summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Add support for slirp network for podsAshley Cui2020-09-25
| | | | | | flag --network=slirp4netns[options] for root and rootless pods Signed-off-by: Ashley Cui <acui@redhat.com>
* Add labels to a pod created via play kubeJordan Christiansen2020-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using `podman play kube` with a YAML file that has pod labels, apply those labels to the pods that podman makes. For example, this Deployment spec has labels on a pod: apiVersion: apps/v1 kind: Deployment metadata: name: myapp labels: app: myapp spec: selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: web image: nginx ports: - containerPort: 80 The pods that podman creates will have the label "app" set to "myapp" so that these pods can be found with `podman pods ps --filter label=app`. Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* Fix podman pod create --infra-command and --infra-imageDaniel J Walsh2020-09-16
| | | | | | | | Currently infr-command and --infra-image commands are ignored from the user. This PR instruments them and adds tests for each combination. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7624 from QiWang19/policy-optionOpenShift Merge Robot2020-09-16
|\ | | | | Supports import&run--signature-policy
| * Supports import&run--signature-policyQi Wang2020-09-15
| | | | | | | | | | | | Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #7636 from vrothberg/fix-7407OpenShift Merge Robot2020-09-16
|\ \ | | | | | | run/create: record raw image
| * | run/create: record raw imageValentin Rothberg2020-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Record the user-specified "raw" image name in the SpecGenerator, so we can pass it along to the config when creating a container. We need a separate field as the image name in the generator may be set to the ID of the previously pulled image - ultimately the cause of #7404. Reverting the image name from the ID to the user input would not work since "alpine" for pulling iterates over the search registries in the registries.conf but looking up "alpine" normalizes to "localhost/alpine". Recording the raw-image name directly in the generator was the best of the options I considered as no hidden magic from search registries or normalizations (that may or may not change in the future) can interfere. The auto-update backend enforces that the raw-image name is a fully-qualified reference, so we need to worry about that in the front end. Fixes: #7407 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #7642 from jwhonce/issues/7327-2OpenShift Merge Robot2020-09-16
|\ \ \ | | | | | | | | Refactor API version values
| * | | Refactor API version valuesJhon Honce2020-09-15
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * API-Version header now Major.Minor to support tools parsing this header * Libpod Version updated to 2.0.0 to reflect changes in API field values * API-Version and Libpod-API-Version headers are now included in all results Fixes #7327 * Header support tested against goland 2020.2 and https://www.jetbrains.com/help/idea/docker.html plugin Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #7633 from edsantiago/minus_l_with_other_argsOpenShift Merge Robot2020-09-15
|\ \ \ | |/ / |/| | Usability: prevent "-l" with arguments
| * | Usability: prevent "-l" with argumentsEd Santiago2020-09-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add new system check confirming that "podman foo -l arg" throws an error; and fix lots of instances where code was not doing this check. I'll probably need to add something similar for --all but that can wait. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #7452 from jwhonce/issues/7136OpenShift Merge Robot2020-09-15
|\ \ \ | |_|/ |/| | Refactor API build endpoint to be more compliant
| * | Refactor API build endpoint to be more compliantJhon Honce2020-09-14
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactor/Rename channel.WriteCloser() to encapsulate the channel * Refactor build endpoint to "live" stream buildah output channels over API rather then buffering output * Refactor bindings/tunnel build because endpoint changes * building tar file now in bindings rather then depending on caller * Cleanup initiating extra image engine * Remove setting fields to zero values (less noise in code) * Update tests to support remote builds Fixes #7136 Fixes #7137 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* / podman wait accept args > 1Paul Holzinger2020-09-15
|/ | | | Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #7600 from rhatdan/codespellOpenShift Merge Robot2020-09-11
|\ | | | | Fix up errors found by codespell
| * Fix up errors found by codespellDaniel J Walsh2020-09-11
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7403 from QiWang19/runtime-flagOpenShift Merge Robot2020-09-11
|\ \ | |/ |/| Add global options --runtime-flags
| * Add global options --runtime-flagsQi Wang2020-09-04
| | | | | | | | | | | | Add global options --runtime-flags for setting options to container runtime. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #7591 from haircommander/play-kube-process-namespaceOpenShift Merge Robot2020-09-11
