summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* signal parsing - better input validationEd Santiago2019-12-26
| | | | | | | | | | | | | | | | | | | | | | The helper function we use for signal name mapping does not check for negative numbers nor invalid (too-high) ones. This can yield unexpected error messages: # podman kill -s -1 foo ERRO[0000] unknown signal "18446744073709551615" This PR introduces a small wrapper for it that: 1) Strips off a leading dash, allowing '-1' or '-HUP' as valid inputs; and 2) Rejects numbers <1 or >64 (SIGRTMAX) Also adds a test suite checking signal handling as well as ensuring that invalid signals are rejected by the command line. Fixes: #4746 Signed-off-by: Ed Santiago <santiago@redhat.com>
* build(deps): bump github.com/containers/image/v5 from 5.0.0 to 5.1.0Daniel J Walsh2019-12-20
| | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.0.0 to 5.1.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.0.0...v5.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #4684 from vrothberg/systemd-improvementsOpenShift Merge Robot2019-12-19
|\ | | | | container config: add CreateCommand
| * container config: add CreateCommandValentin Rothberg2019-12-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Store the full command plus arguments of the process the container has been created with. Expose this data as a `Config.CreateCommand` field in the container-inspect data as well. This information can be useful for debugging, as we can find out which command has created the container, and, if being created via the Podman CLI, we know exactly with which flags the container has been created with. The immediate motivation for this change is to use this information for `podman-generate-systemd` to generate systemd-service files that allow for creating new containers (in contrast to only starting existing ones). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #4689 from edsantiago/batsOpenShift Merge Robot2019-12-19
|\ \ | | | | | | podman images history test - clean up
| * | podman images history test - clean upEd Santiago2019-12-12
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | As initially written the test does not work other than in a CI environment because it relies on an empty tag history. Rewrite so we can guarantee that, by creating a new image. Also add slightly more helpful tests: the initial tests would just show "expected 0, got 1" which is unhelpful. Tweak so we test on actual history contents, which will show more informative messages on failure. And, finally, clean up after ourselves. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #4643 from adrianreber/masterOpenShift Merge Robot2019-12-17
|\ \ | | | | | | Correctly export the root file-system changes
| * | Correctly export the root file-system changesAdrian Reber2019-12-09
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When doing a checkpoint with --export the root file-system diff was not working as expected. Instead of getting the changes from the running container to the highest storage layer it got the changes from the highest layer to that parent's layer. For a one layer container this could mean that the complete root file-system is part of the checkpoint. With this commit this changes to use the same functionality as 'podman diff'. This actually enables to correctly diff the root file-system including tracking deleted files. This also removes the non-working helper functions from libpod/diff.go. Signed-off-by: Adrian Reber <areber@redhat.com>
* / Remove coverprofile from the repositorySascha Grunert2019-12-16
|/ | | | | | | The profile should not be part of the repo and is already in the gitignore. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* Merge pull request #4440 from edsantiago/batsOpenShift Merge Robot2019-12-06
|\ | | | | test for #3920 (improper caching of tarballs in build)
| * test for #3920 (improper caching of tarballs in build)Ed Santiago2019-12-05
| | | | | | | | | | | | | | | | | | See https://github.com/containers/buildah/pull/1955 I've confirmed that this test fails under podman-1.6.2-2.fc30 and passes under current master. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #4563 from mheon/fix_change_parsingOpenShift Merge Robot2019-12-06
|\ \ | | | | | | Fix parsing for arrays of values in image changes
| * | Completely rework --change parsingMatthew Heon2019-12-04
