summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Merge pull request #7390 from baude/podnetOpenShift Merge Robot2020-08-21
|\ | | | | error when adding container to pod with network information
| * error when adding container to pod with network informationBrent Baude2020-08-21
| | | | | | | | | | | | | | | | | | | | | | | | because a pod's network information is dictated by the infra container at creation, a container cannot be created with network attributes. this has been difficult for users to understand. we now return an error when a container is being created inside a pod and passes any of the following attributes: * static IP (v4 and v6) * static mac * ports -p (i.e. -p 8080:80) * exposed ports (i.e. 222-225) * publish ports from image -P Signed-off-by: Brent Baude <bbaude@redhat.com>
* | fix /libpod/pods/json returns null when there are no podszhangguanzhang2020-08-21
| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | fix pod creation with "new:" syntax followup + allow hostnamePaul Holzinger2020-08-20
|/ | | | | | | | | | | | | | | | | | | | | Fixes: 4c75fe3f70ed ("fix pod creation with "new:" syntax") Commit 4c75fe3f70ed passes all net options to the pod but forgot to unset the options for the container creation. This leads to erros when using flags like `--ip` since we tried setting the ip on the pod and container which obviously fails. I didn't notice the bug because we don't throw an error when specifing port bindings on a container which joins the pods network namespace. (#7373) Also allow the use of `--hostname` and pass that option to the pod and unset it for the container. The container has to use the pods hostname anyway. This would error otherwise. Added tests to prevent regression. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* system tests: enable more remote tests; cleanupEd Santiago2020-08-19
| | | | | | | | | | | | | | | | | | | | | | | | info, images, run, networking tests: remove some skip_if_remote()s that were added in the varlink days. All of these tests now seem to work with APIv2. help test: check that first output line from 'podman --help' is the program description (regression check for #7273). load test: clean up stray images, rewrite test to make it conform to existing convention. In the process, discover and file #7337 exec test (and networking): file #7360, and add FIXME comment to skip()s suggesting evaluating those tests once that is fixed. pod test: now that #6328 is fixed, use 'podman pod inspect --format' instead of relying on jq Various other tests: add an explanation of why test is disabled so we can more easily distinguish "this will never be meaningful under remote" vs "hey, doesn't work for now, but maybe someday". Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7361 from Luap99/version-builttimeOpenShift Merge Robot2020-08-19
|\ | | | | fix podman version output to include git commit and builttime
| * fix podman version output to include git commit and builttimePaul Holzinger2020-08-18
| | | | | | | | | | | | Add the go module version v2 to the libpod path. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #7341 from edsantiago/e2e_use_tmpdirsOpenShift Merge Robot2020-08-18
|\ \ | | | | | | e2e tests: use actual temp dirs, not "/tmp/dir"
| * | e2e tests: use actual temp dirs, not "/tmp/dir"Ed Santiago2020-08-18
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | One of the --iidfile tests was flaking: Error: failed to write image ID to file "/tmp/dir/idFile": open /tmp/dir/idFile: no such file or directory Root cause: test was actually not mkdir'ing /tmp/dir. Test was mostly passing because _other_ tests in the suite were mkdir'ing it, but once in a while this test ran before the others. Solution: fixed this test to use CreateTempDirInTempDir(). And, since hardcoded tempdirs are bad practice, grepped for '"dir"' and fixed all other instances too. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / flake fix: podman image trustEd Santiago2020-08-18
|/ | | | | | | | | The output of 'podman image trust' is in random order; but its e2e test was assuming a specific one. This caused flakes. Fixes: #6764 Signed-off-by: Ed Santiago <santiago@redhat.com>
* Re-disable sdnotify tests to try to fix CIEd Santiago2020-08-18
| | | | | | | | Some CI tests are hanging, timing out in 60 or 120 minutes. I wonder if it's #7316, the bug where all podman commands hang forever if NOTIFY_SOCKET is set? Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7333 from openSUSE/bashifyOpenShift Merge Robot2020-08-17
|\ | | | | Use `bash` binary from env instead of /bin/bash for scripts
| * Use `bash` binary from env instead of /bin/bash for scriptsSascha Grunert2020-08-17
| | | | | | | | | | | | | | | | It's not possible to run any of the scripts on distributions which do have `bash` not in `/bin`. This is being fixed by using `/usr/bin/env bash` instead. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #7317 from edsantiago/batsOpenShift Merge Robot2020-08-17
|\ \ | |/ |/| system tests: enable sdnotify tests
