summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Revert e6fbc15f26b2a609936dfc11732037c70ee14cbaMatthew Heon2021-01-06
| | | | | | | The issue requiring these tests be disabled should be resolved. Reenable the tests as such. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #8889 from vrothberg/run-1138OpenShift Merge Robot2021-01-05
|\ | | | | generate systemd: do not set `KillMode`
| * generate systemd: do not set `KillMode`Valentin Rothberg2021-01-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `KillMode=none` has been deprecated in systemd and is now throwing big warnings when being used. Users have reported the issues upstream (see #8615) and on the mailing list. This deprecation was mainly motivated by an abusive use of third-party vendors causing all kinds of undesired side-effects. For instance, busy mounts that delay reboot. After talking to the systemd team, we came up with the following plan: **Short term**: we can use TimeoutStopSec and remove KillMode=none which will default to cgroup. **Long term**: we want to change the type to sdnotify. The plumbing for Podman is done but we need it for conmon. Once sdnotify is working, we can get rid of the pidfile handling etc. and let Podman handle it. Michal Seklatar came up with a nice idea that Podman increase the time out on demand. That's a much cleaner way than hard-coding the time out in the unit as suggest in the short-term solution. This change is executing the short-term plan and sets a minimum timeout of 60 seconds. User-specified timeouts are added to that. Fixes: #8615 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #8831 from bblenard/issue-8658-system-prune-reclaimed-spaceOpenShift Merge Robot2021-01-05
|\ \ | |/ |/| Rework pruning to report reclaimed space
| * Rework pruning to report reclaimed spaceBaron Lenardson2020-12-30
| | | | | | | | | | | | | | | | | | | | | | | | This change adds code to report the reclaimed space after a prune. Reclaimed space from volumes, images, and containers is recorded during the prune call in a PruneReport struct. These structs are collected into a slice during a system prune and processed afterwards to calculate the total reclaimed space. Closes #8658 Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
* | Merge pull request #8869 from giuseppe/make-rundir-accessibleOpenShift Merge Robot2021-01-04
|\ \ | | | | | | systemd: make rundir always accessible
| * | test: fix variable nameGiuseppe Scrivano2021-01-04
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | systemd: make rundir always accessibleGiuseppe Scrivano2021-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | so that the PIDFile can be accessed also without being in the rootless user namespace. Closes: https://github.com/containers/podman/issues/8506 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #8863 from mgoltzsche/fix_seccomp_when_privilegedOpenShift Merge Robot2021-01-04
|\ \ \ | |/ / |/| | Disable seccomp by default when creating a privileged container.
| * | fix: disable seccomp by default when privileged.Max Goltzsche2021-01-02
| |/ | | | | | | | | | | | | | | | | When running a privileged container and `SeccompProfilePath` is empty no seccomp profile should be applied. (Previously this was the case only if `SeccompProfilePath` was set to a non-empty default path.) Closes #8849 Signed-off-by: Max Goltzsche <max.goltzsche@gmail.com>
* | Merge pull request #8823 from giuseppe/exec-honor-privilegedOpenShift Merge Robot2021-01-04
|\ \ | | | | | | exec: honor --privileged
| * | test: fix variables nameGiuseppe Scrivano2020-12-24
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | exec: honor --privilegedGiuseppe Scrivano2020-12-24
| |/ | | | | | | | | | | | | write the capabilities to the configuration passed to the OCI runtime. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / Compat api containers/json add support for filtersPaul Holzinger2021-01-01
|/ | | | | | Fixes #8860 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #8792 from bziemons/patch-host-network-spec-8790OpenShift Merge Robot2020-12-23
|\ | | | | Set NetNS mode instead of value
| * Set NetNS mode instead of valueBenedikt Ziemons2020-12-23
| | | | | | | | | | | | | | | | | | | | when HostNetwork is true in the pod spec. Also propagate whether host network namespace should be used for containers. Add test for HostNetwork setting in kubeYaml. The infra configuration should reflect the setting. Signed-off-by: Benedikt Ziemons <ben@rs485.network>
* | Merge pull request #8820 from baude/issue8443OpenShift Merge Robot2020-12-23
|\ \ | | | | | | add --cidfile to container kill
| * | add --cidfile to container killbaude2020-12-23
| |/ | | | | | | | | | | | | | | | | Add the ability to read container ids from one or more files for the kill command. Fixes: #8443 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #8609 from rhatdan/imageOpenShift Merge Robot2020-12-23
|\ \ | |/ |/| Prefer read/write images over read/only images
| * Prefer read/write images over read/only imagesDaniel J Walsh2020-12-22
| | | | | | | | | | | | | | | | | | | | | | | | | | With additional stores there is a risk that you could have multiple images with the same name. IE An older image in a read/only store versus a newer version in the read/write store. This patch will ignore multiple images with the same name iff one is read/write and all of the others are read/only. Fixes: https://github.com/containers/podman/issues/8176 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #8787 from jsoref/spellingOpenShift Merge Robot2020-12-23
