summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* rootless: fix --pid=host without --privilegedGiuseppe Scrivano2019-01-18
| | | | | | | When using --pid=host don't try to cover /proc paths, as they are coming from the /proc bind mounted from the host. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* add support for podman-remote historybaude2019-01-15
| | | | | | | this adds support to get the history for an image and its layers using podman-remote. Signed-off-by: baude <bbaude@redhat.com>
* podman remote integrations testsbaude2019-01-15
| | | | | | add exists and rmi tests back in ... Signed-off-by: baude <bbaude@redhat.com>
* Run integrations test with remote-clientbaude2019-01-14
| | | | | | | | | | | | Add the ability to run the integration (ginkgo) suite using the remote client. Only the images_test.go file is run right now; all the rest are isolated with a // +build !remotelinux. As more content is developed for the remote client, we can unblock the files and just block single tests as needed. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #2008 from harche/multi-archOpenShift Merge Robot2019-01-13
|\ | | | | Use multi-arch images in test cases
| * Use multi-arch images in test case scriptsHarshal Patil2019-01-11
| | | | | | | | Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
* | Merge pull request #2120 from rhatdan/volumeOpenShift Merge Robot2019-01-10
|\ \ | | | | | | Fix handling of nil volumes
| * | Fix handling of nil volumesDaniel J Walsh2019-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if a user passes in a -v with -v $bogus:/foobar We crash. This will throw a proper error. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Move python code from contrib to it's own repo python-podmanJhon Honce2019-01-10
|/ / | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Added checkpoint/restore test for same IPAdrian Reber2019-01-09
| | | | | | | | | | | | | | | | Restoring a container from a checkpoint should give the container the same IP as before checkpointing. This adds a test to make sure the IP stays the same. Signed-off-by: Adrian Reber <areber@redhat.com>
* | Enable checkpoint test with established TCP connectionsAdrian Reber2019-01-09
| | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* | Merge pull request #2097 from debarshiray/wip/debarshiray/podman-exec-workdirOpenShift Merge Robot2019-01-08
|\ \ | | | | | | Add a --workdir option to 'podman exec'
| * | Add a --workdir option to 'podman exec'Debarshi Ray2019-01-08
| |/ | | | | | | Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
* / Test that 'podman start --sig-proxy' does not work without --attachDebarshi Ray2019-01-08
|/ | | | Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
* add container-init supportValentin Rothberg2019-01-04
| | | | | | | | | | | | | | | | | | | Add support for executing an init binary as PID 1 in a container to forward signals and reap processes. When the `--init` flag is set for podman-create or podman-run, the init binary is bind-mounted to `/dev/init` in the container and "/dev/init --" is prepended to the container's command. The default base path of the container-init binary is `/usr/libexec/podman` while the default binary is catatonit [1]. This default can be changed permanently via the `init_path` field in the `libpod.conf` configuration file (which is recommended for packaging) or temporarily via the `--init-path` flag of podman-create and podman-run. [1] https://github.com/openSUSE/catatonit Fixes: #1670 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Re-enable checkpoint/restore CI tests on FedoraAdrian Reber2018-12-28
| | | | | | | | Now that the correct distribution CRIU packages are installed the checkpoint/restore tests should no longer fail. This re-enables the disabled tests on Fedora. Signed-off-by: Adrian Reber <areber@redhat.com>
* Fixes to handle /dev/shm correctly.Daniel J Walsh2018-12-24
| | | | | | | | | | | | | | | | | | We had two problems with /dev/shm, first, you mount the container read/only then /dev/shm was mounted read/only. This is a bug a tmpfs directory should be read/write within a read-only container. The second problem is we were ignoring users mounted /dev/shm from the host. If user specified podman run -d -v /dev/shm:/dev/shm ... We were dropping this mount and still using the internal mount. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* rootless tests using stop is more reliablebaude2018-12-23
| | | | | | | | | | | when testing rootless containers, it is more reliable to stop a container with a zero timeout than kill a container. We made this change in non-rootless tests as well. When IO or CPU are taxed, it avoids a situation where the kill signal is sent but the container has not been able to update its status when a subsequent action occurs. Signed-off-by: baude <bbaude@redhat.com>
* Switch all referencs to image.ContainerConfig to image.ConfigDaniel J Walsh2018-12-21
| | | | | | This will more closely match what Docker is doing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Change all 'can not' to 'cannot' for proper usageDaniel J Walsh2018-12-21
