aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Merge pull request #8110 from lsm5/cap-net-rawOpenShift Merge Robot2020-10-22
|\ | | | | replace net_raw with setuid
| * replace net_raw with setuidLokesh Mandvekar2020-10-22
| | | | | | | | | | | | podman does not allow setting CAP_NET_RAW Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #8101 from mheon/net_none_hostnameOpenShift Merge Robot2020-10-22
|\ \ | | | | | | Add hostname to /etc/hosts for --net=none
| * | Add hostname to /etc/hosts for --net=noneMatthew Heon2020-10-21
| |/ | | | | | | | | | | | | | | | | This does not match Docker, which does not add hostname in this case, but it seems harmless enough. Fixes #8095 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #8098 from vrothberg/fix-8082OpenShift Merge Robot2020-10-22
|\ \ | | | | | | container create: record correct image name
| * | container create: record correct image nameValentin Rothberg2020-10-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Record the correct image name when creating a container by using the resolved image name if present. Otherwise, default to using the first available name or an empty string in which case the image must have been referenced by ID. Fixes: #8082 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #7956 from QiWang19/save-rm-sigOpenShift Merge Robot2020-10-22
|\ \ \ | |_|/ |/| | Allow save image remove-signatures
| * | save image remove signaturesQi Wang2020-10-21
| | | | | | | | | | | | | | | | | | | | | remove signatures to podman save since the image formats do not support signatures Close: #7659 Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #8034 from rhatdan/optionsOpenShift Merge Robot2020-10-21
|\ \ \ | | | | | | | | Switch help messages from using [flags] to [options]
| * | | Switch use of Flags to OptionsDaniel J Walsh2020-10-21
| | |/ | |/| | | | | | | | | | | | | | | | | | | Want to have man pages match commands, since we have lots of printed man pages with using Options, we will change the command line to use Options in --help. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #8093 from rhatdan/waitOpenShift Merge Robot2020-10-21
|\ \ \ | | | | | | | | Fix handling and documentation of podman wait --interval
| * | | Fix handling and documentation of podman wait --intervalDaniel J Walsh2020-10-21
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In older versions of podman, we supported decimal numbers defaulting to microseconds. This PR fixes to allow users to continue to specify only digits. Also cleaned up documentation to fully describe what input for --interval flag. Finally improved testing on podman wait to actually make sure the command succeeded. Fixed tests to work on podman-remote. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7948 from saschagrunert/ps-fixOpenShift Merge Robot2020-10-21
|\ \ \ | |_|/ |/| | Fix ps port output
| * | Fix ps port outputSascha Grunert2020-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When defining multiple ports (same src/dst) like `-p 80:80 -p 443:443` then podman will not show the complete output on `podman ps` (only `0.0.0.0:80->80/tcp` in the example). This also applies to port ranges. This patch refactors the port loop by pre-checking for ranges and displaying them correctly to the end user. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | Merge pull request #8065 from edsantiago/flake_tweaksOpenShift Merge Robot2020-10-21
|\ \ \ | | | | | | | | Tests: Fix common flakes, and improve apiv2 test log
| * | | Tests: Fix common flakes, and improve apiv2 test logEd Santiago2020-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - apiv2 - the 'ten /info requests' test is flaking often, taking ~8 seconds (our limit is 7, up from 5 a few weeks ago). Brent suggested that the first /info call might be expensive, because it needs to access storage. So, let's prime it by running one /info outside the timing loop. And, because even that continues to fail, bump it up to 10 seconds and file #8076 to track the slowdown. - toolbox test - WaitForReady() has timed out, even on one occasion causing a run failure because it failed 3 times. Solution: bump up timeout from 2s to 5s. Not really great, but CI systems are underpowered, and it's not unreasonable that 2s might be too low. - sdnotify test - add a 'podman wait' between stop & rm. This may prevent a "cannot rm container as it is running" race condition. While working on this, Brent and I noticed a few ways that test-apiv2 logging can be improved: - test name: when request is POST, display the jsonified parameters, not the original input ones. This should make it much easier to reproduce failures. - use curl's "--write-out" option to capture http code, content type, and request time. We were getting the first two via grep from logged headers; this is cleaner. And there was no other way to get timing. We now include the timing as X-Response-Time in the log file. - abort on *any* curl error, not just 7 (cannot connect). Any error at all from curl is bad news. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #8022 from baude/compatapitospecgenOpenShift Merge Robot2020-10-21
|\ \ \ \ | |_|_|/ |/| | | refactor api compatibility container creation to specgen
| * | | refactor api compatibility container creation to specgenbaude2020-10-20
| | |/ | |/| | | | | | | | | | | | | when using the compatibility layer to create containers, it used code paths to the pkg/spec which is the old implementation of containers. it is error prone and no longer being maintained. rather that fixing things in spec, migrating to specgen usage seems to make the most sense. furthermore, any fixes to the compat create will not need to be ported later. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #8075 from mheon/fix_8073OpenShift Merge Robot2020-10-20
|\ \ \ | | | | | | | | Retrieve network inspect info from dependency container
| * | | Retrieve network inspect info from dependency containerMatthew Heon2020-10-20