|\ \ | | | | | | Spelling
| * | SpellingJosh Soref2020-12-22
| | | | | | | | | | | | Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* | | Merge pull request #8793 from zhangguanzhang/vol-opOpenShift Merge Robot2020-12-23
|\ \ \ | | | | | | | | Fix missing options in volume's display while setting uid and gid
| * | | Fix missing options in volumes display while setting uid and gidzhangguanzhang2020-12-23
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ``` $ podman volume create testvol --opt o=uid=1001,gid=1001 $ ./bin/podman volume create testvol2 --opt o=uid=1001,gid=1001 $ podman volume inspect testvol "Options": {}, $ podman volume inspect testvol2 "Options": { "GID": "1001", "UID": "1001", "o": "uid=1001,gid=1001" }, ``` Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | Merge pull request #8810 from hshiina/logfileOpenShift Merge Robot2020-12-23
|\ \ \ | | | | | | | | Fix podman build --logfile
| * | | Fix podman build --logfileHironori Shiina2020-12-22
| | |/ | |/| | | | | | | | | | | | | | | | | | | A opened file object of a logfile gets lost because the variable `logfile` is redefined in a `if` block. This fix stops redefining the variable. Signed-off-by: Hironori Shiina <Hironori.Shiina@fujitsu.com>
* | | Merge pull request #8804 from baude/issue8512Daniel J Walsh2020-12-23
|\ \ \ | | | | | | | | add pod filter for ps
| * | | add pod filter for psbaude2020-12-22
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | adds the ability to filter containers based on the filter "pod". the value can be a pod name or its full or partial id. Fixes: #8512 Signed-off-by: baude <bbaude@redhat.com>
* | | play kube: fix args/command handlingPeter Hunt2020-12-22
| |/ |/| | | | | | | | | | | | | | | | | when neither yaml.Args nor yaml.Command are specified, we should use the entrypoint and cmd from the image. update the tests to cover this and another case (both args and command are specified). use the registry image instead of redis, as it has both an entrypoint and command specified. update the documentation around this handling to hopefully prevent regressions and confusion. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | Add volume filters to system pruneBaron Lenardson2020-12-21
|/ | | | | | | | | | | | | This change was missed in pull/8689. Now that volume pruneing supports filters system pruneing can pass its filters down to the volume pruneing. Additionally this change adds tests for the following components * podman system prune subcommand with `--volumes` & `--filter` options * apiv2 api tests for `/system/` and `/libpod/system` endpoints Relates to #8453, #8672 Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
* system tests: set PODMAN_TIMEOUT to 120Valentin Rothberg2020-12-18
| | | | | | | | | | The new Ubuntu 20.04 VMs seem very slow and fail reproducibly in a build test (i.e, "wordir, cmd, env, label"). Bumping up the time out to 120 seconds will help get the CI green. See github.com/containers/podman/pull/8747. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* remote copyValentin Rothberg2020-12-18
| | | | | | | | | | | | | | Implement `podman-remote cp` and break out the logic from the previously added `pkg/copy` into it's basic building blocks and move them up into the `ContainerEngine` interface and `cmd/podman`. The `--pause` and `--extract` flags are now deprecated and turned into nops. Note that this commit is vendoring a non-release version of Buildah to pull in updates to the copier package. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #8756 from Luap99/fix-8748OpenShift Merge Robot2020-12-16
|\ | | | | Always add the default gateway to the cni config file
| * Always add the default gateway to the cni config filePaul Holzinger2020-12-16
| | | | | | | | | | | | | | | | | | | | | | | | `podman network create` should always add a gateway to the cni config. If no gateway is given use the first ip in the subnet. CNI does not require the gateway field but we need it because of network inspect. This worked with previous version but was dropped in Commit(e7a72d72fd59). Fixes #8748 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | System tests: better diagnostics in completion testEd Santiago2020-12-16
|/ | | | | | | | | | Tracking down a CI failure earlier today, I was slightly delayed by the absence of context information in a test failure. This PR adds full command context to each subtest, making it much easier for the developer to narrow down the cause of a failure. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #8312 from cevich/new_ubuntu_imagesOpenShift Merge Robot2020-12-16
|\ | | | | Cirrus: Update VM Images; Both Fedora and Ubuntu "prior" flavors run with CGroupsV1 & runc
| * Fix: unpause not supported for CGv1 rootlessChris Evich2020-12-16
| | | | | | | | | | | | Thanks Ed Santiago <santiago@redhat.com> for the fix. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Disable incompatible rootless + CGroupsV1 testsChris Evich2020-12-15
