summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Merge pull request #10654 from Luap99/net-connectOpenShift Merge Robot2021-06-12
|\ | | | | Fix network connect race with docker-compose
| * Fix network connect race with docker-composePaul Holzinger2021-06-11
| | | | | | | | | | | | | | | | | | | | | | Network connect/disconnect has to call the cni plugins when the network namespace is already configured. This is the case for `ContainerStateRunning` and `ContainerStateCreated`. This is important otherwise the network is not attached to this network namespace and libpod will throw errors like `network inspection mismatch...` This problem happened when using `docker-compose up` in attached mode. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #10638 from Luap99/volumeOpenShift Merge Robot2021-06-11
|\ \ | | | | | | Fix volumes with uid and gid options
| * | Fix volumes with uid and gid optionsPaul Holzinger2021-06-11
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman uses the volume option map to check if it has to mount the volume or not when the container is started. Commit 28138dafcc39 added to uid and gid options to this map, however when only uid/gid is set we cannot mount this volume because there is no filesystem or device specified. Make sure we do not try to mount the volume when only the uid/gid option is set since this is a simple chown operation. Also when a uid/gid is explicity set, do not chown the volume based on the container user when the volume is used for the first time. Fixes #10620 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #10646 from edsantiago/arm64OpenShift Merge Robot2021-06-11
|\ \ | | | | | | System tests: the continuing multiarch saga
| * | System tests: the continuing multiarch sagaEd Santiago2021-06-10
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TL;DR podman needs "arm64" as arch, not "arm64v8". Unexpurgated version: docker.io publishes ${ARCH}/alpine for several values of ARCH. Unfortunately, the arm64 one is called "arm64v8", which is sensible, but podman needs the --arch value of the manifest to be exactly "arm64". So we need to special-case this value in our loop. Do so, and build/publish a new 20210610 testimage. Use that in tests moving forward. And, since we need to jump through the same hoops to build the nonlocal image, include it in the build loop instead of as a tacked-on comment. Try to be helpful by determining the next-available numeric tag. And: don't push anything by default. Instead, just tell the user what buildah-push commands to run. And: refactor $PODMAN_NONLOCAL_IMAGE_TAG, to make it easier for the RHEL-arch-testing folx to override using envariables instead of inplace-sed. (Not that they should ever need to override again, because this is the final multiarch commit that should be forevermore perfect and need no further commits ever again). And, finally, bump up to latest alpine/busybox images. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / container: ignore named hierarchiesGiuseppe Scrivano2021-06-10
|/ | | | | | | | | | when looking up the container cgroup, ignore named hierarchies since containers running systemd as payload will create a sub-cgroup and move themselves there. Closes: https://github.com/containers/podman/issues/10602 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* System tests: deal with crun 0.20.1Ed Santiago2021-06-09
| | | | | | | | | | crun 0.20.1 changed an error message that we relied on. Deal with it by accepting the old and new message. Also (unrelated): sneak in some doc fixes to get rid of nasty go-md2man warnings that have crept into man pages. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #10550 from rhatdan/DockerfileOpenShift Merge Robot2021-06-09
|\ | | | | podman-remote build should handle -f option properly
| * podman-remote build should handle -f option properlyDaniel J Walsh2021-06-08
| | | | | | | | | | | | | | | | | | | | podman-remote build has to handle multiple different locations for the Containerfile. Currently this works in local mode but not when using podman-remote. Fixes: https://github.com/containers/podman/issues/9871 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10607 from jwhonce/issues/10559OpenShift Merge Robot2021-06-09
|\ \ | | | | | | [CI:DOCS] Update swagger for inspect network
| * | [CI:DOCS] Update swagger for inspect networkJhon Honce2021-06-08
| | | | | | | | | | | | | | | | | | | | | | | | struct for swagger was pointing to wrong internal type Fixes #10559 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #10390 from jmguzik/fix-cmd-prune-filter-imagesOpenShift Merge Robot2021-06-09
|\ \ \ | |/ / |/| | Fix image prune --filter cmd behavior
| * | Fix image prune --filter cmd behaviorJakub Guzik2021-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | Image prune --filter is fully implemented in the api, http api yet not connected with the cli execution. User trying to use filters does not see the effect. This commit adds glue code to enable possiblity of using --filter in prune in the cli execution. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | Merge pull request #10603 from cdoern/networksQueryCharlie Doern2021-06-08
|\ \ \ | |_|/ |/| | implemented verbose and scope as possible
| * | fixed docs and schemascdoern2021-06-08
| | | | | | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | Merge pull request #10600 from vrothberg/fix-10596OpenShift Merge Robot2021-06-08
|\ \ \ | | | | | | | | logs: k8s-file: fix race