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a container either joins a pod that shares the network namespace or uses `--net=container:` to share the network namespace of another container, it does not have its own copy of the CNI results used to generate `podman inspect` output. As such, to inspect these containers, we should be going to the container we share the namespace with for network info. Fixes #8073 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #8042 from rhatdan/tlsverifyOpenShift Merge Robot2020-10-20
|\ \ \ | | | | | | | | --tls-verify and --authfile should work for all remote commands
| * | | --tls-verify and --authfile should work for all remote commandsDaniel J Walsh2020-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | These options are now fully supported in the remote API and should no longer be hidden and/or documented as non supported. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #8067 from mheon/net_host_hostsOpenShift Merge Robot2020-10-20
|\ \ \ \ | |_|/ / |/| | | Ensure that hostname is added to hosts with net=host
| * | | Ensure that hostname is added to hosts with net=hostMatthew Heon2020-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a container uses --net=host the default hostname is set to the host's hostname. However, we were not creating any entries in `/etc/hosts` despite having a hostname, which is incorrect. This hostname, for Docker compat, will always be the hostname of the host system, not the container, and will be assigned to IP 127.0.1.1 (not the standard localhost address). Also, when `--hostname` and `--net=host` are both passed, still use the hostname from `--hostname`, not the host's hostname (we still use the host's hostname by default in this case if the `--hostname` flag is not passed). Fixes #8054 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Add a system test to verify --runtime is preservedMatthew Heon2020-10-20
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Use runtime names instead of paths in E2E testsMatthew Heon2020-10-20
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | My patches to fix `--runtime /usr/bin/crun` being allowed to use a different version of the crun runtime revealed a problem: we were actually relying on that exact behavior in our E2E tests. We specified the runtime path as `/usr/bin/runc` for the Ubuntu tests, but that didn't exist, so Podman was actively looking for a different, usable runc binary and using that, instead of the path we explicitly hardcoded. Fixing the bug broke this, and thus broke the tests. Instead of hard-coding OCI runtime paths, swap to just using the runtime name, `runc` or `crun`, and letting Podman figure out where the runtime lives - it's quite good at that. This should un-break the tests and make them more durable. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #8061 from edsantiago/batsOpenShift Merge Robot2020-10-20
|\ \ \ | | | | | | | | System tests: remove some misleading 'run's
| * | | System tests: remove some misleading 'run'sEd Santiago2020-10-19
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The BATS 'run' directive is really quite obnoxious; for the most part we really don't want to use it. Remove some uses that snuck in last week, and remove one test (exists) that can more naturally be piggybacked into an rm test. While we're at it: in setup(), look for and delete stray external (buildah) containers. This will be important if any of the external-container tests fails; this way we don't leave behind a state that causes subsequent tests to fail. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #8056 from xordspar0/invalid-imageOpenShift Merge Robot2020-10-19
|\ \ \ | |/ / |/| | Make invalid image name error more specific
| * | Make invalid image name error more specificJordan Christiansen2020-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, using an invalid image name would produce an error like this: Error: error encountered while bringing up pod test-pod-0: invalid reference format This message didn't specify that there was an problem with an image name, and it didn't specify which image name had a problem if there were multiple. Now the error reads: Error: error encountered while bringing up pod test-pod-0: Failed to parse image "./myimage": invalid reference format Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* | | Merge pull request #7908 from rhatdan/diffOpenShift Merge Robot2020-10-19
|\ \ \ | |/ / |/| | fix podman container exists and diff for storage containers
| * | Add support for external containerDaniel J Walsh2020-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | External containers are containers created outside of Podman. For example Buildah and CRI-O Containers. $ buildah from alpine alpine-working-container $ buildah run alpine-working-container touch /test $ podman container exists --external alpine-working-container $ podman container diff alpine-working-container C /etc A /test Added --external flag to refer to external containers, rather then --storage. Added --external for podman container exists and modified podman ps to use --external rather then --storage. It was felt that --storage would confuse the user into thinking about changing the storage driver or options. --storage is still supported through the use of aliases. Finally podman contianer diff, does not require the --external flag, since it there is little change of users making the mistake, and would just be a pain for the user to remember the flag. podman container exists --external is required because it could fool scripts that rely on the existance of a Podman container, and there is a potential for a partial deletion of a container, which could mess up existing users. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | fix podman container exists and diff for storage containersDaniel J Walsh2020-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Current these commands only check if a container exists in libpod. With this fix, the commands will also check if they are in containers/storage. This allows users to look at differences within a buildah or CRI-O container. Currently buildah diff does not exists, so this helps out in that situation as well as in CRI-O since the cri does not implement a diff command. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #8039 from zhangguanzhang/runlabel-panicOpenShift Merge Robot2020-10-16
