summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* InfraContainer Reworkcdoern2021-08-26
| | | | | | | | | | InfraContainer should go through the same creation process as regular containers. This change was from the cmd level down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state) Signed-off-by: cdoern <cdoern@redhat.com>
* Merge pull request #11298 from baude/kubeupdownOpenShift Merge Robot2021-08-26
|\ | | | | teardown play kube
| * teardown play kubeBrent Baude2021-08-24
| | | | | | | | | | | | | | | | | | add the ability for play kube to tear down based on the yaml used to play it. it is indicated by --down in the play kube command. volumes are NOT deleted during the teardown. pods and their containers are stopped and removed. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #11218 from cdoern/untilBugOpenShift Merge Robot2021-08-26
|\ \ | | | | | | logFile until flag issue, negative duration replaced with positive
| * | logFile until flag issuecdoern2021-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | we were adding a negative duration in podman events, causing inputs like -5s to be correct and 5s to be incorrect. fixes #11158 Signed-off-by: cdoern <cdoern@redhat.com>
* | | Merge pull request #11307 from flouthoc/volume-import-externalOpenShift Merge Robot2021-08-26
|\ \ \ | | | | | | | | volumes: Add support for `volume import` which allows importing contents of external tarballs into podman volumes.
| * | | volumes: Add volume import to allow importing contents on tar into volumeflouthoc2021-08-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Following feature makes sure that users can load contents of external tarball into the podman volumes. Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | | Merge pull request #11103 from jwhonce/wip/bindingsOpenShift Merge Robot2021-08-25
|\ \ \ \ | | | | | | | | | | Fix file descriptor leaks in bindings and add test
| * | | | Fix file descriptor leaks and add testJhon Honce2021-08-24
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add response.Body.Close() where needed to release HTTP connections to API server. * Add tests to ensure no general leaks occur. 100% coverage would be required to ensure no leaks on any call. * Update code comments to be godoc correct Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #11314 from Luap99/expose-portsOpenShift Merge Robot2021-08-25
|\ \ \ \ | |_|/ / |/| | | podman inspect show exposed ports
| * | | podman inspect show exposed portsPaul Holzinger2021-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman inspect has to show exposed ports to match docker. This requires storing the exposed ports in the container config. A exposed port is shown as `"80/tcp": null` while a forwarded port is shown as `"80/tcp": [{"HostIp": "", "HostPort": "8080" }]`. Also make sure to add the exposed ports to the new image when the container is commited. Fixes #10777 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #11263 from nalind/journal-readOpenShift Merge Robot2021-08-24
|\ \ \ \ | | | | | | | | | | libpod/Container.readFromJournal(): don't skip the first entry
| * | | | 130-kill.bats: increase timeouts from 10s to 60sNalin Dahyabhai2021-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Increase the amount of time we're willing to wait for a log message that a container should be printing to show up in the output of `logs -f`, since on at least one CI configuration we're seeing a turnaround as high as 46s, but it's not something we can directly control, so that's not a hard maximum. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
| * | | | 330-corrupt-images: don't try to tag with a canonical nameNalin Dahyabhai2021-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In these tests, don't try to tag an image using a canonical ("with digest") image name. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | | | | generate systemd: use --cidfile againValentin Rothberg2021-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 9ac5267 changed the type of the generated systemd units from `forking` to `notify`. It further stopped using `--cidfile` and instead intended systemd to take care of stopping the container, which turned out to be a bad idea. Systemd will send the stop/kill signals to conmon which in turn may exit non-zero, depending on the signal, and ultimately breaking container cleanup. Hence, we need to use --cidfile again and let podman stop and remove the container to make sure that everything's in order. Fixes: #11304 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Revert "generate systemd: custom stop signal"Valentin Rothberg2021-08-24
| |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 70801b3d714b067d64744697433c5841926dad4d. It turns out that letting systemd handle stopping the container is not working as I thought it will. Conmon is receiving the stop/kill signals and may exit non-zero, which in turn lets the systemd service transition into the `failed` state. We need to get back to letting Podman stop the containers and do a partial revert of commit 9ac5267 which removed using --cidfile. Happening in a following commit. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | generate systemd: custom stop signalValentin Rothberg2021-08-24
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 9ac5267598c3 changed the type of the generated systemd units from forking to notify. Parts of these changes was also removing the need to pass any information via the file system (e.g., PIDFILE, container ID). That in turn implies that systemd takes care of stopping the container. By default, systemd first sends a SIGTERM and after a certain timeout, it'll send a SIGKILL. That's pretty much what Podman is doing, unless the container was created with a custom stop signal which is the case when the --stop-signal flag was used or systemd is mounted. Account for that by using systemd's KillSignal option which allows for changing SIGTERM to another signal. Also make sure that we're using the correct timeout for units generated with --new. Fixes: #11304 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11290 from flouthoc/volume-exportOpenShift Merge Robot2021-08-23
|\ \ \ | | | | | | | | volumes: Add support for `volume export` which allows exporting content to external path.