| |/ | | | | | | | | | | | | | | | | | | | | | | The way we were trying to parse was very broken. I originally attempted to use Buildah's Dockerfile parser here, but dealing with it (and convincing it to accept only a limited subset, and only one instruction at a time) was challenging, so I rewrote a subset of Dockerfile parsing. This should handle most common cases well, though there are definitely unhandled edge cases for ENV and LABEL. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / rootless: enable stats test on cgroup v2Giuseppe Scrivano2019-12-04
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #4596 from kunalkushwaha/container-pruneOpenShift Merge Robot2019-12-02
|\ | | | | container prune command fixed as per docker prune command
| * filter added to container prune commandKunal Kushwaha2019-11-29
| | | | | | | | | | | | | | filter flag helps to filter the containers based on labels, until(time), name, etc for prune command. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | Fix podman-remote version to print client and serverDaniel J Walsh2019-12-02
| | | | | | | | | | | | | | | | | | | | | | If the user specifies .Server.* on a non podman-remote, substitute .Client for .Server and return the value. This is for compatability with Docker. Since prior versions documented --format {{ .Version }}, we have to continue to support that. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add podman system reset commandDaniel J Walsh2019-11-29
| | | | | | | | | | | | | | This command will destroy all data created via podman. It will remove containers, images, volumes, pods. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Disable checkpointing of containers started with --rmAdrian Reber2019-11-28
|/ | | | | | | | | | | | | Trying to checkpoint a container started with --rm works, but it makes no sense as the container, including the checkpoint, will be deleted after writing the checkpoint. This commit inhibits checkpointing containers started with '--rm' unless '--export' is used. If the checkpoint is exported it can easily be restored from the exported checkpoint, even if '--rm' is used. To restore a container from a checkpoint it is even necessary to manually run 'podman rm' if the container is not started with '--rm'. Signed-off-by: Adrian Reber <areber@redhat.com>
* Merge pull request #4568 from openSUSE/historyOpenShift Merge Robot2019-11-27
|\ | | | | Add support for image name history
| * Add support for image name historySascha Grunert2019-11-27
| | | | | | | | | | | | | | | | We leverage the containers/storage image history tracking feature to show the previously used image names when running: `podman images --history` Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #4443 from QiWang19/prune_podOpenShift Merge Robot2019-11-26
|\ \ | | | | | | Remove containers when pod prune & pod rm.
| * | Remove containers when pruning a stopped pod.Qi Wang2019-11-26
| |/ | | | | | | | | | | | | This path allows pod prune & pod rm to remove stopped containers in the pod before deleting the pod. PrunePods and RemovePod should be able to remove containers without force removal of stopped pods. Signed-off-by: Qi Wang <qiwan@redhat.com>
* / Allow --ip and --mac to be set when joining a CNI netMatthew Heon2019-11-26
|/ | | | | | | | | | These only conflict when joining more than one network. We can still set a single CNI network and set a static IP and/or static MAC. Fixes #4500 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* podman {pod,} rm/stop: add --ignore flagValentin Rothberg2019-11-25
| | | | | | | | | | | | Add an --ignore flag to podman rm and stop. When specified, Podman will ignore "no such {container,pod}" errors that occur when a specified container/pod is not present in the store (anymore). The motivation behind adding this flag is to write more robust systemd services using Podman. A user might have manually decided to remove a container/pod which would lead to a failure during the `ExecStop` directive of a systemd service referencing that container/pod. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #4554 from vrothberg/prune-me-tender-prune-me-sweetOpenShift Merge Robot2019-11-22
|\ | | | | e2e/prune: run two top containers
| * e2e/prune: run two top containersValentin Rothberg2019-11-22
| | | | | | | | | | | | | | | | In hope to make the prune tests more robust, run two top containers and stop one explicitly to reduce the risk of a race condition. Fixes: #4452 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #4512 from kunalkushwaha/prune-filterOpenShift Merge Robot2019-11-22
|\ \ | | | | | | image prune command fixed as per docker image prune.
