create framework for varlink endpoint integration tests
| * Create framework for varlink endpoint integration testsbaude2019-08-16
| | | | | | | | | | | | | | add the ability to write integration tests similar to our e2e tests for the varlink endpoints. Signed-off-by: baude <bbaude@redhat.com>
* | Update cni config instructionsTomSweeneyRedHat2019-08-22
| | | | | | | | | | | | | | | | | | Update the CNI configuration instructions to line up with the changes introduced in #3868. Also do a bit less documentation of the configuration and point to the GitHub project so we won't get out of sync in the future. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #3800 from vrothberg/generate-podOpenShift Merge Robot2019-08-22
|\ \ | | | | | | generate systemd pod
| * | generate systemd: support pods and geneartig filesValentin Rothberg2019-08-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Support generating systemd unit files for a pod. Podman generates one unit file for the pod including the PID file for the infra container's conmon process and one unit file for each container (excluding the infra container). Note that this change implies refactorings in the `pkg/systemdgen` API. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Add --digestfile option to pushTomSweeneyRedHat2019-08-21
|/ / | | | | | | | | | | | | | | | | | | Add the digestfile option to the push command so the digest can be stored away in a file when requested by the user. Also have added a debug statement to show the completion of the push. Emulates Buildah's https://github.com/containers/buildah/pull/1799/files Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | exec: run with user specified on container startPeter Hunt2019-08-20
| | | | | | | | | | | | | | Before, if the container was run with a specified user that wasn't root, exec would fail because it always set to root unless respecified by user. instead, inherit the user from the container start. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | Merge pull request #3852 from edsantiago/batsOpenShift Merge Robot2019-08-19
|\ \ | | | | | | Flake fix: build test timeout
| * | Flake fix: build test timeoutEd Santiago2019-08-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The priv test added to the build test in June runs an 'apk' command which, unavoidably, has to fetch stuff from the net. This is slow and unreliable, and periodically leads to timeout failures. Worse, when this happens, some sort of invisible buildah-only container gets left behind that leads to failures in subsequent tests when trying to reset to known state. Imperfect workaround: try a 240-second timeout (up from 60) when running apk. As backup, add a custom teardown() which attempts to force-remove all containers and any new images. Signed-off-by: Ed Santiago <santiago@redhat.com>