|\ \ | | | | | | play/generate: support shareProcessNamespace
| * | play/generate: support shareProcessNamespacePeter Hunt2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | this is an option that allows a user to specify whether to share PID namespace in the pod for play kube and generate kube associated test added Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | Merge pull request #7593 from edsantiago/network_test_cleanupOpenShift Merge Robot2020-09-11
|\ \ \ | | | | | | | | run_networking e2e test: add cleanup to some tests
| * | | run_networking e2e test: add cleanup to some testsEd Santiago2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Problem: if either of the two "podman network create" tests fail, all subsequent retries will also fail because the created network has not been cleaned up (so "network create" will fail with EEXIST). Solution: run "podman network rm" as deferred cleanup instead of in each test. This is NOT a fix for #7583 - it is just a way to allow ginkgo to retry a failing test. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #7586 from ashley-cui/rokubeOpenShift Merge Robot2020-09-11
|\ \ \ \ | | | | | | | | | | Add read-only volume mount to play kube
| * | | | Add read-only mount to play kubeAshley Cui2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for read-only volume mounts in podman play kube Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | | Merge pull request #7590 from edsantiago/batsOpenShift Merge Robot2020-09-10
|\ \ \ \ \ | |_|/ / / |/| | | | system tests: cleanup
| * | | | system tests: cleanupEd Santiago2020-09-10
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - run tests: better "skip" message for docker-archive test; remove FIXME, document that podman-remote doesn't support it - run tests: instrument the --conmon-pidfile test in hopes of tracking down flake #7580: cross-check pidfile against output of 'podman inspect', and add some debug messages that will only be seen on test failure. - load tests: the pipe test: save and load a temporary tag, not $IMAGE. Primary reason is because of #7371, in which 'podman load' assigns a new image ID (instead of preserving the saved one). This messes with our image management, and it turns out to be nonfixable. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #7541 from mheon/modify_groupOpenShift Merge Robot2020-09-10
|\ \ \ \ | |/ / / |/| | | Make an entry in /etc/group when we modify /etc/passwd
| * | | Make an entry in /etc/group when we modify /etc/passwdMatthew Heon2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To ensure that the user running in the container ahs a valid entry in /etc/passwd so lookup functions for the current user will not error, Podman previously began adding entries to the passwd file. We did not, however, add entries to the group file, and this created problems - our passwd entries included the group the user is in, but said group might not exist. The solution is to mirror our logic for /etc/passwd modifications to also edit /etc/group in the container. Unfortunately, this is not a catch-all solution. Our logic here is only advanced enough to *add* to the group file - so if the group already exists but we add a user not a part of it, we will not modify that existing entry, and things remain inconsistent. We can look into adding this later if we absolutely need to, but it would involve adding significant complexity to this already massively complicated function. While we're here, address an edge case where Podman could add a user or group whose UID overlapped with an existing user or group. Also, let's make users able to log into users we added. Instead of generating user entries with an 'x' in the password field, indicating they have an entry in /etc/shadow, generate a '*' indicating the user has no password but can be logged into by other means e.g. ssh key, su. Fixes #7503 Fixes #7389 Fixes #7499 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #7577 from rhatdan/runlabel1OpenShift Merge Robot2020-09-10
|\ \ \ \ | | | | | | | | | | podman container runlabel should pull the image if it does not exist
| * | | | podman container runlabel should pull the image if it does not existDaniel J Walsh2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since --pull is deprecated, remove it from help and hide if from --help Also set it to true by default. Share image pull code betweern podman image pull and podman container runlabel. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1877181 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7578 from giuseppe/join-userns-reuse-mappingsOpenShift Merge Robot2020-09-10
|\ \ \ \ \ | | | | | | | | | | | | libpod: read mappings when joining a container userns
| * | | | | libpod: read mappings when joining a container usernsGiuseppe Scrivano2020-09-10
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when joining an existing container user namespace, read the existing mappings so the storage can be created with the correct ownership. Closes: https://github.com/containers/podman/issues/7547 Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
* | | | | Merge pull request #7460 from AkihiroSuda/allow-rootless-cniOpenShift Merge Robot2020-09-10