| * | | logs: k8s-file: fix raceValentin Rothberg2021-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a race in the k8s-file logs driver. When "following" the logs, Podman will print the container's logs until the end. Previously, Podman logged until the state transitioned into something non-running which opened up a race with the container still running, possibly in the "stopping" state. To fix the race, log until we've seen the wait event for the specific container. In that case, conmon will have finished writing all logs to the file, and Podman will read it until EOF. Further tweak the integration tests for testing `logs -f` on a running container. Previously, the test only checked for one of two lines stating that there was a race. Indeed the race was in using `run --rm` where a log file may be removed before we could fully read it. Fixes: #10596 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #10548 from cdoern/imgFeatureOpenShift Merge Robot2021-06-08
|\ \ \ \ | |_|_|/ |/| | | API images/create added missing parameters platform, message, repo
| * | | made requested changes, fixed api testscdoern2021-06-04
| | | | | | | | | | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | Merge pull request #10592 from edsantiago/batsOpenShift Merge Robot2021-06-08
|\ \ \ \ | | | | | | | | | | auto-update tests: various fixes
| * | | | auto-update tests: various fixesEd Santiago2021-06-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #9740. Nice work, but the _confirm_update() helper was dangerously broken and I just wasn't able to communicate that. Given the time zone difference, and my weekly time cost in reviewing, it's easier for me to fix it myself. (The problem is that the function was a complete NOP, which would lead to flakes). Also: got rid of some clutter, restructured a few minor places for maintainability. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #10591 from mheon/fix_10569OpenShift Merge Robot2021-06-08
|\ \ \ \ \ | |/ / / / |/| | | | Fix compat create with NetworkMode=default
| * | | | Fix compat create with NetworkMode=defaultMatthew Heon2021-06-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The rework of namespace handling for rootless CNI broke this, as CNI networks were being computed incorrectly. Fix handling of CNI networks for the Compat Create REST API for containers, and add a test so we don't regress again. Fixes #10569 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #9740 from ypu/auto-updateOpenShift Merge Robot2021-06-07
|\ \ \ \ \ | |_|_|_|/ |/| | | | System test: Add tests for podman auto-update
| * | | | System test: Add podman auto-update related test casesYiqiao Pu2021-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add some cases for podman auto-update: 1. Test with different value for label io.containers.autoupdate 2. Run podman auto-update as systemd timer Signed-off-by: Yiqiao Pu <ypu@redhat.com>
* | | | | Merge pull request #10381 from adrianreber/2021-05-18-publishOpenShift Merge Robot2021-06-07
|\ \ \ \ \ | | | | | | | | | | | | Add --publish to container restore
| * | | | | Add test for restore --publishAdrian Reber2021-06-04
| |/ / / / | | | | | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | Merge pull request #10557 from vrothberg/fix-5572OpenShift Merge Robot2021-06-07
|\ \ \ \ \ | | | | | | | | | | | | systemd/generate: change type to notify
| * | | | | systemd/generate: change type to notifyValentin Rothberg2021-06-04
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change the type of units generated with --new from "forking" to "notify". This brings Podman closer to systemd and opens up Podman to a number of use cases (see #5572). Units generated without --new remain with `type=forking`. I experimented a bit with adding a `--sdnotify` flag to `podman start` but it doesn't really work well since we're competing with the default sdnotify mode set during container creation. Fixes: #5572 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Added tests for different checkpoint archive compressionsAdrian Reber2021-06-07
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | Merge pull request #10561 from vrothberg/fix-remote-events-labelOpenShift Merge Robot2021-06-07
|\ \ \ \ \ | | | | | | | | | | | | remote events: support labels
| * | | | | remote events: support labelsValentin Rothberg2021-06-04
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Certain event meta data was lost when converting the remote events to libpod events and vice versa. Enable the skipped system tests for remote. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #10549 from Luap99/fix-9859OpenShift Merge Robot2021-06-05
|\ \ \ \ \ | |_|_|/ / |/| | | | remote: always send resize before the container starts
| * | | | remote: always send resize before the container startsPaul Holzinger2021-06-04
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is race condition in the remote client attach logic. Because the resize api call was handled in an extra goroutine the container was started before the resize call happend. To fix this we have to call resize in the same goroutine as attach. When the first resize is done start a goroutine to listen on SIGWINCH in the background and resize again if the signal is received. Fixes #9859 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #10558 from vrothberg/fix-10529OpenShift Merge Robot2021-06-04
|\ \ \ \ | |_|/ / |/| | | remote events: fix --stream=false
| * | | remote events: fix --stream=falseValentin Rothberg2021-06-04