| * system tests: enable sdnotify testsEd Santiago2020-08-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Oops. PR #6693 (sdnotify) added tests, but they were disabled due to broken crun on f31. I tried for three weeks to get a magic CI:IMG PR to update crun on the CI VMs ... but in that time I forgot to actually enable those new tests. This PR removes a 'skip', replacing it with a check that systemd is running plus one more to make sure our runtime is crun. It looks like sdnotify just doesn't work on Ubuntu (it hangs), and my guess is that it's a crun/runc issue. I also changed the test image from fedora:latest to :31, because, sigh, fedora:latest removed the systemd-notify tool. WARNING WARNING WARNING: the symptom of a missing systemd-notify is that podman will hang forever, not even stopped by the timeout command in podman_run! (Filed: #7316). This means that if the sdnotify-in-container test ever fails, the symptom will be that Cirrus itself will time out (2 hours?). This is horrible. I don't know what to do about it other than push for a fix for 7316. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #7314 from aojea/ipv6_default_gwOpenShift Merge Robot2020-08-16
|\ \ | |/ |/| IPv6 default route
| * podman support for IPv6 networksAntonio Ojea2020-08-15
| | | | | | | | | | | | | | | | | | | | | | podman containers using IPv6 were missing the default route, breaking deployments trying to use them. The problem is that the default route was hardcoded to IPv4, this takes into consideration the podman subnet IP family to generate the corresponding default route. Signed-off-by: Antonio Ojea <aojea@redhat.com>
* | run, create: add new security-opt proc-optsGiuseppe Scrivano2020-08-12
|/ | | | | | | it allows to customize the options passed down to the OCI runtime for setting up the /proc mount. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #7073 from QiWang19/save-stdoutOpenShift Merge Robot2020-08-12
|\ | | | | podman save use named pipe
| * podman save use named pipeQi Wang2020-08-12
| | | | | | | | | | | | | | podman save uses named pipe as output path, not directly using /dev/stdout. fix #7017 Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #7308 from hamzadis/slirp4netns-cidrOpenShift Merge Robot2020-08-12
|\ \ | | | | | | Add support for setting the CIDR when using slirp4netns
| * | Add support for setting the CIDR when using slirp4netnsAdis Hamzić2020-08-12
| |/ | | | | | | | | | | | | | | This adds support for the --cidr parameter that is supported by slirp4netns since v0.3.0. This allows the user to change the ip range that is used for the network inside the container. Signed-off-by: Adis Hamzić <adis@hamzadis.com>
* | Merge pull request #7267 from zhangguanzhang/check-invalid-network-createOpenShift Merge Robot2020-08-12
|\ \ | |/ |/| Add parameter verification for api creation network
| * Add parameter verification for api creation networkzhangguanzhang2020-08-12
| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | Replace deepcopy on history resultsBrent Baude2020-08-11
|/ | | | | | | | the deepcopy in the remote history code path was throwing an uncaught error on a type mismatch. we now manually do the conversion and fix the type mismatch on the fly. Fixes: #7122 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #7269 from openSUSE/seccompOpenShift Merge Robot2020-08-11
|\ | | | | Allow specifying seccomp profiles for privileged containers
| * Allow specifying seccomp profiles for privileged containersSascha Grunert2020-08-11
| | | | | | | | | | | | | | To sync the behavior between AppArmor and seccomp it is now possible to also specify seccomp profiles for privileged containers. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #7239 from rhatdan/workingOpenShift Merge Robot2020-08-11
|\ \ | | | | | | Fix handling of working dir
| * | Fix handling of working dirDaniel J Walsh2020-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Buildah and podman build can create images without a working dir. FROM fedora WORKDIR /test If you build this image with caching twice, the second time the image will not have a working dir. Similarly if you execute podman run --workdir /foobar fedora It blows up since the workingdir is not created automatically. Finally there was duplicated code for getting the workingdir out of an image, that this PR removes. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Add the Status field in the ps --format=jsonzhangguanzhang2020-08-11
| | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | Merge pull request #7256 from mheon/fix_cmd_with_entrypointOpenShift Merge Robot2020-08-10
|\ \ \ | | | | | | | | Do not use image CMD if user gave ENTRYPOINT
| * | | Do not use image CMD if user gave ENTRYPOINTMatthew Heon2020-08-10
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This matches Docker behavior, and seems to make sense - the CMD may have been specific to the original entrypoint and probably does not make sense if it was changed. While we're in here, greatly simplify the logic for populating the SpecGen's Command. We create the full command when making the OCI spec, so the client should not be doing any more than setting it to the Command the user passed in, and completely ignoring ENTRYPOINT. Fixes #7115 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #7240 from jwhonce/issues/7123OpenShift Merge Robot2020-08-10