|\ \ \ \ \ | | | | | | | | | | | | rootless: support `podman network create` (CNI-in-slirp4netns)
| * | | | | rootless: support `podman network create` (CNI-in-slirp4netns)Akihiro Suda2020-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Usage: ``` $ podman network create foo $ podman run -d --name web --hostname web --network foo nginx:alpine $ podman run --rm --network foo alpine wget -O - http://web.dns.podman Connecting to web.dns.podman (10.88.4.6:80) ... <h1>Welcome to nginx!</h1> ... ``` See contrib/rootless-cni-infra for the design. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* | | | | | Merge pull request #7574 from vrothberg/fix-7117OpenShift Merge Robot2020-09-10
|\ \ \ \ \ \ | | | | | | | | | | | | | | remote run: consult events for exit code
| * | | | | | remote run: consult events for exit codeValentin Rothberg2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After attaching to a container, we wait for the container to finish and return its exit code. Waiting for the container may not always succeed, for instance, when the container has been force removed by another process. In such case, we have to look at the *last* container-exit event. Also refactor the `ContainerRun` method a bit to return early on errors and de-spaghetti the code. Enable the remote-disabled system test. Fixes: #7117 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | | Merge pull request #7536 from Luap99/api-network-filterOpenShift Merge Robot2020-09-10
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | APIv2 Add network list filtering
| * | | | | | APIv2 Add network list filteringPaul Holzinger2020-09-07
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the filter option to the libpod endpoint. Add support for the name filter on the docker endpoint. Add apiv2 tests for the network list endpoints. Enable podman network integration tests for remote. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | | Merge pull request #7575 from rhatdan/runlabelOpenShift Merge Robot2020-09-09
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix podman container runlabel --display
| * | | | | | Fix podman container runlabel --displayDaniel J Walsh2020-09-09
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Current podman container runlabel --display is being ignored. This is just supposed to display the command that would be run, and then exit, but instead is actually running the command. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1877186 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #7573 from rhatdan/oomOpenShift Merge Robot2020-09-09
|\ \ \ \ \ \ | | | | | | | | | | | | | | Make oom-score-adj actually work
| * | | | | | Make oom-score-adj actually workDaniel J Walsh2020-09-09
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | During the redesign of podman 2.0, we dropped the support for --oom-score-adj. Test for this flag was bogus and thus passing when it was broken. Basically just need to set the value in the spec. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1877187 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #7572 from vrothberg/fix-7135OpenShift Merge Robot2020-09-09
|\ \ \ \ \ \ | | | | | | | | | | | | | | remote kill: don't wait for the container to stop
| * | | | | | remote kill: don't wait for the container to stopValentin Rothberg2020-09-09
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Invert the branch logic to match the comment. Docker seems to wait for the container while Podman does not. Enable the remote-disabled system test as well. Fixes: #7135 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #7570 from rhatdan/logfileOpenShift Merge Robot2020-09-09
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix podman build --logfile
| * | | | | | Fix podman build --logfileDaniel J Walsh2020-09-09
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently this command blows up because it closes the file descriptor before doing the build. Add tests to make sure we don't regress. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1877188 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #7571 from vrothberg/fix-7157OpenShift Merge Robot2020-09-09
|\ \ \ \ \ \ | | | | | | | | | | | | | | generate systemd: catch `--name=foo`
| * | | | | | generate systemd: catch `--name=foo`Valentin Rothberg2020-09-09
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The systemd generator looks for certain flags in the containers' create commands to determine which flags need to be added. In case of named containers, the generator adds the `--replace` flag to prevent name conflicts at container creation. Fix the generator to not only cover the `--name foo` syntax but also the `--name=foo` one. Fixes: #7157 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #7568 from rhatdan/latestOpenShift Merge Robot2020-09-09
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix podman ps -l
| * | | | | | Fix podman ps -lDaniel J Walsh2020-09-09
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the --latest flag is ignored by podman ps command. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1877182 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>