| * | filter added to image pruge command.Kunal Kushwaha2019-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | filter option accepts two filters. - label - until label supports "label=value" or "label=key=value" format until supports all golang compatible time/duration formats. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | | Merge pull request #4528 from haircommander/kube-seccompOpenShift Merge Robot2019-11-22
|\ \ \ | |_|/ |/| | Handle seccomp annotations in play kube
| * | play kube: handle seccomp labelsPeter Hunt2019-11-18
| | | | | | | | | | | | | | | | | | | | | Add handling of seccomp annotations to play kube at both container and pod levels. also add a test Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | Merge pull request #4464 from TomSweeneyRedHat/dev/tsweeney/buildtestOpenShift Merge Robot2019-11-19
|\ \ \ | | | | | | | | Add new test suite for build
| * | | Add new test suite for buildTomSweeneyRedHat2019-11-16
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most build testing should be done in Buildah's test suites, but we should have a minimal amount of tests, especially testing the parts that are different like layers and squash. Also the CLI argument handling of things like the context directory that we've had issues reported. This first chunk does a basic test and then checks for context directory being a file and squash iterations. More to be added as time goes by. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | Merge pull request #4523 from vrothberg/systemd-improvementsOpenShift Merge Robot2019-11-19
|\ \ \ | | | | | | | | podman rm/stop --cidfile
| * | | podman rm/stop --cidfileValentin Rothberg2019-11-18
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a --cidfile flag to podman rm/stop to pass a container ID via a file. Podman run already provides the functionaly to store the ID in a specified file which we now complete with rm/stop. This allows for a better life-cycle management in systemd services. Note that --cdifile can be specified multiple times to rm/stop. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #4502 from vrothberg/fix-3359OpenShift Merge Robot2019-11-18
|\ \ \ | |/ / |/| | history: rewrite mappings
| * | history: rewrite mappingsValentin Rothberg2019-11-12
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Rewrite the backend for displaying the history of an image to simplify the code and be closer to docker's behaviour. Instead of driving index-based heuristics, create a reverse mapping from top-layers to the corresponding image IDs and lookup the layers on-demand. Also use the uncompressed layer size to be closer to Docker's behaviour. Note that intermediate images from local builds are not considered for the ID lookups anymore. Fixes: #3359 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* / use pause image for check allbaude2019-11-14
|/ | | | | | | | the pull all tags test can frequently timeout when trying to pull all alpine tags. using the pause image, which is smaller, should provide some relief. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #4408 from slimjim2234/masterOpenShift Merge Robot2019-11-08
|\ | | | | Fixed issue #4391; podman info --format '{{ json . }}'
| * Fixed the JSON go template format for the 'info' actionJimmy Crumpler2019-11-01
| | | | | | | | Signed-off-by: Jimmy Crumpler <slimjim2234@gmail.com>
* | Merge pull request #4337 from QiWang19/check_auth_pathOpenShift Merge Robot2019-11-08
|\ \ | | | | | | fix bug check nonexist authfile
| * | fix bug check nonexist authfileQi Wang2019-11-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | Use GetDefaultAuthFile() from buildah. For podman command(except login), if authfile does not exist returns error. close #4328 Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #4466 from giuseppe/notmpcopyupOpenShift Merge Robot2019-11-07
|\ \ \ | | | | | | | | mount: add new options nocopyup|copyup for tmpfs
| * | | mount: add new options nocopyup|copyup for tmpfsGiuseppe Scrivano2019-11-07
| |/ / | | | | | | | | | | | | | | | add a way to disable tmpcopyup for tmpfs. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #4451 from giuseppe/set-macOpenShift Merge Robot2019-11-07
|\ \ \ | | | | | | | | podman: add support for specifying MAC
| * | | test: add tests for --mac-addressGiuseppe Scrivano2019-11-07
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | podman: add support for specifying MACJakub Filak2019-11-06
| |/ / | | | | | | | | | | | | | | | | | | | | | I basically copied and adapted the statements for setting IP. Closes #1136 Signed-off-by: Jakub Filak <jakub.filak@sap.com>
* / / Add support for RunAsUser and RunAsGroupDaniel J Walsh2019-11-06
|/ / | | | | | | | | | | | | | | | | | | Currently podman generate kube does not generate the correct RunAsUser and RunAsGroup options in the yaml file. This patch fixes this. This patch also make `podman play kube` use the RunAdUser and RunAsGroup options if they are specified in the yaml file. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4370 from rhatdan/seccompOpenShift Merge Robot2019-11-05
|\ \ | | | | | | Set SELinux labels based on the security context in the kube.yaml
| * | Set SELinux labels based on the security context in the kube.yamlDaniel J Walsh2019-11-05
| | | | | | | | | | | | | | | | | | | | | If the kube.yaml specifieds the SELinux type or Level, we need the container to be launched with the correct label. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>