|\ \ \ | |_|/ |/| | Default .Repository and .Tag values to <none>
| * | Default .Repository and .Tag values to <none>Jhon Honce2020-08-10
| |/ | | | | | | | | | | | | | | | | | | Refactor the processing of Repository and Tag fields to default to <none> when printing via --format flag. Previously, the default format would print <none> but --format {{.Tag}} would not in some cases. Fixes #7123 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* / generate systemd: fix error handlingValentin Rothberg2020-08-10
|/ | | | | | | | | Fix a bug in the error handling which returned nil instead of an error and ultimately lead to nil dereferences in the client. To prevent future regressions, add a test and check for the error message. Fixes: #7271 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* system tests: podman-remote, image treeEd Santiago2020-08-10
| | | | | | | | | | | | | | | | | | | | | - new sanity checks for podman-remote: - first, confirm that when PODMAN is "-remote", we actually talk to a server (validated by presence of "Server:" string in "podman version"). - second, add test for #7212, in which we run "podman --remote" (podman with --remote flag, not podman-remote command) and make sure --remote is allowed both as the first option and also with other flag options preceding. - new test for "podman image tree" (piggybacking on top of a "podman build" test, because that gives us lots of layers). - skip "podman exec - basic test" when remote. It is consistently causing CI failures, breaking all of CI, due to #7241. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7216 from 5eraph/masterOpenShift Merge Robot2020-08-09
|\ | | | | support outbound-addr
| * changes to support outbound-addr5eraph2020-08-07
| | | | | | | | | | | | Fixes #6064 Signed-off-by: Bohumil Cervenka <5eraph@protonmail.com>
* | Merge pull request #7232 from Luap99/podman-logs-tailOpenShift Merge Robot2020-08-07
|\ \ | | | | | | fix podman logs --tail when log is bigger than pagesize
| * | fix podman logs --tail when log is bigger than pagesizePaul Holzinger2020-08-06
| | | | | | | | | | | | Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #7220 from baude/issue7124OpenShift Merge Robot2020-08-05
|\ \ \ | | | | | | | | podman-remote send name and tag
| * | | podman-remote send name and tagBrent Baude2020-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when loading an image with podman-remote load, we need to send a name and a tag to the endpoint Fixes: #7124 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #7212 from jwhonce/issues/7211OpenShift Merge Robot2020-08-05
|\ \ \ \ | | | | | | | | | | Refactor parsing to not require --remote to be first flag
| * | | | Refactor parsing to not require --remote to be firstJhon Honce2020-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use cobra.Command.FParseErrWhitelist to no longer require --remote to be the first argument in flags when using CLI Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | Merge pull request #7236 from mheon/write_error_to_inspectOpenShift Merge Robot2020-08-05
|\ \ \ \ \ | |/ / / / |/| | | | Ensure that exec errors write exit codes to the DB
| * | | | Ensure that exec errors write exit codes to the DBMatthew Heon2020-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In local Podman, the frontend interprets the error and exit code given by the Exec API to determine the appropriate exit code to set for Podman itself; special cases like a missing executable receive special exit codes. Exec for the remote API, however, has to do this inside Libpod itself, as Libpod will be directly queried (via the Inspect API for exec sessions) to get the exit code. This was done correctly when the exec session started properly, but we did not properly handle cases where the OCI runtime fails before the exec session can properly start. Making two error returns that would otherwise not set exit code actually do so should resolve the issue. Fixes #6893 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #7176 from mheon/make_entrypointOpenShift Merge Robot2020-08-05
|\ \ \ \ \ | |_|_|/ / |/| | | | Ensure WORKDIR from images is created
| * | | | HACK HACK try debugging buildMatthew Heon2020-08-04
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Ensure WORKDIR from images is createdMatthew Heon2020-08-03
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A recent crun change stopped the creation of the container's working directory if it does not exist. This is arguably correct for user-specified directories, to protect against typos; it is definitely not correct for image WORKDIR, where the image author definitely intended for the directory to be used. This makes Podman create the working directory and chown it to container root, if it does not already exist, and only if it was specified by an image, not the user. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #7125 from QiWang19/fd-validateOpenShift Merge Robot2020-08-05
|\ \ \ \ | | | | | | | | | | validate fds --preserve-fds