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* test: add test for rootless exportGiuseppe Scrivano2018-12-21
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* skip test for blkio.weight when kernel does not support itbaude2018-12-20
| | | | Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #2030 from baude/111OpenShift Merge Robot2018-12-19
|\ | | | | prepare for move to validate on 1.11 only
| * prepare for move to validate on 1.11 onlybaude2018-12-19
| | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | Support podman image trust commandQi Wang2018-12-19
|/ | | | | | Display the trust policy of the host system. The trust policy is stored in the /etc/containers/policy.json file and defines a scope of registries or repositories. Signed-off-by: Qi Wang <qiwan@redhat.com>
* Show image only once with images -qTomSweeneyRedHat2018-12-17
| | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Cirrus: Migrate PAPR testing of F28 to CirrusChris Evich2018-12-14
| | | | | | | | | | | Since the most recent TWO versions of Fedora are officially supported upstream, both need to be tested. Implement the concept of a 'prior' Fedora release in both base-image and cache-image production. Utilize the produced cache-image to test libpod. Remove F28 testing from PAPR. Much thanks to @baude @giuseppe for help with this. Signed-off-by: Chris Evich <cevich@redhat.com>
* Skip checkpoint tests on Fedora <30Chris Evich2018-12-14
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #1988 from mheon/use_dependency_resolvOpenShift Merge Robot2018-12-13
|\ | | | | Containers sharing a netns should share resolv/hosts
| * Add test for sharing resolv and hosts with netnsMatthew Heon2018-12-12
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #1989 from baude/deletecontainerfailstartOpenShift Merge Robot2018-12-13
|\ \ | | | | | | failed containers with --rm should remove themselves
| * | failed containers with --rm should remove themselvesbaude2018-12-12
| |/ | | | | | | | | | | | | | | | | | | when starting or running a container that has --rm, if the starting container fails (like due to an invalid command), the container should get removed. Resolves: #1985 Signed-off-by: baude <bbaude@redhat.com>
* / e2e: add tests for systemdEmilien Macchi2018-12-12
|/ | | | | | | | | | | | | Add functional tests to start a container from systemd. This patch will: - create a systemd unit file to start redis container - create the container with `podman create` - enable the service - start the container with systemd - check that the service is actually running Signed-off-by: Emilien Macchi <emilien@redhat.com>
* Merge pull request #1975 from giuseppe/fix-rootless-restartOpenShift Merge Robot2018-12-11
|\ | | | | rootless: fix restart when using fuse-overlayfs
| * rootless: fix restart when using fuse-overlayfsGiuseppe Scrivano2018-12-11
| | | | | | | | | | | | | | | | | | | | With rootless containers we cannot really restart an existing container as we would need to join the mount namespace as well to be able to reuse the storage, so ensure the container is stopped first. Closes: https://github.com/containers/libpod/issues/1965 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Update for API changeMiloslav Trmač2018-12-08
|/ | | | Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Merge pull request #1928 from baude/podtokubeOpenShift Merge Robot2018-12-07
|\ | | | | generate kube
| * generate kubebaude2018-12-04
| | | | | | | | | | | | | | add the ability to generate kubernetes pod and service yaml representations of libpod containers and pods. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #1904 from umohnani8/volumeOpenShift Merge Robot2018-12-06
|\ \ | | | | | | Add "podman volume" command
| * | Tests for podman volume commandsUrvashi Mohnani2018-12-06
| | | | | | | | | | | | Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | Add ability to prune containers and imagesbaude2018-12-05
|/ / | | | | | | | | | | | | | | | | | | | | Allow user to prune unused/unnamed images, the layer images from building, via podman rmi --prune. Allow user to prune stopped/exiuted containers via podman rm --prune. This should resolve #1910 Signed-off-by: baude <bbaude@redhat.com>
* | test for rmi with childrenbaude2018-12-04
| | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #1920 from wking/explicit-hooks-dirsOpenShift Merge Robot2018-12-04
|\ \ | | | | | | libpod/container_internal: Deprecate implicit hook directories