| * | | volumes: Add support for exporting volumes to external tarflouthoc2021-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds support for transferring data between systems and backing up systems. Use cases: recover from disasters or move data between machines. Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | | Merge pull request #11205 from Shivkumar13/shivkumar-tls-fixOpenShift Merge Robot2021-08-23
|\ \ \ \ | | | | | | | | | | Support for --tls-verify flag in podman-run & podman-create
| * | | | Support for --tls-verify flag in podman run & podman createShivkumar132021-08-21
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Shivkumar13 <sople@redhat.com>
* | | | | Merge pull request #11305 from Luap99/fix-11303OpenShift Merge Robot2021-08-23
|\ \ \ \ \ | | | | | | | | | | | | Use pod netns with --pod-id-file
| * | | | | Use pod netns with --pod-id-filePaul Holzinger2021-08-23
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When `--pod-id-file` is used do not parse the default network namespace and let specgen handle it instead. This regression was introduced in commit 7ef3981abe24. Fixes #11303 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #11202 from chuanchang/fix_issue_11201OpenShift Merge Robot2021-08-23
|\ \ \ \ \ | |/ / / / |/| | | | e2e tests: fix overlay: Unknown option vfs.imagestore
| * | | | e2e tests: fix overlay: Unknown option vfs.imagestoreAlex Jia2021-08-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/11201 The STORAGE_FS is hard code in test/e2e/config_amd64.go, it will hit error like this "overlay: Unknown option vfs.imagestore" when setting STORAGE_OPTIONS="--storage-driver overlay". With this patch, the STORAGE_FS is exported as environment variable, if STORAGE_FS is set, then set storageOptions to --storage-driver $STORAGE_FS. Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
* | | | | Merge pull request #11286 from jwhonce/issues/11227OpenShift Merge Robot2021-08-20
|\ \ \ \ \ | | | | | | | | | | | | Update /version endpoint to add components
| * | | | | Update /version endpoint to add componentsJhon Honce2021-08-19
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Include OCI and conmon information as components Fixes #11227 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | Merge pull request #11289 from Luap99/net-alias-idOpenShift Merge Robot2021-08-20
|\ \ \ \ \ | | | | | | | | | | | | Fix network aliases with network id
| * | | | | Fix network aliases with network idPaul Holzinger2021-08-20
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a network id is used to create a container we translate it to use the name internally for the db. The network aliases are also stored with the network name as key so we have to also translate them for the db. Also removed some outdated skips from the e2e tests. Fixes #11285 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / | | | Implement SD-NOTIFY proxy in conmonDaniel J Walsh2021-08-20
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This leverages conmon's ability to proxy the SD-NOTIFY socket. This prevents locking caused by OCI runtime blocking, waiting for SD-NOTIFY messages, and instead passes the messages directly up to the host. NOTE: Also re-enable the auto-update tests which has been disabled due to flakiness. With this change, Podman properly integrates into systemd. Fixes: #7316 Signed-off-by: Joseph Gooch <mrwizard@dok.org> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* / / / Podman info output plugin informationPaul Holzinger2021-08-19
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | For docker compat include information about available volume, log and network drivers which should be listed under the plugins key. Fixes #11265 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #11180 from baude/buildplaykubeOpenShift Merge Robot2021-08-18
|\ \ \ | | | | | | | | Add ability to build images in play kube
| * | | Add ability to build images in play kubeBrent Baude2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When playing a kube YAML file, it can be desirable to be able to build an image on the fly. This is good for development of an image and YAML files and somewhat mocks what compose does. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Skip stats test in CGv1 container environmentsChris Evich2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These tests were originally enabled in a situation where CI provided false-positive results. Now that has been corrected, these tests all fail under a CGv1 container environment with the error: ``` Error: unable to load cgroup at /machine.slice/libpod-e4f...086.scope/libpod_parent/libpod-fbd...425: cgroup deleted ``` This commit simply disables the tests under this specific environment. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Fix AVC denials in tests of volume mountsChris Evich2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This becomes a problem on hosts with upgraded policies. Ref: https://github.com/containers/podman/issues/10522 Also, made a small change to compose-test setup to reduce runtime. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Restore buildah-bud test requiring new imagesChris Evich2021-08-18