|\ \ \ | |_|/ |/| | Fix panic when runlabel is missing
| * | Fix panic when runlabel is missingzhangguanzhang2020-10-16
| |/ | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | Merge pull request #8029 from Luap99/image-trust-show-rawOpenShift Merge Robot2020-10-16
|\ \ | |/ |/| Fix podman image trust show --raw output
| * Fix podman image trust show --raw outputPaul Holzinger2020-10-15
| | | | | | | | Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * Merge pull request #8013 from rhatdan/homedirOpenShift Merge Robot2020-10-15
| |\ | | | | | | Setup HOME environment when using --userns=keep-id
| | * Setup HOME environment when using --userns=keep-idDaniel J Walsh2020-10-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the HOME environment is set to /root if the user does not override it. Also walk the parent directories of users homedir to see if it is volume mounted into the container, if yes, then set it correctly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | System test additionsEd Santiago2020-10-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - run --userns=keep-id: confirm that $HOME gets set (#8013) - inspect: confirm that JSON output is a sane number of lines (10 or more), not an unreadable one-liner (#8011 and #8021). Do so with image, pod, network, volume because the code paths might be different. - cgroups: confirm that 'run' preserves cgroup manager (#7970) - sdnotify: reenable tests, and hope CI doesn't hang. This test was disabled on August 18 because CI jobs were hanging and timing out. My suspicion was that it was #7316, which in turn seems to have hinged on conmon #182. The latter was merged on Sep 16, so let's cross our fingers and see what happens. Also: remove inaccurate warning from a networking test. And, wow, fix is_cgroupsv2(), it has never actually worked. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Setup HOME environment when using --userns=keep-idDaniel J Walsh2020-10-14
|/ / | | | | | | | | | | | | | | | | | | | | Currently the HOME environment is set to /root if the user does not override it. Also walk the parent directories of users homedir to see if it is volume mounted into the container, if yes, then set it correctly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / Restore --format table supportJhon Honce2020-10-13
|/ | | | | | | | | | | | * system df * events * fix error handling from go routine * update tests to use gomega matchers for better error messages * system info * version * volume inspect Signed-off-by: Jhon Honce <jhonce@redhat.com>
* APIv2 tests: try again to fix themEd Santiago2020-10-12
| | | | | | | | | | | | | | | | CI discovered that a lot of networking tests are failing; my fault, for not having run my tests as root on my laptop. Disable those. Also: bump up the ten-request time limit, from 5 to 7 seconds. Looks like something keeps getting slower and slower, but I guess there's not much we can do about it. Also: when we get a mismatch response code (e.g. 500 when we expect 200), dump the response body and skip any subsequent response checks. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7994 from edsantiago/fix_apiv2_testsOpenShift Merge Robot2020-10-12
|\ | | | | APIv2 tests: get them passing again
| * APIv2 tests: get them passing againEd Santiago2020-10-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the new-Cirrus transition, APIv2 tests were inadvertently disabled. As expected when tests get disabled, they break. This commit fixes some failing tests, and comments out others (with big FIXMEs) because I have neither the expertise nor time to figure out the real problems. The big change to test-apiv2 is due to a recently-added test that looks for an '=' sign in json output. My '=' vs '~' detector completely barfed on that, and there's just no way to make it work in a bash 'case' statement. So, switch to an 'if' with 'expr'. And, unrelated, fix a longstanding (harmless) bug that was issuing spurious "expected" messages to the test log; those should've been going to the full results log. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #7853 from xordspar0/play-kube-limits-#7742OpenShift Merge Robot2020-10-12
|\ \ | | | | | | Add support for resource limits to play kube
| * | Add support for resource limits to play kubeJordan Christiansen2020-10-12
| | | | | | | | | | | | Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* | | Merge pull request #7588 from HarryMichal/add-toolbox-e2e-testsOpenShift Merge Robot2020-10-12
|\ \ \ | | | | | | | | tests/e2e: Add Toolbox-specific test cases
| * | | tests/e2e: Add Toolbox-specific test casesOndřej Míchal2020-10-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the past, Toolbox[0] has been affected by several of Podman's bugs/changes of behaviour. This is one of the steps to assure that as Podman progresses, Podman itself and subsequently Toolbox do not regress. One of the other steps is including Toolbox's system tests in Podman's gating systems (which and to what extent is yet to be decided on). The tests are trying to stress parts of Podman that Toolbox needs for its functionality: permission to handle some system files, correct values/permissions/limits in certain parts, management of users and groups, mounting of paths,.. The list is most likely longer and therefore more commits will be needed to control every aspect of the Toolbox/Podman relationship :). Some test cases in test/e2e/toolbox_test.go rely on some tools being present in the base image[1]. That is not the case with the common ALPINE image or the basic Fedora image. Some tests might be duplicates of already existing tests. I'm more in favour of having those duplicates. Thanks to that it will be clear what functionality/behaviour Toolbox requires. [0] https://github.com/containers/toolbox [1] https://github.com/containers/toolbox/#image-requirements Signed-off-by: Ondřej Míchal <harrymichal@seznam.cz>
* | | | Merge pull request #7983 from mheon/inspect_network_not_runningOpenShift Merge Robot2020-10-12
|\ \ \ \ | |_|_|/ |/| | | Include CNI networks in inspect output when not running