| * | libpod/container_internal: Deprecate implicit hook directoriesW. Trevor King2018-12-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Part of the motivation for 800eb863 (Hooks supports two directories, process default and override, 2018-09-17, #1487) was [1]: > We only use this for override. The reason this was caught is people > are trying to get hooks to work with CoreOS. You are not allowed to > write to /usr/share... on CoreOS, so they wanted podman to also look > at /etc, where users and third parties can write. But we'd also been disabling hooks completely for rootless users. And even for root users, the override logic was tricky when folks actually had content in both directories. For example, if you wanted to disable a hook from the default directory, you'd have to add a no-op hook to the override directory. Also, the previous implementation failed to handle the case where there hooks defined in the override directory but the default directory did not exist: $ podman version Version: 0.11.2-dev Go Version: go1.10.3 Git Commit: "6df7409cb5a41c710164c42ed35e33b28f3f7214" Built: Sun Dec 2 21:30:06 2018 OS/Arch: linux/amd64 $ ls -l /etc/containers/oci/hooks.d/test.json -rw-r--r--. 1 root root 184 Dec 2 16:27 /etc/containers/oci/hooks.d/test.json $ podman --log-level=debug run --rm docker.io/library/alpine echo 'successful container' 2>&1 | grep -i hook time="2018-12-02T21:31:19-08:00" level=debug msg="reading hooks from /usr/share/containers/oci/hooks.d" time="2018-12-02T21:31:19-08:00" level=warning msg="failed to load hooks: {}%!(EXTRA *os.PathError=open /usr/share/containers/oci/hooks.d: no such file or directory)" With this commit: $ podman --log-level=debug run --rm docker.io/library/alpine echo 'successful container' 2>&1 | grep -i hook time="2018-12-02T21:33:07-08:00" level=debug msg="reading hooks from /usr/share/containers/oci/hooks.d" time="2018-12-02T21:33:07-08:00" level=debug msg="reading hooks from /etc/containers/oci/hooks.d" time="2018-12-02T21:33:07-08:00" level=debug msg="added hook /etc/containers/oci/hooks.d/test.json" time="2018-12-02T21:33:07-08:00" level=debug msg="hook test.json matched; adding to stages [prestart]" time="2018-12-02T21:33:07-08:00" level=warning msg="implicit hook directories are deprecated; set --hooks-dir="/etc/containers/oci/hooks.d" explicitly to continue to load hooks from this directory" time="2018-12-02T21:33:07-08:00" level=error msg="container create failed: container_linux.go:336: starting container process caused "process_linux.go:399: container init caused \"process_linux.go:382: running prestart hook 0 caused \\\"error running hook: exit status 1, stdout: , stderr: oh, noes!\\\\n\\\"\"" (I'd setup the hook to error out). You can see that it's silenly ignoring the ENOENT for /usr/share/containers/oci/hooks.d and continuing on to load hooks from /etc/containers/oci/hooks.d. When it loads the hook, it also logs a warning-level message suggesting that callers explicitly configure their hook directories. That will help consumers migrate, so we can drop the implicit hook directories in some future release. When folks *do* explicitly configure hook directories (via the newly-public --hooks-dir and hooks_dir options), we error out if they're missing: $ podman --hooks-dir /does/not/exist run --rm docker.io/library/alpine echo 'successful container' error setting up OCI Hooks: open /does/not/exist: no such file or directory I've dropped the trailing "path" from the old, hidden --hooks-dir-path and hooks_dir_path because I think "dir(ectory)" is already enough context for "we expect a path argument". I consider this name change non-breaking because the old forms were undocumented. Coming back to rootless users, I've enabled hooks now. I expect they were previously disabled because users had no way to avoid /usr/share/containers/oci/hooks.d which might contain hooks that required root permissions. But now rootless users will have to explicitly configure hook directories, and since their default config is from ~/.config/containers/libpod.conf, it's a misconfiguration if it contains hooks_dir entries which point at directories with hooks that require root access. We error out so they can fix their libpod.conf. [1]: https://github.com/containers/libpod/pull/1487#discussion_r218149355 Signed-off-by: W. Trevor King <wking@tremily.us>
* | | create pod on the flybaude2018-12-03
| |/ |/| | | | | | | | | | | | | | | | | when a user specifies --pod to podman create|run, we should create that pod automatically. the port bindings from the container are then inherited by the infra container. this signicantly improves the workflow of running containers inside pods with podman. the user is still encouraged to use podman pod create to have more granular control of the pod create options. Signed-off-by: baude <bbaude@redhat.com>
* | podman pod existsbaude2018-12-03
|/ | | | | | | | | like containers and images, users would benefit from being able to check if a pod exists in local storage. if the pod exists, the return code is 0. if the pod does not exists, the return code is 1. Any other return code indicates a real errors, such as permissions or runtime. Signed-off-by: baude <bbaude@redhat.com>
* Add create test with --mount flagYiqiao Pu2018-11-29
| | | | Signed-off-by: Yiqiao Pu <ypu@redhat.com>
* Merge pull request #1890 from baude/disablecheckpointtestsOpenShift Merge Robot2018-11-28
|\ | | | | disable checkpoint tests on f29
| * disable checkpoint tests on f29baude2018-11-28
| | | | | | | | | | | | temporarily disabling checkpoint tests on f29 as they don't currently pass. Signed-off-by: baude <bbaude@redhat.com>
* | test, rootless: specify USER env variableGiuseppe Scrivano2018-11-28
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>