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a bug in remote events where only one event would be sent if when streaming is turned off. The source of the bug was that the handler attempted to implement the streaming logic and did it wrong. The fix is rather simple by removing this logic from the handler and let the events backend handle streaming. Fixes: #10529 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* / / add ipv6 nameservers only when the container has ipv6 enabledPaul Holzinger2021-06-03
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | The containers /etc/resolv.conf allways preserved the ipv6 nameserves from the host even when the container did not supported ipv6. Check if the cni result contains an ipv6 address or slirp4netns has ipv6 support enabled and only add the ipv6 nameservers when this is the case. The test needs to have an ipv6 nameserver in the hosts /etc/hosts but we should never mess with this file on the host. Therefore the test is skipped when no ipv6 is detected. Fixes #10158 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #10514 from vrothberg/fix-10507OpenShift Merge Robot2021-06-02
|\ \ | | | | | | events: support disjunctive filters
| * | events: support disjunctive filtersValentin Rothberg2021-06-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | While different filters are applied in conjunction, the same filter (but with different values) should be applied in disjunction. This allows, for instance, to query the events of two containers. Fixes: #10507 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10527 from edsantiago/batsOpenShift Merge Robot2021-06-01
|\ \ \ | | | | | | | | System tests: add :Z to volume mounts
| * | | System tests: add :Z to volume mountsEd Santiago2021-06-01
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | selinux-policy-34.9-1.fc34 breaks a behavior we've relied on since (at least) January 2020: - Revert "Add permission open to files_read_inherited_tmp_files() interface" That's probably the correct thing to do, but it breaks our existing tests. Solution: add ':Z' where needed. Tested on Ed's laptop, which has the offending selinux-policy as of 2021-05-31. Tests pass root and rootless. (I mention this because tests will obviously pass in CI, which has a much older selinux-policy). Also: add a 'podman rmi' for cleanup in one test, to avoid noise in test logs. Fixes: #10522 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #10517 from cdoern/masterOpenShift Merge Robot2021-06-01
|\ \ \ | | |/ | |/| API one-shot query implementation/handling
| * | added tests in python rest apicdoern2021-06-01
| | | | | | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | support tag@digest notationValentin Rothberg2021-05-31
| |/ |/| | | | | | | | | | | | | | | Vendor in the latest HEAd of containers/common to implicitly support the tag@digest notation for images. To remain compatible with Docker, the tag will be stripped off the image reference and is entirely ignored. Fixes: #6721 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #10383 from rhatdan/kubeOpenShift Merge Robot2021-05-27
|\ \ | | | | | | Handle image user and exposed ports in podman play kube
| * | Handle image user and exposed ports in podman play kubeDaniel J Walsh2021-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if a user runs an image with a user specified or exposed ports with podman play kube, the fields are ignored. Fixed: https://github.com/containers/podman/issues/9609 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #10447 from mheon/rootlesscni_defaultOpenShift Merge Robot2021-05-26
|\ \ \ | |/ / |/| | Add the option of Rootless CNI networking by default
| * | Add the option of Rootless CNI networking by defaultMatthew Heon2021-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the containers.conf field "NetNS" is set to "Bridge" and the "RootlessNetworking" field is set to "cni", Podman will now handle rootless in the same way it does root - all containers will be joined to a default CNI network, instead of exclusively using slirp4netns. If no CNI default network config is present for the user, one will be auto-generated (this also works for root, but it won't be nearly as common there since the package should already ship a config). I eventually hope to remove the "NetNS=Bridge" bit from containers.conf, but let's get something in for Brent to work with. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | journald logger: fix race conditionValentin Rothberg2021-05-26
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a race in journald driver. Following the logs implies streaming until the container is dead. Streaming happened in one goroutine, waiting for the container to exit/die and signaling that event happened in another goroutine. The nature of having two goroutines running simultaneously is pretty much the core of the race condition. When the streaming goroutines received the signal that the container has exitted, the routine may not have read and written all of the container's logs. Fix this race by reading both, the logs and the events, of the container and stop streaming when the died/exited event has been read. The died event is guaranteed to be after all logs in the journal which guarantees not only consistencty but also a deterministic behavior. Note that the journald log driver now requires the journald event backend to be set. Fixes: #10323 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>