|/ / / | | | | | | | | | | | | | | | | | | Ref: https://github.com/containers/podman/pull/10829#issuecomment-881355983 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #11154 from cdoern/imagesPullopenshift-ci[bot]2021-08-16
|\ \ \ | | | | | | | | Libpod images pull changes
| * | | Libpod images pull changescdoern2021-08-09
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | Added quiet param to docs to limit stream output. Formatted JSON. fixes #10612 Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* | | Merge pull request #11169 from cevich/enable_docker_py_testingopenshift-ci[bot]2021-08-16
|\ \ \ | | | | | | | | Enable docker-py compat. testing w/ ignored result
| * | | Enable docker-py compat. testing w/ ignored resultChris Evich2021-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Significant bitrot results in almost immediate test failure. This commit adds only the very basic, bare-minimum needed to get them started. ***TESTING RESULTS ARE IGNORED*** Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #11230 from Luap99/rootless-dnsopenshift-ci[bot]2021-08-16
|\ \ \ \ | | | | | | | | | | Fix rootless cni dns without systemd stub resolver
| * | | | Fix rootless cni dns without systemd stub resolverPaul Holzinger2021-08-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a host uses systemd-resolved but not the resolved stub resolver the following symlinks are created: `/etc/resolv.conf` -> `/run/systemd/resolve/stub-resolv.conf` -> `/run/systemd/resolve/resolv.conf`. Because the code uses filepath.EvalSymlinks we put the new resolv.conf to `/run/systemd/resolve/resolv.conf` but the `/run/systemd/resolve/stub-resolv.conf` link does not exists in the mount ns. To fix this we will walk the symlinks manually until we reach the first one under `/run` and use this for the resolv.conf file destination. This fixes a regression which was introduced in e73d4829900c. Fixes #11222 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #11228 from mlegenovic/mainopenshift-ci[bot]2021-08-16
|\ \ \ \ \ | |/ / / / |/| | | | Fixed healthcheck default values when container created via compat API
| * | | | Fixed healthcheck default values when container created via compat APIMilivoje Legenovic2021-08-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #11225 Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
* | | | | rename oneshot initcontainers to onceBrent Baude2021-08-12
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | after the init containers pr merged, it was suggested to use `once` instead of `oneshot` containers as it is more aligned with other terminiology used similarily. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #11203 from rhatdan/codespellopenshift-ci[bot]2021-08-12
|\ \ \ \ | | | | | | | | | | Run codespell to fix spelling
| * | | | Run codespell to fix spellingDaniel J Walsh2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Just fixing spelling. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | For compatibility, ignore Content-TypeJhon Honce2021-08-11
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Endpoint /build logs an info entry when a client uses the wrong Content-Type for build payload. Given Content-Type is ignored and assumed to be "application/x-tar". Endpoint /libpod/build will fail unless "application/x-tar" or "application/tar" is given for Content-Type. "application/tar" will be logged as an info entry. Fixes #11012 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Fix device tests using ls test filesChris Evich2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `ls` command is not intended for this purpose and may behave in unexpected ways, leading to false positive or negative results. Update the tests to use the purpose built `test` command instead. Also added several *TODO* comments for possible future testing enhancements. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Enhance priv. dev. checkChris Evich2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update test to confirm the negative-case, proving the `--privileged` "option is required" for this character device to be present in a container (including rootless). Signed-off-by: Chris Evich <cevich@redhat.com>