| | | | | | | | | | | | | | | | | | | | These tests simply will not work under these conditions. Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04 (prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and Ubuntu 20.10 were updated to always use CGroupsV2 with crun. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Disable rootless pod stats tests w/ CgroupV1Chris Evich2020-12-15
| | | | | | | | | | | | | | | | | | | | | | When running as rootless, on a CgroupV1 host these tests all report: `Error: pod stats is not supported in rootless mode without cgroups v2` Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04 (prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and Ubuntu 20.10 were updated to always use CGroupsV2 with crun. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Disable CGv1 pod stats on net=host postChris Evich2020-12-15
| | | | | | | | | | | | | | | | | | | | | | This should be addressed by PR https://github.com/containers/podman/pull/8685 Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04 (prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and Ubuntu 20.10 were updated to always use CGroupsV2 with crun. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Disable pod stats tests in containerized Fedora w/ CGroupsV1Chris Evich2020-12-15
| | | | | | | | | | | | | | | | | | | | | | | | | | Nearly/all of the 'podman stats' tests fail on Fedora when executing testing inside a container, and CGroupsV1 is used on the host. The typical failure message is of the form `Error: unable to load cgroup at /machine.slice/.../: cgroup deleted`. Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04 (prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and Ubuntu 20.10 were updated to always use CGroupsV2 with crun. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Disable blkio.weight test on UbuntuChris Evich2020-12-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | These tests fail with `Error: opening file `io.bfq.weight` for writing: Permission denied: OCI permission denied`. Upon examination of the VMs, it was found the kernel and OS lacks support for the `BFQ` scheduler (which supplies the `weight` option). The only available schedulers are `none` and `mq-deadline`. Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04 (prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and Ubuntu 20.10 were updated to always use CGroupsV2 with crun. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #8730 from rhatdan/logOpenShift Merge Robot2020-12-16
|\ \ | | | | | | Add LogSize to container inspect
| * | Add LogSize to container inspectDaniel J Walsh2020-12-15
| |/ | | | | | | | | | | | | Other log options are available so we need to add ability to look up LogSize. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / system tests: the catch-up gameEd Santiago2020-12-14
|/ | | | | | | | | | | | | | | | | | | | | | | | | - run test: minor cleanup to .containerenv test. Basically, make it do only two podman-runs (they're expensive) and tighten up the results checks - ps test: add ps -a --storage. Requires small tweak to run_podman helper, so we can have "timeout" be an expected result - sdnotify test: workaround for #8718 (seeing MAINPID=xxx as last output line instead of READY=1). As found by the newly-added debugging echos, what we are seeing is: MAINPID=103530 READY=1 MAINPID=103530 It's not supposed to be that way; it's supposed to be just the first two. But when faced with reality, we must bend to accommodate it, so let's accept READY=1 anywhere in the output stream, not just as the last line. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #8714 from edsantiago/more_journald_rootless_skipsOpenShift Merge Robot2020-12-14
|\ | | | | RHEL gating tests: more journald exceptions
| * RHEL gating tests: more journald exceptionsEd Santiago2020-12-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #8284, due to my not having noticed #8096. RHEL gating tests are failing again due to rhbz#1895105, the one where we can't run journalctl rootless on RHEL. #8284 fixed this for some RHEL builds of older podman, but I missed #8096 which added yet another logs test. This brings us to three journalctl exceptions, which means it gets complicated because I have to refactor it all. **THIS IS NOT SUSTAINABLE**. We need some way to have a similar setup in CI, with a permission-less rootless login, so we don't add yet another logs test some day and discover, months later, that it doesn't work on RHEL and then have to go into crisis mode. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #8696 from Luap99/podman-events-untilOpenShift Merge Robot2020-12-14
|\ \ | | | | | | podman events allow future time for --until
| * | podman events allow future time for --untilPaul Holzinger2020-12-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The podman events aren't read until the given timestamp if the timestamp is in the future. It just reads all events until now and exits afterwards. This does not make sense and does not match docker. The correct behavior is to read all events until the given time is reached. This fixes a bug where the wrong event log file path was used when running first time with a new storage location. Fixes #8694 This also fixes the events api endpoint which only exited when an error occurred. Otherwise it just hung after reading all events. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #8689 from bblenard/issue-8672-volume-pruneOpenShift Merge Robot2020-12-14
|\ \ \ | |_|/ |/| | Add volume prune --filter support